Fixed MTP to work with TWRP

include/sdp/cache_cleanup.h

@@ -0,0 +1,28 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef PAGEMAP_H_
+#define PAGEMAP_H_
+
+#include <sdp/common.h>
+#include <linux/pagemap.h>
+
+void sdp_page_cleanup(struct page *page);
+
+#endif /* PAGEMAP_H_ */

include/sdp/common.h

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef SDP_COMMON_H__
+#define SDP_COMMON_H__
+
+#define PER_USER_RANGE 100000
+
+#define KNOX_PERSONA_BASE_ID 100
+#define DEK_USER_ID_OFFSET	100
+
+#define BASE_ID KNOX_PERSONA_BASE_ID
+#define GET_ARR_IDX(__userid) (__userid - BASE_ID)
+
+#define SDP_CACHE_CLEANUP_DEBUG   0
+
+#endif

include/sdp/dek_aes.h

@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _LINUX_DEK_AES_H
+#define _LINUX_DEK_AES_H
+
+#include <linux/kernel.h>
+#include <linux/types.h>
+#include <linux/crypto.h>
+#include <linux/scatterlist.h>
+#include <sdp/dek_aes.h>
+
+int dek_aes_encrypt(kek_t *kek, char *src, char *dst, int len);
+int dek_aes_decrypt(kek_t *kek, char *src, char *dst, int len);
+
+#endif

include/sdp/dek_common.h

@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef DEK_COMMON_H__
+#define DEK_COMMON_H__
+
+// ==== kernel configs
+#include <linux/limits.h>
+#include <linux/ioctl.h>
+#include <linux/device.h>
+
+#include <sdp/common.h>
+
+// ==== common configs
+#define SDPK_DEFAULT_ALGOTYPE (SDPK_ALGOTYPE_ASYMM_ECDH)
+#define SDPK_ALGOTYPE_ASYMM_RSA 0
+#define SDPK_ALGOTYPE_ASYMM_DH  1
+#define SDPK_ALGOTYPE_ASYMM_ECDH  2
+
+//#define DEK_ENGINE_LOCAL_KEK
+#define KEK_RSA_KEY_BITS        2048
+#define KEK_MK_BITS             256
+#define KEK_SS_BITS             256
+
+#define DH_DEFAULT_GENERATOR	DH_GENERATOR_2
+#define DH_MAXLEN				256
+
+#define DEK_NAME_LEN            256
+#define DEK_LEN             	32
+#define DEK_MAXLEN          	400 // TODO : need to optimize the length of EDEK DEK_RSA_KEY_BITS/8 : 256 bytes , DH2236 : 280 bytes
+#define DEK_PW_LEN              32
+#define KEK_MAXLEN         		(KEK_RSA_KEY_BITS/4+4)
+#define KEK_MK_LEN              (KEK_MK_BITS/8)
+#define KEK_SS_LEN              (KEK_SS_BITS/8)
+#define DEK_AES_HEADER          44
+#define FEK_MAXLEN				32
+#define EFEK_MAXLEN				(FEK_MAXLEN+16)
+
+#define AES_BLOCK_SIZE 			16
+
+// DEK types
+#define DEK_TYPE_PLAIN          0
+#define DEK_TYPE_RSA_ENC        1
+#define DEK_TYPE_AES_ENC        2
+//#define DEK_TYPE_DH_PUB       4
+#define DEK_TYPE_DH_ENC         5
+#define DEK_TYPE_ECDH256_ENC    6
+
+// KEK types
+#define KEK_TYPE_SYM 		10
+#define KEK_TYPE_RSA_PUB 	11
+#define KEK_TYPE_RSA_PRIV 	12
+#define KEK_TYPE_DH_PUB 	13
+#define KEK_TYPE_DH_PRIV 	14
+#define KEK_TYPE_ECDH256_PUB    15
+#define KEK_TYPE_ECDH256_PRIV   16
+
+#define SDPK_PATH_MAX	256
+#define SDPK_PATH_FMT    "/data/system/users/%d/SDPK_%s"
+#define SDPK_RPRI_NAME   "Rpri"
+#define SDPK_RPUB_NAME   "Rpub"
+#define SDPK_DPRI_NAME   "Dpri"
+#define SDPK_DPUB_NAME   "Dpub"
+#define SDPK_EDPRI_NAME   "EDpri"
+#define SDPK_EDPUB_NAME   "EDpub"
+#define SDPK_SYM_NAME     "sym"
+
+typedef struct _password{
+	unsigned int len;
+	unsigned char buf[DEK_MAXLEN];
+}password_t;
+
+typedef struct _key{
+	unsigned int type;
+	unsigned int len;
+	unsigned char buf[DEK_MAXLEN];
+}dek_t;
+
+typedef struct _kek{
+	unsigned int type;
+	unsigned int len;
+	unsigned char buf[KEK_MAXLEN];
+}kek_t;
+
+typedef struct _payload{
+	unsigned int efek_len;
+	unsigned int dpub_len;
+	unsigned char efek_buf[EFEK_MAXLEN];
+	unsigned char dpub_buf[DH_MAXLEN];
+}dh_payload;
+
+/* Debug */
+#define DEK_DEBUG		0
+
+#if DEK_DEBUG
+#define DEK_LOGD(...) printk("dek: "__VA_ARGS__)
+#else
+#define DEK_LOGD(...)
+#endif /* DEK_DEBUG */
+#define DEK_LOGE(...) printk("dek: "__VA_ARGS__)
+
+void key_dump(unsigned char *buf, int len);
+
+int is_kek_available(int userid, int kek_type);
+
+int dek_create_sysfs_asym_alg(struct device *d);
+int dek_create_sysfs_key_dump(struct device *d);
+int get_sdp_sysfs_asym_alg(void);
+int get_sdp_sysfs_key_dump(void);
+
+int is_root(void);
+int is_current_epmd(void);
+int is_current_adbd(void);
+int is_system_server(void);
+
+#endif

include/sdp/dek_ioctl.h

@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+ 
+#ifndef DEK_IOCTL_H_
+#define DEK_IOCTL_H_
+
+#include <sdp/dek_common.h>
+#define __DEKIOC		        0x77
+
+typedef struct _dek_arg_generate_dek {
+	int engine_id;
+	dek_t dek;
+}dek_arg_generate_dek;
+
+typedef struct _dek_arg_encrypt_dek {
+	int engine_id;
+	dek_t plain_dek;
+	dek_t enc_dek;
+}dek_arg_encrypt_dek;
+
+typedef struct _dek_arg_decrypt_dek {
+	int engine_id;
+	dek_t plain_dek;
+	dek_t enc_dek;
+}dek_arg_decrypt_dek;
+
+typedef struct _dek_arg_is_kek_avail {
+    int engine_id;
+    int kek_type;
+    int ret;
+}dek_arg_is_kek_avail;
+
+/*
+ * DEK_ON_BOOT indicates that there's persona in the system.
+ *
+ * The driver will load public key and encrypted private key.
+ */
+typedef struct _dek_arg_on_boot {
+	int engine_id;
+    int user_id;
+	kek_t SDPK_Rpub;
+    kek_t SDPK_Dpub;
+    kek_t SDPK_EDpub;
+}dek_arg_on_boot;
+
+typedef struct _dek_arg_on_device_locked {
+	int engine_id;
+    int user_id;
+}dek_arg_on_device_locked;
+
+typedef struct _dek_arg_on_device_unlocked {
+	int engine_id;
+	kek_t SDPK_Rpri;
+    kek_t SDPK_Dpri;
+    kek_t SDPK_EDpri;
+	kek_t SDPK_sym;
+}dek_arg_on_device_unlocked;
+
+typedef struct _dek_arg_on_user_added {
+    int engine_id;
+    int user_id;
+	kek_t SDPK_Rpub;
+    kek_t SDPK_Dpub;
+    kek_t SDPK_EDpub;
+}dek_arg_on_user_added;
+
+typedef struct _dek_arg_on_user_removed {
+	int engine_id;
+	int user_id;
+}dek_arg_on_user_removed, dek_arg_disk_cache_cleanup;
+
+// SDP driver events
+#define DEK_ON_BOOT              _IOW(__DEKIOC, 0, unsigned int)
+#define DEK_ON_DEVICE_LOCKED     _IOW(__DEKIOC, 4, unsigned int)
+#define DEK_ON_DEVICE_UNLOCKED   _IOW(__DEKIOC, 5, unsigned int)
+#define DEK_ON_USER_ADDED        _IOW(__DEKIOC, 6, unsigned int)
+#define DEK_ON_USER_REMOVED      _IOW(__DEKIOC, 7, unsigned int)
+#define DEK_ON_CHANGE_PASSWORD   _IOW(__DEKIOC, 8, unsigned int)  // @Deprecated
+
+// SDP driver DEK requests
+#define DEK_GENERATE_DEK         _IOW(__DEKIOC, 1, unsigned int)
+#define DEK_ENCRYPT_DEK          _IOW(__DEKIOC, 2, unsigned int)
+#define DEK_DECRYPT_DEK          _IOR(__DEKIOC, 3, unsigned int)
+#define DEK_GET_KEK         	 _IOW(__DEKIOC, 9, unsigned int)
+#define DEK_DISK_CACHE_CLEANUP   _IOW(__DEKIOC, 10, unsigned int)
+#define DEK_IS_KEK_AVAIL        _IOW(__DEKIOC, 11, unsigned int)
+
+#endif /* DEK_IOCTL_H_ */

include/sdp/dlp_ioctl.h

@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef DLP_IOCTL_H_
+#define DLP_IOCTL_H_
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define DLP_DEV_PATH	"/dev/sdp_dlp"
+
+#define __DLPIOC		0x78
+#define MAX_EXT_LENGTH 1000 
+
+typedef struct _dlp_lock_set {
+	int user_id;
+} dlp_lock_set;
+
+typedef struct _dlp_extension_set {
+	int user_id;
+	char extensions[MAX_EXT_LENGTH+1];
+} dlp_extension_set;
+
+#define DLP_LOCK_ENABLE		_IOW(__DLPIOC, 1, dlp_lock_set)
+#define DLP_LOCK_DISABLE	_IOW(__DLPIOC, 2, dlp_lock_set)
+#define DLP_EXTENSION_SET	_IOW(__DLPIOC, 3, dlp_extension_set)
+
+#endif /* DLP_IOCTL_H_ */

include/sdp/fs_handler.h

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _SDP_FS_HANDLER_H
+#define _SDP_FS_HANDLER_H
+
+#include <sdp/dek_common.h>
+#include <sdp/fs_request.h>
+
+#include <linux/list.h>
+#include <linux/wait.h>
+#include <linux/spinlock.h>
+#include <linux/limits.h>
+
+#define SDP_FS_HANDLER_NETLINK 28
+#define SDP_FS_HANDLER_PID_SET 3001
+#define SDP_FS_HANDLER_RESULT 3002
+
+#define OP_SDP_SET_DIR_SENSITIVE 10
+#define OP_SDP_SET_DIR_PROTECTED 11
+
+#define OP_SDP_ERROR 99
+
+typedef struct result {
+    u32 request_id;
+    u8 opcode;
+    s16 ret;
+}result_t;
+
+/** The request state */
+enum req_state {
+    SDP_FS_HANDLER_REQ_INIT = 0,
+    SDP_FS_HANDLER_REQ_PENDING,
+    SDP_FS_HANDLER_REQ_FINISHED
+};
+
+typedef struct __sdp_fs_handler_contorl {
+    struct list_head pending_list;
+    //wait_queue_head_t waitq;
+    spinlock_t lock;
+
+    /** The next unique request id */
+    u32 reqctr;
+}sdp_fs_handler_control_t;
+
+typedef struct __sdp_fs_handler_request {
+    u32 id;
+    u8 opcode;
+
+    struct list_head list;
+    /** refcount */
+    atomic_t count;
+
+    enum req_state state;
+
+    sdp_fs_command_t command;
+    result_t result;
+
+    fs_request_cb_t callback;
+
+    /** The request was aborted */
+    u8 aborted;
+}sdp_fs_handler_request_t;
+#endif

include/sdp/fs_request.h

@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef FS_REQUEST_H_
+#define FS_REQUEST_H_
+
+#include <linux/slab.h>
+
+#define FSOP_SDP_SET_SENSITIVE 10
+#define FSOP_SDP_SET_PROTECTED 11
+
+#define FSOP_DLP_FILE_OPENED   21
+#define FSOP_DLP_FILE_CLOSED   22
+#define FSOP_DLP_FILE_INIT     23
+#define FSOP_DLP_FILE_INIT_RESTRICTED     24
+#define FSOP_DLP_FILE_REMOVE     25
+#define FSOP_DLP_FILE_RENAME     26
+
+#define FSOP_AUDIT_FAIL_ENCRYPT		51
+#define FSOP_AUDIT_FAIL_DECRYPT		52
+#define FSOP_AUDIT_FAIL_ACCESS		53
+
+// opcode, ret, inode
+typedef void (*fs_request_cb_t)(int, int, unsigned long);
+
+typedef struct sdp_fs_command {
+	int req_id;
+
+	int opcode;
+    int user_id;
+    int part_id;
+    unsigned long ino;
+    int pid;
+}sdp_fs_command_t;
+
+extern int sdp_fs_request(sdp_fs_command_t *sdp_req, fs_request_cb_t callback);
+
+static inline sdp_fs_command_t *sdp_fs_command_alloc(int opcode, int pid,
+        int userid, int partid, unsigned long ino, gfp_t gfp) {
+    sdp_fs_command_t *cmd;
+
+    cmd = kmalloc(sizeof(sdp_fs_command_t), gfp);
+
+    cmd->opcode = opcode;
+    cmd->pid = pid;
+    cmd->user_id = userid;
+    cmd->part_id = partid;
+    cmd->ino = ino;
+
+    return cmd;
+}
+
+static inline void sdp_fs_command_free(sdp_fs_command_t *cmd)
+{
+    kzfree(cmd);
+}
+
+#endif /* FS_REQUEST_H_ */

include/sdp/kek_pack.h

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _SDP_KEK_PACK_H_
+#define _SDP_KEK_PACK_H_
+
+#include <sdp/dek_common.h>
+
+void init_kek_pack(void);
+
+int add_kek_pack(int engine_id, int userid);
+void del_kek_pack(int engine_id);
+
+int add_kek(int engine_id, kek_t *kek);
+int del_kek(int engine_id, int kek_type);
+kek_t *get_kek(int engine_id, int kek_type, int *rc);
+
+void put_kek(kek_t *kek);
+
+int is_kek_pack(int engine_id);
+int is_kek(int engine_id, int kek_type);
+
+#endif /* _SDP_KEK_PACK_H_ */

include/sdp/pub_crypto_emul.h

@@ -0,0 +1,94 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _FIPS_CRYPTO_H
+#define _FIPS_CRYPTO_H
+
+#include <sdp/dek_common.h>
+
+#include <linux/list.h>
+#include <linux/wait.h>
+#include <linux/spinlock.h>
+
+#define OP_RSA_ENC 10
+#define OP_RSA_DEC 11
+#define OP_DH_DEC 12
+#define OP_DH_ENC 13
+#define OP_ECDH_DEC 14
+#define OP_ECDH_ENC 15
+
+#define PUB_CRYPTO_ERROR 99
+
+typedef struct __cipher_param {
+    u32 request_id;
+    u8 opcode;
+	dek_t in;
+	kek_t key;
+}cipher_param_t;
+
+typedef struct result {
+    u32 request_id;
+	u8 opcode;
+	s16 ret;
+	dek_t dek;
+}result_t;
+
+/** The request state */
+enum req_state {
+	PUB_CRYPTO_REQ_INIT = 0,
+	PUB_CRYPTO_REQ_PENDING,
+	PUB_CRYPTO_REQ_FINISHED
+};
+
+typedef struct pub_crypto_contorl {
+	struct list_head pending_list;
+	//wait_queue_head_t waitq;
+	spinlock_t lock;
+
+	/** The next unique request id */
+	u32 reqctr;
+}pub_crypto_control_t;
+
+typedef struct pub_crypto_request {
+	u32 id;
+	u8 opcode;
+
+	struct list_head list;
+	/** refcount */
+	atomic_t count;
+
+	wait_queue_head_t waitq;
+
+	enum req_state state;
+
+	cipher_param_t cipher_param;
+
+	result_t result;
+
+	/** The request was aborted */
+	u8 aborted;
+}pub_crypto_request_t;
+
+int rsa_encryptByPub(dek_t *dek, dek_t *edek, kek_t *key);
+int rsa_decryptByPair(dek_t *edek, dek_t *dek, kek_t *key);
+int dh_decryptEDEK(dek_t *edek, dek_t *dek, kek_t *key);
+int dh_encryptDEK(dek_t *dek, dek_t *edek, kek_t *key);
+int ecdh_decryptEDEK(dek_t *edek, dek_t *dek, kek_t *key);
+int ecdh_encryptDEK(dek_t *dek, dek_t *edek, kek_t *key);
+#endif

include/sdp/sdp_dlp.h

@@ -0,0 +1,26 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _SDP_DLP_H
+#define _SDP_DLP_H
+
+bool dlp_is_locked(int user_id);
+int dlp_isInterestedFile(int user_id, const char *filename);
+
+#endif /* _SDP_DLP_H */

include/sdp/sdp_mm.h

@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd.
+ *
+ * Sensitive Data Protection
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef _UAPI_SDP_MM_H_
+#define _UAPI_SDP_MM_H_
+
+#include <linux/types.h>
+#include <linux/ioctl.h>
+
+#define MAX_SENSITIVE_PROC 100
+
+/*
+ * struct sdp_mm_sensitive_proc_req - for setting the process as sensitive
+ * @proc_id - process id of the process to be set (as sensitive)
+ */
+struct sdp_mm_sensitive_proc_req {
+	unsigned int proc_id; /* in */
+};
+
+/*
+ * struct sdp_mm_sensitive_proc_list_resp - for querying sensitive process list
+ * @sensitive_proc_list_len - number of sensitive processes in the list
+ * @sensitive_proc_list - sensitive process list
+ */
+struct sdp_mm_sensitive_proc_list_resp {
+	unsigned int sensitive_proc_list_len; 
+	unsigned int sensitive_proc_list[MAX_SENSITIVE_PROC];
+};
+
+
+#define SDP_MM_IOC_MAGIC    0x77
+
+#define SDP_MM_IOCTL_PROC_SENSITIVE_QUERY_REQ \
+	_IOWR(SDP_MM_IOC_MAGIC, 1, struct sdp_mm_sensitive_proc_list_resp)
+
+#define SDP_MM_IOCTL_SET_SENSITIVE_PROC_REQ \
+	_IOWR(SDP_MM_IOC_MAGIC, 2, struct sdp_mm_sensitive_proc_req)
+
+#endif /* _UAPI_SDP_MM_H_ */