Commit message (Collapse)AuthorAgeFilesLines
* cryptfs_hw: Fix stack out of bound issueHEADreplicant-6.0-0004-rc2replicant-6.0-0004-rc1replicant-6.0-0003replicant-6.0-0002cm-13.0refs/changes/39/175639/1Brahmaji K2017-06-021-1/+1
| | | | | | | Add strnlen() instead of strlen() to fix the buffer overflow while processing the password. Change-Id: I5996bb62980741b7463c8829a43524e79abc4f19
* cryptfs_hw: Add support for is_hw_fde_enabled routinereplicant-6.0-0001refs/changes/55/163455/1AnilKumar Chimata2017-02-263-0/+62
| | | | | | | | Add support for is_hw_fde_enabled routine to get the fde status based on the chipset. Change-Id: I7e0e078da6668e347a78de487da44ddc331bd478 (cherry picked from commit 144e832ff3e16af20d3975aeec4a64bf8f80a8a3)
* cryptfs_hw: Remove keymaster partition checkAnilKumar Chimata2017-02-121-7/+0
| | | | | | | | As the partition names are changing from branch to branch, device FDE key is not wrapped with Hw keymaster which is less secure. So removing the partition name related checks to avoid failures. Change-Id: If181b093122479ca57ff6846b10d6aa2fb3eaa0c
* Cleanup temporarily stored passwordsDinesh K Garg2017-02-121-1/+11
| | | | | | | | | While verifying or updating passwords, those are copied into temp variables which are freed after use. These variables should be cleaned up before freeing so that passwords are not left in memory if someone dumps the memory. Change-Id: I94f76f679bac18a682c796fe98236549e8f5e1aa
* cryptfs_hw: update the listener property with keymaster propertyBrahmaji K2017-02-121-1/+1
| | | | | | | | | Replace the sys.listener.registered with sys.keymaster.loaded because the keymaster loading is the final operation done by the qseecomd and key operations should wait till the qseecomd initialization completes. Change-Id: I78a2a6941058f8ec6197ef88b324f6178f7ae2fb
* Wait for QSEECom listeners before calling KMS APIsDinesh K Garg2017-02-121-0/+22
| | | | | | | | | | | Sometime it is possible that KMS APIs are invoked and QSEECom listeners are not up. This would cause failure from secure side and KMS API will fail eventually. This change waits for QSEECom listeners to be up before calling KMS APIs. If QSEECom listeners are not up even after wait period, API would fail without going to secure side. Change-Id: I211248645f92fc0fcfe6f250cb1f26661f5fb06c
* cryptfs_hw: Tie HW FDE keys with keymasterDinesh K Garg2017-02-123-1/+42
| | | | | | | | | HW FDE keys would be tied to keymaster so that if someone changes Root of Trust (ROT), encrypted data can't be used. Cryptfs_hw module is exposing a new API so that caller can determine whether to create dependency between HW FDE keys and keymaster. Change-Id: I85c85ffd9086f6c060032e4ae701b10363d88529
* cryptfs_hw: Update module as per vold projectDinesh K Garg2017-02-122-6/+3
| | | | | | | Update cryptfs_hw API signatures as per the vold project requests to avoid compilation errors. Change-Id: I1c2133f3cee395892e7fa160afc6314059ba0bcb
* cryptfs_hw: add string.hChiou-Hao Hsu2017-02-121-0/+1
| | | | Change-Id: I7f64400bfa33dcb87d2c6260b8a055d0262f7511
* cryptfs_hw: Update APIs to take old passwordAnilKumar Chimata2017-02-122-15/+13
| | | | | | | Update cryptfs_hw APIs to take old password along with the new passowrd. Change-Id: Ieca5c4bac36ba4bb2371d2f3bbe0cadf79e256d7
* cryptfs_hw: Add support for wipe_key routineAnilKumar Chimata2017-02-122-2/+23
| | | | | | Add support for wipe_key routine to clean key. Change-Id: I9e258e1506d0634c4fc5b5142475005f6eb51c4e
* Adding support for eMMC based ICEDinesh K Garg2017-02-121-33/+29
| | | | | | | | | ICE (Inline Crypto Engine) encrypts/decrypts storage IO requests to minimize degradation in storage IO throughput. ICE has been added to eMMC based storage hardware as well. Adding required support for eMMC based ICE. Change-Id: I7986d95ccabca9d6d029653c804608e7d78ad9ef
* Adding support of Inline Crypto Engine (ICE)Dinesh K Garg2017-02-123-12/+63
| | | | | | | | ICE requires keys to be set in key LUT. Changing APIs so that it return the key index in key LUT. It also needs to take care if ICE is available on the chip. Change-Id: I22be18738ba33e5b5c61639c24b320484d0ad7f2
* qcom/common: Added O_NOFOLLOW to avoid follow the symlinkSri Krishna Chaitanya Madireddy2017-02-121-1/+1
| | | | | | open system call is added with NOFOLLOW flag Change-Id: I402643635e3ee11b3ac5df63c3b71a9fd6f0d2db
* Port cryptfs_hw library to 64bit platformDinesh K Garg2017-02-122-3/+7
| | | | | | | 64 bit platform generates library at a different path compared to 32 bit platform.Added macros to take care of both kind of platforms. Change-Id: Ie32b8edaeb9f8f34095c7f18c4add83fe957d82a
* Wrong function pointer usageDinesh K Garg2017-02-122-14/+15
| | | | | | | | qseecom_create_key which is a function pointer is used after dereferencing it. Also fixed the issue where userdata may not be wiped after certain number of attemps. Change-Id: I4d14366e33c09da64f89000a16b7eef7d981cfda
* Place library in vendor folder on deviceDinesh K Garg2017-02-121-1/+2
| | | | | | | All vendors developed libraries must be in vendor folder on device. Using appropriate directive to accomplish the objective. Change-Id: I4ed413b799c0b66a86321f799713068776fa538a
* vold: HW based device encryptionDinesh K Garg2017-02-123-0/+234
SW based device encryption uses SW crypto engine. This module provides the support for VOLD to utilize HW crypto engine. HW based crypto engine is more efficient both in terms of power and throughput. Change-Id: I34107a0ce50d9fc5c80c15ace0678a0bba7adee5