Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c1333e47 authored by Jiten Patel's avatar Jiten Patel
Browse files

qseecom: Add flag to support key wrap in KS 



Allow to use KS key instead of user key to wrap
ICE master key. This is required for devices
which don't have provision to modify user key.

Change-Id: I2a7f6cd10a9c69b5d5d8a39e31a3d1630136eaa6
Signed-off-by: default avatarJiten Patel <jitepate@codeaurora.org>
parent 15d63659

Documentation/devicetree/bindings/qseecom/qseecom.txt

+3 −0
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ Optional properties: 
  - qcom,qsee-reentrancy-support: indicates the qsee reentrancy phase supported by the target

  - qcom,commonlib64-loaded-by-uefi: indicates commonlib64 is loaded by uefi already

  - qcom,fde-key-size: indicates which FDE key size is used in device.

  - qcom,enable-key-wrap-in-ks: enables wrapping of ICE key with KS key.



Example:

	qcom,qseecom@fe806000 {
@@ -40,6 +41,7 @@ Example: 
		qcom,hlos-ce-hw-instance = <1 2>;

		qcom,qsee-ce-hw-instance = <0>;

		qcom,support-fde;

		qcom,enable-key-wrap-in-ks;

		qcom,support-pfe;

		qcom,msm_bus,name = "qseecom-noc";

		qcom,msm_bus,num_cases = <4>;
@@ -64,6 +66,7 @@ Example: The following dts setup is the same as the example above. 
		reg = <0x7f00000 0x500000>;

		reg-names = "secapp-region";

		qcom,support-fde;

		qcom,enable-key-wrap-in-ks;

		qcom,full-disk-encrypt-info = <0 1 2>, <0 2 2>;

		qcom,support-pfe;

		qcom,per-file-encrypt-info = <0 1 0>, <0 2 0>;

drivers/misc/qseecom.c

+16 −1
Original line number Diff line number Diff line 
/*Qualcomm Secure Execution Environment Communicator (QSEECOM) driver

 *

 * Copyright (c) 2012-2017, The Linux Foundation. All rights reserved.

 * Copyright (c) 2012-2018, The Linux Foundation. All rights reserved.

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 and
@@ -109,6 +109,9 @@ 
#define DEFAULT_CE_INFO_UNIT 0

#define DEFAULT_NUM_CE_INFO_UNIT 1



#define FDE_FLAG_POS    4

#define ENABLE_KEY_WRAP_IN_KS    (1 << FDE_FLAG_POS)



enum qseecom_clk_definitions {

	CLK_DFAB = 0,

	CLK_SFPB,
@@ -273,6 +276,7 @@ struct qseecom_control { 
	unsigned int ce_opp_freq_hz;

	bool appsbl_qseecom_support;

	uint32_t qsee_reentrancy_support;

	bool enable_key_wrap_in_ks;



	uint32_t app_block_ref_cnt;

	wait_queue_head_t app_block_wq;
@@ -5779,6 +5783,9 @@ static int qseecom_create_key(struct qseecom_dev_handle *data, 
	else

		flags |= QSEECOM_ICE_FDE_KEY_SIZE_16_BYTE;



	if (qseecom.enable_key_wrap_in_ks == true)

		flags |= ENABLE_KEY_WRAP_IN_KS;



	generate_key_ireq.flags = flags;

	generate_key_ireq.qsee_command_id = QSEOS_GENERATE_KEY;

	memset((void *)generate_key_ireq.key_id,
@@ -8467,6 +8474,14 @@ static int qseecom_probe(struct platform_device *pdev) 
				qseecom.qsee_reentrancy_support);

		}



		qseecom.enable_key_wrap_in_ks =

			of_property_read_bool((&pdev->dev)->of_node,

					"qcom,enable-key-wrap-in-ks");

		if (qseecom.enable_key_wrap_in_ks) {

			pr_warn("qseecom.enable_key_wrap_in_ks = %d\n",

					qseecom.enable_key_wrap_in_ks);

		}



		/*

		 * The qseecom bus scaling flag can not be enabled when

		 * crypto clock is not handled by HLOS.