qseecom: Add support for PFE feature
Add key management support for crypto HW used for
PFE (per file encryption) features.
Change-Id: Ic0664973d9a4099f76d7b3040f0f81df8465cf71
Signed-off-by: Mona Hossain <mhossain@codeaurora.org>
Signed-off-by: Zhen Kong <zkong@codeaurora.org>
diff --git a/Documentation/devicetree/bindings/qseecom/qseecom.txt b/Documentation/devicetree/bindings/qseecom/qseecom.txt
index 9e582e2..c0426a7 100644
--- a/Documentation/devicetree/bindings/qseecom/qseecom.txt
+++ b/Documentation/devicetree/bindings/qseecom/qseecom.txt
@@ -4,6 +4,7 @@
- compatible : Should be "qcom,qseecom"
- reg : should contain memory region address reserved for loading secure apps.
- qcom,disk-encrypt-pipe-pair : indicates what CE HW pipe pair is used for disk encryption
+- qcom,file-encrypt-pipe-pair : indicates what CE HW pipe pair is used for file encryption
- qcom,hlos-ce-hw-instance : indicates what CE HW is used by HLOS crypto driver
- qcom,qsee-ce-hw-instance : indicates what CE HW is used by secure domain (TZ) crypto driver
- qcom, msm_bus,name: Should be "qseecom-noc"
@@ -12,7 +13,9 @@
- qcom, msm_bus,vectors: Vectors for bus topology.
Optional properties:
- - qcom,support-bus-scaling : optional, indicates if driver support scaling the bus for crypto operation.
+ - qcom,support-bus-scaling : indicates if driver support scaling the bus for crypto operation.
+ - qcom,support-fde : indicates if driver support key managing for full disk encryption feature.
+ - qcom,support-pfe : indicates if driver support key managing for per file encryption feature.
Example:
qcom,qseecom@fe806000 {
@@ -20,8 +23,11 @@
reg = <0x7f00000 0x500000>;
reg-names = "secapp-region";
qcom,disk-encrypt-pipe-pair = <2>;
+ qcom,file-encrypt-pipe-pair = <0>;
qcom,hlos-ce-hw-instance = <1>;
qcom,qsee-ce-hw-instance = <0>;
+ qcom,support-fde;
+ qcom,support-pfe;
qcom,msm_bus,name = "qseecom-noc";
qcom,msm_bus,num_cases = <4>;
qcom,msm_bus,active_only = <0>;
diff --git a/drivers/misc/qseecom.c b/drivers/misc/qseecom.c
index 7ad51e6..ecde6bb 100644
--- a/drivers/misc/qseecom.c
+++ b/drivers/misc/qseecom.c
@@ -127,6 +127,7 @@
uint32_t qsee_ce_hw_instance;
uint32_t hlos_ce_hw_instance;
uint32_t disk_encrypt_pipe;
+ uint32_t file_encrypt_pipe;
};
struct qseecom_clk {
@@ -166,6 +167,8 @@
struct qseecom_clk ce_drv;
bool support_bus_scaling;
+ bool support_fde;
+ bool support_pfe;
uint32_t cumulative_mode;
enum qseecom_bandwidth_request_mode current_mode;
struct timer_list bw_scale_down_timer;
@@ -2688,16 +2691,28 @@
int ret;
switch (usage) {
case QSEOS_KM_USAGE_DISK_ENCRYPTION:
- if (qseecom.ce_info.disk_encrypt_pipe == 0xFF ||
- qseecom.ce_info.hlos_ce_hw_instance == 0xFF) {
- pr_err("nfo unavailable: disk encr pipe %d ce_hw %d\n",
- qseecom.ce_info.disk_encrypt_pipe,
- qseecom.ce_info.hlos_ce_hw_instance);
- ret = -EINVAL;
- } else {
+ if (qseecom.support_fde) {
*pipe = qseecom.ce_info.disk_encrypt_pipe;
*ce_hw = qseecom.ce_info.hlos_ce_hw_instance;
ret = 0;
+
+ } else {
+ pr_err("info unavailable: disk encr pipe %d ce_hw %d\n",
+ qseecom.ce_info.disk_encrypt_pipe,
+ qseecom.ce_info.hlos_ce_hw_instance);
+ ret = -EINVAL;
+ }
+ break;
+ case QSEOS_KM_USAGE_FILE_ENCRYPTION:
+ if (qseecom.support_pfe) {
+ *pipe = qseecom.ce_info.file_encrypt_pipe;
+ *ce_hw = qseecom.ce_info.hlos_ce_hw_instance;
+ ret = 0;
+ } else {
+ pr_err("info unavailable: file encr pipe %d ce_hw %d\n",
+ qseecom.ce_info.file_encrypt_pipe,
+ qseecom.ce_info.hlos_ce_hw_instance);
+ ret = -EINVAL;
}
break;
default:
@@ -3838,6 +3853,8 @@
qseecom.cumulative_mode = 0;
qseecom.current_mode = INACTIVE;
qseecom.support_bus_scaling = false;
+ qseecom.support_fde = false;
+ qseecom.support_pfe = false;
qseecom.ce_drv.ce_core_clk = NULL;
qseecom.ce_drv.ce_clk = NULL;
@@ -3924,23 +3941,62 @@
"qcom,support-bus-scaling");
pr_warn("support_bus_scaling=0x%x",
qseecom.support_bus_scaling);
- if (of_property_read_u32((&pdev->dev)->of_node,
+ qseecom.support_fde =
+ of_property_read_bool((&pdev->dev)->of_node,
+ "qcom,support-fde");
+ if (qseecom.support_fde) {
+ if (of_property_read_u32((&pdev->dev)->of_node,
"qcom,disk-encrypt-pipe-pair",
&qseecom.ce_info.disk_encrypt_pipe)) {
- pr_err("Fail to get disk-encrypt pipe pair information.\n");
- qseecom.ce_info.disk_encrypt_pipe = 0xff;
- rc = -EINVAL;
- goto exit_destroy_ion_client;
+ pr_err("Fail to get FDE pipe information.\n");
+ rc = -EINVAL;
+ goto exit_destroy_ion_client;
+ } else {
+ pr_warn("disk-encrypt-pipe-pair=0x%x",
+ qseecom.ce_info.disk_encrypt_pipe);
+ }
} else {
- pr_warn("bam_pipe_pair=0x%x",
- qseecom.ce_info.disk_encrypt_pipe);
+ pr_warn("Device does not support FDE");
+ qseecom.ce_info.disk_encrypt_pipe = 0xff;
+ }
+ qseecom.support_pfe =
+ of_property_read_bool((&pdev->dev)->of_node,
+ "qcom,support-pfe");
+ if (qseecom.support_pfe) {
+ if (of_property_read_u32((&pdev->dev)->of_node,
+ "qcom,file-encrypt-pipe-pair",
+ &qseecom.ce_info.disk_encrypt_pipe)) {
+ pr_err("Fail to get PFE pipe information.\n");
+ rc = -EINVAL;
+ goto exit_destroy_ion_client;
+ } else {
+ pr_warn("file-encrypt-pipe-pair=0x%x",
+ qseecom.ce_info.file_encrypt_pipe);
+ }
+ } else {
+ pr_warn("Device does not support PFE");
+ qseecom.ce_info.file_encrypt_pipe = 0xff;
+ }
+ if (qseecom.support_pfe || qseecom.support_fde) {
+ if (of_property_read_u32((&pdev->dev)->of_node,
+ "qcom,hlos-ce-hw-instance",
+ &qseecom.ce_info.hlos_ce_hw_instance)) {
+ pr_err("Fail: get hlos ce hw instanc info\n");
+ rc = -EINVAL;
+ goto exit_destroy_ion_client;
+ } else {
+ pr_warn("hlos-ce-hw-instance=0x%x",
+ qseecom.ce_info.hlos_ce_hw_instance);
+ }
+ } else {
+ pr_warn("Device does not support PFE/FDE");
+ qseecom.ce_info.hlos_ce_hw_instance = 0xff;
}
if (of_property_read_u32((&pdev->dev)->of_node,
"qcom,qsee-ce-hw-instance",
&qseecom.ce_info.qsee_ce_hw_instance)) {
pr_err("Fail to get qsee ce hw instance information.\n");
- qseecom.ce_info.qsee_ce_hw_instance = 0xff;
rc = -EINVAL;
goto exit_destroy_ion_client;
} else {
@@ -3948,18 +4004,6 @@
qseecom.ce_info.qsee_ce_hw_instance);
}
- if (of_property_read_u32((&pdev->dev)->of_node,
- "qcom,hlos-ce-hw-instance",
- &qseecom.ce_info.hlos_ce_hw_instance)) {
- pr_err("Fail to get hlos ce hw instance information.\n");
- qseecom.ce_info.hlos_ce_hw_instance = 0xff;
- rc = -EINVAL;
- goto exit_destroy_ion_client;
- } else {
- pr_warn("hlos-ce-hw-instance=0x%x",
- qseecom.ce_info.hlos_ce_hw_instance);
- }
-
qseecom.qsee.instance = qseecom.ce_info.qsee_ce_hw_instance;
qseecom.ce_drv.instance = qseecom.ce_info.hlos_ce_hw_instance;
diff --git a/include/linux/qseecom.h b/include/linux/qseecom.h
index b7ba63a..b8adebb 100644
--- a/include/linux/qseecom.h
+++ b/include/linux/qseecom.h
@@ -127,6 +127,7 @@
enum qseecom_key_management_usage_type {
QSEOS_KM_USAGE_DISK_ENCRYPTION = 0x01,
+ QSEOS_KM_USAGE_FILE_ENCRYPTION = 0x02,
QSEOS_KM_USAGE_MAX
};