When working with multiple files and multiple threads, the following
scenario can occur:
1. File Close -> Key cache removal -> context switch
2. Open new file -> occupy the entry cleaned in 1
-> TZ_ES_SET_ICE_KEY -> context switch
3. Back to 1 -> TZ_ES_INVALIDATE_ICE_KEY
4. Back to 2 -> ICE uses the key that is already invalid
5. Crash due to PARTIALLY_SET_KEY_USED
To fix this, pfk must know when requests using some key are completed.
Only then key removal shall be allowed and until then key invalidation
must wait.
A new callback was added to let clients inform PFK when requests end.
Change-Id: Id7f8a3302fac9fafd1203d8d56ca13d59b45bbd5
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
PFK is a new module that accompanies eCryptfs and
enables it to utilize ICE hw encryption engine. Module
is responsible for storing encryption/decryption keys
inside eCryptfs inodes for each file and loading them
to ICE
Change-Id: I6e755ca657164919147fe0d9482477e14a4be5eb
Signed-off-by: Andrey Markovytch <andreym@codeaurora.org>
[gbroner@codeaurora.org: fix merge conflicts, adapted LSM hooks
and added missing qseecom headers to fix compilation]
Signed-off-by: Gilad Broner <gbroner@codeaurora.org>
