diff options
author | Neeraj Soni <neersoni@codeaurora.org> | 2018-05-22 21:06:36 +0530 |
---|---|---|
committer | Michael Bestas <mkbestas@lineageos.org> | 2019-09-15 20:57:41 +0300 |
commit | 3e981dfe842f7725daad3ce8115358516a133bca (patch) | |
tree | c00fc2a6381d5a74d3bd84094ea7c9d68f00a91d | |
parent | cfbaa72407524013128f583e110a799b8642e206 (diff) | |
download | android_vendor_qcom_opensource_cryptfs_hw-3e981dfe842f7725daad3ce8115358516a133bca.tar.gz android_vendor_qcom_opensource_cryptfs_hw-3e981dfe842f7725daad3ce8115358516a133bca.tar.bz2 android_vendor_qcom_opensource_cryptfs_hw-3e981dfe842f7725daad3ce8115358516a133bca.zip |
cryptfs_hw: Choose keymaster version for key signing
Keymaster key signing support is available from version 1.0
and above. Thus, version 0.3 is excluded on supported targets.
[mikeioannina]: Adapt for Q
Change-Id: I0cd6455bc5d2459231cb56baf68e57073fe60d69
-rw-r--r-- | cryptfs_hw.cpp | 28 | ||||
-rw-r--r-- | cryptfs_hw.h | 2 |
2 files changed, 29 insertions, 1 deletions
diff --git a/cryptfs_hw.cpp b/cryptfs_hw.cpp index 2d9af7a..8f94493 100644 --- a/cryptfs_hw.cpp +++ b/cryptfs_hw.cpp @@ -35,6 +35,8 @@ #include <linux/qseecom.h> #include "cutils/log.h" #include "cutils/properties.h" +#include <hardware/hardware.h> +#include <hardware/keymaster_common.h> #include "cryptfs_hw.h" #include "CryptfsHw.h" @@ -132,3 +134,29 @@ int clear_hw_device_encryption_key() return rc; } +static int get_keymaster_version() +{ + int rc = -1; + const hw_module_t* mod; + rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod); + if (rc) { + ALOGE("could not find any keystore module"); + return rc; + } + return mod->module_api_version; +} + +int should_use_keymaster() +{ + /* + * HW FDE key should be tied to keymaster + * if version is above 0.3. this is to + * support msm8909 go target. + */ + int rc = 1; + if (get_keymaster_version() == KEYMASTER_MODULE_API_VERSION_0_3) { + ALOGI("Keymaster version is 0.3"); + rc = 0; + } + return rc; +} diff --git a/cryptfs_hw.h b/cryptfs_hw.h index d7ed51e..65321eb 100644 --- a/cryptfs_hw.h +++ b/cryptfs_hw.h @@ -43,7 +43,7 @@ int update_hw_device_encryption_key(const char*, const char*, const char*); int clear_hw_device_encryption_key(); unsigned int is_hw_disk_encryption(const char*); int is_ice_enabled(void); -inline int should_use_keymaster(){return 1;} +int should_use_keymaster(); int set_ice_param(int flag); #ifdef __cplusplus |