summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLuden <luden@ghostmail.com>2016-03-12 10:39:28 +0100
committerZiyan <jaraidaniel@gmail.com>2016-04-03 15:19:21 +0200
commit3c60373689a44efea9a87b6cdac148530b02d775 (patch)
tree611ed61a92ec43e393c1ec88b2c0a06ddcf363a1
parent0e66f2b8f1c4330d7d51754be42b40964da69ecd (diff)
downloaddevice_samsung_tuna-3c60373689a44efea9a87b6cdac148530b02d775.zip
device_samsung_tuna-3c60373689a44efea9a87b6cdac148530b02d775.tar.gz
device_samsung_tuna-3c60373689a44efea9a87b6cdac148530b02d775.tar.bz2
Implement SMC initialization.
Note that SMC requires "normal world"-assisted storage that is provided by tf_daemon. Normally it's /data/smc directory, but this doesn't work if one wants both /data encryption and hardware backed disk encryption key storage. Therefore /dsg partition is used to store SMC data. Change-Id: I9ef59d7f045c5c36950d73d5254ba751fb7853cc
-rwxr-xr-xdevice.mk4
-rw-r--r--rootdir/fstab.tuna1
-rwxr-xr-xrootdir/init.tuna.rc21
-rw-r--r--tee-fs-setup.sh40
4 files changed, 60 insertions, 6 deletions
diff --git a/device.mk b/device.mk
index 7c2da43..a700f51 100755
--- a/device.mk
+++ b/device.mk
@@ -62,9 +62,13 @@ PRODUCT_PACKAGES += \
PRODUCT_PROPERTY_OVERRIDES += \
media.aac_51_output_enabled=true
+# SMC
PRODUCT_PACKAGES += \
keystore.tuna
+ PRODUCT_COPY_FILES += \
+ $(DEVICE_FOLDER)/tee-fs-setup.sh:system/vendor/bin/tee-fs-setup.sh
+
# Init files
PRODUCT_COPY_FILES += \
$(DEVICE_FOLDER)/rootdir/init.tuna.rc:root/init.tuna.rc \
diff --git a/rootdir/fstab.tuna b/rootdir/fstab.tuna
index 7ca4b77..624aba2 100644
--- a/rootdir/fstab.tuna
+++ b/rootdir/fstab.tuna
@@ -6,6 +6,7 @@
/dev/block/platform/omap/omap_hsmmc.0/by-name/system /system ext4 ro wait
/dev/block/platform/omap/omap_hsmmc.0/by-name/efs /factory ext4 rw wait
+/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs /tee ext4 noatime,nosuid,nodev,nomblk_io_submit wait
/dev/block/platform/omap/omap_hsmmc.0/by-name/cache /cache ext4 noatime,nosuid,nodev,nomblk_io_submit,errors=panic wait,check
/dev/block/platform/omap/omap_hsmmc.0/by-name/cache /cache f2fs rw,discard,nosuid,nodev,noatime,inline_xattr wait,check
/dev/block/platform/omap/omap_hsmmc.0/by-name/userdata /data ext4 noatime,nosuid,nodev,nomblk_io_submit,errors=panic wait,check,encryptable=/dev/block/platform/omap/omap_hsmmc.0/by-name/metadata
diff --git a/rootdir/init.tuna.rc b/rootdir/init.tuna.rc
index 892302a..3d0315f 100755
--- a/rootdir/init.tuna.rc
+++ b/rootdir/init.tuna.rc
@@ -17,11 +17,6 @@ on init
write /sys/kernel/mm/ksm/run 1
on post-fs-data
- mkdir /data/smc 0770 drmrpc drmrpc
- chown drmrpc drmrpc /data/smc/counter.bin
- chown drmrpc drmrpc /data/smc/storage.bin
- chown drmrpc drmrpc /data/smc/system.bin
-
# camera calibration
mkdir /data/misc/camera 0770 media media
mkdir /data/misc/camera/R5_MVEN003_LD2_ND0_IR0_SH0_FL1_SVEN003_DCCID1044 0770 media media
@@ -51,6 +46,7 @@ on boot
on fs
mkdir /factory 0775 radio radio
+ mkdir /tee 0770 drmrpc drmrpc
mount_all /fstab.tuna
swapon_all /fstab.tuna
@@ -59,6 +55,8 @@ on fs
restorecon_recursive /factory
mount ext4 /dev/block/platform/omap/omap_hsmmc.0/by-name/efs /factory ro remount
+ start tee_fs_setup
+
# read only 1 page at a time
write /proc/sys/vm/page-cluster 0
@@ -148,7 +146,7 @@ service setup_fs /system/bin/setup_fs \
service tf_daemon /system/bin/tf_daemon \
-d -c /vendor/etc/smc_normal_world_android_cfg.ini
- class main
+ class core
user drmrpc
group drmrpc
disabled
@@ -249,6 +247,17 @@ service battery_charger /sbin/healthd -c
critical
seclabel u:r:healthd:s0
+service tee_fs_setup /system/vendor/bin/tee-fs-setup.sh
+ class core
+ user root
+ group root
+ disabled
+ oneshot
+
+on property:init.tee_fs.ready=true
+ start smc_pa_wvdrm
+ start tf_daemon
+
# Allow writing to the kernel trace log. Enabling tracing still requires root.
on property:ro.debuggable=1
chmod 0222 /sys/kernel/debug/tracing/trace_marker
diff --git a/tee-fs-setup.sh b/tee-fs-setup.sh
new file mode 100644
index 0000000..8ac25f7
--- /dev/null
+++ b/tee-fs-setup.sh
@@ -0,0 +1,40 @@
+#!/system/bin/sh
+
+DEVICE="/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs"
+
+log_to_kernel() {
+ echo "$*" > /dev/kmsg
+}
+
+create_tee_fs() {
+ make_ext4fs -J -b 4096 ${DEVICE} || exit 1
+ mount -t ext4 ${DEVICE} /tee || exit 1
+ mkdir /tee/smc || exit 1
+ chmod 0770 /tee/smc || exit 1
+ chown drmrpc:drmrpc /tee/smc || exit 1
+ restorecon -R /tee/smc || exit 1
+}
+
+if [ ! -e /tee/smc ]; then
+ # sha1 hash of the empty 4MB partition.
+ EXPECTED_HASH="2bccbd2f38f15c13eb7d5a89fd9d85f595e23bc3"
+ ACTUAL_HASH="`/system/bin/sha1sum ${DEVICE}`"
+ if [ "${ACTUAL_HASH}" == "${EXPECTED_HASH} ${DEVICE}" ]; then
+ if create_tee_fs > /dev/kmsg 2>&1; then
+ log_to_kernel "tee-fs-setup: successfully initialized /tee for SMC, rebooting."
+ # tf_daemon gets stuck when started after FS initialization,
+ # but works fine after reboot.
+ mount -t ext4 -o remount,ro /tee
+ reboot
+ else
+ log_to_kernel "tee-fs-setup: initialization of /tee for SMC failed. SMC won't function!"
+ fi
+ else
+ log_to_kernel "tee-fs-setup: unexpected hash '${ACTUAL_HASH}', skipping /tee filesystem creation. SMC won't function!"
+ fi
+else
+ log_to_kernel "tee-fs-setup: /tee is already initialized for SMC, nothing to do."
+ setprop init.tee_fs.ready true
+fi
+
+exit 0