summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Android.mk4
-rwxr-xr-xcryptfs_hw.c57
-rwxr-xr-xcryptfs_hw.h1
3 files changed, 62 insertions, 0 deletions
diff --git a/Android.mk b/Android.mk
index 1d71c2a..8a475a0 100644
--- a/Android.mk
+++ b/Android.mk
@@ -22,6 +22,10 @@ LOCAL_SHARED_LIBRARIES := $(commonSharedLibraries)
LOCAL_MODULE_OWNER := qcom
+ifeq ($(TARGET_SWV8_DISK_ENCRYPTION),true)
+LOCAL_CFLAGS += -DCONFIG_SWV8_DISK_ENCRYPTION
+endif
+
# USE_ICE_FOR_STORAGE_ENCRYPTION would be true in future if
# TARGET_USE_EMMC_USE_ICE is set
ifeq ($(TARGET_USE_UFS_ICE),true)
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index 6695552..ff06c9f 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -64,6 +64,11 @@
/* Operations that be performed on HW based device encryption key */
#define SET_HW_DISK_ENC_KEY 1
#define UPDATE_HW_DISK_ENC_KEY 2
+#define MAX_DEVICE_ID_LENGTH 4 /* 4 = 3 (MAX_SOC_ID_LENGTH) + 1 */
+
+static unsigned int cpu_id[] = {
+ 239, /* MSM8939 SOC ID */
+};
#define QSEECOM_UP_CHECK_COUNT 10
@@ -235,6 +240,58 @@ unsigned int is_hw_disk_encryption(const char* encryption_mode)
return ret;
}
+/*
+ * By default HW FDE is enabled, if the execution comes to
+ * is_hw_fde_enabled() API then for specific device/soc id,
+ * HW FDE is disabled.
+ */
+#ifdef CONFIG_SWV8_DISK_ENCRYPTION
+unsigned int is_hw_fde_enabled(void)
+{
+ unsigned int device_id = -1;
+ unsigned int array_size;
+ unsigned int status = 1;
+ FILE *fd = NULL;
+ unsigned int i;
+ int ret = -1;
+ char buf[MAX_DEVICE_ID_LENGTH];
+
+ fd = fopen("/sys/devices/soc0/soc_id", "r");
+ if (fd) {
+ ret = fread(buf, 1, MAX_DEVICE_ID_LENGTH, fd);
+ fclose(fd);
+ } else {
+ fd = fopen("/sys/devices/system/soc/soc0/id", "r");
+ if (fd) {
+ ret = fread(buf, 1, MAX_DEVICE_ID_LENGTH, fd);
+ fclose(fd);
+ }
+ }
+
+ if (ret > 0) {
+ device_id = atoi(buf);
+ } else {
+ SLOGE("Failed to read device id");
+ return status;
+ }
+
+ array_size = sizeof(cpu_id) / sizeof(cpu_id[0]);
+ for (i = 0; i < array_size; i++) {
+ if (device_id == cpu_id[i]) {
+ status = 0;
+ break;
+ }
+ }
+
+ return status;
+}
+#else
+unsigned int is_hw_fde_enabled(void)
+{
+ return 1;
+}
+#endif
+
int is_ice_enabled(void)
{
char prop_storage[PATH_MAX];
diff --git a/cryptfs_hw.h b/cryptfs_hw.h
index e857c47..9862212 100755
--- a/cryptfs_hw.h
+++ b/cryptfs_hw.h
@@ -37,6 +37,7 @@ int set_hw_device_encryption_key(const char*, const char*);
int update_hw_device_encryption_key(const char*, const char*, const char*);
int clear_hw_device_encryption_key();
unsigned int is_hw_disk_encryption(const char*);
+unsigned int is_hw_fde_enabled(void);
int is_ice_enabled(void);
int should_use_keymaster();