jenna
/
kernel_samsung_sm7125
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Set the default slot for Full Disk Encryption key to 31

Browse Source 
QSEECOM sets the Full Disk Encryption(FDE) key into
slot 0 by default, but for File Based Encryption(FBE)
device where Metadata Encryption(ME) is enabled, slot zero
is already used. So, an ioctl for setting FDE key into
Inline Crypto Engine(ICE) when called on device with ME
enabled, would overwrite the key set for ME, and hence
would lead to failure during reboot. Hence, set the slot
value of FDE key as 31 which is the last slot supported.
Use the same slot during read/write operations as well.

Tests: 1. Device bootup for sm8150 target with FDE enabled
       2. OTA update of kernel images with fix included.

Change-Id: Id77c4e55ce5740fd8babdfa690d3c39d39258f6e
Signed-off-by: Vaibhav Agrawal <vagrawa@codeaurora.org>
tirimbino
Vaibhav Agrawal 4 years ago
parent a8901f17b6
commit fa6531da37
2 changed files with 10 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      drivers/crypto/msm/ice.c
  2. 4
      drivers/misc/qseecom.c

9
drivers/crypto/msm/ice.c
Unescape View File

@ -1,4 +1,4 @@
/* Copyright (c) 2014-2020, The Linux Foundation. All rights reserved.
/* Copyright (c) 2014-2020,2021 The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@ -66,6 +66,8 @@
#define ICE_CRYPTO_CXT_FDE 1
#define ICE_CRYPTO_CXT_FBE 2
#define ICE_FDE_KEY_INDEX 31
static int ice_fde_flag;
struct ice_clk_info {
struct list_head list;
@ -147,6 +149,11 @@ static int qti_ice_setting_config(struct request *req,
setting->encr_bypass = true;
setting->decr_bypass = true;
}
/* Qseecom now sets the FDE key to slot 31 by default, instead
* of slot 0, so use the same slot here during read/write
*/
if (cxt == ICE_CRYPTO_CXT_FDE)
setting->crypto_data.key_index = ICE_FDE_KEY_INDEX;
}
return 0;

4
drivers/misc/qseecom.c
Unescape View File

@ -1,7 +1,7 @@
/*
* QTI Secure Execution Environment Communicator (QSEECOM) driver
*
* Copyright (c) 2012-2020, The Linux Foundation. All rights reserved.
* Copyright (c) 2012-2021, The Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
@ -94,7 +94,7 @@
#define TWO 2
#define QSEECOM_UFS_ICE_CE_NUM 10
#define QSEECOM_SDCC_ICE_CE_NUM 20
#define QSEECOM_ICE_FDE_KEY_INDEX 0
#define QSEECOM_ICE_FDE_KEY_INDEX 31
#define PHY_ADDR_4G (1ULL<<32)

Write Preview
Loading…
Cancel
Save