Age | Commit message (Collapse) | Author |
|
Use the correct type qualifier to print size_t
and ssize_t. This will fix the compilation errors when
compiling for ARM. While at it, fix the compilation errors
in pfk_kc.c for sched functions by including sched.h.
Change-Id: I4fac4530dd4b31baf62ef3719535fd662dc2ae37
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
|
|
bio's without data are not relevant, bio_had_data checks this,
replaced redundant checks to call to this function.
Also, additional clean ups performed
Change-Id: I315bcf43cf3d32e78d53b818571da1f5175f8ac3
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
ICE 3.0 crypto sequences were changed, CTRL_INFO register
no longer exists and doesn't need to be configured. The configuration
is done via utrd.
Change-Id: I5d69436ec59476fc5cd427458d79f8c99266f243
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
These scm calls may take a long time to complete on TZ side,
switch to non-atomic calls.
Change-Id: If98ef69e2474f1c50670c2605afe9769a4e0fb39
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
When working with multiple files and multiple threads, the following
scenario can occur:
1. File Close -> Key cache removal -> context switch
2. Open new file -> occupy the entry cleaned in 1
-> TZ_ES_SET_ICE_KEY -> context switch
3. Back to 1 -> TZ_ES_INVALIDATE_ICE_KEY
4. Back to 2 -> ICE uses the key that is already invalid
5. Crash due to PARTIALLY_SET_KEY_USED
To fix this, pfk must know when requests using some key are completed.
Only then key removal shall be allowed and until then key invalidation
must wait.
A new callback was added to let clients inform PFK when requests end.
Change-Id: Id7f8a3302fac9fafd1203d8d56ca13d59b45bbd5
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
Cipher was sometimes not treated properly, causing valid
requests belonging to eCryptfs to be treated as regular.
Change-Id: Iabfb93cc4c9e9e167901043482eb99613ed70343
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
|
|
Also added useful function for translation between inode to filename
Change-Id: If0d5db3545a71c85223ef53980ee61f9dbd002d9
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
Our logic that distinguished eCryptfs files from non eCryptfs ones
checked bi_vcnt field in bio to make sure it has valid bio vecs.
Apparently this field is not updated in some cases by block layer
and in general can't be trusted outside of code that own bio.
There is another field that need to be used for this purpose - bi_size
Change-Id: Ibf225543618373699a0d5adc3295daf9ded6169a
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
ICE clocks need to be turned on to clear the key, fixed
Change-Id: I1cd5a10899c2f128b138fe380beb34a5a310fa05
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
When key is set in ICE via TZ, HLOS should send two parts, SALT and
the KEY itself according to AES standards. KEY was used for both parts.
Change-Id: I453dea289b01bdf49352d5209255966052f5dc1b
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
|
|
PFK is a new module that accompanies eCryptfs and
enables it to utilize ICE hw encryption engine. Module
is responsible for storing encryption/decryption keys
inside eCryptfs inodes for each file and loading them
to ICE
Change-Id: I6e755ca657164919147fe0d9482477e14a4be5eb
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
[gbroner@codeaurora.org: fix merge conflicts, adapted LSM hooks
and added missing qseecom headers to fix compilation]
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
|
|
QCOM security components were moved to security folder inside
kernel which is more appropriate
Change-Id: I4e450a23583ceac929a3980b1b5998f4e0c7cfa9
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
[gbroner@codeaurora.org: fix merge conflicts and updated ARCH_QCOM]
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
|