author | jiamin ma <jiamin.ma@amlogic.com> | 2018-06-22 11:04:40 (GMT) |
---|---|---|
committer | Yixun Lan <yixun.lan@amlogic.com> | 2018-08-06 06:52:00 (GMT) |
commit | 244bb020db2095ff823e2e072a494b5fa5441771 (patch) | |
tree | 4bab683af3afa572f8f7442d1072f98106abef97 | |
parent | b0f8ecf939caf1724c64323e4115d4158075b5ed (diff) | |
download | common-244bb020db2095ff823e2e072a494b5fa5441771.zip common-244bb020db2095ff823e2e072a494b5fa5441771.tar.gz common-244bb020db2095ff823e2e072a494b5fa5441771.tar.bz2 |
unifykey: add secure node
PD#168660: secure hdcp1.4 key
echo key_name > name
cat secure
to query whether a key is secure
Change-Id: If416fc8f2946176ecc956b73f1c9e77a55f7e57b
Signed-off-by: jiamin ma <jiamin.ma@amlogic.com>
Signed-off-by: yicheng shen <yicheng.shen@amlogic.com>
-rw-r--r-- | drivers/amlogic/unifykey/unifykey.c | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/drivers/amlogic/unifykey/unifykey.c b/drivers/amlogic/unifykey/unifykey.c index f98ccc9..c1e3524 100644 --- a/drivers/amlogic/unifykey/unifykey.c +++ b/drivers/amlogic/unifykey/unifykey.c @@ -636,6 +636,56 @@ int key_unify_query(struct aml_unifykey_dev *ukdev, char *keyname, } EXPORT_SYMBOL(key_unify_query); +int key_unify_secure(struct aml_unifykey_dev *ukdev, + char *keyname, unsigned int *secure) +{ + int ret = 0; + struct key_item_t *unifykey; + unsigned int keystate, keypermit; + + unifykey = unifykey_find_item_by_name(&(ukdev->uk_header), keyname); + if (unifykey == NULL) { + pr_err("%s:%d,%s key name is not exist\n", + __func__, + __LINE__, + keyname); + return -EINVAL; + } + + if (unifykey_item_verify_check(unifykey)) { + pr_err("%s:%d,%s key name is invalid\n", + __func__, + __LINE__, + keyname); + return -EINVAL; + } + + /* check key burned or not */ + ret = key_unify_query(ukdev, unifykey->name, &keystate, &keypermit); + if (ret < 0) { + pr_err("%s:%d, key_unify_query failed!\n", + __func__, __LINE__); + return -EINVAL; + } + + *secure = 0; + /* if burned, ask bl31, else using dts */ + if (keystate) { + ret = amlkey_issecure(unifykey->name); + if (ret < 0) + goto _out; + *secure = ret; + } else { + if (unifykey->dev == KEY_M_SECURE) + *secure = 1; + else + *secure = 0; + } + +_out: + return ret; +} +EXPORT_SYMBOL(key_unify_secure); /* *function name: key_unify_encrypt @@ -1077,6 +1127,42 @@ static ssize_t exist_show(struct class *cla, return n; } +static ssize_t secure_show(struct class *cla, + struct class_attribute *attr, + char *buf) +{ + struct aml_unifykey_dev *ukdev; + struct key_item_t *curkey; + ssize_t n = 0; + int ret; + unsigned int secure = 0; + static const char * const state[] = {"false", "true", "error"}; + + ukdev = container_of(cla, struct aml_unifykey_dev, cls); + curkey = ukdev->curkey; + if (curkey == NULL) { + pr_err("please set key name first, %s:%d\n", + __func__, __LINE__); + return -EINVAL; + } + + /* using current key*/ + ret = key_unify_secure(ukdev, curkey->name, &secure); + if (ret < 0) { + pr_err("%s:%d, key_unify_secure failed!\n", + __func__, __LINE__); + secure = 2; + goto _out; + } + + if (secure > 1) + secure = 1; +_out: + n += sprintf(&buf[n], "%s\n", state[secure]); + buf[n] = 0; + return n; +} + static ssize_t encrypt_show(struct class *cla, struct class_attribute *attr, char *buf) @@ -1509,6 +1595,7 @@ static struct class_attribute unifykey_class_attrs[] = { __ATTR_RO(list), __ATTR_RO(exist), __ATTR_RO(encrypt), + __ATTR_RO(secure), __ATTR_RO(size), __ATTR_RO(help), __ATTR(name, KEY_RW_ATTR, name_show, name_store), |