/**
 * @file       access_control.h
 * @brief      Validate caller of Process Authenticator driver
 * @author     Ivan Vorobiov (i.vorobiov@samsung.com)
 * @version    1.0
 * @date       Created Jul 18, 2016
 * @copyright  In Samsung Ukraine R&D Center (SURC) under a contract between
 * @copyright  LLC "Samsung Electronics Ukraine Company" (Kiev, Ukraine) and
 * @copyright  "Samsung Electronics Co", Ltd (Seoul, Republic of Korea)
 * @copyright  Copyright: (c) Samsung Electronics Co, Ltd 2016. All rights reserved.
**/

#ifndef PA_TZ_DRV_SRC_ACCESS_CONTROL_H_
#define PA_TZ_DRV_SRC_ACCESS_CONTROL_H_

#include "pa_tz_api.h"

#include <tee_internal_api.h>

/**
 * @brief List of operation with PA driver
 */
typedef enum {
  kAuthentication,  //!< Authentication
  kReadToTrustlet,  //!< ReadToTrustlet
  kWriteFromTrustlet//!< WriteFromTrustlet
} Operation;

/**
 * @brief Return uuid of current driver caller
 * @param [out] uuid Caller uuid
 * @return ::TEE_SUCCESS if success else if other is error.
 */
TEE_Result PlatformGetCallerUuid(TEE_UUID *uuid);

/**
 * @brief Return list of pointers to allowed uuids, last item is NULL.
 * @return Pointer to list of allowed uuids.
 */
const TEE_UUID **AccessControlGetWhitelist(void);

/**
 * @brief Check has current driver caller needed permissions
 * @param [in] operation Operation (which functions can call)
 * @return 1 if current caller can call corresponded functions, 0 if otherwise
 */
uint32_t AccessControlIsAllowedOperation(Operation operation);

#endif // PA_TZ_DRV_SRC_ACCESS_CONTROL_H_