From fa6531da3768c8a05cfdcff41e0a07865088430d Mon Sep 17 00:00:00 2001 From: Vaibhav Agrawal Date: Wed, 24 Feb 2021 11:55:42 +0530 Subject: [PATCH] Set the default slot for Full Disk Encryption key to 31 QSEECOM sets the Full Disk Encryption(FDE) key into slot 0 by default, but for File Based Encryption(FBE) device where Metadata Encryption(ME) is enabled, slot zero is already used. So, an ioctl for setting FDE key into Inline Crypto Engine(ICE) when called on device with ME enabled, would overwrite the key set for ME, and hence would lead to failure during reboot. Hence, set the slot value of FDE key as 31 which is the last slot supported. Use the same slot during read/write operations as well. Tests: 1. Device bootup for sm8150 target with FDE enabled 2. OTA update of kernel images with fix included. Change-Id: Id77c4e55ce5740fd8babdfa690d3c39d39258f6e Signed-off-by: Vaibhav Agrawal --- drivers/crypto/msm/ice.c | 9 ++++++++- drivers/misc/qseecom.c | 4 ++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/drivers/crypto/msm/ice.c b/drivers/crypto/msm/ice.c index c60d26272824..4c63a3c9867f 100644 --- a/drivers/crypto/msm/ice.c +++ b/drivers/crypto/msm/ice.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014-2020, The Linux Foundation. All rights reserved. +/* Copyright (c) 2014-2020,2021 The Linux Foundation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 and @@ -66,6 +66,8 @@ #define ICE_CRYPTO_CXT_FDE 1 #define ICE_CRYPTO_CXT_FBE 2 +#define ICE_FDE_KEY_INDEX 31 + static int ice_fde_flag; struct ice_clk_info { struct list_head list; @@ -147,6 +149,11 @@ static int qti_ice_setting_config(struct request *req, setting->encr_bypass = true; setting->decr_bypass = true; } + /* Qseecom now sets the FDE key to slot 31 by default, instead + * of slot 0, so use the same slot here during read/write + */ + if (cxt == ICE_CRYPTO_CXT_FDE) + setting->crypto_data.key_index = ICE_FDE_KEY_INDEX; } return 0; diff --git a/drivers/misc/qseecom.c b/drivers/misc/qseecom.c index b10d0677d2d8..21b27d4b159d 100644 --- a/drivers/misc/qseecom.c +++ b/drivers/misc/qseecom.c @@ -1,7 +1,7 @@ /* * QTI Secure Execution Environment Communicator (QSEECOM) driver * - * Copyright (c) 2012-2020, The Linux Foundation. All rights reserved. + * Copyright (c) 2012-2021, The Linux Foundation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 and @@ -94,7 +94,7 @@ #define TWO 2 #define QSEECOM_UFS_ICE_CE_NUM 10 #define QSEECOM_SDCC_ICE_CE_NUM 20 -#define QSEECOM_ICE_FDE_KEY_INDEX 0 +#define QSEECOM_ICE_FDE_KEY_INDEX 31 #define PHY_ADDR_4G (1ULL<<32)