From patchwork Mon Jun 17 00:51:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gaurav Kashyap \(QUIC\)" X-Patchwork-Id: 804999 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 30176947E; Mon, 17 Jun 2024 00:59:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718585956; cv=none; b=JiV4Z5LXDAWaUrNNflD8OSEqsNtEmDoa0+pbD5S8XdvD0a1wq3PbqFejeh/O8oY4HrAGEKHZtAo7BKHJ6KMawIRkNwP7RWwI5wHdaLsO7l2zqfSJ721mqOAJa7WnsA+W2MmKqf0iCiAlNPvXI8vLnheULTGJL7NTFh20c0Ac/VI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718585956; c=relaxed/simple; bh=rLiWTQrgQmb0zxSrH+HYRMl0wd3yiKVu04DvPXSPE1M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=cRDKtb75tr48VbejXjHiVQeSub0ovQIssiaP1mfK2hAZYVEd67Rj9ivOnNw0X15Uz7xO3lMwO2gbxGTSNPXpISL2t2t1u+3jFXrJn+02LHXfbyNJ0GHnqWSWY/4feEBYUfq1mnooUAdbxfjz7dkZGQCqwJuiSRRcrlWoxrwlK4w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=quicinc.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=X4frHzVb; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=quicinc.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="X4frHzVb" Received: from pps.filterd (m0279862.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 45GMf2Q8000478; Mon, 17 Jun 2024 00:59:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= TQkvfQ1mVzD1daC7SnmJIU4itQrKLkolYAn9ulUWgts=; b=X4frHzVb/Vkjtcya 4UWhvkuek/TLiVGWjS/Pg4TQziOlyTZ+QFGNxdqFKsyfeF8Cjzub0/XBnwXQYnCH O6caBg8T7Q6BuOlfQjuBC80KhWqs6xHf9DHQsvJHw/Qc9ygbqifKxNt3nHRsyxxN B2gnNuwTf+HYUiiOgnccoUHm3RFO3NkIsm4Hl+AU/qvCEZJWDpGgVXLA7UlhSsJ5 4KxHiai7sA79LbGMOx4jhMUQUGvorZt8uW/5R34yo4GkbfhkNu6WVdxMHowaTKQp Ld1FEG3HSQ+c/yVMDPv1KKoKrbPqEWyfIJa5oP9Ko4/Or1GUxOKtJdotGXYGBIy8 MkMkBQ== Received: from nalasppmta03.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3ys3qf2cr8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 17 Jun 2024 00:59:02 +0000 (GMT) Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA03.qualcomm.com (8.17.1.19/8.17.1.19) with ESMTPS id 45H0x1RQ027026 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 17 Jun 2024 00:59:01 GMT Received: from hu-gaurkash-lv.qualcomm.com (10.49.16.6) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.9; Sun, 16 Jun 2024 17:58:54 -0700 From: Gaurav Kashyap To: , , , , , , , , CC: , , , , , , , , , , , , , , , , , , Gaurav Kashyap Subject: [PATCH v5 08/15] ufs: core: add support to derive software secret Date: Sun, 16 Jun 2024 17:51:03 -0700 Message-ID: <20240617005825.1443206-9-quic_gaurkash@quicinc.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240617005825.1443206-1-quic_gaurkash@quicinc.com> References: <20240617005825.1443206-1-quic_gaurkash@quicinc.com> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: nalasex01b.na.qualcomm.com (10.47.209.197) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: tgG-V7QpbRzy6VI2B8HzCXDzQF0wM-oW X-Proofpoint-ORIG-GUID: tgG-V7QpbRzy6VI2B8HzCXDzQF0wM-oW X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-06-16_12,2024-06-14_03,2024-05-17_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 clxscore=1015 malwarescore=0 spamscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 lowpriorityscore=0 mlxscore=0 priorityscore=1501 adultscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2405170001 definitions=main-2406170006 Block crypto allows storage controllers like UFS to register an op derive a software secret from wrapped keys added to the kernel. Wrapped keys in most cases will have vendor specific implementations, which means this op would need to have a corresponding UFS variant op. This change adds hooks in UFS core to support this variant ops and tie them to the blk crypto op. Tested-by: Neil Armstrong Reviewed-by: Om Prakash Singh Signed-off-by: Gaurav Kashyap --- drivers/ufs/core/ufshcd-crypto.c | 15 +++++++++++++++ include/ufs/ufshcd.h | 4 ++++ 2 files changed, 19 insertions(+) diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c index 399b55d67b3b..c14800eac1ff 100644 --- a/drivers/ufs/core/ufshcd-crypto.c +++ b/drivers/ufs/core/ufshcd-crypto.c @@ -119,6 +119,20 @@ static int ufshcd_crypto_keyslot_evict(struct blk_crypto_profile *profile, return ufshcd_clear_keyslot(hba, slot); } +static int ufshcd_crypto_derive_sw_secret(struct blk_crypto_profile *profile, + const u8 wkey[], size_t wkey_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]) +{ + struct ufs_hba *hba = + container_of(profile, struct ufs_hba, crypto_profile); + + if (hba->vops && hba->vops->derive_sw_secret) + return hba->vops->derive_sw_secret(hba, wkey, wkey_size, + sw_secret); + + return -EOPNOTSUPP; +} + bool ufshcd_crypto_enable(struct ufs_hba *hba) { if (!(hba->caps & UFSHCD_CAP_CRYPTO)) @@ -132,6 +146,7 @@ bool ufshcd_crypto_enable(struct ufs_hba *hba) static const struct blk_crypto_ll_ops ufshcd_crypto_ops = { .keyslot_program = ufshcd_crypto_keyslot_program, .keyslot_evict = ufshcd_crypto_keyslot_evict, + .derive_sw_secret = ufshcd_crypto_derive_sw_secret, }; static enum blk_crypto_mode_num diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index 927db0091722..74865325d141 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -322,6 +322,7 @@ struct ufs_pwr_mode_info { * @device_reset: called to issue a reset pulse on the UFS device * @config_scaling_param: called to configure clock scaling parameters * @program_key: program or evict an inline encryption key + * @derive_sw_secret: derive sw secret from a wrapped key * @event_notify: called to notify important events * @reinit_notify: called to notify reinit of UFSHCD during max gear switch * @mcq_config_resource: called to configure MCQ platform resources @@ -368,6 +369,9 @@ struct ufs_hba_variant_ops { int (*program_key)(struct ufs_hba *hba, const struct blk_crypto_key *bkey, const union ufs_crypto_cfg_entry *cfg, int slot); + int (*derive_sw_secret)(struct ufs_hba *hba, const u8 wkey[], + unsigned int wkey_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]); void (*event_notify)(struct ufs_hba *hba, enum ufs_event_type evt, void *data); void (*reinit_notify)(struct ufs_hba *);