android/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3e8cceb730
android_kernel_xiaomi_sm8450/block
History
Barani Muthukumaran 3e8cceb730 ANDROID: block: add KSM op to derive software secret from wrapped key 
Some inline encryption hardware supports protecting the keys in hardware
and only exposing wrapped keys to software.  To use this capability,
userspace must provide a hardware-wrapped key rather than a raw key.

However, users of inline encryption in the kernel won't necessarily use
the user-specified key directly for inline encryption.  E.g. with
fscrypt with IV_INO_LBLK_64 policies, each user-provided key is used to
derive a file contents encryption key, filenames encryption key, and key
identifier.  Since inline encryption can only be used with file
contents, if the user were to provide a wrapped key there would
(naively) be no way to encrypt filenames or derive the key identifier.

This problem is solved by designing the hardware to internally use the
unwrapped key as input to a KDF from which multiple cryptographically
isolated keys can be derived, including both the inline crypto key (not
exposed to software) and a secret that *is* exposed to software.

Add a function to the keyslot manager to allow upper layers to request
this software secret from a hardware-wrapped key.

Bug: 147209885

Change-Id: Iffb05b297b7ba3f3e865e798e4bb73aef4e6ba19
Co-developed-by: Gaurav Kashyap <gaurkash@codeaurora.org>
Signed-off-by: Gaurav Kashyap <gaurkash@codeaurora.org>
Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
2020-01-22 04:31:52 +00:00
..
partitions docs: admin-guide: add a series of orphaned documents 2019-07-15 11:03:02 -03:00
badblocks.c block: switch all files cleared marked as GPLv2 to SPDX tags 2019-04-30 16:11:57 -06:00
bfq-cgroup.c bfq: Add per-device weight 2019-09-06 14:33:52 -06:00
bfq-iosched.c block, bfq: deschedule empty bfq_queues not referred by any process 2019-11-14 07:00:54 -07:00
bfq-iosched.h bfq: Add per-device weight 2019-09-06 14:33:52 -06:00
bfq-wf2q.c bfq: Fix the missing barrier in __bfq_entity_update_weight_prio 2019-09-06 14:33:48 -06:00
bio-crypt-ctx.c BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
bio-integrity.c block/bio-integrity: fix a memory leak bug 2019-07-11 20:01:21 -06:00
bio.c This is the 5.4.13 stable release 2020-01-17 23:38:39 +01:00
blk-cgroup.c blkcg: make blkcg_print_stat() print stats only for online blkgs 2019-11-06 17:08:38 -07:00
blk-core.c Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-5.4.y' into android-5.4 2020-01-15 16:41:51 -08:00
blk-crypto-fallback.c BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
blk-crypto-internal.h BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
blk-crypto.c ANDROID: block: provide key size as input to inline crypto APIs 2020-01-22 04:31:41 +00:00
blk-exec.c block: add SPDX tags to block layer files missing licensing information 2019-04-30 16:12:03 -06:00
blk-flush.c block: Fix a lockdep complaint triggered by request queue flushing 2020-01-12 12:21:42 +01:00
blk-integrity.c block: centralize PI remapping logic to the block layer 2019-09-17 20:03:49 -06:00
blk-ioc.c block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-iocost.c iocost: over-budget forced IOs should schedule async delay 2019-12-31 16:46:19 +01:00
blk-iolatency.c blkcg: s/RQ_QOS_CGROUP/RQ_QOS_LATENCY/ 2019-08-28 21:17:08 -06:00
blk-lib.c block: fix 32 bit overflow in __blkdev_issue_discard() 2018-11-14 08:17:18 -07:00
blk-map.c block: fix memleak when __blk_rq_map_user_iov() is failed 2020-01-12 12:21:43 +01:00
blk-merge.c BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
blk-mq-cpumap.c blk-mq: balance mapping between present CPUs and queues 2019-08-04 21:43:12 -06:00
blk-mq-debugfs-zoned.c block: Cleanup license notice 2019-01-17 21:21:40 -07:00
blk-mq-debugfs.c for-5.3/block-20190708 2019-07-09 10:45:06 -07:00
blk-mq-debugfs.h blk-mq: no need to check return value of debugfs_create functions 2019-06-13 03:00:30 -06:00
blk-mq-pci.c block: Fix blk_mq_*_map_queues() kernel-doc headers 2019-05-31 15:12:34 -06:00
blk-mq-rdma.c block: Fix blk_mq_*_map_queues() kernel-doc headers 2019-05-31 15:12:34 -06:00
blk-mq-sched.c blk-mq: move lockdep_assert_held() into elevator_exit 2019-09-26 00:45:05 -06:00
blk-mq-sched.h block: blk-mq: Remove blk_mq_sched_started_request and started_request 2019-07-23 07:25:09 -06:00
blk-mq-sysfs.c blk-mq: make sure that line break can be printed 2019-12-17 19:56:53 +01:00
blk-mq-tag.c blk-mq: introduce blk_mq_tagset_wait_completed_request() 2019-08-04 21:41:29 -06:00
blk-mq-tag.h Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block 2017-11-14 15:32:19 -08:00
blk-mq-virtio.c block: Fix blk_mq_*_map_queues() kernel-doc headers 2019-05-31 15:12:34 -06:00
blk-mq.c blk-mq: apply normal plugging for HDD 2019-09-27 11:40:21 -06:00
blk-mq.h block: Disable write plugging for zoned block devices 2019-07-10 14:18:01 -06:00
blk-pm.c block: bypass blk_set_runtime_active for uninitialized q->dev 2019-09-12 07:11:56 -06:00
blk-pm.h block: remove the queue_lock indirection 2018-11-15 12:17:28 -07:00
blk-rq-qos.c blk-wbt: fix performance regression in wbt scale_up/scale_down 2019-10-06 09:26:41 -06:00
blk-rq-qos.h blk-rq-qos: fix first node deletion of rq_qos_del() 2019-10-15 10:13:13 -06:00
blk-settings.c dma-mapping updates for 5.4: 2019-09-19 13:27:23 -07:00
blk-softirq.c block: remove a few unused exports 2018-11-15 12:13:25 -07:00
blk-stat.c block: add SPDX tags to block layer files missing licensing information 2019-04-30 16:12:03 -06:00
blk-stat.h block: deactivate blk_stat timer in wbt_disable_default() 2018-12-12 06:47:51 -07:00
blk-sysfs.c rq-qos: get rid of redundant wbt_update_limits() 2019-09-27 01:13:10 -06:00
blk-throttle.c block: make rq sector size accessible for block stats 2019-09-15 16:02:08 -06:00
blk-timeout.c block: add SPDX tags to block layer files missing licensing information 2019-04-30 16:12:03 -06:00
blk-wbt.c blk-wbt: fix performance regression in wbt scale_up/scale_down 2019-10-06 09:26:41 -06:00
blk-wbt.h block/rq_qos: implement rq_qos_ops->queue_depth_changed() 2019-08-28 21:17:07 -06:00
blk-zoned.c block: set the zone size in blk_revalidate_disk_zones atomically 2020-01-07 16:02:50 -08:00
blk.h block: Fix a lockdep complaint triggered by request queue flushing 2020-01-12 12:21:42 +01:00
bounce.c BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
bsg-lib.c block: drop device references in bsg_queue_rq() 2019-09-23 11:17:24 -06:00
bsg.c block: switch all files cleared marked as GPLv2 to SPDX tags 2019-04-30 16:11:57 -06:00
cmdline-parser.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat_ioctl.c compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES 2020-01-09 10:19:58 +01:00
elevator.c block: Fix elv_support_iosched() 2019-10-14 13:54:09 -06:00
genhd.c block: Delay default elevator initialization 2019-09-05 19:52:34 -06:00
ioctl.c block: simplify blkdev_nr_zones 2020-01-07 16:02:49 -08:00
ioprio.c docs: block: convert to ReST 2019-07-15 09:20:27 -03:00
Kconfig BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
Kconfig.iosched docs: block: convert to ReST 2019-07-15 09:20:27 -03:00
keyslot-manager.c ANDROID: block: add KSM op to derive software secret from wrapped key 2020-01-22 04:31:52 +00:00
kyber-iosched.c blk-mq: remove blk_mq_put_ctx() 2019-07-02 21:03:27 -06:00
Makefile BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series 2020-01-13 18:46:44 +00:00
mq-deadline.c block: Introduce elevator features 2019-09-05 19:52:33 -06:00
opal_proto.h block: sed-opal: Removed duplicate OPAL_METHOD_LENGTH definition 2019-08-20 09:34:49 -06:00
partition-generic.c block: Remove partition support for zoned block devices 2020-01-07 16:02:46 -08:00
scsi_ioctl.c block: switch all files cleared marked as GPLv2 to SPDX tags 2019-04-30 16:11:57 -06:00
sed-opal.c block: sed-opal: fix sparse warning: convert __be64 data 2019-10-03 14:21:32 -06:00
t10-pi.c block: t10-pi: fix -Wswitch warning 2019-09-23 08:05:19 -06:00