Implement SMC initialization.

Note that SMC requires "normal world"-assisted storage that is provided
by tf_daemon. Normally it's /data/smc directory, but this doesn't work
if one wants both /data encryption and hardware backed disk encryption
key storage. Therefore /dsg partition is used to store SMC data.

Change-Id: I9ef59d7f045c5c36950d73d5254ba751fb7853cc

1 files changed, 40 insertions, 0 deletions

diff --git a/tee-fs-setup.sh b/tee-fs-setup.sh
new file mode 100644
index 0000000..8ac25f7
--- /dev/null
+++ b/tee-fs-setup.sh
@@ -0,0 +1,40 @@
+#!/system/bin/sh
+
+DEVICE="/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs"
+
+log_to_kernel() {
+  echo "$*" > /dev/kmsg
+}
+
+create_tee_fs() {
+    make_ext4fs -J -b 4096 ${DEVICE} || exit 1
+    mount -t ext4 ${DEVICE} /tee || exit 1
+    mkdir /tee/smc || exit 1
+    chmod 0770 /tee/smc || exit 1
+    chown drmrpc:drmrpc /tee/smc || exit 1
+    restorecon -R /tee/smc || exit 1
+}
+
+if [ ! -e /tee/smc ]; then
+  # sha1 hash of the empty 4MB partition.
+  EXPECTED_HASH="2bccbd2f38f15c13eb7d5a89fd9d85f595e23bc3"
+  ACTUAL_HASH="`/system/bin/sha1sum ${DEVICE}`"
+  if [ "${ACTUAL_HASH}" == "${EXPECTED_HASH}  ${DEVICE}" ]; then
+    if create_tee_fs > /dev/kmsg 2>&1; then
+      log_to_kernel "tee-fs-setup: successfully initialized /tee for SMC, rebooting."
+      # tf_daemon gets stuck when started after FS initialization,
+      # but works fine after reboot.
+      mount -t ext4 -o remount,ro /tee
+      reboot
+    else
+      log_to_kernel "tee-fs-setup: initialization of /tee for SMC failed. SMC won't function!"
+    fi
+  else
+    log_to_kernel "tee-fs-setup: unexpected hash '${ACTUAL_HASH}', skipping /tee filesystem creation. SMC won't function!"
+  fi
+else
+  log_to_kernel "tee-fs-setup: /tee is already initialized for SMC, nothing to do."
+  setprop init.tee_fs.ready true
+fi
+
+exit 0