Loading drivers/mmc/host/cqhci-crypto-qti.c +4 −13 Original line number Original line Diff line number Diff line Loading @@ -129,20 +129,11 @@ static int cqhci_crypto_qti_derive_raw_secret(struct keyslot_manager *ksm, { { int err = 0; int err = 0; if (wrapped_key_size <= RAW_SECRET_SIZE) { err = crypto_qti_derive_raw_secret(wrapped_key, wrapped_key_size, pr_err("%s: Invalid wrapped_key_size: %u\n", __func__, secret, secret_size); wrapped_key_size); err = -EINVAL; return err; } if (secret_size != RAW_SECRET_SIZE) { pr_err("%s: Invalid secret size: %u\n", __func__, secret_size); err = -EINVAL; return err; return err; } } memcpy(secret, wrapped_key, secret_size); return 0; } static const struct keyslot_mgmt_ll_ops cqhci_crypto_qti_ksm_ops = { static const struct keyslot_mgmt_ll_ops cqhci_crypto_qti_ksm_ops = { .keyslot_program = cqhci_crypto_qti_keyslot_program, .keyslot_program = cqhci_crypto_qti_keyslot_program, Loading drivers/soc/qcom/crypto-qti-common.c +5 −1 Original line number Original line Diff line number Diff line Loading @@ -461,6 +461,10 @@ int crypto_qti_derive_raw_secret(const u8 *wrapped_key, return err; return err; } } if (wrapped_key_size > 64) err = crypto_qti_tz_raw_secret(wrapped_key, wrapped_key_size, secret, secret_size); else memcpy(secret, wrapped_key, secret_size); memcpy(secret, wrapped_key, secret_size); return err; return err; Loading drivers/soc/qcom/crypto-qti-platform.h +9 −0 Original line number Original line Diff line number Diff line Loading @@ -17,6 +17,9 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, unsigned int data_unit_mask, int capid); unsigned int data_unit_mask, int capid); int crypto_qti_invalidate_key(struct crypto_vops_qti_entry *ice_entry, int crypto_qti_invalidate_key(struct crypto_vops_qti_entry *ice_entry, unsigned int slot); unsigned int slot); int crypto_qti_tz_raw_secret(const u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size); #else #else static inline int crypto_qti_program_key( static inline int crypto_qti_program_key( struct crypto_vops_qti_entry *ice_entry, struct crypto_vops_qti_entry *ice_entry, Loading @@ -31,6 +34,12 @@ static inline int crypto_qti_invalidate_key( { { return 0; return 0; } } static int crypto_qti_tz_raw_secret(u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size) { return 0; } #endif /* CONFIG_QTI_CRYPTO_TZ */ #endif /* CONFIG_QTI_CRYPTO_TZ */ static inline void crypto_qti_disable_platform( static inline void crypto_qti_disable_platform( Loading drivers/soc/qcom/crypto-qti-tz.c +49 −1 Original line number Original line Diff line number Diff line Loading @@ -58,7 +58,7 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, desc.arginfo = TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_PARAM_ID; desc.arginfo = TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_PARAM_ID; desc.args[0] = slot; desc.args[0] = slot; desc.args[1] = shm.paddr; desc.args[1] = shm.paddr; desc.args[2] = shm.size; desc.args[2] = key->size; desc.args[3] = ICE_CIPHER_MODE_XTS_256; desc.args[3] = ICE_CIPHER_MODE_XTS_256; desc.args[4] = data_unit_mask; desc.args[4] = data_unit_mask; desc.args[5] = storage_type; desc.args[5] = storage_type; Loading Loading @@ -93,6 +93,54 @@ int crypto_qti_invalidate_key( return err; return err; } } int crypto_qti_tz_raw_secret(const u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size) { int err = 0; struct qtee_shm shm_key, shm_secret; uint32_t smc_id = 0; struct scm_desc desc = {0}; char *tzbuf_key; err = qtee_shmbridge_allocate_shm(wrapped_key_size, &shm_key); if (err) return -ENOMEM; err = qtee_shmbridge_allocate_shm(secret_size, &shm_secret); if (err) return -ENOMEM; tzbuf_key = shm_key.vaddr; memcpy(tzbuf_key, wrapped_key, wrapped_key_size); dmac_flush_range(tzbuf_key, tzbuf_key + wrapped_key_size); smc_id = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID; desc.arginfo = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID; desc.args[0] = shm_key.paddr; desc.args[1] = wrapped_key_size; desc.args[2] = shm_secret.paddr; desc.args[3] = secret_size; memset(shm_secret.vaddr, 0, secret_size); dmac_flush_range(shm_secret.vaddr, shm_secret.vaddr + secret_size); err = scm_call2_noretry(smc_id, &desc); if (err) { pr_err("%s failed to retrieve raw secret\n", __func__, err); return err; } dmac_inv_range(shm_secret.vaddr, shm_secret.vaddr + secret_size); memcpy(secret, shm_secret.vaddr, secret_size); qtee_shmbridge_free_shm(&shm_key); qtee_shmbridge_free_shm(&shm_secret); return err; } static int crypto_qti_storage_type(unsigned int *s_type) static int crypto_qti_storage_type(unsigned int *s_type) { { char boot[20] = {'\0'}; char boot[20] = {'\0'}; Loading drivers/soc/qcom/crypto-qti-tz.h +10 −0 Original line number Original line Diff line number Diff line Loading @@ -10,6 +10,7 @@ #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE 0x5 #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE 0x5 #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE 0x6 #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE 0x6 #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE 0x7 #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_ID \ #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_ID \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, TZ_SVC_ES, \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, TZ_SVC_ES, \ Loading @@ -19,6 +20,10 @@ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE) TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE) #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SVC_ES, TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE) #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE_PARAM_ID \ #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE_PARAM_ID \ TZ_SYSCALL_CREATE_PARAM_ID_2( \ TZ_SYSCALL_CREATE_PARAM_ID_2( \ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL) TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL) Loading @@ -30,6 +35,11 @@ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_VAL) TZ_SYSCALL_PARAM_TYPE_VAL) #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID \ TZ_SYSCALL_CREATE_PARAM_ID_4( \ TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL) enum { enum { ICE_CIPHER_MODE_XTS_128 = 0, ICE_CIPHER_MODE_XTS_128 = 0, ICE_CIPHER_MODE_CBC_128 = 1, ICE_CIPHER_MODE_CBC_128 = 1, Loading Loading
drivers/mmc/host/cqhci-crypto-qti.c +4 −13 Original line number Original line Diff line number Diff line Loading @@ -129,20 +129,11 @@ static int cqhci_crypto_qti_derive_raw_secret(struct keyslot_manager *ksm, { { int err = 0; int err = 0; if (wrapped_key_size <= RAW_SECRET_SIZE) { err = crypto_qti_derive_raw_secret(wrapped_key, wrapped_key_size, pr_err("%s: Invalid wrapped_key_size: %u\n", __func__, secret, secret_size); wrapped_key_size); err = -EINVAL; return err; } if (secret_size != RAW_SECRET_SIZE) { pr_err("%s: Invalid secret size: %u\n", __func__, secret_size); err = -EINVAL; return err; return err; } } memcpy(secret, wrapped_key, secret_size); return 0; } static const struct keyslot_mgmt_ll_ops cqhci_crypto_qti_ksm_ops = { static const struct keyslot_mgmt_ll_ops cqhci_crypto_qti_ksm_ops = { .keyslot_program = cqhci_crypto_qti_keyslot_program, .keyslot_program = cqhci_crypto_qti_keyslot_program, Loading
drivers/soc/qcom/crypto-qti-common.c +5 −1 Original line number Original line Diff line number Diff line Loading @@ -461,6 +461,10 @@ int crypto_qti_derive_raw_secret(const u8 *wrapped_key, return err; return err; } } if (wrapped_key_size > 64) err = crypto_qti_tz_raw_secret(wrapped_key, wrapped_key_size, secret, secret_size); else memcpy(secret, wrapped_key, secret_size); memcpy(secret, wrapped_key, secret_size); return err; return err; Loading
drivers/soc/qcom/crypto-qti-platform.h +9 −0 Original line number Original line Diff line number Diff line Loading @@ -17,6 +17,9 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, unsigned int data_unit_mask, int capid); unsigned int data_unit_mask, int capid); int crypto_qti_invalidate_key(struct crypto_vops_qti_entry *ice_entry, int crypto_qti_invalidate_key(struct crypto_vops_qti_entry *ice_entry, unsigned int slot); unsigned int slot); int crypto_qti_tz_raw_secret(const u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size); #else #else static inline int crypto_qti_program_key( static inline int crypto_qti_program_key( struct crypto_vops_qti_entry *ice_entry, struct crypto_vops_qti_entry *ice_entry, Loading @@ -31,6 +34,12 @@ static inline int crypto_qti_invalidate_key( { { return 0; return 0; } } static int crypto_qti_tz_raw_secret(u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size) { return 0; } #endif /* CONFIG_QTI_CRYPTO_TZ */ #endif /* CONFIG_QTI_CRYPTO_TZ */ static inline void crypto_qti_disable_platform( static inline void crypto_qti_disable_platform( Loading
drivers/soc/qcom/crypto-qti-tz.c +49 −1 Original line number Original line Diff line number Diff line Loading @@ -58,7 +58,7 @@ int crypto_qti_program_key(struct crypto_vops_qti_entry *ice_entry, desc.arginfo = TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_PARAM_ID; desc.arginfo = TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_PARAM_ID; desc.args[0] = slot; desc.args[0] = slot; desc.args[1] = shm.paddr; desc.args[1] = shm.paddr; desc.args[2] = shm.size; desc.args[2] = key->size; desc.args[3] = ICE_CIPHER_MODE_XTS_256; desc.args[3] = ICE_CIPHER_MODE_XTS_256; desc.args[4] = data_unit_mask; desc.args[4] = data_unit_mask; desc.args[5] = storage_type; desc.args[5] = storage_type; Loading Loading @@ -93,6 +93,54 @@ int crypto_qti_invalidate_key( return err; return err; } } int crypto_qti_tz_raw_secret(const u8 *wrapped_key, unsigned int wrapped_key_size, u8 *secret, unsigned int secret_size) { int err = 0; struct qtee_shm shm_key, shm_secret; uint32_t smc_id = 0; struct scm_desc desc = {0}; char *tzbuf_key; err = qtee_shmbridge_allocate_shm(wrapped_key_size, &shm_key); if (err) return -ENOMEM; err = qtee_shmbridge_allocate_shm(secret_size, &shm_secret); if (err) return -ENOMEM; tzbuf_key = shm_key.vaddr; memcpy(tzbuf_key, wrapped_key, wrapped_key_size); dmac_flush_range(tzbuf_key, tzbuf_key + wrapped_key_size); smc_id = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID; desc.arginfo = TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID; desc.args[0] = shm_key.paddr; desc.args[1] = wrapped_key_size; desc.args[2] = shm_secret.paddr; desc.args[3] = secret_size; memset(shm_secret.vaddr, 0, secret_size); dmac_flush_range(shm_secret.vaddr, shm_secret.vaddr + secret_size); err = scm_call2_noretry(smc_id, &desc); if (err) { pr_err("%s failed to retrieve raw secret\n", __func__, err); return err; } dmac_inv_range(shm_secret.vaddr, shm_secret.vaddr + secret_size); memcpy(secret, shm_secret.vaddr, secret_size); qtee_shmbridge_free_shm(&shm_key); qtee_shmbridge_free_shm(&shm_secret); return err; } static int crypto_qti_storage_type(unsigned int *s_type) static int crypto_qti_storage_type(unsigned int *s_type) { { char boot[20] = {'\0'}; char boot[20] = {'\0'}; Loading
drivers/soc/qcom/crypto-qti-tz.h +10 −0 Original line number Original line Diff line number Diff line Loading @@ -10,6 +10,7 @@ #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE 0x5 #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE 0x5 #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE 0x6 #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE 0x6 #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE 0x7 #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_ID \ #define TZ_ES_CONFIG_SET_ICE_KEY_CE_TYPE_ID \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, TZ_SVC_ES, \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, TZ_SVC_ES, \ Loading @@ -19,6 +20,10 @@ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE) TZ_SVC_ES, TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE) #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_ID \ TZ_SYSCALL_CREATE_SMC_ID(TZ_OWNER_SIP, \ TZ_SVC_ES, TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE) #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE_PARAM_ID \ #define TZ_ES_INVALIDATE_ICE_KEY_CE_TYPE_PARAM_ID \ TZ_SYSCALL_CREATE_PARAM_ID_2( \ TZ_SYSCALL_CREATE_PARAM_ID_2( \ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL) TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL) Loading @@ -30,6 +35,11 @@ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_VAL, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_VAL) TZ_SYSCALL_PARAM_TYPE_VAL) #define TZ_ES_RETRIEVE_RAW_SECRET_CE_TYPE_PARAM_ID \ TZ_SYSCALL_CREATE_PARAM_ID_4( \ TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL, \ TZ_SYSCALL_PARAM_TYPE_BUF_RW, TZ_SYSCALL_PARAM_TYPE_VAL) enum { enum { ICE_CIPHER_MODE_XTS_128 = 0, ICE_CIPHER_MODE_XTS_128 = 0, ICE_CIPHER_MODE_CBC_128 = 1, ICE_CIPHER_MODE_CBC_128 = 1, Loading
