diff options
| author | Jens Wiklander <jens.wiklander@linaro.org> | 2017-04-13 15:01:53 +0200 |
|---|---|---|
| committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2017-04-21 14:05:23 +0200 |
| commit | 0c4e1284c44fe5700824a3fb47fff82d76025ff8 (patch) | |
| tree | 20ebced529581219acc51014492dcab515f06f57 /core/tee/tee_rpmb_fs.c | |
| parent | 22efbd4a59b28eec98ca02cca5bc4b88f230487f (diff) | |
core: FS: key manager takes supplied UUID
The FS key manager takes a supplied UUID instead of extracting it from
current session in order to be more flexible.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Diffstat (limited to 'core/tee/tee_rpmb_fs.c')
| -rw-r--r-- | core/tee/tee_rpmb_fs.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/core/tee/tee_rpmb_fs.c b/core/tee/tee_rpmb_fs.c index 542c9721..0daff44f 100644 --- a/core/tee/tee_rpmb_fs.c +++ b/core/tee/tee_rpmb_fs.c @@ -511,15 +511,25 @@ static bool is_zero(const uint8_t *buf, size_t size) static TEE_Result encrypt_block(uint8_t *out, const uint8_t *in, uint16_t blk_idx, const uint8_t *fek) { - return tee_fs_crypt_block(out, in, RPMB_DATA_SIZE, blk_idx, fek, - TEE_MODE_ENCRYPT); + struct tee_ta_session *sess; + TEE_Result res = tee_ta_get_current_session(&sess); + + if (res) + return res; + return tee_fs_crypt_block(&sess->ctx->uuid, out, in, RPMB_DATA_SIZE, + blk_idx, fek, TEE_MODE_ENCRYPT); } static TEE_Result decrypt_block(uint8_t *out, const uint8_t *in, uint16_t blk_idx, const uint8_t *fek) { - return tee_fs_crypt_block(out, in, RPMB_DATA_SIZE, blk_idx, fek, - TEE_MODE_DECRYPT); + struct tee_ta_session *sess; + TEE_Result res = tee_ta_get_current_session(&sess); + + if (res) + return res; + return tee_fs_crypt_block(&sess->ctx->uuid, out, in, RPMB_DATA_SIZE, + blk_idx, fek, TEE_MODE_DECRYPT); } /* Decrypt/copy at most one block of data */ @@ -1908,12 +1918,12 @@ out: return res; } -static TEE_Result generate_fek(struct rpmb_fat_entry *fe) +static TEE_Result generate_fek(struct rpmb_fat_entry *fe, const TEE_UUID *uuid) { TEE_Result res; again: - res = tee_fs_generate_fek(fe->fek, sizeof(fe->fek)); + res = tee_fs_generate_fek(uuid, fe->fek, sizeof(fe->fek)); if (res != TEE_SUCCESS) return res; @@ -1978,7 +1988,7 @@ static TEE_Result rpmb_fs_open_internal(struct tee_pobj *po, bool create, /* Start address and size are 0 */ fh->fat_entry.flags = FILE_IS_ACTIVE; - res = generate_fek(&fh->fat_entry); + res = generate_fek(&fh->fat_entry, &po->uuid); if (res != TEE_SUCCESS) goto out; DMSG("GENERATE FEK key: %p", |