jenna
/
kernel_samsung_sm7125
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge "Get raw secret from secure world" into kernel.lnx.4.14.r15-rel

Browse Source
tirimbino
Linux Build Service Account 4 years ago committed by Gerrit - the friendly Code Review server
parent da3fdf1c8f e6f73afb80
commit 7d61c3236b
5 changed files with 66 additions and 15 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      drivers/mmc/host/cmdq_hci-crypto-qti.c
  2. 6
      drivers/soc/qcom/crypto-qti-common.c
  3. 9
      drivers/soc/qcom/crypto-qti-platform.h
  4. 40
      drivers/soc/qcom/crypto-qti-tz.c
  5. 10
      drivers/soc/qcom/crypto-qti-tz.h

16
drivers/mmc/host/cmdq_hci-crypto-qti.c
Unescape View File

@ -131,19 +131,9 @@ static int cmdq_crypto_qti_derive_raw_secret(struct keyslot_manager *ksm,
{
int err = 0;
if (wrapped_key_size <= RAW_SECRET_SIZE) {
pr_err("%s: Invalid wrapped_key_size: %u\n", __func__,
wrapped_key_size);
err = -EINVAL;
return err;
}
if (secret_size != RAW_SECRET_SIZE) {
pr_err("%s: Invalid secret size: %u\n", __func__, secret_size);
err = -EINVAL;
return err;
}
memcpy(secret, wrapped_key, secret_size);
return 0;
err = crypto_qti_derive_raw_secret(wrapped_key, wrapped_key_size,
secret, secret_size);
return err;
}
static const struct keyslot_mgmt_ll_ops cmdq_crypto_qti_ksm_ops = {

6
drivers/soc/qcom/crypto-qti-common.c
Unescape View File

@ -461,7 +461,11 @@ int crypto_qti_derive_raw_secret(const u8 *wrapped_key,
return err;
}
memcpy(secret, wrapped_key, secret_size);
if (wrapped_key_size > 64)
err = crypto_qti_tz_raw_secret(wrapped_key, wrapped_key_size,
secret, secret_size);
else
memcpy(secret, wrapped_key, secret_size);
return err;
}

9
drivers/soc/qcom/crypto-qti-platform.h
Unescape View File

@ -24,6 +24,9 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry,
unsigned int data_unit_mask, int capid);
int crypto_qti_invalidate_key(struct crypto_vops_qti_entry *ice_entry,
unsigned int slot);
int crypto_qti_tz_raw_secret(const u8 *wrapped_key,
unsigned int wrapped_key_size, u8 *secret,
unsigned int secret_size);
#else
static inline int crypto_qti_program_key(
struct crypto_vops_qti_entry *ice_entry,
@ -38,6 +41,12 @@ static inline int crypto_qti_invalidate_key(
{
return 0;
}
static int crypto_qti_tz_raw_secret(u8 *wrapped_key,
unsigned int wrapped_key_size, u8 *secret,
unsigned int secret_size)
{
return 0;
}
#endif /* CONFIG_QTI_CRYPTO_TZ */
static inline void crypto_qti_disable_platform(

40
drivers/soc/qcom/crypto-qti-tz.c
Unescape View File

@ -25,6 +25,7 @@ unsigned int storage_type = SDCC_CE;
#define ICE_BUFFER_SIZE 128
static uint8_t ice_buffer[ICE_BUFFER_SIZE];
static uint8_t secret_buffer[32];
int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry,
const struct blk_crypto_key *key,
@ -56,7 +57,7 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry,
desc.arginfo = TZ_ES_CONFIG_SET_ICE_KEY_PARAM_ID;
desc.args[0] = slot;
desc.args[1] = virt_to_phys(tzbuf);
desc.args[2] = ICE_BUFFER_SIZE;
desc.args[2] = key->size;
desc.args[3] = ICE_CIPHER_MODE_XTS_256;
desc.args[4] = data_unit_mask;
@ -87,6 +88,43 @@ int crypto_qti_invalidate_key(
return err;
}
int crypto_qti_tz_raw_secret(const u8 *wrapped_key,
unsigned int wrapped_key_size, u8 *secret,
unsigned int secret_size)
{
int err = 0;
uint32_t smc_id = 0;
struct scm_desc desc = {0};
char *tzbuf_key, *secret_key;
tzbuf_key = ice_buffer;
secret_key = secret_buffer;
memcpy(tzbuf_key, wrapped_key, wrapped_key_size);
dmac_flush_range(tzbuf_key, tzbuf_key + wrapped_key_size);
smc_id = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID;
desc.arginfo = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID;
desc.args[0] = virt_to_phys(tzbuf_key);
desc.args[1] = wrapped_key_size;
desc.args[2] = virt_to_phys(secret_key);
desc.args[3] = secret_size;
memset(secret_key, 0, secret_size);
dmac_flush_range(secret_key, secret_key + secret_size);
err = scm_call2_noretry(smc_id, &desc);
if (err) {
pr_err("%s failed to retrieve raw secret\n", __func__, err);
return err;
}
dmac_inv_range(secret_key, secret_key + secret_size);
memcpy(secret, secret_key, secret_size);
return err;
}
static int crypto_qti_storage_type(unsigned int *s_type)
{
char boot[20] = {'\0'};

10
drivers/soc/qcom/crypto-qti-tz.h
Unescape View File

@ -19,6 +19,7 @@
#define TZ_ES_CONFIG_SET_ICE_KEY 0x4
#define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE 0x5
#define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE 0x6
#define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE 0x7
#define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_ID \
TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, TZ_SVC_ES, \
@ -32,6 +33,10 @@
TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \
TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE)
#define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID \
TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \
TZ_SVC_ES, TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE)
#define TZ_ES_INVALIDATE_ICE_KEY_ID \
TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \
TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY)
@ -57,6 +62,11 @@
TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL, \
TZ_SYSCALL_PARAM_TYPE_VAL)
#define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID \
TZ_SYSCALL_CREATE_PARAM_ID_4( \
TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL, \
TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL)
enum {
ICE_CIPHER_MODE_XTS_128 = 0,
ICE_CIPHER_MODE_CBC_128 = 1,

Write Preview
Loading…
Cancel
Save