Reland "chaabi: Enable Edison HW Keymaster"

This reverts commit b90155ad2a5c7c707d18cc40ea6d102215b5577a.

Change-Id: I61cc6f4c2f7ca97363ac2faed1037da9f274e2cb
Signed-off-by: Beare, Bruce J <bruce.j.beare@intel.com>

3 files changed, 12 insertions, 3 deletions

diff --git a/soc/edison/sepolicy/file_contexts b/soc/edison/sepolicy/file_contexts
index e52a322..bc59ce3 100644
--- a/soc/edison/sepolicy/file_contexts
+++ b/soc/edison/sepolicy/file_contexts
@@ -7,3 +7,7 @@
 # Bluetooth ON/OFF functions
 /sys/devices/platform/bcm_bt_lpm.0/rfkill/rfkill0/state u:object_r:sysfs_bluetoothtbd_writable:s0
 /sys/devices/platform/bcm_bt_lpm.0/rfkill/rfkill0/type u:object_r:sysfs_bluetoothtbd_readable:s0
+
+# Hardware keystore
+/dev/dx_sep_q0  u:object_r:tee_device:s0
+/dev/dx_sep_q1  u:object_r:tee_device:s0
diff --git a/soc/edison/soc.mk b/soc/edison/soc.mk
index 325f49e..5cec739 100644
--- a/soc/edison/soc.mk
+++ b/soc/edison/soc.mk
@@ -50,9 +50,6 @@ TARGET_KERNEL_CONFIGS := $(TARGET_KERNEL_CONFIGS) $(realpath $(LOCAL_PATH)/soc.k
 
 TARGET_BOOTCTRL_HAL := intel
 
-DEVICE_PACKAGES += \
-    keystore.default
-
 # Boot control HAL package.
 DEVICE_PACKAGES += \
     bootctrl.$(TARGET_DEVICE)
@@ -60,3 +57,7 @@ DEVICE_PACKAGES += \
 # Audio utilities. You may not need these for a product.
 DEVICE_PACKAGES += \
     tinyplay tinypcminfo tinymix tinycap
+
+# Chaabi Integration. Chaabi is the HW security engine on Edison.
+DEVICE_PACKAGES += \
+    libdx_cc7 libkeymaster intel_keymaster_test
diff --git a/soc/edison/ueventd.edison.rc b/soc/edison/ueventd.edison.rc
index 042f050..855106d 100644
--- a/soc/edison/ueventd.edison.rc
+++ b/soc/edison/ueventd.edison.rc
@@ -1,3 +1,7 @@
 # Device needed by shared transport layer
 /dev/rfkill                             0660   bluetooth  bluetooth
 /dev/ttyMFD0                            0660   bluetooth  net_bt_stack
+
+# Used by HW-backed keystore
+/dev/dx_sep_q0                          0660   keystore   keystore
+/dev/dx_sep_q1                          0660   keystore   keystore