core: FS: key manager takes supplied UUID

The FS key manager takes a supplied UUID instead of extracting it from current session in order to be more flexible. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
author: Jens Wiklander <jens.wiklander@linaro.org> 2017-04-13 15:01:53 +0200
committer: Jérôme Forissier <jerome.forissier@linaro.org> 2017-04-21 14:05:23 +0200
commit: 0c4e1284c44fe5700824a3fb47fff82d76025ff8 (patch)
tree: 20ebced529581219acc51014492dcab515f06f57 /core/tee
parent: 22efbd4a59b28eec98ca02cca5bc4b88f230487f (diff)
5 files changed, 53 insertions, 30 deletions
diff --git a/core/tee/fs_htree.c b/core/tee/fs_htree.c
index 796b18f4..10a8b0e0 100644
--- a/core/tee/fs_htree.c
+++ b/core/tee/fs_htree.c
@@ -116,6 +116,7 @@ struct tee_fs_htree {
 	uint8_t fek[TEE_FS_HTREE_FEK_SIZE];
 	struct tee_fs_htree_imeta imeta;
 	bool dirty;
+	const TEE_UUID *uuid;
 	const struct tee_fs_htree_storage *stor;
 	void *stor_aux;
 };
@@ -576,7 +577,7 @@ static TEE_Result verify_root(struct tee_fs_htree *ht)
 	TEE_Result res;
 	void *ctx;
 
-	res = tee_fs_fek_crypt(TEE_MODE_DECRYPT, ht->head.enc_fek,
+	res = tee_fs_fek_crypt(ht->uuid, TEE_MODE_DECRYPT, ht->head.enc_fek,
 			       sizeof(ht->fek), ht->fek);
 	if (res != TEE_SUCCESS)
 		return res;
@@ -649,7 +650,7 @@ static TEE_Result init_root_node(struct tee_fs_htree *ht)
 	return res;
 }
 
-TEE_Result tee_fs_htree_open(bool create, uint8_t *hash,
+TEE_Result tee_fs_htree_open(bool create, uint8_t *hash, const TEE_UUID *uuid,
 			     const struct tee_fs_htree_storage *stor,
 			     void *stor_aux, struct tee_fs_htree **ht_ret)
 {
@@ -659,6 +660,7 @@ TEE_Result tee_fs_htree_open(bool create, uint8_t *hash,
 	if (!ht)
 		return TEE_ERROR_OUT_OF_MEMORY;
 
+	ht->uuid = uuid;
 	ht->stor = stor;
 	ht->stor_aux = stor_aux;
 
@@ -669,7 +671,7 @@ TEE_Result tee_fs_htree_open(bool create, uint8_t *hash,
 		if (res != TEE_SUCCESS)
 			goto out;
 
-		res = tee_fs_fek_crypt(TEE_MODE_ENCRYPT, ht->fek,
+		res = tee_fs_fek_crypt(ht->uuid, TEE_MODE_ENCRYPT, ht->fek,
 				       sizeof(ht->fek), ht->head.enc_fek);
 		if (res != TEE_SUCCESS)
 			goto out;
diff --git a/core/tee/tee_fs_key_manager.c b/core/tee/tee_fs_key_manager.c
index fa579c69..577d515e 100644
--- a/core/tee/tee_fs_key_manager.c
+++ b/core/tee/tee_fs_key_manager.c
@@ -59,9 +59,9 @@ static struct tee_fs_ssk tee_fs_ssk;
 static uint8_t string_for_ssk_gen[] = "ONLY_FOR_tee_fs_ssk";
 
 
-static TEE_Result do_hmac(uint8_t *out_key, uint32_t out_key_size,
-			  const uint8_t *in_key, uint32_t in_key_size,
-			  const uint8_t *message, uint32_t message_size)
+static TEE_Result do_hmac(void *out_key, size_t out_key_size,
+			  const void *in_key, size_t in_key_size,
+			  const void *message, size_t message_size)
 {
 	TEE_Result res = TEE_ERROR_GENERIC;
 	uint8_t *ctx = NULL;
@@ -99,15 +99,15 @@ exit:
 	return res;
 }
 
-TEE_Result tee_fs_fek_crypt(TEE_OperationMode mode, const uint8_t *in_key,
-			    size_t size, uint8_t *out_key)
+TEE_Result tee_fs_fek_crypt(const TEE_UUID *uuid, TEE_OperationMode mode,
+			    const uint8_t *in_key, size_t size,
+			    uint8_t *out_key)
 {
 	TEE_Result res;
 	uint8_t *ctx = NULL;
 	size_t ctx_size;
 	uint8_t tsk[TEE_FS_KM_TSK_SIZE];
 	uint8_t dst_key[size];
-	struct tee_ta_session *sess;
 
 	if (!in_key || !out_key)
 		return TEE_ERROR_BAD_PARAMETERS;
@@ -118,14 +118,23 @@ TEE_Result tee_fs_fek_crypt(TEE_OperationMode mode, const uint8_t *in_key,
 	if (tee_fs_ssk.is_init == 0)
 		return TEE_ERROR_GENERIC;
 
-	res = tee_ta_get_current_session(&sess);
-	if (res != TEE_SUCCESS)
-		return res;
-
-	res = do_hmac(tsk, sizeof(tsk), tee_fs_ssk.key, TEE_FS_KM_SSK_SIZE,
-		      (uint8_t *)&sess->ctx->uuid, sizeof(TEE_UUID));
-	if (res != TEE_SUCCESS)
-		return res;
+	if (uuid) {
+		res = do_hmac(tsk, sizeof(tsk), tee_fs_ssk.key,
+			      TEE_FS_KM_SSK_SIZE, uuid, sizeof(*uuid));
+		if (res != TEE_SUCCESS)
+			return res;
+	} else {
+		/*
+		 * Pick something of a different size than TEE_UUID to
+		 * guarantee that there's never a conflict.
+		 */
+		uint8_t dummy[1] = { 0 };
+
+		res = do_hmac(tsk, sizeof(tsk), tee_fs_ssk.key,
+			      TEE_FS_KM_SSK_SIZE, dummy, sizeof(dummy));
+		if (res != TEE_SUCCESS)
+			return res;
+	}
 
 	res = crypto_ops.cipher.get_ctx_size(TEE_FS_KM_ENC_FEK_ALG, &ctx_size);
 	if (res != TEE_SUCCESS)
@@ -189,7 +198,7 @@ static TEE_Result tee_fs_init_key_manager(void)
 	return res;
 }
 
-TEE_Result tee_fs_generate_fek(uint8_t *buf, int buf_size)
+TEE_Result tee_fs_generate_fek(const TEE_UUID *uuid, void *buf, size_t buf_size)
 {
 	TEE_Result res;
 
@@ -200,7 +209,8 @@ TEE_Result tee_fs_generate_fek(uint8_t *buf, int buf_size)
 	if (res != TEE_SUCCESS)
 		return res;
 
-	return tee_fs_fek_crypt(TEE_MODE_ENCRYPT, buf, TEE_FS_KM_FEK_SIZE, buf);
+	return tee_fs_fek_crypt(uuid, TEE_MODE_ENCRYPT, buf,
+				TEE_FS_KM_FEK_SIZE, buf);
 }
 
 static TEE_Result sha256(uint8_t *out, size_t out_size, const uint8_t *in,
@@ -290,7 +300,8 @@ static TEE_Result essiv(uint8_t iv[TEE_AES_BLOCK_SIZE],
 /*
  * Encryption/decryption of RPMB FS file data. This is AES CBC with ESSIV.
  */
-TEE_Result tee_fs_crypt_block(uint8_t *out, const uint8_t *in, size_t size,
+TEE_Result tee_fs_crypt_block(const TEE_UUID *uuid, uint8_t *out,
+			      const uint8_t *in, size_t size,
 			      uint16_t blk_idx, const uint8_t *encrypted_fek,
 			      TEE_OperationMode mode)
 {
@@ -305,7 +316,7 @@ TEE_Result tee_fs_crypt_block(uint8_t *out, const uint8_t *in, size_t size,
 	     blk_idx);
 
 	/* Decrypt FEK */
-	res = tee_fs_fek_crypt(TEE_MODE_DECRYPT, encrypted_fek,
+	res = tee_fs_fek_crypt(uuid, TEE_MODE_DECRYPT, encrypted_fek,
 			       TEE_FS_KM_FEK_SIZE, fek);
 	if (res != TEE_SUCCESS)
 		return res;
diff --git a/core/tee/tee_ree_fs.c b/core/tee/tee_ree_fs.c
index 6a64e2a9..6e771ac2 100644
--- a/core/tee/tee_ree_fs.c
+++ b/core/tee/tee_ree_fs.c
@@ -415,7 +415,7 @@ static TEE_Result open_internal(struct tee_pobj *po, bool create,
 	if (res != TEE_SUCCESS)
 		goto out;
 
-	res = tee_fs_htree_open(create, NULL, &ree_fs_storage_ops,
+	res = tee_fs_htree_open(create, NULL, &po->uuid, &ree_fs_storage_ops,
 				fdp, &fdp->ht);
 out:
 	if (res == TEE_SUCCESS) {
diff --git a/core/tee/tee_rpmb_fs.c b/core/tee/tee_rpmb_fs.c
index 542c9721..0daff44f 100644
--- a/core/tee/tee_rpmb_fs.c
+++ b/core/tee/tee_rpmb_fs.c
@@ -511,15 +511,25 @@ static bool is_zero(const uint8_t *buf, size_t size)
 static TEE_Result encrypt_block(uint8_t *out, const uint8_t *in,
 				uint16_t blk_idx, const uint8_t *fek)
 {
-	return tee_fs_crypt_block(out, in, RPMB_DATA_SIZE, blk_idx, fek,
-				  TEE_MODE_ENCRYPT);
+	struct tee_ta_session *sess;
+	TEE_Result res = tee_ta_get_current_session(&sess);
+
+	if (res)
+		return res;
+	return tee_fs_crypt_block(&sess->ctx->uuid, out, in, RPMB_DATA_SIZE,
+				  blk_idx, fek, TEE_MODE_ENCRYPT);
 }
 
 static TEE_Result decrypt_block(uint8_t *out, const uint8_t *in,
 				uint16_t blk_idx, const uint8_t *fek)
 {
-	return tee_fs_crypt_block(out, in, RPMB_DATA_SIZE, blk_idx, fek,
-				  TEE_MODE_DECRYPT);
+	struct tee_ta_session *sess;
+	TEE_Result res = tee_ta_get_current_session(&sess);
+
+	if (res)
+		return res;
+	return tee_fs_crypt_block(&sess->ctx->uuid, out, in, RPMB_DATA_SIZE,
+				  blk_idx, fek, TEE_MODE_DECRYPT);
 }
 
 /* Decrypt/copy at most one block of data */
@@ -1908,12 +1918,12 @@ out:
 	return res;
 }
 
-static TEE_Result generate_fek(struct rpmb_fat_entry *fe)
+static TEE_Result generate_fek(struct rpmb_fat_entry *fe, const TEE_UUID *uuid)
 {
 	TEE_Result res;
 
 again:
-	res = tee_fs_generate_fek(fe->fek, sizeof(fe->fek));
+	res = tee_fs_generate_fek(uuid, fe->fek, sizeof(fe->fek));
 	if (res != TEE_SUCCESS)
 		return res;
 
@@ -1978,7 +1988,7 @@ static TEE_Result rpmb_fs_open_internal(struct tee_pobj *po, bool create,
 			/* Start address and size are 0 */
 			fh->fat_entry.flags = FILE_IS_ACTIVE;
 
-			res = generate_fek(&fh->fat_entry);
+			res = generate_fek(&fh->fat_entry, &po->uuid);
 			if (res != TEE_SUCCESS)
 				goto out;
 			DMSG("GENERATE FEK key: %p",
diff --git a/core/tee/tee_sql_fs.c b/core/tee/tee_sql_fs.c
index a59a20ca..fca56734 100644
--- a/core/tee/tee_sql_fs.c
+++ b/core/tee/tee_sql_fs.c
@@ -479,7 +479,7 @@ static TEE_Result open_internal(struct tee_pobj *po, bool create,
 	if (res != TEE_SUCCESS)
 		goto out;
 
-	res = tee_fs_htree_open(create, NULL, &sql_fs_storage_ops,
+	res = tee_fs_htree_open(create, NULL, &po->uuid, &sql_fs_storage_ops,
 				fdp, &fdp->ht);
 out:
 	if (res == TEE_SUCCESS) {
author	Jens Wiklander <jens.wiklander@linaro.org>	2017-04-13 15:01:53 +0200
committer	Jérôme Forissier <jerome.forissier@linaro.org>	2017-04-21 14:05:23 +0200
commit	0c4e1284c44fe5700824a3fb47fff82d76025ff8 (patch)
tree	20ebced529581219acc51014492dcab515f06f57 /core/tee
parent	22efbd4a59b28eec98ca02cca5bc4b88f230487f (diff)