Merge branch 'lineage-17.1' of https://github.com/LineageOS/android_hardware_qcom_keymaster into HEAD
* 'lineage-17.1' of https://github.com/LineageOS/android_hardware_qcom_keymaster:
keymaster: Reverse wait for qsee flag
keymaster: Build with BOARD_VNDK_VERSION
keymaster: move to /vendor
keymaster: Fix compiler warnings
keymaster: add TARGET_PROVIDES_KEYMASTER
keymaster: Featureize support for waiting on QSEE to start
Keymaster: Check if keymaster TZ app is loaded
keymaster: Set HEAP_MASK_COMPATIBILITY by platform for QCOM_HARDWARE
Keymaster: Support for 64bit userspace and 32bit TZ
keymaster: Use generated kernel headers
Revert "Remove legacy keymaster support for msm8226"
Revert "msm8974: remove from top level makefile"
Issue: FP2A10-123
Change-Id: I961eb6d34db94f61b8b40969bedcd0d48291da1c
diff --git a/Android.mk b/Android.mk
index 217c528..0ee9852 100644
--- a/Android.mk
+++ b/Android.mk
@@ -2,18 +2,28 @@
ifneq ($(BOARD_IS_AUTOMOTIVE),true)
LOCAL_PATH := $(call my-dir)
-ifneq ($(filter msm8960 msm8084,$(TARGET_BOARD_PLATFORM)),)
+ifneq ($(TARGET_PROVIDES_KEYMASTER),true)
+ifneq ($(filter msm8960 msm8226 msm8974 msm8610 msm8084 apq8084 msm8909 msm8916 msm8952 msm8992 msm8994,$(TARGET_BOARD_PLATFORM)),)
keymaster-def := -fvisibility=hidden -Wall
+ifeq ($(BOARD_USES_QCOM_HARDWARE),true)
+ifneq ($(filter msm8960 msm8226 msm8974 msm8610 msm8084 apq8084,$(TARGET_BOARD_PLATFORM)),)
+keymaster-def += -D_ION_HEAP_MASK_COMPATIBILITY_WA
+endif
+else
ifeq ($(TARGET_BOARD_PLATFORM),msm8084)
keymaster-def += -D_ION_HEAP_MASK_COMPATIBILITY_WA
endif
+endif
+ifeq ($(TARGET_KEYMASTER_WAIT_FOR_QSEE),true)
+keymaster-def += -DWAIT_FOR_QSEE
+endif
include $(CLEAR_VARS)
LOCAL_MODULE := keystore.$(TARGET_BOARD_PLATFORM)
-LOCAL_MODULE_PATH := $(TARGET_OUT_SHARED_LIBRARIES)/hw
+LOCAL_MODULE_RELATIVE_PATH := hw
LOCAL_SRC_FILES := keymaster_qcom.cpp
@@ -26,13 +36,18 @@
libcrypto \
liblog \
libc \
- libdl
+ libdl \
+ libcutils \
+ libhardware
-LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
+LOCAL_HEADER_LIBRARIES := generated_kernel_headers
LOCAL_MODULE_TAGS := optional
+LOCAL_VENDOR_MODULE := true
+LOCAL_MODULE_OWNER := qcom
include $(BUILD_SHARED_LIBRARY)
endif # TARGET_BOARD_PLATFORM
+endif # TARGET_PROVIDES_KEYMASTER
endif
diff --git a/keymaster_qcom.cpp b/keymaster_qcom.cpp
index e779cbc..3c0f7b5 100644
--- a/keymaster_qcom.cpp
+++ b/keymaster_qcom.cpp
@@ -44,6 +44,8 @@
#include <sys/stat.h>
#include <dlfcn.h>
+#include <cutils/properties.h>
+
#include "QSEEComAPI.h"
#include "keymaster_qcom.h"
@@ -51,6 +53,11 @@
//#define LOG_NDEBUG 0
#define LOG_TAG "QCOMKeyMaster"
+#define UNUSED(x) (void)(x)
+#define KM_SB_LENGTH (4096 * 2)
+#define MAX_PROPERTY_GET_ATTEMPTS 60
+#define PROPERTY_GET_SLEEP_INTERVAL 1
+
#include <cutils/log.h>
struct qcom_km_ion_info_t {
int32_t ion_fd;
@@ -63,8 +70,8 @@
struct qcom_keymaster_handle {
struct QSEECom_handle *qseecom;
void *libhandle;
- int (*QSEECom_start_app)(struct QSEECom_handle ** handle, char* path,
- char* appname, uint32_t size);
+ int (*QSEECom_start_app)(struct QSEECom_handle ** handle, const char* path,
+ const char* appname, uint32_t size);
int (*QSEECom_shutdown_app)(struct QSEECom_handle **handle);
int (*QSEECom_send_cmd)(struct QSEECom_handle* handle, void *cbuf,
uint32_t clen, void *rbuf, uint32_t rlen);
@@ -105,6 +112,7 @@
struct qcom_km_key_blob * keyblob_ptr = (struct qcom_km_key_blob *)keyBlob;
+ UNUSED(dev);
if (x509_data == NULL || x509_data_length == NULL) {
ALOGE("Output public key buffer == NULL");
return -1;
@@ -194,7 +202,6 @@
{
int32_t ret = 0;
int32_t iret = 0;
- int32_t fd = 0;
unsigned char *v_addr;
struct ion_allocation_data ion_alloc_data;
int32_t ion_fd;
@@ -236,7 +243,7 @@
goto alloc_fail;
}
- if (ion_alloc_data.handle != NULL) {
+ if (ion_alloc_data.handle) {
ifd_data.handle = ion_alloc_data.handle;
} else {
ret = -1;
@@ -403,7 +410,7 @@
int ret = 0;
ihandle.ion_fd = 0;
- ihandle.ion_alloc_handle.handle = NULL;
+ ihandle.ion_alloc_handle.handle = 0;
if (qcom_km_ION_memalloc(&ihandle, QSEECOM_ALIGN(key_length)) < 0) {
ALOGE("ION allocation failed");
return -1;
@@ -425,7 +432,7 @@
resp = (keymaster_import_keypair_resp_t *)(handle->ion_sbuffer +
QSEECOM_ALIGN(sizeof(keymaster_import_keypair_cmd_t)));
send_cmd->cmd_id = KEYMASTER_IMPORT_KEYPAIR;
- send_cmd->pkcs8_key = (uint32_t)ihandle.ion_sbuffer;
+ send_cmd->pkcs8_key = (uint32_t)(uintptr_t)ihandle.ion_sbuffer;
memcpy((unsigned char *)ihandle.ion_sbuffer, key, key_length);
@@ -477,7 +484,7 @@
return -1;
}
if (dataLength > KM_KEY_SIZE_MAX) {
- ALOGE("Input data to be signed is too long %d bytes", dataLength);
+ ALOGE("Input data to be signed is too long %zu bytes", dataLength);
return -1;
}
if (data == NULL) {
@@ -506,7 +513,7 @@
handle = (struct QSEECom_handle *)(km_handle->qseecom);
ihandle.ion_fd = 0;
- ihandle.ion_alloc_handle.handle = NULL;
+ ihandle.ion_alloc_handle.handle = 0;
if (qcom_km_ION_memalloc(&ihandle, dataLength) < 0) {
ALOGE("ION allocation failed");
return -1;
@@ -527,7 +534,7 @@
memcpy((unsigned char *)(&send_cmd->key_blob), keyBlob, keyBlobLength);
memcpy((unsigned char *)ihandle.ion_sbuffer, data, dataLength);
- send_cmd->data = (uint32_t)ihandle.ion_sbuffer;
+ send_cmd->data = (uint32_t)(uintptr_t)ihandle.ion_sbuffer;
send_cmd->dlen = dataLength;
resp->sig_len = KM_KEY_SIZE_MAX;
resp->status = KEYMASTER_FAILURE;
@@ -606,7 +613,7 @@
handle = (struct QSEECom_handle *)(km_handle->qseecom);
ihandle.ion_fd = 0;
- ihandle.ion_alloc_handle.handle = NULL;
+ ihandle.ion_alloc_handle.handle = 0;
if (qcom_km_ION_memalloc(&ihandle, signedDataLength + signatureLength) <0) {
ALOGE("ION allocation failed");
return -1;
@@ -626,7 +633,7 @@
send_cmd->sign_param.padding_type = sign_params->padding_type;
memcpy((unsigned char *)(&send_cmd->key_blob), keyBlob, keyBlobLength);
- send_cmd->signed_data = (uint32_t)ihandle.ion_sbuffer;
+ send_cmd->signed_data = (uint32_t)(uintptr_t)ihandle.ion_sbuffer;
send_cmd->signed_dlen = signedDataLength;
memcpy((unsigned char *)ihandle.ion_sbuffer, signedData, signedDataLength);
@@ -734,6 +741,10 @@
hw_device_t** device)
{
int ret = 0;
+ unsigned int attempt_num = 0;
+#ifdef WAIT_FOR_QSEE
+ char property_val[PROPERTY_VALUE_MAX] = {0};
+#endif
qcom_keymaster_handle_t* km_handle;
if (strcmp(name, KEYSTORE_KEYMASTER) != 0)
return -EINVAL;
@@ -756,8 +767,35 @@
return -ENOMEM;
}
dev->context = (void *)km_handle;
+ while (attempt_num < MAX_PROPERTY_GET_ATTEMPTS)
+ {
+#ifdef WAIT_FOR_QSEE
+ property_get("sys.keymaster.loaded", property_val, "");
+ if (strncmp(property_val, "true", sizeof(property_val)) == 0)
+ {
+#endif
+ ALOGD("keymaster app is loaded");
+ break;
+#ifdef WAIT_FOR_QSEE
+ }
+#endif
+ if (attempt_num == 0)
+ ALOGE("keymaster app is not loaded, attempt number %d", attempt_num);
+ attempt_num++;
+ sleep(PROPERTY_GET_SLEEP_INTERVAL);
+ }
+ if (attempt_num == MAX_PROPERTY_GET_ATTEMPTS)
+ {
+ ALOGE("Keymaster app not loaded: Max attempts reached");
+ free(km_handle);
+ return -1;
+ }
+ ALOGD("keymaster app got loaded at attempt number %d", attempt_num);
ret = (*km_handle->QSEECom_start_app)((struct QSEECom_handle **)&km_handle->qseecom,
- "/vendor/firmware/keymaster", "keymaster", 4096*2);
+ "/vendor/firmware/keymaster", "keymaster", KM_SB_LENGTH);
+ if(ret)
+ ret = (*km_handle->QSEECom_start_app)((struct QSEECom_handle **)&km_handle->qseecom,
+ "/firmware/image", "keymaste", KM_SB_LENGTH);
if (ret) {
ALOGE("Loading keymaster app failed");
free(km_handle);
diff --git a/keymaster_qcom.h b/keymaster_qcom.h
index ec481dd..c6dd4e5 100644
--- a/keymaster_qcom.h
+++ b/keymaster_qcom.h
@@ -105,7 +105,7 @@
struct keymaster_gen_keypair_resp {
keymaster_cmd_t cmd_id;
qcom_km_key_blob_t key_blob;
- size_t key_blob_len;
+ uint32_t key_blob_len;
int32_t status;
};
typedef struct keymaster_gen_keypair_resp keymaster_gen_keypair_resp_t;
@@ -124,7 +124,7 @@
struct keymaster_import_keypair_cmd {
keymaster_cmd_t cmd_id;
uint32_t pkcs8_key;
- size_t pkcs8_key_len;
+ uint32_t pkcs8_key_len;
};
typedef struct keymaster_import_keypair_cmd keymaster_import_keypair_cmd_t;
@@ -140,7 +140,7 @@
struct keymaster_import_keypair_resp {
keymaster_cmd_t cmd_id;
qcom_km_key_blob_t key_blob;
- size_t key_blob_len;
+ uint32_t key_blob_len;
int32_t status;
};
typedef struct keymaster_import_keypair_resp keymaster_import_keypair_resp_t;
@@ -161,7 +161,7 @@
keymaster_rsa_sign_params_t sign_param;
qcom_km_key_blob_t key_blob;
uint32_t data;
- size_t dlen;
+ uint32_t dlen;
};
typedef struct keymaster_sign_data_cmd keymaster_sign_data_cmd_t;
@@ -176,7 +176,7 @@
struct keymaster_sign_data_resp {
keymaster_cmd_t cmd_id;
uint8_t signed_data[KM_KEY_SIZE_MAX];
- size_t sig_len;
+ uint32_t sig_len;
int32_t status;
};
@@ -200,9 +200,9 @@
keymaster_rsa_sign_params_t sign_param;
qcom_km_key_blob_t key_blob;
uint32_t signed_data;
- size_t signed_dlen;
+ uint32_t signed_dlen;
uint32_t signature;
- size_t slen;
+ uint32_t slen;
};
typedef struct keymaster_verify_data_cmd keymaster_verify_data_cmd_t;
/**