diff options
author | Linux Build Service Account <lnxbuild@localhost> | 2019-07-21 19:45:58 -0700 |
---|---|---|
committer | Linux Build Service Account <lnxbuild@localhost> | 2019-07-21 19:45:58 -0700 |
commit | 62487cf737babc6499925f91ae68a31af902c197 (patch) | |
tree | 4c31108f3ba311038b19b04893d972c610d07d8f /cryptfs_hw.cpp | |
parent | 07f77ac64f3fb1bfe1bc4213f5add34b5bfb9dac (diff) | |
parent | 6b99d61baaee529c181a663a5f205b66c91141ff (diff) | |
download | android_vendor_qcom_opensource_cryptfs_hw-62487cf737babc6499925f91ae68a31af902c197.tar.gz android_vendor_qcom_opensource_cryptfs_hw-62487cf737babc6499925f91ae68a31af902c197.tar.bz2 android_vendor_qcom_opensource_cryptfs_hw-62487cf737babc6499925f91ae68a31af902c197.zip |
Merge 6b99d61baaee529c181a663a5f205b66c91141ff on remote branch
Change-Id: I06a01d7a7284ab32018272ce3cf70a9e22bed0ef
Diffstat (limited to 'cryptfs_hw.cpp')
-rw-r--r-- | cryptfs_hw.cpp | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/cryptfs_hw.cpp b/cryptfs_hw.cpp new file mode 100644 index 0000000..2d9af7a --- /dev/null +++ b/cryptfs_hw.cpp @@ -0,0 +1,134 @@ +/* Copyright (c) 2014, 2017, 2019 The Linux Foundation. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of The Linux Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <errno.h> +#include <linux/qseecom.h> +#include "cutils/log.h" +#include "cutils/properties.h" +#include "cryptfs_hw.h" +#include "CryptfsHw.h" + +using android::sp; +using vendor::qti::hardware::cryptfshw::V1_0::ICryptfsHw; +using ::android::hardware::Return; +using ::android::hardware::Void; + +#define QTI_ICE_STORAGE_UFS 1 +#define QTI_ICE_STORAGE_SDCC 2 + +#ifdef QSEECOM_IOCTL_SET_ICE_INFO +int set_ice_param(int flag) +{ + int rc = -1; + sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService(); + if (cryptfshwService.get() == nullptr) { + ALOGE("Failed to get Cryptfshw service"); + return rc; + } + rc = cryptfshwService->setIceParam(flag); + return rc; +} +#else +int set_ice_param(int flag) +{ + return -1; +} +#endif + +int set_hw_device_encryption_key(const char* passwd, const char* enc_mode) +{ + int rc = -1; + sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService(); + if (cryptfshwService.get() == nullptr) { + ALOGE("Failed to get Cryptfshw service"); + return rc; + } + rc = cryptfshwService->setKey(passwd, enc_mode); + return rc; +} + +int update_hw_device_encryption_key(const char* oldpw, const char* newpw, const char* enc_mode) +{ + int rc = -1; + sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService(); + if (cryptfshwService.get() == nullptr) { + ALOGE("Failed to get Cryptfshw service"); + return rc; + } + rc = cryptfshwService->updateKey(oldpw, newpw, enc_mode); + return rc; +} + +unsigned int is_hw_disk_encryption(const char* encryption_mode) +{ + int ret = 0; + if(encryption_mode) { + if (!strcmp(encryption_mode, "aes-xts")) { + SLOGD("HW based disk encryption is enabled \n"); + ret = 1; + } + } + return ret; +} + +int is_ice_enabled(void) +{ + char prop_storage[PATH_MAX]; + int storage_type = 0; + + if (property_get("ro.boot.bootdevice", prop_storage, "")) { + if (strstr(prop_storage, "ufs")) { + /* All UFS based devices has ICE in it. So we dont need + * to check if corresponding device exists or not + */ + storage_type = QTI_ICE_STORAGE_UFS; + } else if (strstr(prop_storage, "sdhc")) { + if (access("/dev/icesdcc", F_OK) != -1) + storage_type = QTI_ICE_STORAGE_SDCC; + } + } + return storage_type; +} + +int clear_hw_device_encryption_key() +{ + int rc = -1; + sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService(); + if (cryptfshwService.get() == nullptr) { + ALOGE("Failed to get Cryptfshw service"); + return rc; + } + rc = cryptfshwService->clearKey(); + return rc; +} + |