msm: ipc: Security updates to IPC Router
In order to provide fine-grained access control to QMI services,
a security script from user-space will feed the security rules to
IPC Router. The security rule implies that in order to send a QMI
message to a service, a client process should belong to a specific
Linux/Android group. IPC Router, after receiving the security rules,
will enforce the access control rules.
Change-Id: I49f8d7c0067fc37cb0b4de2ccb46a575905ef64f
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@codeaurora.org>
diff --git a/arch/arm/mach-msm/ipc_router.h b/arch/arm/mach-msm/ipc_router.h
index 3dafa9f..179e3de 100644
--- a/arch/arm/mach-msm/ipc_router.h
+++ b/arch/arm/mach-msm/ipc_router.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2012, The Linux Foundation. All rights reserved.
+/* Copyright (c) 2011-2013, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@@ -58,6 +58,9 @@
#define ALIGN_SIZE(x) ((4 - ((x) & 3)) & 3)
+#define ALL_SERVICE 0xFFFFFFFF
+#define ALL_INSTANCE 0xFFFFFFFF
+
enum {
MSM_IPC_ROUTER_READ_CB = 0,
MSM_IPC_ROUTER_WRITE_DONE,
@@ -127,6 +130,7 @@
void *endpoint;
void (*notify)(unsigned event, void *data, void *addr, void *priv);
+ int (*check_send_permissions)(void *data);
uint32_t num_tx;
uint32_t num_rx;
@@ -206,6 +210,10 @@
int msm_ipc_router_init_sockets(void);
void msm_ipc_router_exit_sockets(void);
+void msm_ipc_sync_sec_rule(uint32_t service, uint32_t instance, void *rule);
+
+void msm_ipc_sync_default_sec_rule(void *rule);
+
#if defined CONFIG_MSM_IPC_ROUTER_SMD_XPRT
extern void *msm_ipc_load_default_node(void);