static int dek_on_user_removed(dek_arg_on_user_removed *evt) {
int userid = evt->userid;
int key_arr_idx;
/*
* TODO : lock needed
*/
if (!dek_is_persona(userid)) {
DEK_LOGE("%s invalid userid %d\n", __func__, userid);
return -EFAULT;
}
key_arr_idx = PERSONA_KEY_ARR_IDX(userid);
zero_out((char *)&SDPK_sym[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Rpub[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Rpri[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Dpub[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Dpri[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_EDpub[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_EDpri[key_arr_idx], sizeof(kek_t));
#ifdef CONFIG_SDP_KEY_DUMP
if(get_sdp_sysfs_key_dump()) {
dump_all_keys(key_arr_idx);
}
#endif
dek_aes_key_free(sdp_tfm[key_arr_idx]);
sdp_tfm[key_arr_idx] = NULL;
return 0;
}
static int dek_on_device_locked(dek_arg_on_device_locked *evt) {
int key_arr_idx = PERSONA_KEY_ARR_IDX(evt->persona_id);
dek_aes_key_free(tfm[key_arr_idx]);
tfm[key_arr_idx] = NULL;
memset(&priv_key[key_arr_idx], 0, sizeof(kek));
memset(&mas_key[key_arr_idx], 0, sizeof(kek));
#if DEK_DEBUG
dump_all_keys(key_arr_idx);
#endif
return 0;
}
int dek_aes_decrypt(kek_t *kek, char *src, char *dst, int len) {
int rc;
struct crypto_blkcipher *tfm;
if(kek == NULL) return -EINVAL;
tfm = dek_aes_key_setup(kek);
if(tfm) {
rc = __dek_aes_decrypt(tfm, src, dst, len);
dek_aes_key_free(tfm);
return rc;
} else
return -ENOMEM;
}
static int dek_on_device_locked(dek_arg_on_device_locked *evt) {
int userid = evt->userid;
int key_arr_idx = PERSONA_KEY_ARR_IDX(userid);
if (!dek_is_persona(userid)) {
DEK_LOGE("%s invalid userid %d\n", __func__, userid);
return -EFAULT;
}
dek_aes_key_free(sdp_tfm[key_arr_idx]);
sdp_tfm[key_arr_idx] = NULL;
zero_out((char *)&SDPK_sym[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Rpri[key_arr_idx], sizeof(kek_t));
zero_out((char *)&SDPK_Dpri[key_arr_idx], sizeof(kek_t));
ecryptfs_mm_drop_cache(userid);
#if DEK_DEBUG
dump_all_keys(key_arr_idx);
#endif
return 0;
}