[PATCH v4 07/15] ufs: core: support wrapped keys in ufs core

From: Gaurav Kashyap
Date: Sat Jan 27 2024 - 18:31:16 EST

Next message: Gaurav Kashyap: "[PATCH v4 00/15] Hardware wrapped key support for qcom ice and ufs"
Previous message: Gaurav Kashyap: "[PATCH v4 03/15] qcom_scm: scm call for create, prepare and import keys"
In reply to: Gaurav Kashyap: "[PATCH v4 03/15] qcom_scm: scm call for create, prepare and import keys"
Next in thread: Gaurav Kashyap: "[PATCH v4 14/15] arm64: dts: qcom: sm8650: add hwkm support to ufs ice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Since wrapped keys are not part of the UFS specifications,
it needs to be treated as a supported quirk of the UFS
controller. This way, based on the quirk set during a host
probe, UFS crypto can choose to register either standard or
wrapped keys with block crypto profile.

Signed-off-by: Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx>
Tested-by: Neil Armstrong <neil.armstrong@xxxxxxxxxx>
---
drivers/ufs/core/ufshcd-crypto.c | 24 ++++++++++++++++--------
include/ufs/ufshcd.h | 6 ++++++
2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c
index 34537cbac622..399b55d67b3b 100644
--- a/drivers/ufs/core/ufshcd-crypto.c
+++ b/drivers/ufs/core/ufshcd-crypto.c
@@ -81,13 +81,15 @@ static int ufshcd_crypto_keyslot_program(struct blk_crypto_profile *profile,
cfg.crypto_cap_idx = cap_idx;
cfg.config_enable = UFS_CRYPTO_CONFIGURATION_ENABLE;

- if (ccap_array[cap_idx].algorithm_id == UFS_CRYPTO_ALG_AES_XTS) {
- /* In XTS mode, the blk_crypto_key's size is already doubled */
- memcpy(cfg.crypto_key, key->raw, key->size/2);
- memcpy(cfg.crypto_key + UFS_CRYPTO_KEY_MAX_SIZE/2,
- key->raw + key->size/2, key->size/2);
- } else {
- memcpy(cfg.crypto_key, key->raw, key->size);
+ if (key->crypto_cfg.key_type != BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) {
+ if (ccap_array[cap_idx].algorithm_id == UFS_CRYPTO_ALG_AES_XTS) {
+ /* In XTS mode, the blk_crypto_key's size is already doubled */
+ memcpy(cfg.crypto_key, key->raw, key->size / 2);
+ memcpy(cfg.crypto_key + UFS_CRYPTO_KEY_MAX_SIZE / 2,
+ key->raw + key->size / 2, key->size / 2);
+ } else {
+ memcpy(cfg.crypto_key, key->raw, key->size);
+ }
}

err = ufshcd_program_key(hba, key, &cfg, slot);
@@ -191,7 +193,13 @@ int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba)
hba->crypto_profile.ll_ops = ufshcd_crypto_ops;
/* UFS only supports 8 bytes for any DUN */
hba->crypto_profile.max_dun_bytes_supported = 8;
- hba->crypto_profile.key_types_supported = BLK_CRYPTO_KEY_TYPE_STANDARD;
+ if (hba->quirks & UFSHCD_QUIRK_USES_WRAPPED_CRYPTO_KEYS)
+ hba->crypto_profile.key_types_supported =
+ BLK_CRYPTO_KEY_TYPE_HW_WRAPPED;
+ else
+ hba->crypto_profile.key_types_supported =
+ BLK_CRYPTO_KEY_TYPE_STANDARD;
+
hba->crypto_profile.dev = hba->dev;

/*
diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h
index 582d5a747e84..680c010a53d4 100644
--- a/include/ufs/ufshcd.h
+++ b/include/ufs/ufshcd.h
@@ -644,6 +644,12 @@ enum ufshcd_quirks {
* thus need this quirk to skip related flow.
*/
UFSHCD_QUIRK_MCQ_BROKEN_RTC = 1 << 21,
+
+ /*
+ * This quirk indicates that UFS will be using HW wrapped keys
+ * when using inline encryption.
+ */
+ UFSHCD_QUIRK_USES_WRAPPED_CRYPTO_KEYS = 1 << 22,
};

enum ufshcd_caps {
--
2.43.0

Next message: Gaurav Kashyap: "[PATCH v4 00/15] Hardware wrapped key support for qcom ice and ufs"
Previous message: Gaurav Kashyap: "[PATCH v4 03/15] qcom_scm: scm call for create, prepare and import keys"
In reply to: Gaurav Kashyap: "[PATCH v4 03/15] qcom_scm: scm call for create, prepare and import keys"
Next in thread: Gaurav Kashyap: "[PATCH v4 14/15] arm64: dts: qcom: sm8650: add hwkm support to ufs ice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]