Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4bc645e9 authored by Komal Seelam's avatar Komal Seelam
Browse files

cnss: FR: Secure Firmware Download using sha256 hash 



Driver has to compute the SHA-256 hash for each FW bin.
Driver stores sha256 hash of each bin in global static variable.
Download FW bin if the computed hash matches with stored hash of
respective FW bin else bail out.
If Stored Hash entries are NULL, download fw in non-secure mode.
Host Driver will be secured by OEM.

CRs-Fixed: 707238
Change-Id: I553e7f905e8479357a328eadb8df9a3bd77b08a7
Signed-off-by: default avatarKomal Kumar <kseelam@codeaurora.org>
parent 6fd61d70

drivers/net/wireless/cnss/cnss.c

+31 −0
Original line number Diff line number Diff line
@@ -40,6 +40,9 @@ 
#include <mach/msm_pcie.h>

#endif

#include <net/cnss.h>

#include <linux/crypto.h>

#include <linux/scatterlist.h>



#define subsys_to_drv(d) container_of(d, struct cnss_data, subsys_desc)



#define VREG_ON			1
@@ -1747,6 +1750,34 @@ void cnss_set_driver_status(enum cnss_driver_status driver_status) 
}

EXPORT_SYMBOL(cnss_set_driver_status);



int cnss_get_sha_hash(const u8 *data, u32 data_len, u8 *hash_idx, u8 *out)

{

	struct scatterlist sg;

	struct hash_desc desc;

	int ret = 0;



	if (!out) {

		pr_err("memory for output buffer is not allocated\n");

		ret = -EINVAL;

		goto end;

	}



	desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;

	desc.tfm   = crypto_alloc_hash(hash_idx, 0, CRYPTO_ALG_ASYNC);

	if (IS_ERR(desc.tfm)) {

		pr_err("crypto_alloc_hash failed:%ld\n", PTR_ERR(desc.tfm));

		ret = PTR_ERR(desc.tfm);

		goto end;

	}



	sg_init_one(&sg, data, data_len);

	ret = crypto_hash_digest(&desc, &sg, sg.length, out);

	crypto_free_hash(desc.tfm);

end:

	return ret;

}

EXPORT_SYMBOL(cnss_get_sha_hash);



module_init(cnss_initialize);

module_exit(cnss_exit);

include/net/cnss.h

+2 −0
Original line number Diff line number Diff line
@@ -90,6 +90,8 @@ extern void cnss_get_boottime(struct timespec *ts); 
extern void cnss_init_work(struct work_struct *work, work_func_t func);

extern void cnss_init_delayed_work(struct delayed_work *work, work_func_t func);

extern int cnss_request_bus_bandwidth(int bandwidth);

extern int cnss_get_sha_hash(const u8 *data, u32 data_len,

					u8 *hash_idx, u8 *out);



extern void cnss_pm_wake_lock_init(struct wakeup_source *ws, const char *name);

extern void cnss_pm_wake_lock(struct wakeup_source *ws);