8416f71c41
Added pfk_ice_virt.c which sends hab requests to BE in host, instead of sending scm calls directly to TZ. Also, removed the hardcoded size of key cache table, and made it configurable. Change-Id: I942c3886c2fb93846bcdf15b19eabb3bc83e05ba Signed-off-by: Shay <shayn@codeaurora.org>
51 lines
1.4 KiB
Plaintext
51 lines
1.4 KiB
Plaintext
menu "Qualcomm Technologies, Inc Per File Encryption security device drivers"
|
|
depends on ARCH_QCOM
|
|
|
|
config PFT
|
|
bool "Per-File-Tagger driver"
|
|
depends on SECURITY
|
|
default n
|
|
help
|
|
This driver is used for tagging enterprise files.
|
|
It is part of the Per-File-Encryption (PFE) feature.
|
|
The driver is tagging files when created by
|
|
registered application.
|
|
Tagged files are encrypted using the dm-req-crypt driver.
|
|
|
|
config PFK
|
|
bool "Per-File-Key driver"
|
|
depends on SECURITY
|
|
depends on SECURITY_SELINUX
|
|
default n
|
|
help
|
|
This driver is used for storing eCryptfs information
|
|
in file node.
|
|
This is part of eCryptfs hardware enhanced solution
|
|
provided by Qualcomm Technologies, Inc.
|
|
Information is used when file is encrypted later using
|
|
ICE or dm crypto engine
|
|
|
|
config PFK_WRAPPED_KEY_SUPPORTED
|
|
bool "Per-File-Key driver with wrapped key support"
|
|
depends on SECURITY
|
|
depends on SECURITY_SELINUX
|
|
depends on QSEECOM
|
|
depends on PFK
|
|
default n
|
|
help
|
|
Adds wrapped key support in PFK driver. Instead of setting
|
|
the key directly in ICE, it unwraps the key and sets the key
|
|
in ICE.
|
|
|
|
config PFK_VIRTUALIZED
|
|
bool "Per-File-Key driver virtualized version"
|
|
depends on SECURITY
|
|
depends on SECURITY_SELINUX
|
|
depends on QSEECOM
|
|
depends on PFK
|
|
depends on MSM_HAB
|
|
help
|
|
Makes the driver to use the hypervisor back end for ICE HW
|
|
operation virtualization instead of calling directly to TZ.
|
|
endmenu
|