From 53ae3b48568b97117d81cfb3ea938f8a3a4acb5d Mon Sep 17 00:00:00 2001
From: AnilKumar Chimata <anilc@codeaurora.org>
Date: Wed, 10 Dec 2014 01:14:16 +0530
Subject: cryptfs_hw: Add support for wipe_key routine

Add support for wipe_key routine to clean key.

Change-Id: I9e258e1506d0634c4fc5b5142475005f6eb51c4e
---
 cryptfs_hw.c | 24 ++++++++++++++++++++++--
 cryptfs_hw.h |  1 +
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index 76609ff..a7164ab 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -66,6 +66,7 @@ static int loaded_library = 0;
 static unsigned char current_passwd[MAX_PASSWORD_LEN];
 static int (*qseecom_create_key)(int, void*);
 static int (*qseecom_update_key)(int, void*, void*);
+static int (*qseecom_wipe_key)(int);
 
 static int map_usage(int usage)
 {
@@ -127,8 +128,16 @@ static int load_qseecom_library()
         if((error = dlerror()) == NULL) {
             SLOGD("Success loading QSEECom_create_key \n");
             *(void **) (&qseecom_update_key) = dlsym(handle,"QSEECom_update_key_user_info");
-            if ((error = dlerror()) == NULL)
-                loaded_library = 1;
+            if ((error = dlerror()) == NULL) {
+                SLOGD("Success loading QSEECom_update_key_user_info\n");
+                *(void **) (&qseecom_wipe_key) = dlsym(handle,"QSEECom_wipe_key");
+                if ((error = dlerror()) == NULL) {
+                    loaded_library = 1;
+                    SLOGD("Success loading QSEECom_wipe_key \n");
+                }
+                else
+                    SLOGE("Error %s loading symbols for QSEECom APIs \n", error);
+            }
             else
                 SLOGE("Error %s loading symbols for QSEECom APIs \n", error);
         }
@@ -212,3 +221,14 @@ int is_ice_enabled(void)
   }
   return storage_type;
 }
+
+int wipe_hw_device_encryption_key(const char* enc_mode)
+{
+    if (!enc_mode)
+        return -1;
+
+    if (is_hw_disk_encryption(enc_mode) && load_qseecom_library())
+        return qseecom_wipe_key(map_usage(QSEECOM_DISK_ENCRYPTION));
+
+    return 0;
+}
diff --git a/cryptfs_hw.h b/cryptfs_hw.h
index 2fccd5d..c7b1746 100755
--- a/cryptfs_hw.h
+++ b/cryptfs_hw.h
@@ -35,6 +35,7 @@ extern "C" {
 
 int set_hw_device_encryption_key(const char*, const char*);
 int update_hw_device_encryption_key(const char*, const char*);
+int wipe_hw_device_encryption_key(const char*);
 unsigned int is_hw_disk_encryption(const char*);
 int is_ice_enabled(void);
 
-- 
cgit v1.2.3