├── .gitupstream
├── Android.bp
├── NOTICE
├── cryptfs_hw.cpp
└── cryptfs_hw.h


/.gitupstream:
--------------------------------------------------------------------------------
1 | https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/cryptfs_hw
2 | 


--------------------------------------------------------------------------------
/Android.bp:
--------------------------------------------------------------------------------
 1 | sourceFiles = ["cryptfs_hw.cpp"]
 2 | 
 3 | commonSharedLibraries = [
 4 |     "libcutils",
 5 |     "libutils",
 6 |     "libdl",
 7 |     "libhardware",
 8 |     "liblog",
 9 |     "libhidlbase",
10 |     "libbinder",
11 |     "vendor.qti.hardware.cryptfshw@1.0",
12 | ]
13 | 
14 | cc_library_shared {
15 |     name: "libcryptfs_hw",
16 |     defaults: [
17 |       "legacy_hw_disk_encryption_defaults",
18 |     ],
19 |     header_libs: ["libhardware_headers"],
20 |     srcs: sourceFiles,
21 |     shared_libs: commonSharedLibraries,
22 | 
23 |     owner: "qti",
24 |     system_ext_specific: true,
25 | }
26 | 
27 | cc_library_headers {
28 |     name: "libcryptfs_hw_headers",
29 |     export_include_dirs: ["."],
30 | }
31 | 


--------------------------------------------------------------------------------
/NOTICE:
--------------------------------------------------------------------------------
 1 | Copyright (c) 2014, 2017, The Linux Foundation. All rights reserved.
 2 | 
 3 | Redistribution and use in source and binary forms, with or without
 4 | modification, are permitted (subject to the limitations in the
 5 | disclaimer below) provided that the following conditions are met:
 6 | 
 7 |    * Redistributions of source code must retain the above copyright
 8 |      notice, this list of conditions and the following disclaimer.
 9 | 
10 |    * Redistributions in binary form must reproduce the above
11 |      copyright notice, this list of conditions and the following
12 |      disclaimer in the documentation and/or other materials provided
13 |      with the distribution.
14 | 
15 |    * Neither the name of The Linux Foundation nor the names of its
16 |      contributors may be used to endorse or promote products derived
17 |      from this software without specific prior written permission.
18 | 
19 | NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE
20 | GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT
21 | HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
22 | WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
23 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24 | IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
25 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
27 | GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28 | INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
29 | IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 | OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
31 | IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 | 


--------------------------------------------------------------------------------
/cryptfs_hw.cpp:
--------------------------------------------------------------------------------
  1 | /* Copyright (c) 2014, 2017, 2019 The Linux Foundation. All rights reserved.
  2 |  *
  3 |  * Redistribution and use in source and binary forms, with or without
  4 |  * modification, are permitted provided that the following conditions are
  5 |  * met:
  6 |  *   * Redistributions of source code must retain the above copyright
  7 |  *     notice, this list of conditions and the following disclaimer.
  8 |  *   * Redistributions in binary form must reproduce the above
  9 |  *     copyright notice, this list of conditions and the following
 10 |  *     disclaimer in the documentation and/or other materials provided
 11 |  *     with the distribution.
 12 |  *   * Neither the name of The Linux Foundation nor the names of its
 13 |  *     contributors may be used to endorse or promote products derived
 14 |  *     from this software without specific prior written permission.
 15 |  *
 16 |  * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
 17 |  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 18 |  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
 19 |  * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
 20 |  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 21 |  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 22 |  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 23 |  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 24 |  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 25 |  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 26 |  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 27 |  */
 28 | 
 29 | #define LOG_TAG "Cryptfs_hw"
 30 | 
 31 | #include <stdlib.h>
 32 | #include <string.h>
 33 | #include <sys/types.h>
 34 | #include <sys/stat.h>
 35 | #include <fcntl.h>
 36 | #include <errno.h>
 37 | #include "cutils/log.h"
 38 | #include "cutils/properties.h"
 39 | #include "cryptfs_hw.h"
 40 | #ifdef LEGACY_HW_DISK_ENCRYPTION
 41 | #include <hardware/hardware.h>
 42 | #include <hardware/keymaster_common.h>
 43 | #endif
 44 | #include <vendor/qti/hardware/cryptfshw/1.0/ICryptfsHw.h>
 45 | 
 46 | using android::sp;
 47 | using vendor::qti::hardware::cryptfshw::V1_0::ICryptfsHw;
 48 | using ::android::hardware::Return;
 49 | using ::android::hardware::Void;
 50 | 
 51 | #define QTI_ICE_STORAGE_UFS				1
 52 | #define QTI_ICE_STORAGE_SDCC				2
 53 | 
 54 | int set_ice_param(int flag)
 55 | {
 56 |     int rc = -1;
 57 |     sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService();
 58 |     if (cryptfshwService.get() == nullptr) {
 59 |         ALOGE("Failed to get Cryptfshw service");
 60 |         return rc;
 61 |     }
 62 |     rc = cryptfshwService->setIceParam(flag);
 63 |     return rc;
 64 | }
 65 | 
 66 | int set_hw_device_encryption_key(const char* passwd, const char* enc_mode)
 67 | {
 68 |     int rc = -1;
 69 |     sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService();
 70 |     if (cryptfshwService.get() == nullptr) {
 71 |         ALOGE("Failed to get Cryptfshw service");
 72 |         return rc;
 73 |     }
 74 |     rc = cryptfshwService->setKey(passwd, enc_mode);
 75 |     return rc;
 76 | }
 77 | 
 78 | int update_hw_device_encryption_key(const char* oldpw, const char* newpw, const char* enc_mode)
 79 | {
 80 |     int rc = -1;
 81 |     sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService();
 82 |     if (cryptfshwService.get() == nullptr) {
 83 |         ALOGE("Failed to get Cryptfshw service");
 84 |         return rc;
 85 |     }
 86 |     rc = cryptfshwService->updateKey(oldpw, newpw, enc_mode);
 87 |     return rc;
 88 | }
 89 | 
 90 | unsigned int is_hw_disk_encryption(const char* encryption_mode)
 91 | {
 92 |     int ret = 0;
 93 |     if(encryption_mode) {
 94 |         if (!strcmp(encryption_mode, "aes-xts")) {
 95 |             SLOGD("HW based disk encryption is enabled \n");
 96 |             ret = 1;
 97 |         }
 98 |     }
 99 |     return ret;
100 | }
101 | 
102 | int is_ice_enabled(void)
103 | {
104 |   char prop_storage[PATH_MAX];
105 |   int storage_type = 0;
106 | 
107 |   if (property_get("ro.boot.bootdevice", prop_storage, "")) {
108 |     if (strstr(prop_storage, "ufs")) {
109 |       /* All UFS based devices has ICE in it. So we dont need
110 |        * to check if corresponding device exists or not
111 |        */
112 |       storage_type = QTI_ICE_STORAGE_UFS;
113 |     } else if (strstr(prop_storage, "sdhc")) {
114 |       if (access("/dev/icesdcc", F_OK) != -1)
115 |         storage_type = QTI_ICE_STORAGE_SDCC;
116 |     }
117 |   }
118 |   return storage_type;
119 | }
120 | 
121 | int clear_hw_device_encryption_key()
122 | {
123 |     int rc = -1;
124 |     sp<ICryptfsHw> cryptfshwService = ICryptfsHw::getService();
125 |     if (cryptfshwService.get() == nullptr) {
126 |         ALOGE("Failed to get Cryptfshw service");
127 |         return rc;
128 |     }
129 |     rc = cryptfshwService->clearKey();
130 |     return rc;
131 | }
132 | 
133 | #ifdef LEGACY_HW_DISK_ENCRYPTION
134 | static int get_keymaster_version()
135 | {
136 |     int rc = -1;
137 |     const hw_module_t* mod;
138 |     rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
139 |     if (rc) {
140 |         ALOGE("could not find any keystore module");
141 |         return rc;
142 |     }
143 |     return mod->module_api_version;
144 | }
145 | 
146 | int should_use_keymaster()
147 | {
148 |     /*
149 |      * HW FDE key should be tied to keymaster
150 |      * if version is above 0.3. this is to
151 |      * support msm8909 go target.
152 |      */
153 |     int rc = 1;
154 |     if (get_keymaster_version() == KEYMASTER_MODULE_API_VERSION_0_3) {
155 |         ALOGI("Keymaster version is 0.3");
156 |         rc = 0;
157 |     }
158 |     return rc;
159 | }
160 | #endif
161 | 


--------------------------------------------------------------------------------
/cryptfs_hw.h:
--------------------------------------------------------------------------------
 1 | /* Copyright (c) 2014, The Linux Foundation. All rights reserved.
 2 |  *
 3 |  * Redistribution and use in source and binary forms, with or without
 4 |  * modification, are permitted provided that the following conditions are
 5 |  * met:
 6 |  *   * Redistributions of source code must retain the above copyright
 7 |  *     notice, this list of conditions and the following disclaimer.
 8 |  *   * Redistributions in binary form must reproduce the above
 9 |  *     copyright notice, this list of conditions and the following
10 |  *     disclaimer in the documentation and/or other materials provided
11 |  *     with the distribution.
12 |  *   * Neither the name of The Linux Foundation nor the names of its
13 |  *     contributors may be used to endorse or promote products derived
14 |  *     from this software without specific prior written permission.
15 |  *
16 |  * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
17 |  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
18 |  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
19 |  * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
20 |  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 |  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 |  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
23 |  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24 |  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
25 |  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
26 |  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 |  */
28 | 
29 | #ifndef __CRYPTFS_HW_H_
30 | #define __CRYPTFS_HW_H_
31 | 
32 | #ifdef __cplusplus
33 | extern "C" {
34 | #endif
35 | 
36 | /*This is equivalent of MAX_CRYPTO_TYPE_NAME_LEN*/
37 | #define CRYPTO_ALGO_LENGTH 64
38 | #define START_ENC 0x1
39 | #define START_ENCDEC 0x3
40 | 
41 | int set_hw_device_encryption_key(const char*, const char*);
42 | int update_hw_device_encryption_key(const char*, const char*, const char*);
43 | int clear_hw_device_encryption_key();
44 | unsigned int is_hw_disk_encryption(const char*);
45 | int is_ice_enabled(void);
46 | #ifdef LEGACY_HW_DISK_ENCRYPTION
47 | int should_use_keymaster();
48 | #else
49 | inline int should_use_keymaster(){return 1;}
50 | #endif
51 | int set_ice_param(int flag);
52 | 
53 | #ifdef __cplusplus
54 | }
55 | #endif
56 | #endif
57 | 


--------------------------------------------------------------------------------