From: Stanley Chu <stanley.chu@mediatek.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Christoph Hellwig <hch@infradead.org>,
Satya Tangirala <satyat@google.com>,
<linux-block@vger.kernel.org>, <linux-scsi@vger.kernel.org>,
<linux-fscrypt@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
<linux-f2fs-devel@lists.sourceforge.net>,
<linux-ext4@vger.kernel.org>,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
Kuohong Wang <kuohong.wang@mediatek.com>,
"Kim Boojin" <boojin.kim@samsung.com>,
Ladvine D Almeida <Ladvine.DAlmeida@synopsys.com>,
Parshuram Raju Thombare <pthombar@cadence.com>
Subject: Re: [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS
Date: Wed, 26 Feb 2020 14:43:14 +0800 [thread overview]
Message-ID: <1582699394.26304.96.camel@mtksdccf07> (raw)
In-Reply-To: <20200226011206.GD114977@gmail.com>
Hi Eric,
On Tue, 2020-02-25 at 17:12 -0800, Eric Biggers wrote:
> On Tue, Feb 25, 2020 at 03:21:25PM +0800, Stanley Chu wrote:
> > Hi Christoph,
> >
> > On Mon, 2020-02-24 at 15:37 -0800, Christoph Hellwig wrote:
> > > On Sun, Feb 23, 2020 at 09:47:36PM +0800, Stanley Chu wrote:
> > > > Yes, MediaTek is keeping work closely with inline encryption patch sets.
> > > > Currently the v6 version can work well (without
> > > > UFSHCD_QUIRK_BROKEN_CRYPTO quirk) at least in our MT6779 SoC platform
> > > > which basic SoC support and some other peripheral drivers are under
> > > > upstreaming as below link,
> > > >
> > > > https://patchwork.kernel.org/project/linux-mediatek/list/?state=%
> > > > 2A&q=6779&series=&submitter=&delegate=&archive=both
> > > >
> > > > The integration with inline encryption patch set needs to patch
> > > > ufs-mediatek and patches are ready in downstream. We plan to upstream
> > > > them soon after inline encryption patch sets get merged.
> > >
> > > What amount of support do you need in ufs-mediatek? It seems like
> > > pretty much every ufs low-level driver needs some kind of specific
> > > support now, right? I wonder if we should instead opt into the support
> > > instead of all the quirking here.
> >
> > The patch in ufs-mediatek is aimed to issue vendor-specific SMC calls
> > for host initialization and configuration. This is because MediaTek UFS
> > host has some "secure-protected" registers/features which need to be
> > accessed/switched in secure world.
> >
> > Such protection is not mentioned by UFSHCI specifications thus inline
> > encryption patch set assumes that every registers in UFSHCI can be
> > accessed normally in kernel. This makes sense and surely the patchset
> > can work fine in any "standard" UFS host. However if host has special
> > design then it can work normally only if some vendor-specific treatment
> > is applied.
> >
> > I think one of the reason to apply UFSHCD_QUIRK_BROKEN_CRYPTO quirk in
> > ufs-qcom host is similar to above case.
>
> So, I had originally assumed that most kernel developers would prefer to make
> the UFS crypto support opt-out rather than opt-in, since that matches the normal
> Linux way of doing things. I.e. normally the kernel's default assumption is
> that devices implement the relevant standard, and only when a device is known to
> deviate from the standard does the driver apply quirks.
>
> But indeed, as we've investigated more vendors' UFS hardware, it seems that
> everyone has some quirk that needs to be handled in the platform driver:
>
> - ufs-qcom (tested on DragonBoard 845c with upstream kernel) needs
> vendor-specific crypto initialization logic and SMC calls to set keys
>
> - ufs-mediatek needs the quirks that Stanley mentioned above
>
> - ufs-hisi (tested on Hikey960 with upstream kernel) needs to write a
> vendor-specific register to use high keyslots, but even then I still
> couldn't get the crypto support working correctly.
>
> I'm not sure about the UFS controllers from Synopsys, Cadence, or Samsung, all
> of which apparently have implemented some form of the crypto support too. But I
> wouldn't get my hopes up that everyone followed the UFS standard precisely.
>
> So if there are no objections, IMO we should make the crypto support opt-in.
>
> That makes it even more important to upstream the crypto support for specific
> hardware like ufs-qcom and ufs-mediatek, since otherwise the ufshcd-crypto code
> would be unusable even theoretically. I'm volunteering to handle ufs-qcom with
> https://lkml.kernel.org/linux-block/20200110061634.46742-1-ebiggers@kernel.org/.
> Stanley, could you send out ufs-mediatek support as an RFC so people can see
> better what it involves?
Sure, I will send out our RFC patches. Please allow me some time for
submission.
Thanks,
Stanley Chu
> - Eric
next prev parent reply other threads:[~2020-02-26 6:43 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-21 11:50 [PATCH v7 0/9] Inline Encryption Support Satya Tangirala
2020-02-21 11:50 ` [PATCH v7 1/9] block: Keyslot Manager for Inline Encryption Satya Tangirala
2020-02-21 17:04 ` Christoph Hellwig
2020-02-21 17:31 ` Christoph Hellwig
2020-02-27 18:14 ` Eric Biggers
2020-02-27 21:25 ` Satya Tangirala
2020-03-05 16:11 ` Christoph Hellwig
2020-02-27 18:48 ` Eric Biggers
2020-02-21 11:50 ` [PATCH v7 2/9] block: Inline encryption support for blk-mq Satya Tangirala
2020-02-21 17:22 ` Christoph Hellwig
2020-02-22 0:52 ` Satya Tangirala
2020-02-24 23:34 ` Christoph Hellwig
2020-02-27 18:25 ` Eric Biggers
2020-02-21 11:50 ` [PATCH v7 3/9] block: blk-crypto-fallback for Inline Encryption Satya Tangirala
2020-02-21 16:51 ` Randy Dunlap
2020-02-21 17:25 ` Christoph Hellwig
2020-02-21 17:35 ` Christoph Hellwig
2020-02-21 18:34 ` Eric Biggers
2020-02-24 23:36 ` Christoph Hellwig
2020-02-27 19:25 ` Eric Biggers
2020-02-21 11:50 ` [PATCH v7 4/9] scsi: ufs: UFS driver v2.1 spec crypto additions Satya Tangirala
2020-02-21 11:50 ` [PATCH v7 5/9] scsi: ufs: UFS crypto API Satya Tangirala
2020-02-22 4:59 ` Eric Biggers
2020-02-21 11:50 ` [PATCH v7 6/9] scsi: ufs: Add inline encryption support to UFS Satya Tangirala
2020-02-21 17:22 ` Christoph Hellwig
2020-02-21 18:11 ` Eric Biggers
2020-02-23 13:47 ` Stanley Chu
2020-02-24 23:37 ` Christoph Hellwig
2020-02-25 7:21 ` Stanley Chu
2020-02-26 1:12 ` Eric Biggers
2020-02-26 6:43 ` Stanley Chu [this message]
2020-03-02 9:17 ` Stanley Chu
2020-02-21 11:50 ` [PATCH v7 7/9] fscrypt: add inline encryption support Satya Tangirala
2020-02-21 18:40 ` Eric Biggers
2020-02-22 5:39 ` Eric Biggers
2020-02-26 0:30 ` Eric Biggers
2020-02-21 11:50 ` [PATCH v7 8/9] f2fs: " Satya Tangirala
2020-02-21 11:50 ` [PATCH v7 9/9] ext4: " Satya Tangirala
2020-02-22 5:21 ` Eric Biggers
2020-02-21 17:16 ` [PATCH v7 0/9] Inline Encryption Support Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1582699394.26304.96.camel@mtksdccf07 \
--to=stanley.chu@mediatek.com \
--cc=Ladvine.DAlmeida@synopsys.com \
--cc=bmuthuku@qti.qualcomm.com \
--cc=boojin.kim@samsung.com \
--cc=ebiggers@kernel.org \
--cc=hch@infradead.org \
--cc=kuohong.wang@mediatek.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=pthombar@cadence.com \
--cc=satyat@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).