keymaster: Add support for enabling CE clks

Before issuing a call to keymaster secure app, that require accessing the CE HW, clks needs to be enabled. Invoking QSEECom_set_bandwidth() before issuign the command does this enabling of CE clks Change-Id: I8f881be600223d4a8e3c098c93ec8b12a88a3850
author: Ajay Dudani <adudani@codeaurora.org> 2013-06-11 11:42:15 -0700
committer: Vineeta Srivastava <vsrivastava@google.com> 2013-06-13 09:02:49 -0700
commit: cccc0043b30824caee7e2c5899c288e67d91411c (patch)
tree: d5fefbefaa5481e238e6688c3b1d75bb6179a557
parent: 1b4b3820c4c5c6bc17e455a2e5f3fed1e4779dd7 (diff)
download: keymaster-cccc0043b30824caee7e2c5899c288e67d91411c.tar.gz
1 files changed, 50 insertions, 0 deletions
diff --git a/keymaster_qcom.cpp b/keymaster_qcom.cpp
index f3907b0..55220d1 100644
--- a/keymaster_qcom.cpp
+++ b/keymaster_qcom.cpp
@@ -70,6 +70,7 @@ struct qcom_keymaster_handle {
     int (*QSEECom_send_modified_cmd)(struct QSEECom_handle* handle, void *cbuf,
                           uint32_t clen, void *rbuf, uint32_t rlen,
                           struct QSEECom_ion_fd_info *ihandle);
+    int (*QSEECom_set_bandwidth)(struct QSEECom_handle* handle, bool high);
 };
 typedef struct qcom_keymaster_handle qcom_keymaster_handle_t;
 
@@ -349,10 +350,19 @@ static int qcom_km_generate_keypair(const keymaster_device_t* dev,
     resp->status = KEYMASTER_FAILURE;
     resp->key_blob_len =  sizeof(qcom_km_key_blob_t);
 
+    ret = (*km_handle->QSEECom_set_bandwidth)(handle, true);
+    if (ret < 0) {
+        ALOGE("Generate key command failed (unable to enable clks) ret =%d", ret);
+        return -1;
+    }
+
     ret = (*km_handle->QSEECom_send_cmd)(handle, send_cmd,
                                QSEECOM_ALIGN(sizeof(keymaster_gen_keypair_cmd_t)), resp,
                                QSEECOM_ALIGN(sizeof(keymaster_gen_keypair_resp_t)));
 
+    if((*km_handle->QSEECom_set_bandwidth)(handle, false))
+        ALOGE("Import key command: (unable to disable clks)");
+
     if ( (ret < 0)  ||  (resp->status  < 0)) {
         ALOGE("Generate key command failed resp->status = %d ret =%d", resp->status, ret);
         return -1;
@@ -422,10 +432,19 @@ static int qcom_km_import_keypair(const keymaster_device_t* dev,
     resp->status = KEYMASTER_FAILURE;
     resp->key_blob_len =  sizeof(qcom_km_key_blob_t);
 
+    ret = (*km_handle->QSEECom_set_bandwidth)(handle, true);
+    if (ret < 0) {
+        ALOGE("Import key command failed (unable to enable clks) ret =%d", ret);
+        qcom_km_ion_dealloc(&ihandle);
+        return -1;
+    }
     ret = (*km_handle->QSEECom_send_modified_cmd)(handle, send_cmd,
                                QSEECOM_ALIGN(sizeof(*send_cmd)), resp,
                                QSEECOM_ALIGN(sizeof(*resp)), &ion_fd_info);
 
+    if((*km_handle->QSEECom_set_bandwidth)(handle, false))
+        ALOGE("Import key command: (unable to disable clks)");
+
     if ( (ret < 0)  ||  (resp->status  < 0)) {
         ALOGE("Import key command failed resp->status = %d ret =%d", resp->status, ret);
         qcom_km_ion_dealloc(&ihandle);
@@ -512,9 +531,20 @@ static int qcom_km_sign_data(const keymaster_device_t* dev,
     resp->sig_len = KM_KEY_SIZE_MAX;
     resp->status = KEYMASTER_FAILURE;
 
+    ret = (*km_handle->QSEECom_set_bandwidth)(handle, true);
+    if (ret < 0) {
+        ALOGE("Sign data command failed (unable to enable clks) ret =%d", ret);
+        qcom_km_ion_dealloc(&ihandle);
+        return -1;
+    }
+
     ret = (*km_handle->QSEECom_send_modified_cmd)(handle, send_cmd,
                                QSEECOM_ALIGN(sizeof(*send_cmd)), resp,
                                QSEECOM_ALIGN(sizeof(*resp)), &ion_fd_info);
+
+    if((*km_handle->QSEECom_set_bandwidth)(handle, false))
+        ALOGE("Sign data command: (unable to disable clks)");
+
     if ( (ret < 0)  ||  (resp->status  < 0)) {
         ALOGE("Sign data command failed resp->status = %d ret =%d", resp->status, ret);
         qcom_km_ion_dealloc(&ihandle);
@@ -604,10 +634,21 @@ static int qcom_km_verify_data(const keymaster_device_t* dev,
     memcpy(((unsigned char *)ihandle.ion_sbuffer + signedDataLength),
                                   signature, signatureLength);
     resp->status = KEYMASTER_FAILURE;
+
+    ret = (*km_handle->QSEECom_set_bandwidth)(handle, true);
+    if (ret < 0) {
+        ALOGE("Verify data  command failed (unable to enable clks) ret =%d", ret);
+        qcom_km_ion_dealloc(&ihandle);
+        return -1;
+    }
+
     ret = (*km_handle->QSEECom_send_modified_cmd)(handle, send_cmd,
                                QSEECOM_ALIGN(sizeof(*send_cmd)), resp,
                                QSEECOM_ALIGN(sizeof(*resp)), &ion_fd_info);
 
+    if((*km_handle->QSEECom_set_bandwidth)(handle, false))
+        ALOGE("Verify data  command: (unable to disable clks)");
+
     if ( (ret < 0)  ||  (resp->status  < 0)) {
         ALOGE("Verify data command failed resp->status = %d ret =%d", resp->status, ret);
         qcom_km_ion_dealloc(&ihandle);
@@ -669,6 +710,15 @@ static int qcom_km_get_lib_sym(qcom_keymaster_handle_t* km_handle)
                    km_handle->libhandle  = NULL;
                    return -1;
              }
+            *(void **)(&km_handle->QSEECom_set_bandwidth) =
+                               dlsym(km_handle->libhandle,"QSEECom_set_bandwidth");
+            if (km_handle->QSEECom_set_bandwidth == NULL) {
+                   ALOGE("dlsym: Error Loading QSEECom_set_bandwidth");
+                   dlclose(km_handle->libhandle );
+                   km_handle->libhandle  = NULL;
+                   return -1;
+             }
+
     } else {
         ALOGE("failed to load qseecom library");
         return -1;
author	Ajay Dudani <adudani@codeaurora.org>	2013-06-11 11:42:15 -0700
committer	Vineeta Srivastava <vsrivastava@google.com>	2013-06-13 09:02:49 -0700
commit	cccc0043b30824caee7e2c5899c288e67d91411c (patch)
tree	d5fefbefaa5481e238e6688c3b1d75bb6179a557
parent	1b4b3820c4c5c6bc17e455a2e5f3fed1e4779dd7 (diff)
download	keymaster-cccc0043b30824caee7e2c5899c288e67d91411c.tar.gz