sec-kernel: move uapi securemsm headers to uapi path

Move the securemsm-kernel uapi headers to a uapi include path,
to conform with the uapi requirements.

NOTE: Duplicating qcedev.h & smcinvoke.h temporarily until
clients that manually include the path use the exported headers.

Change-Id: I33d390954ff0e6c721a5fa8256b431020e4f8912
Signed-off-by: Gaurav Kashyap <quic_gaurkash@quicinc.com>

include/uapi/linux/compat_qcedev.h

@@ -0,0 +1,203 @@
+/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
+/*
+ * Copyright (c) 2014,2017-2020, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+
+#ifndef _UAPI_COMPAT_QCEDEV__H
+#define _UAPI_COMPAT_QCEDEV__H
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#if IS_ENABLED(CONFIG_COMPAT)
+#include <linux/compat.h>
+
+/**
+ * struct compat_buf_info - Buffer information
+ * @offset:			Offset from the base address of the buffer
+ *				(Used when buffer is allocated using PMEM)
+ * @vaddr:			Virtual buffer address pointer
+ * @len:				Size of the buffer
+ */
+struct compat_buf_info {
+	union {
+		compat_ulong_t	offset;
+		compat_uptr_t	vaddr;
+	};
+	compat_ulong_t	len;
+};
+
+/**
+ * struct compat_qcedev_vbuf_info - Source and destination Buffer information
+ * @src:				Array of buf_info for input/source
+ * @dst:				Array of buf_info for output/destination
+ */
+struct compat_qcedev_vbuf_info {
+	struct compat_buf_info	src[QCEDEV_MAX_BUFFERS];
+	struct compat_buf_info	dst[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct compat_qcedev_pmem_info - Stores PMEM buffer information
+ * @fd_src:			Handle to /dev/adsp_pmem used to allocate
+ *				memory for input/src buffer
+ * @src:				Array of buf_info for input/source
+ * @fd_dst:			Handle to /dev/adsp_pmem used to allocate
+ *				memory for output/dst buffer
+ * @dst:				Array of buf_info for output/destination
+ * @pmem_src_offset:		The offset from input/src buffer
+ *				(allocated by PMEM)
+ */
+struct compat_qcedev_pmem_info {
+	compat_int_t		fd_src;
+	struct compat_buf_info	src[QCEDEV_MAX_BUFFERS];
+	compat_int_t		fd_dst;
+	struct compat_buf_info	dst[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct compat_qcedev_cipher_op_req - Holds the ciphering request information
+ * @use_pmem (IN):	Flag to indicate if buffer source is PMEM
+ *			QCEDEV_USE_PMEM/QCEDEV_NO_PMEM
+ * @pmem (IN):		Stores PMEM buffer information.
+ *			Refer struct qcedev_pmem_info
+ * @vbuf (IN/OUT):	Stores Source and destination Buffer information
+ *			Refer to struct qcedev_vbuf_info
+ * @data_len (IN):	Total Length of input/src and output/dst in bytes
+ * @in_place_op (IN):	Indicates whether the operation is inplace where
+ *			source == destination
+ *			When using PMEM allocated memory, must set this to 1
+ * @enckey (IN):		128 bits of confidentiality key
+ *			enckey[0] bit 127-120, enckey[1] bit 119-112,..
+ *			enckey[15] bit 7-0
+ * @encklen (IN):	Length of the encryption key(set to 128  bits/16
+ *			bytes in the driver)
+ * @iv (IN/OUT):		Initialization vector data
+ *			This is updated by the driver, incremented by
+ *			number of blocks encrypted/decrypted.
+ * @ivlen (IN):		Length of the IV
+ * @byteoffset (IN):	Offset in the Cipher BLOCK (applicable and to be set
+ *			for AES-128 CTR mode only)
+ * @alg (IN):		Type of ciphering algorithm: AES/DES/3DES
+ * @mode (IN):		Mode use when using AES algorithm: ECB/CBC/CTR
+ *			Applicable when using AES algorithm only
+ * @op (IN):		Type of operation: QCEDEV_OPER_DEC/QCEDEV_OPER_ENC or
+ *			QCEDEV_OPER_ENC_NO_KEY/QCEDEV_OPER_DEC_NO_KEY
+ *
+ * If use_pmem is set to 0, the driver assumes that memory was not allocated
+ * via PMEM, and kernel will need to allocate memory and copy data from user
+ * space buffer (data_src/dta_dst) and process accordingly and copy data back
+ * to the user space buffer
+ *
+ * If use_pmem is set to 1, the driver assumes that memory was allocated via
+ * PMEM.
+ * The kernel driver will use the fd_src to determine the kernel virtual address
+ * base that maps to the user space virtual address base for the  buffer
+ * allocated in user space.
+ * The final input/src and output/dst buffer pointer will be determined
+ * by adding the offsets to the kernel virtual addr.
+ *
+ * If use of hardware key is supported in the target, user can configure the
+ * key parameters (encklen, enckey) to use the hardware key.
+ * In order to use the hardware key, set encklen to 0 and set the enckey
+ * data array to 0.
+ */
+struct compat_qcedev_cipher_op_req {
+	uint8_t					use_pmem;
+	union {
+		struct compat_qcedev_pmem_info	pmem;
+		struct compat_qcedev_vbuf_info	vbuf;
+	};
+	compat_ulong_t				entries;
+	compat_ulong_t				data_len;
+	uint8_t					in_place_op;
+	uint8_t					enckey[QCEDEV_MAX_KEY_SIZE];
+	compat_ulong_t				encklen;
+	uint8_t					iv[QCEDEV_MAX_IV_SIZE];
+	compat_ulong_t				ivlen;
+	compat_ulong_t				byteoffset;
+	enum qcedev_cipher_alg_enum		alg;
+	enum qcedev_cipher_mode_enum		mode;
+	enum qcedev_oper_enum			op;
+};
+
+/**
+ * struct qcedev_sha_op_req - Holds the hashing request information
+ * @data (IN):			Array of pointers to the data to be hashed
+ * @entries (IN):		Number of buf_info entries in the data array
+ * @data_len (IN):		Length of data to be hashed
+ * @digest (IN/OUT):		Returns the hashed data information
+ * @diglen (OUT):		Size of the hashed/digest data
+ * @authkey (IN):		Pointer to authentication key for HMAC
+ * @authklen (IN):		Size of the authentication key
+ * @alg (IN):			Secure Hash algorithm
+ */
+struct compat_qcedev_sha_op_req {
+	struct compat_buf_info			data[QCEDEV_MAX_BUFFERS];
+	compat_ulong_t				entries;
+	compat_ulong_t				data_len;
+	uint8_t					digest[QCEDEV_MAX_SHA_DIGEST];
+	compat_ulong_t				diglen;
+	compat_uptr_t				authkey;
+	compat_ulong_t				authklen;
+	enum qcedev_sha_alg_enum		alg;
+};
+
+/**
+ * struct compact_qcedev_map_buf_req - Holds the mapping request information
+ * fd (IN):            Array of fds.
+ * num_fds (IN):       Number of fds in fd[].
+ * fd_size (IN):       Array of sizes corresponding to each fd in fd[].
+ * fd_offset (IN):     Array of offset corresponding to each fd in fd[].
+ * vaddr (OUT):        Array of mapped virtual address corresponding to
+ *                     each fd in fd[].
+ */
+struct compat_qcedev_map_buf_req {
+	compat_long_t	fd[QCEDEV_MAX_BUFFERS];
+	compat_ulong_t	num_fds;
+	compat_ulong_t	fd_size[QCEDEV_MAX_BUFFERS];
+	compat_ulong_t	fd_offset[QCEDEV_MAX_BUFFERS];
+	compat_u64      buf_vaddr[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct compat_qcedev_unmap_buf_req - Holds the hashing request information
+ * fd (IN):	       Array of fds to unmap
+ * num_fds (IN):       Number of fds in fd[].
+ */
+struct compat_qcedev_unmap_buf_req {
+	compat_long_t	fd[QCEDEV_MAX_BUFFERS];
+	compat_ulong_t	num_fds;
+};
+
+struct file;
+long qcedev_ioctl(struct file *file,
+			unsigned int cmd, unsigned long arg);
+long compat_qcedev_ioctl(struct file *file,
+			unsigned int cmd, unsigned long arg);
+
+#define COMPAT_QCEDEV_IOCTL_ENC_REQ		\
+	_IOWR(QCEDEV_IOC_MAGIC, 1, struct compat_qcedev_cipher_op_req)
+#define COMPAT_QCEDEV_IOCTL_DEC_REQ		\
+	_IOWR(QCEDEV_IOC_MAGIC, 2, struct compat_qcedev_cipher_op_req)
+#define COMPAT_QCEDEV_IOCTL_SHA_INIT_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 3, struct compat_qcedev_sha_op_req)
+#define COMPAT_QCEDEV_IOCTL_SHA_UPDATE_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 4, struct compat_qcedev_sha_op_req)
+#define COMPAT_QCEDEV_IOCTL_SHA_FINAL_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 5, struct compat_qcedev_sha_op_req)
+#define COMPAT_QCEDEV_IOCTL_GET_SHA_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 6, struct compat_qcedev_sha_op_req)
+#define COMPAT_QCEDEV_IOCTL_LOCK_CE	\
+	_IO(QCEDEV_IOC_MAGIC, 7)
+#define COMPAT_QCEDEV_IOCTL_UNLOCK_CE	\
+	_IO(QCEDEV_IOC_MAGIC, 8)
+#define COMPAT_QCEDEV_IOCTL_GET_CMAC_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 9, struct compat_qcedev_sha_op_req)
+#define COMPAT_QCEDEV_IOCTL_MAP_BUF_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 10, struct compat_qcedev_map_buf_req)
+#define COMPAT_QCEDEV_IOCTL_UNMAP_BUF_REQ \
+	_IOWR(QCEDEV_IOC_MAGIC, 11, struct compat_qcedev_unmap_buf_req)
+#endif /* CONFIG_COMPAT */
+#endif /* _UAPI_COMPAT_QCEDEV__H */

include/uapi/linux/qcedev.h

@@ -0,0 +1,384 @@
+/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
+/*
+ * Copyright (c) 2019, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+
+#ifndef _UAPI_QCEDEV__H
+#define _UAPI_QCEDEV__H
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define QCEDEV_MAX_SHA_BLOCK_SIZE	64
+#define QCEDEV_MAX_BEARER	31
+#define QCEDEV_MAX_KEY_SIZE	64
+#define QCEDEV_MAX_IV_SIZE	32
+
+#define QCEDEV_MAX_BUFFERS      16
+#define QCEDEV_MAX_SHA_DIGEST	32
+
+#define QCEDEV_USE_PMEM		1
+#define QCEDEV_NO_PMEM		0
+
+#define QCEDEV_AES_KEY_128	16
+#define QCEDEV_AES_KEY_192	24
+#define QCEDEV_AES_KEY_256	32
+/**
+ *qcedev_oper_enum: Operation types
+ * @QCEDEV_OPER_ENC:		Encrypt
+ * @QCEDEV_OPER_DEC:		Decrypt
+ * @QCEDEV_OPER_ENC_NO_KEY:	Encrypt. Do not need key to be specified by
+ *				user. Key already set by an external processor.
+ * @QCEDEV_OPER_DEC_NO_KEY:	Decrypt. Do not need the key to be specified by
+ *				user. Key already set by an external processor.
+ */
+enum qcedev_oper_enum {
+	QCEDEV_OPER_DEC		= 0,
+	QCEDEV_OPER_ENC		= 1,
+	QCEDEV_OPER_DEC_NO_KEY	= 2,
+	QCEDEV_OPER_ENC_NO_KEY	= 3,
+	QCEDEV_OPER_LAST
+};
+
+/**
+ *qcedev_offload_oper_enum: Offload operation types (uses pipe keys)
+ * @QCEDEV_OFFLOAD_HLOS_HLOS:   Non-secure to non-secure (eg. audio dec).
+ * @QCEDEV_OFFLOAD_HLOS_CPB:    Non-secure to secure (eg. video dec).
+ * @QCEDEV_OFFLOAD_CPB_HLOS:    Secure to non-secure (eg. hdcp video enc).
+ */
+enum qcedev_offload_oper_enum {
+	QCEDEV_OFFLOAD_HLOS_HLOS = 1,
+	QCEDEV_OFFLOAD_HLOS_CPB = 2,
+	QCEDEV_OFFLOAD_CPB_HLOS = 3,
+	QCEDEV_OFFLOAD_OPER_LAST
+};
+
+/**
+ *qcedev_offload_err_enum: Offload error conditions
+ * @QCEDEV_OFFLOAD_NO_ERROR:        Successful crypto operation.
+ * @QCEDEV_OFFLOAD_GENERIC_ERROR:   Generic error in crypto status.
+ * @QCEDEV_OFFLOAD_TIMER_EXPIRED_ERROR:     Pipe key timer expired.
+ * @QCEDEV_OFFLOAD_KEY_PAUSE_ERROR:     Pipe key pause (means GPCE is paused).
+ */
+enum qcedev_offload_err_enum {
+	QCEDEV_OFFLOAD_NO_ERROR = 0,
+	QCEDEV_OFFLOAD_GENERIC_ERROR = 1,
+	QCEDEV_OFFLOAD_KEY_TIMER_EXPIRED_ERROR = 2,
+	QCEDEV_OFFLOAD_KEY_PAUSE_ERROR = 3
+};
+
+/**
+ *qcedev_oper_enum: Cipher algorithm types
+ * @QCEDEV_ALG_DES:		DES
+ * @QCEDEV_ALG_3DES:		3DES
+ * @QCEDEV_ALG_AES:		AES
+ */
+enum qcedev_cipher_alg_enum {
+	QCEDEV_ALG_DES		= 0,
+	QCEDEV_ALG_3DES		= 1,
+	QCEDEV_ALG_AES		= 2,
+	QCEDEV_ALG_LAST
+};
+
+/**
+ *qcedev_cipher_mode_enum : AES mode
+ * @QCEDEV_AES_MODE_CBC:		CBC
+ * @QCEDEV_AES_MODE_ECB:		ECB
+ * @QCEDEV_AES_MODE_CTR:		CTR
+ * @QCEDEV_AES_MODE_XTS:		XTS
+ * @QCEDEV_AES_MODE_CCM:		CCM
+ * @QCEDEV_DES_MODE_CBC:		CBC
+ * @QCEDEV_DES_MODE_ECB:		ECB
+ */
+enum qcedev_cipher_mode_enum {
+	QCEDEV_AES_MODE_CBC	= 0,
+	QCEDEV_AES_MODE_ECB	= 1,
+	QCEDEV_AES_MODE_CTR	= 2,
+	QCEDEV_AES_MODE_XTS	= 3,
+	QCEDEV_AES_MODE_CCM	= 4,
+	QCEDEV_DES_MODE_CBC	= 5,
+	QCEDEV_DES_MODE_ECB	= 6,
+	QCEDEV_AES_DES_MODE_LAST
+};
+
+/**
+ *enum qcedev_sha_alg_enum : Secure Hashing Algorithm
+ * @QCEDEV_ALG_SHA1:		Digest returned: 20 bytes (160 bits)
+ * @QCEDEV_ALG_SHA256:		Digest returned: 32 bytes (256 bit)
+ * @QCEDEV_ALG_SHA1_HMAC:	HMAC returned 20 bytes (160 bits)
+ * @QCEDEV_ALG_SHA256_HMAC:	HMAC returned 32 bytes (256 bit)
+ * @QCEDEV_ALG_AES_CMAC:		Configurable MAC size
+ */
+enum qcedev_sha_alg_enum {
+	QCEDEV_ALG_SHA1		= 0,
+	QCEDEV_ALG_SHA256	= 1,
+	QCEDEV_ALG_SHA1_HMAC	= 2,
+	QCEDEV_ALG_SHA256_HMAC	= 3,
+	QCEDEV_ALG_AES_CMAC	= 4,
+	QCEDEV_ALG_SHA_ALG_LAST
+};
+
+/**
+ * struct buf_info - Buffer information
+ * @offset:			Offset from the base address of the buffer
+ *				(Used when buffer is allocated using PMEM)
+ * @vaddr:			Virtual buffer address pointer
+ * @len:				Size of the buffer
+ */
+struct	buf_info {
+	union {
+		__u32	offset;
+		__u8		*vaddr;
+	};
+	__u32	len;
+};
+
+/**
+ * struct qcedev_vbuf_info - Source and destination Buffer information
+ * @src:				Array of buf_info for input/source
+ * @dst:				Array of buf_info for output/destination
+ */
+struct	qcedev_vbuf_info {
+	struct buf_info	src[QCEDEV_MAX_BUFFERS];
+	struct buf_info	dst[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct qcedev_pmem_info - Stores PMEM buffer information
+ * @fd_src:			Handle to /dev/adsp_pmem used to allocate
+ *				memory for input/src buffer
+ * @src:				Array of buf_info for input/source
+ * @fd_dst:			Handle to /dev/adsp_pmem used to allocate
+ *				memory for output/dst buffer
+ * @dst:				Array of buf_info for output/destination
+ * @pmem_src_offset:		The offset from input/src buffer
+ *				(allocated by PMEM)
+ */
+struct	qcedev_pmem_info {
+	int		fd_src;
+	struct buf_info	src[QCEDEV_MAX_BUFFERS];
+	int		fd_dst;
+	struct buf_info	dst[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct qcedev_cipher_op_req - Holds the ciphering request information
+ * @use_pmem (IN):	Flag to indicate if buffer source is PMEM
+ *			QCEDEV_USE_PMEM/QCEDEV_NO_PMEM
+ * @pmem (IN):		Stores PMEM buffer information.
+ *			Refer struct qcedev_pmem_info
+ * @vbuf (IN/OUT):	Stores Source and destination Buffer information
+ *			Refer to struct qcedev_vbuf_info
+ * @data_len (IN):	Total Length of input/src and output/dst in bytes
+ * @in_place_op (IN):	Indicates whether the operation is inplace where
+ *			source == destination
+ *			When using PMEM allocated memory, must set this to 1
+ * @enckey (IN):		128 bits of confidentiality key
+ *			enckey[0] bit 127-120, enckey[1] bit 119-112,..
+ *			enckey[15] bit 7-0
+ * @encklen (IN):	Length of the encryption key(set to 128  bits/16
+ *			bytes in the driver)
+ * @iv (IN/OUT):		Initialisation vector data
+ *			This is updated by the driver, incremented by
+ *			number of blocks encrypted/decrypted.
+ * @ivlen (IN):		Length of the IV
+ * @byteoffset (IN):	Offset in the Cipher BLOCK (applicable and to be set
+ *			for AES-128 CTR mode only)
+ * @alg (IN):		Type of ciphering algorithm: AES/DES/3DES
+ * @mode (IN):		Mode use when using AES algorithm: ECB/CBC/CTR
+ *			Apllicabel when using AES algorithm only
+ * @op (IN):		Type of operation: QCEDEV_OPER_DEC/QCEDEV_OPER_ENC or
+ *			QCEDEV_OPER_ENC_NO_KEY/QCEDEV_OPER_DEC_NO_KEY
+ *
+ *If use_pmem is set to 0, the driver assumes that memory was not allocated
+ * via PMEM, and kernel will need to allocate memory and copy data from user
+ * space buffer (data_src/dta_dst) and process accordingly and copy data back
+ * to the user space buffer
+ *
+ * If use_pmem is set to 1, the driver assumes that memory was allocated via
+ * PMEM.
+ * The kernel driver will use the fd_src to determine the kernel virtual address
+ * base that maps to the user space virtual address base for the  buffer
+ * allocated in user space.
+ * The final input/src and output/dst buffer pointer will be determined
+ * by adding the offsets to the kernel virtual addr.
+ *
+ * If use of hardware key is supported in the target, user can configure the
+ * key parameters (encklen, enckey) to use the hardware key.
+ * In order to use the hardware key, set encklen to 0 and set the enckey
+ * data array to 0.
+ */
+struct	qcedev_cipher_op_req {
+	__u8				use_pmem;
+	union {
+		struct qcedev_pmem_info	pmem;
+		struct qcedev_vbuf_info	vbuf;
+	};
+	__u32			entries;
+	__u32			data_len;
+	__u8				in_place_op;
+	__u8				enckey[QCEDEV_MAX_KEY_SIZE];
+	__u32			encklen;
+	__u8				iv[QCEDEV_MAX_IV_SIZE];
+	__u32			ivlen;
+	__u32			byteoffset;
+	enum qcedev_cipher_alg_enum	alg;
+	enum qcedev_cipher_mode_enum	mode;
+	enum qcedev_oper_enum		op;
+};
+
+/**
+ * struct qcedev_sha_op_req - Holds the hashing request information
+ * @data (IN):			Array of pointers to the data to be hashed
+ * @entries (IN):		Number of buf_info entries in the data array
+ * @data_len (IN):		Length of data to be hashed
+ * @digest (IN/OUT):		Returns the hashed data information
+ * @diglen (OUT):		Size of the hashed/digest data
+ * @authkey (IN):		Pointer to authentication key for HMAC
+ * @authklen (IN):		Size of the authentication key
+ * @alg (IN):			Secure Hash algorithm
+ */
+struct	qcedev_sha_op_req {
+	struct buf_info			data[QCEDEV_MAX_BUFFERS];
+	__u32			entries;
+	__u32			data_len;
+	__u8				digest[QCEDEV_MAX_SHA_DIGEST];
+	__u32			diglen;
+	__u8				*authkey;
+	__u32			authklen;
+	enum qcedev_sha_alg_enum	alg;
+};
+
+/**
+ * struct pattern_info - Holds pattern information for pattern-based
+ * decryption/encryption for AES ECB, counter, and CBC modes.
+ * @patt_sz (IN):       Total number of blocks.
+ * @proc_data_sz (IN):  Number of blocks to be processed.
+ * @patt_offset (IN):   Start of the segment.
+ */
+struct pattern_info {
+	__u8 patt_sz;
+	__u8 proc_data_sz;
+	__u8 patt_offset;
+};
+
+/**
+ * struct qcedev_offload_cipher_op_req - Holds the offload request information
+ * @vbuf (IN/OUT):      Stores Source and destination Buffer information.
+ *                      Refer to struct qcedev_vbuf_info.
+ * @entries (IN):       Number of entries to be processed as part of request.
+ * @data_len (IN):      Total Length of input/src and output/dst in bytes
+ * @in_place_op (IN):   Indicates whether the operation is inplace where
+ *                      source == destination.
+ * @encklen (IN):       Length of the encryption key(set to 128  bits/16
+ *                      bytes in the driver).
+ * @iv (IN/OUT):        Initialisation vector data
+ *                      This is updated by the driver, incremented by
+ *                      number of blocks encrypted/decrypted.
+ * @ivlen (IN):         Length of the IV.
+ * @iv_ctr_size (IN):   IV counter increment mask size.
+ *                      Driver sets the mask value based on this size.
+ * @byteoffset (IN):    Offset in the Cipher BLOCK (applicable and to be set
+ *                      for AES-128 CTR mode only).
+ * @block_offset (IN):  Offset in the block that needs a skip of encrypt/
+ *                      decrypt.
+ * @pattern_valid (IN): Indicates the request contains a valid pattern.
+ * @pattern_info (IN):  The pattern to be used for the offload request.
+ * @is_copy_op (IN):    Offload operations sometimes requires a copy between
+ *                      secure and non-secure buffers without any encrypt/
+ *                      decrypt operations.
+ * @alg (IN):           Type of ciphering algorithm: AES/DES/3DES.
+ * @mode (IN):          Mode use when using AES algorithm: ECB/CBC/CTR.
+ *                      Applicable when using AES algorithm only.
+ * @op (IN):            Type of operation.
+ *                      Refer to qcedev_offload_oper_enum.
+ * @err (OUT):          Error in crypto status.
+ *                      Refer to qcedev_offload_err_enum.
+ */
+struct qcedev_offload_cipher_op_req {
+	struct qcedev_vbuf_info vbuf;
+	__u32 entries;
+	__u32 data_len;
+	__u32 in_place_op;
+	__u32 encklen;
+	__u8 iv[QCEDEV_MAX_IV_SIZE];
+	__u32 ivlen;
+	__u32 iv_ctr_size;
+	__u32 byteoffset;
+	__u8 block_offset;
+	__u8 is_pattern_valid;
+	__u8 is_copy_op;
+	struct pattern_info pattern_info;
+	enum qcedev_cipher_alg_enum alg;
+	enum qcedev_cipher_mode_enum mode;
+	enum qcedev_offload_oper_enum op;
+	enum qcedev_offload_err_enum err;
+};
+
+/**
+ * struct qfips_verify_t - Holds data for FIPS Integrity test
+ * @kernel_size  (IN):		Size of kernel Image
+ * @kernel       (IN):		pointer to buffer containing the kernel Image
+ */
+struct qfips_verify_t {
+	unsigned int kernel_size;
+	void *kernel;
+};
+
+/**
+ * struct qcedev_map_buf_req - Holds the mapping request information
+ * fd (IN):            Array of fds.
+ * num_fds (IN):       Number of fds in fd[].
+ * fd_size (IN):       Array of sizes corresponding to each fd in fd[].
+ * fd_offset (IN):     Array of offset corresponding to each fd in fd[].
+ * vaddr (OUT):        Array of mapped virtual address corresponding to
+ *			each fd in fd[].
+ */
+struct qcedev_map_buf_req {
+	__s32         fd[QCEDEV_MAX_BUFFERS];
+	__u32        num_fds;
+	__u32        fd_size[QCEDEV_MAX_BUFFERS];
+	__u32        fd_offset[QCEDEV_MAX_BUFFERS];
+	__u64        buf_vaddr[QCEDEV_MAX_BUFFERS];
+};
+
+/**
+ * struct qcedev_unmap_buf_req - Holds the hashing request information
+ * fd (IN):            Array of fds to unmap
+ * num_fds (IN):       Number of fds in fd[].
+ */
+struct  qcedev_unmap_buf_req {
+	__s32         fd[QCEDEV_MAX_BUFFERS];
+	__u32        num_fds;
+};
+
+struct file;
+
+#define QCEDEV_IOC_MAGIC	0x87
+
+#define QCEDEV_IOCTL_ENC_REQ		\
+	_IOWR(QCEDEV_IOC_MAGIC, 1, struct qcedev_cipher_op_req)
+#define QCEDEV_IOCTL_DEC_REQ		\
+	_IOWR(QCEDEV_IOC_MAGIC, 2, struct qcedev_cipher_op_req)
+#define QCEDEV_IOCTL_SHA_INIT_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 3, struct qcedev_sha_op_req)
+#define QCEDEV_IOCTL_SHA_UPDATE_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 4, struct qcedev_sha_op_req)
+#define QCEDEV_IOCTL_SHA_FINAL_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 5, struct qcedev_sha_op_req)
+#define QCEDEV_IOCTL_GET_SHA_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 6, struct qcedev_sha_op_req)
+#define QCEDEV_IOCTL_LOCK_CE	\
+	_IO(QCEDEV_IOC_MAGIC, 7)
+#define QCEDEV_IOCTL_UNLOCK_CE	\
+	_IO(QCEDEV_IOC_MAGIC, 8)
+#define QCEDEV_IOCTL_GET_CMAC_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 9, struct qcedev_sha_op_req)
+#define QCEDEV_IOCTL_MAP_BUF_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 10, struct qcedev_map_buf_req)
+#define QCEDEV_IOCTL_UNMAP_BUF_REQ	\
+	_IOWR(QCEDEV_IOC_MAGIC, 11, struct qcedev_unmap_buf_req)
+#define QCEDEV_IOCTL_OFFLOAD_OP_REQ		\
+	_IOWR(QCEDEV_IOC_MAGIC, 12, struct qcedev_offload_cipher_op_req)
+#endif /* _UAPI_QCEDEV__H */

include/uapi/linux/qcota.h

@@ -0,0 +1,218 @@
+/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
+/*
+ * Copyright (c) 2019-2020, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+
+#ifndef _UAPI_QCOTA_H
+#define _UAPI_QCOTA_H
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define QCE_OTA_MAX_BEARER   31
+#define OTA_KEY_SIZE 16   /* 128 bits of keys. */
+
+enum qce_ota_dir_enum {
+	QCE_OTA_DIR_UPLINK   = 0,
+	QCE_OTA_DIR_DOWNLINK = 1,
+	QCE_OTA_DIR_LAST
+};
+
+enum qce_ota_algo_enum {
+	QCE_OTA_ALGO_KASUMI = 0,
+	QCE_OTA_ALGO_SNOW3G = 1,
+	QCE_OTA_ALGO_LAST
+};
+
+/**
+ * struct qce_f8_req - qce f8 request
+ * @data_in:	packets input data stream to be ciphered.
+ *		If NULL, streaming mode operation.
+ * @data_out:	ciphered packets output data.
+ * @data_len:	length of data_in and data_out in bytes.
+ * @count_c:	count-C, ciphering sequence number, 32 bit
+ * @bearer:	5 bit of radio bearer identifier.
+ * @ckey:	128 bits of confidentiality key,
+ *		ckey[0] bit 127-120, ckey[1] bit 119-112,.., ckey[15] bit 7-0.
+ * @direction:	uplink or donwlink.
+ * @algorithm:	Kasumi, or Snow3G.
+ *
+ * If data_in is NULL, the engine will run in a special mode called
+ * key stream mode. In this special mode, the engine will generate
+ * key stream output for the number of bytes specified in the
+ * data_len, based on the input parameters of direction, algorithm,
+ * ckey, bearer, and count_c. The data_len is restricted to
+ * the length of multiple of 16 bytes.  Application can then take the
+ * output stream, do a exclusive or to the input data stream, and
+ * generate the final cipher data stream.
+ */
+struct qce_f8_req {
+	__u8  *data_in;
+	__u8  *data_out;
+	__u16  data_len;
+	__u32  count_c;
+	__u8   bearer;
+	__u8   ckey[OTA_KEY_SIZE];
+	enum qce_ota_dir_enum  direction;
+	enum qce_ota_algo_enum algorithm;
+	int current_req_info;
+};
+
+/**
+ * struct qce_f8_multi_pkt_req - qce f8 multiple packet request
+ *			Muliptle packets with uniform size, and
+ *			F8 ciphering parameters can be ciphered in a
+ *			single request.
+ *
+ * @num_pkt:		number of packets.
+ *
+ * @cipher_start:	ciphering starts offset within a packet.
+ *
+ * @cipher_size:	number of bytes to be ciphered within a packet.
+ *
+ * @qce_f8_req:		description of the packet and F8 parameters.
+ *			The following fields have special meaning for
+ *			multiple packet operation,
+ *
+ *	@data_len:	data_len indicates the length of a packet.
+ *
+ *	@data_in:	packets are concatenated together in a byte
+ *			stream started at data_in.
+ *
+ *	@data_out:	The returned ciphered output for multiple
+ *			packets.
+ *			Each packet ciphered output are concatenated
+ *			together into a byte stream started at data_out.
+ *			Note, each ciphered packet output area from
+ *			offset 0 to cipher_start-1, and from offset
+ *			cipher_size to data_len -1 are remained
+ *			unaltered from packet input area.
+ *	@count_c:	count-C of the first packet, 32 bit.
+ *
+ *
+ *   In one request, multiple packets can be ciphered, and output to the
+ *   data_out stream.
+ *
+ *   Packet data are laid out contiguously in sequence in data_in,
+ *   and data_out area. Every packet is identical size.
+ *   If the PDU is not byte aligned, set the data_len value of
+ *   to the rounded up value of the packet size. Eg, PDU size of
+ *   253 bits, set the packet size to 32 bytes. Next packet starts on
+ *   the next byte boundary.
+ *
+ *   For each packet, data from offset 0 to cipher_start
+ *   will be left unchanged and output to the data_out area.
+ *   This area of the packet can be for the RLC header, which is not
+ *   to be ciphered.
+ *
+ *   The ciphering of a packet starts from offset cipher_start, for
+ *   cipher_size bytes of data. Data starting from
+ *   offset cipher_start + cipher_size to the end of packet will be left
+ *   unchanged and output to the dataOut area.
+ *
+ *   For each packet the input arguments of bearer, direction,
+ *   ckey, algorithm have to be the same. count_c is the ciphering sequence
+ *   number of the first packet. The 2nd packet's ciphering sequence
+ *   number is assumed to be count_c + 1. The 3rd packet's ciphering sequence
+ *   number is count_c + 2.....
+ *
+ */
+struct qce_f8_multi_pkt_req {
+	__u16    num_pkt;
+	__u16    cipher_start;
+	__u16    cipher_size;
+	struct qce_f8_req qce_f8_req;
+};
+
+/**
+ * struct qce_f8_variable_multi_pkt_req - qce f8 multiple packet request
+ *                      Muliptle packets with variable size, and
+ *                      F8 ciphering parameters can be ciphered in a
+ *                      single request.
+ *
+ * @num_pkt:            number of packets.
+ *
+ * @cipher_iov[]:       array of iov of packets to be ciphered.
+ *
+ *
+ * @qce_f8_req:         description of the packet and F8 parameters.
+ *                      The following fields have special meaning for
+ *                      multiple packet operation,
+ *
+ *      @data_len:      ignored.
+ *
+ *      @data_in:       ignored.
+ *
+ *      @data_out:      ignored.
+ *
+ *      @count_c:       count-C of the first packet, 32 bit.
+ *
+ *
+ *   In one request, multiple packets can be ciphered.
+ *
+ *   The i-th packet are defined in cipher_iov[i-1].
+ *   The ciphering of i-th packet starts from offset 0 of the PDU specified
+ *   by cipher_iov[i-1].addr, for cipher_iov[i-1].size bytes of data.
+ *   If the PDU is not byte aligned, set the cipher_iov[i-1].size value
+ *   to the rounded up value of the packet size. Eg, PDU size of
+ *   253 bits, set the packet size to 32 bytes.
+ *
+ *   Ciphering are done in place. That is, the ciphering
+ *   input and output data are both in cipher_iov[i-1].addr for the i-th
+ *   packet.
+ *
+ *   For each packet the input arguments of bearer, direction,
+ *   ckey, algorithm have to be the same. count_c is the ciphering sequence
+ *   number of the first packet. The 2nd packet's ciphering sequence
+ *   number is assumed to be count_c + 1. The 3rd packet's ciphering sequence
+ *   number is count_c + 2.....
+ */
+
+#define MAX_NUM_V_MULTI_PKT 20
+struct cipher_iov {
+	unsigned char  *addr;
+	unsigned short  size;
+};
+
+struct qce_f8_variable_multi_pkt_req {
+	unsigned short    num_pkt;
+	struct cipher_iov cipher_iov[MAX_NUM_V_MULTI_PKT];
+	struct qce_f8_req qce_f8_req;
+};
+
+/**
+ * struct qce_f9_req - qce f9 request
+ * @message:	message
+ * @msize:	message size in bytes (include the last partial byte).
+ * @last_bits:	valid bits in the last byte of message.
+ * @mac_i:	32 bit message authentication code, to be returned.
+ * @fresh:	random 32 bit number, one per user.
+ * @count_i:	32 bit count-I integrity sequence number.
+ * @direction:	uplink or donwlink.
+ * @ikey:	128 bits of integrity key,
+ *		ikey[0] bit 127-120, ikey[1] bit 119-112,.., ikey[15] bit 7-0.
+ * @algorithm:  Kasumi, or Snow3G.
+ */
+struct qce_f9_req {
+	__u8   *message;
+	__u16   msize;
+	__u8    last_bits;
+	__u32   mac_i;
+	__u32   fresh;
+	__u32   count_i;
+	enum qce_ota_dir_enum direction;
+	__u8    ikey[OTA_KEY_SIZE];
+	enum qce_ota_algo_enum algorithm;
+	int current_req_info;
+};
+
+#define QCOTA_IOC_MAGIC     0x85
+
+#define QCOTA_F8_REQ _IOWR(QCOTA_IOC_MAGIC, 1, struct qce_f8_req)
+#define QCOTA_F8_MPKT_REQ _IOWR(QCOTA_IOC_MAGIC, 2, struct qce_f8_multi_pkt_req)
+#define QCOTA_F9_REQ _IOWR(QCOTA_IOC_MAGIC, 3, struct qce_f9_req)
+#define QCOTA_F8_V_MPKT_REQ _IOWR(QCOTA_IOC_MAGIC, 4,\
+				struct qce_f8_variable_multi_pkt_req)
+
+#endif /* _UAPI_QCOTA_H */

include/uapi/linux/qrng.h

@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
+/*
+ * Copyright (c) 2020-2021, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+#ifndef _UAPI_QRNG_H_
+#define _UAPI_QRNG_H_
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define QRNG_IOC_MAGIC    0x100
+
+#define QRNG_IOCTL_RESET_BUS_BANDWIDTH\
+	_IO(QRNG_IOC_MAGIC, 1)
+
+#endif /* _UAPI_QRNG_H_ */

include/uapi/linux/smcinvoke.h

@@ -0,0 +1,106 @@
+/* SPDX-License-Identifier: GPL-2.0-only WITH Linux-syscall-note */
+/*
+ * Copyright (c) 2017-2020, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+ */
+#ifndef _UAPI_SMCINVOKE_H_
+#define _UAPI_SMCINVOKE_H_
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define SMCINVOKE_USERSPACE_OBJ_NULL	-1
+#define DEFAULT_CB_OBJ_THREAD_CNT	4
+#define SMCINVOKE_TZ_MIN_BUF_SIZE	4096
+
+struct smcinvoke_buf {
+	__u64 addr;
+	__u64 size;
+};
+
+struct smcinvoke_obj {
+	__s64 fd;
+	__s32 cb_server_fd;
+	__s32 reserved;
+};
+
+union smcinvoke_arg {
+	struct smcinvoke_buf b;
+	struct smcinvoke_obj o;
+};
+
+/*
+ * struct smcinvoke_cmd_req: This structure is transparently sent to TEE
+ * @op - Operation to be performed
+ * @counts - number of aruments passed
+ * @result - result of invoke operation
+ * @argsize - size of each of arguments
+ * @args - args is pointer to buffer having all arguments
+ */
+struct smcinvoke_cmd_req {
+	__u32 op;
+	__u32 counts;
+	__s32 result;
+	__u32 argsize;
+	__u64 args;
+};
+
+/*
+ * struct smcinvoke_accept: structure to process CB req from TEE
+ * @has_resp: IN: Whether IOCTL is carrying response data
+ * @txn_id: OUT: An id that should be passed as it is for response
+ * @result: IN: Outcome of operation op
+ * @cbobj_id: OUT: Callback object which is target of operation op
+ * @op: OUT: Operation to be performed on target object
+ * @counts: OUT: Number of arguments, embedded in buffer pointed by
+ *               buf_addr, to complete operation
+ * @reserved: IN/OUT: Usage is not defined but should be set to 0.
+ * @argsize: IN: Size of any argument, all of equal size, embedded
+ *               in buffer pointed by buf_addr
+ * @buf_len: IN: Len of buffer pointed by buf_addr
+ * @buf_addr: IN: Buffer containing all arguments which are needed
+ *                to complete operation op
+ */
+struct smcinvoke_accept {
+	__u32 has_resp;
+	__u32 txn_id;
+	__s32 result;
+	__s32 cbobj_id;
+	__u32 op;
+	__u32 counts;
+	__s32 reserved;
+	__u32 argsize;
+	__u64 buf_len;
+	__u64 buf_addr;
+};
+
+/*
+ * @cb_buf_size: IN: Max buffer size for any callback obj implemented by client
+ */
+struct smcinvoke_server {
+	__u32 cb_buf_size;
+};
+
+#define SMCINVOKE_IOC_MAGIC    0x98
+
+#define SMCINVOKE_IOCTL_INVOKE_REQ \
+	_IOWR(SMCINVOKE_IOC_MAGIC, 1, struct smcinvoke_cmd_req)
+
+#define SMCINVOKE_IOCTL_ACCEPT_REQ \
+	_IOWR(SMCINVOKE_IOC_MAGIC, 2, struct smcinvoke_accept)
+
+#define SMCINVOKE_IOCTL_SERVER_REQ \
+	_IOWR(SMCINVOKE_IOC_MAGIC, 3, struct smcinvoke_server)
+
+#define SMCINVOKE_IOCTL_ACK_LOCAL_OBJ \
+	_IOWR(SMCINVOKE_IOC_MAGIC, 4, __s32)
+
+/*
+  * smcinvoke logging buffer is for communicating with the smcinvoke driver additional
+  * info for debugging to be included in driver's log (if any)
+  */
+#define SMCINVOKE_LOG_BUF_SIZE 100
+#define SMCINVOKE_IOCTL_LOG \
+	_IOC(_IOC_READ|_IOC_WRITE, SMCINVOKE_IOC_MAGIC, 255, SMCINVOKE_LOG_BUF_SIZE)
+
+#endif /* _UAPI_SMCINVOKE_H_ */