From 3c60373689a44efea9a87b6cdac148530b02d775 Mon Sep 17 00:00:00 2001
From: Luden <luden@ghostmail.com>
Date: Sat, 12 Mar 2016 10:39:28 +0100
Subject: Implement SMC initialization.

Note that SMC requires "normal world"-assisted storage that is provided
by tf_daemon. Normally it's /data/smc directory, but this doesn't work
if one wants both /data encryption and hardware backed disk encryption
key storage. Therefore /dsg partition is used to store SMC data.

Change-Id: I9ef59d7f045c5c36950d73d5254ba751fb7853cc
---
 device.mk            |  4 ++++
 rootdir/fstab.tuna   |  1 +
 rootdir/init.tuna.rc | 21 +++++++++++++++------
 tee-fs-setup.sh      | 40 ++++++++++++++++++++++++++++++++++++++++
 4 files changed, 60 insertions(+), 6 deletions(-)
 create mode 100644 tee-fs-setup.sh

diff --git a/device.mk b/device.mk
index 7c2da43..a700f51 100755
--- a/device.mk
+++ b/device.mk
@@ -62,9 +62,13 @@ PRODUCT_PACKAGES += \
 PRODUCT_PROPERTY_OVERRIDES += \
 	media.aac_51_output_enabled=true
 
+# SMC
 PRODUCT_PACKAGES += \
 	keystore.tuna
 
+ PRODUCT_COPY_FILES += \
+	$(DEVICE_FOLDER)/tee-fs-setup.sh:system/vendor/bin/tee-fs-setup.sh
+
 # Init files
 PRODUCT_COPY_FILES += \
 	$(DEVICE_FOLDER)/rootdir/init.tuna.rc:root/init.tuna.rc \
diff --git a/rootdir/fstab.tuna b/rootdir/fstab.tuna
index 7ca4b77..624aba2 100644
--- a/rootdir/fstab.tuna
+++ b/rootdir/fstab.tuna
@@ -6,6 +6,7 @@
 
 /dev/block/platform/omap/omap_hsmmc.0/by-name/system    /system             ext4      ro                                                    wait
 /dev/block/platform/omap/omap_hsmmc.0/by-name/efs       /factory            ext4      rw                                                    wait
+/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs       /tee                ext4      noatime,nosuid,nodev,nomblk_io_submit                 wait
 /dev/block/platform/omap/omap_hsmmc.0/by-name/cache     /cache              ext4      noatime,nosuid,nodev,nomblk_io_submit,errors=panic    wait,check
 /dev/block/platform/omap/omap_hsmmc.0/by-name/cache     /cache              f2fs      rw,discard,nosuid,nodev,noatime,inline_xattr          wait,check
 /dev/block/platform/omap/omap_hsmmc.0/by-name/userdata  /data               ext4      noatime,nosuid,nodev,nomblk_io_submit,errors=panic    wait,check,encryptable=/dev/block/platform/omap/omap_hsmmc.0/by-name/metadata
diff --git a/rootdir/init.tuna.rc b/rootdir/init.tuna.rc
index 892302a..3d0315f 100755
--- a/rootdir/init.tuna.rc
+++ b/rootdir/init.tuna.rc
@@ -17,11 +17,6 @@ on init
     write /sys/kernel/mm/ksm/run 1
 
 on post-fs-data
-    mkdir /data/smc 0770 drmrpc drmrpc
-    chown drmrpc drmrpc /data/smc/counter.bin
-    chown drmrpc drmrpc /data/smc/storage.bin
-    chown drmrpc drmrpc /data/smc/system.bin
-
     # camera calibration
     mkdir /data/misc/camera 0770 media media
     mkdir /data/misc/camera/R5_MVEN003_LD2_ND0_IR0_SH0_FL1_SVEN003_DCCID1044 0770 media media
@@ -51,6 +46,7 @@ on boot
 
 on fs
     mkdir /factory 0775 radio radio
+    mkdir /tee 0770 drmrpc drmrpc
 
     mount_all /fstab.tuna
     swapon_all /fstab.tuna
@@ -59,6 +55,8 @@ on fs
     restorecon_recursive /factory
     mount ext4 /dev/block/platform/omap/omap_hsmmc.0/by-name/efs /factory ro remount
 
+    start tee_fs_setup
+
     # read only 1 page at a time
     write /proc/sys/vm/page-cluster 0
 
@@ -148,7 +146,7 @@ service setup_fs /system/bin/setup_fs \
 
 service tf_daemon /system/bin/tf_daemon \
         -d -c /vendor/etc/smc_normal_world_android_cfg.ini
-        class main
+        class core
         user drmrpc
         group drmrpc
         disabled
@@ -249,6 +247,17 @@ service battery_charger /sbin/healthd -c
     critical
     seclabel u:r:healthd:s0
 
+service tee_fs_setup /system/vendor/bin/tee-fs-setup.sh
+    class core
+    user root
+    group root
+    disabled
+    oneshot
+
+on property:init.tee_fs.ready=true
+    start smc_pa_wvdrm
+    start tf_daemon
+
 # Allow writing to the kernel trace log. Enabling tracing still requires root.
 on property:ro.debuggable=1
     chmod 0222 /sys/kernel/debug/tracing/trace_marker
diff --git a/tee-fs-setup.sh b/tee-fs-setup.sh
new file mode 100644
index 0000000..8ac25f7
--- /dev/null
+++ b/tee-fs-setup.sh
@@ -0,0 +1,40 @@
+#!/system/bin/sh
+
+DEVICE="/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs"
+
+log_to_kernel() {
+  echo "$*" > /dev/kmsg
+}
+
+create_tee_fs() {
+    make_ext4fs -J -b 4096 ${DEVICE} || exit 1
+    mount -t ext4 ${DEVICE} /tee || exit 1
+    mkdir /tee/smc || exit 1
+    chmod 0770 /tee/smc || exit 1
+    chown drmrpc:drmrpc /tee/smc || exit 1
+    restorecon -R /tee/smc || exit 1
+}
+
+if [ ! -e /tee/smc ]; then
+  # sha1 hash of the empty 4MB partition.
+  EXPECTED_HASH="2bccbd2f38f15c13eb7d5a89fd9d85f595e23bc3"
+  ACTUAL_HASH="`/system/bin/sha1sum ${DEVICE}`"
+  if [ "${ACTUAL_HASH}" == "${EXPECTED_HASH}  ${DEVICE}" ]; then
+    if create_tee_fs > /dev/kmsg 2>&1; then
+      log_to_kernel "tee-fs-setup: successfully initialized /tee for SMC, rebooting."
+      # tf_daemon gets stuck when started after FS initialization,
+      # but works fine after reboot.
+      mount -t ext4 -o remount,ro /tee
+      reboot
+    else
+      log_to_kernel "tee-fs-setup: initialization of /tee for SMC failed. SMC won't function!"
+    fi
+  else
+    log_to_kernel "tee-fs-setup: unexpected hash '${ACTUAL_HASH}', skipping /tee filesystem creation. SMC won't function!"
+  fi
+else
+  log_to_kernel "tee-fs-setup: /tee is already initialized for SMC, nothing to do."
+  setprop init.tee_fs.ready true
+fi
+
+exit 0
-- 
cgit v1.1