From: Eric Biggers <ebiggers@kernel.org>
To: linux-scsi@vger.kernel.org
Cc: linux-arm-msm@vger.kernel.org, linux-fscrypt@vger.kernel.org,
Alim Akhtar <alim.akhtar@samsung.com>,
Andy Gross <agross@kernel.org>, Avri Altman <avri.altman@wdc.com>,
Barani Muthukumaran <bmuthuku@qti.qualcomm.com>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Can Guo <cang@codeaurora.org>,
Elliot Berman <eberman@codeaurora.org>,
John Stultz <john.stultz@linaro.org>,
Satya Tangirala <satyat@google.com>,
Steev Klimaszewski <steev@kali.org>,
Thara Gopinath <thara.gopinath@linaro.org>
Subject: [PATCH v5 4/5] scsi: ufs: add program_key() variant op
Date: Sun, 21 Jun 2020 10:37:12 -0700 [thread overview]
Message-ID: <20200621173713.132879-5-ebiggers@kernel.org> (raw)
In-Reply-To: <20200621173713.132879-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
On Snapdragon SoCs, the Linux kernel isn't permitted to directly access
the standard UFS crypto configuration registers. Instead, programming
and evicting keys must be done through vendor-specific SMC calls.
To support this hardware, add a ->program_key() method to
'struct ufs_hba_variant_ops'. This allows overriding the UFS standard
key programming / eviction procedure.
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
drivers/scsi/ufs/ufshcd-crypto.c | 27 +++++++++++++++++----------
drivers/scsi/ufs/ufshcd.h | 3 +++
2 files changed, 20 insertions(+), 10 deletions(-)
diff --git a/drivers/scsi/ufs/ufshcd-crypto.c b/drivers/scsi/ufs/ufshcd-crypto.c
index 65a3115d2a2d..717a7eb62988 100644
--- a/drivers/scsi/ufs/ufshcd-crypto.c
+++ b/drivers/scsi/ufs/ufshcd-crypto.c
@@ -17,14 +17,20 @@ static const struct ufs_crypto_alg_entry {
},
};
-static void ufshcd_program_key(struct ufs_hba *hba,
- const union ufs_crypto_cfg_entry *cfg,
- int slot)
+static int ufshcd_program_key(struct ufs_hba *hba,
+ const union ufs_crypto_cfg_entry *cfg, int slot)
{
int i;
u32 slot_offset = hba->crypto_cfg_register + slot * sizeof(*cfg);
+ int err = 0;
ufshcd_hold(hba, false);
+
+ if (hba->vops && hba->vops->program_key) {
+ err = hba->vops->program_key(hba, cfg, slot);
+ goto out;
+ }
+
/* Ensure that CFGE is cleared before programming the key */
ufshcd_writel(hba, 0, slot_offset + 16 * sizeof(cfg->reg_val[0]));
for (i = 0; i < 16; i++) {
@@ -37,7 +43,9 @@ static void ufshcd_program_key(struct ufs_hba *hba,
/* Dword 16 must be written last */
ufshcd_writel(hba, le32_to_cpu(cfg->reg_val[16]),
slot_offset + 16 * sizeof(cfg->reg_val[0]));
+out:
ufshcd_release(hba);
+ return err;
}
static int ufshcd_crypto_keyslot_program(struct blk_keyslot_manager *ksm,
@@ -52,6 +60,7 @@ static int ufshcd_crypto_keyslot_program(struct blk_keyslot_manager *ksm,
int i;
int cap_idx = -1;
union ufs_crypto_cfg_entry cfg = { 0 };
+ int err;
BUILD_BUG_ON(UFS_CRYPTO_KEY_SIZE_INVALID != 0);
for (i = 0; i < hba->crypto_capabilities.num_crypto_cap; i++) {
@@ -79,13 +88,13 @@ static int ufshcd_crypto_keyslot_program(struct blk_keyslot_manager *ksm,
memcpy(cfg.crypto_key, key->raw, key->size);
}
- ufshcd_program_key(hba, &cfg, slot);
+ err = ufshcd_program_key(hba, &cfg, slot);
memzero_explicit(&cfg, sizeof(cfg));
- return 0;
+ return err;
}
-static void ufshcd_clear_keyslot(struct ufs_hba *hba, int slot)
+static int ufshcd_clear_keyslot(struct ufs_hba *hba, int slot)
{
/*
* Clear the crypto cfg on the device. Clearing CFGE
@@ -93,7 +102,7 @@ static void ufshcd_clear_keyslot(struct ufs_hba *hba, int slot)
*/
union ufs_crypto_cfg_entry cfg = { 0 };
- ufshcd_program_key(hba, &cfg, slot);
+ return ufshcd_program_key(hba, &cfg, slot);
}
static int ufshcd_crypto_keyslot_evict(struct blk_keyslot_manager *ksm,
@@ -102,9 +111,7 @@ static int ufshcd_crypto_keyslot_evict(struct blk_keyslot_manager *ksm,
{
struct ufs_hba *hba = container_of(ksm, struct ufs_hba, ksm);
- ufshcd_clear_keyslot(hba, slot);
-
- return 0;
+ return ufshcd_clear_keyslot(hba, slot);
}
bool ufshcd_crypto_enable(struct ufs_hba *hba)
diff --git a/drivers/scsi/ufs/ufshcd.h b/drivers/scsi/ufs/ufshcd.h
index 1cb0fde5772c..feb51dde5a0c 100644
--- a/drivers/scsi/ufs/ufshcd.h
+++ b/drivers/scsi/ufs/ufshcd.h
@@ -320,6 +320,7 @@ struct ufs_pwr_mode_info {
* @dbg_register_dump: used to dump controller debug information
* @phy_initialization: used to initialize phys
* @device_reset: called to issue a reset pulse on the UFS device
+ * @program_key: program or evict an inline encryption key
*/
struct ufs_hba_variant_ops {
const char *name;
@@ -353,6 +354,8 @@ struct ufs_hba_variant_ops {
void (*config_scaling_param)(struct ufs_hba *hba,
struct devfreq_dev_profile *profile,
void *data);
+ int (*program_key)(struct ufs_hba *hba,
+ const union ufs_crypto_cfg_entry *cfg, int slot);
};
/* clock gating state */
--
2.27.0
next prev parent reply other threads:[~2020-06-21 17:41 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-21 17:37 [PATCH v5 0/5] Inline crypto support on DragonBoard 845c Eric Biggers
2020-06-21 17:37 ` [PATCH v5 1/5] firmware: qcom_scm: Add support for programming inline crypto keys Eric Biggers
2020-06-21 17:37 ` [PATCH v5 2/5] scsi: ufs-qcom: name the dev_ref_clk_ctrl registers Eric Biggers
2020-06-21 17:37 ` [PATCH v5 3/5] arm64: dts: sdm845: add Inline Crypto Engine registers and clock Eric Biggers
2020-06-21 17:37 ` Eric Biggers [this message]
2020-06-21 17:37 ` [PATCH v5 5/5] scsi: ufs-qcom: add Inline Crypto Engine support Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200621173713.132879-5-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=agross@kernel.org \
--cc=alim.akhtar@samsung.com \
--cc=avri.altman@wdc.com \
--cc=bjorn.andersson@linaro.org \
--cc=bmuthuku@qti.qualcomm.com \
--cc=cang@codeaurora.org \
--cc=eberman@codeaurora.org \
--cc=john.stultz@linaro.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=satyat@google.com \
--cc=steev@kali.org \
--cc=thara.gopinath@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).