summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDinesh K Garg <dineshg@codeaurora.org>2015-05-12 15:40:05 -0700
committerZhao Wei Liew <zhaoweiliew@gmail.com>2017-02-12 20:43:41 +0800
commit1ecf84f4002cc250ce688e18d43547b07b86234b (patch)
treea0482fea03290821ee400f5c497d0516377cb148
parent2fc15a02e5d1c7ea4f8cc55818e49858e5ca8fc4 (diff)
downloadandroid_vendor_qcom_opensource_cryptfs_hw-1ecf84f4002cc250ce688e18d43547b07b86234b.tar.gz
android_vendor_qcom_opensource_cryptfs_hw-1ecf84f4002cc250ce688e18d43547b07b86234b.tar.bz2
android_vendor_qcom_opensource_cryptfs_hw-1ecf84f4002cc250ce688e18d43547b07b86234b.zip
Adding support for eMMC based ICE
ICE (Inline Crypto Engine) encrypts/decrypts storage IO requests to minimize degradation in storage IO throughput. ICE has been added to eMMC based storage hardware as well. Adding required support for eMMC based ICE. Change-Id: I7986d95ccabca9d6d029653c804608e7d78ad9ef
-rwxr-xr-xcryptfs_hw.c62
1 files changed, 29 insertions, 33 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index ff603cf..76609ff 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -52,8 +52,11 @@
// wipe userdata partition once this error is received.
#define ERR_MAX_PASSWORD_ATTEMPTS -10
#define QSEECOM_DISK_ENCRYPTION 1
-#define QSEECOM_ICE_DISK_ENCRYPTION 3
+#define QSEECOM_UFS_ICE_DISK_ENCRYPTION 3
+#define QSEECOM_SDCC_ICE_DISK_ENCRYPTION 4
#define MAX_PASSWORD_LEN 32
+#define QCOM_ICE_STORAGE_UFS 1
+#define QCOM_ICE_STORAGE_SDCC 2
/* Operations that be performed on HW based device encryption key */
#define SET_HW_DISK_ENC_KEY 1
@@ -66,11 +69,18 @@ static int (*qseecom_update_key)(int, void*, void*);
static int map_usage(int usage)
{
- return (is_ice_enabled() && (usage == QSEECOM_DISK_ENCRYPTION)) ?
- QSEECOM_ICE_DISK_ENCRYPTION : usage;
+ int storage_type = is_ice_enabled();
+ if (usage == QSEECOM_DISK_ENCRYPTION) {
+ if (storage_type == QCOM_ICE_STORAGE_UFS) {
+ return QSEECOM_UFS_ICE_DISK_ENCRYPTION;
+ }
+ else if (storage_type == QCOM_ICE_STORAGE_SDCC) {
+ return QSEECOM_SDCC_ICE_DISK_ENCRYPTION ;
+ }
+ }
+ return usage;
}
-
static unsigned char* get_tmp_passwd(const char* passwd)
{
int passwd_len = 0;
@@ -185,34 +195,20 @@ unsigned int is_hw_disk_encryption(const char* encryption_mode)
int is_ice_enabled(void)
{
- /* If (USE_ICE_FLAG) => return 1
- * if (property set to use gpce) return 0
- * we are using property to test UFS + GPCE, even though not required
- * if (storage is ufs) return 1
- * else return 0 so that emmc based device can work properly
- */
-#ifdef USE_ICE_FOR_STORAGE_ENCRYPTION
- SLOGD("Ice enabled = true");
- return 1;
-#else
- char enc_hw_type[PATH_MAX];
- char prop_storage[PATH_MAX];
- int ice = 0;
- int i;
- if (property_get("crypto.fde_enc_hw_type", enc_hw_type, "")) {
- if(!strncmp(enc_hw_type, "gpce", PROPERTY_VALUE_MAX)) {
- SLOGD("GPCE would be used for HW FDE");
- return 0;
- }
+ char prop_storage[PATH_MAX];
+ int storage_type = 0;
+ int fd;
+
+ if (property_get("ro.boot.bootdevice", prop_storage, "")) {
+ if (strstr(prop_storage, "ufs")) {
+ /* All UFS based devices has ICE in it. So we dont need
+ * to check if corresponding device exists or not
+ */
+ storage_type = QCOM_ICE_STORAGE_UFS;
+ } else if (strstr(prop_storage, "sdhc")) {
+ if (access("/dev/icesdcc", F_OK) != -1)
+ storage_type = QCOM_ICE_STORAGE_SDCC;
}
-
- if (property_get("ro.boot.bootdevice", prop_storage, "")) {
- if(strstr(prop_storage, "ufs")) {
- SLOGD("ICE would be used for HW FDE");
- return 1;
- }
- }
- SLOGD("GPCE would be used for HW FDE");
- return 0;
-#endif
+ }
+ return storage_type;
}