From patchwork Fri Nov 1 03:15:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840421 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A1A14A32; Fri, 1 Nov 2024 03:15:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=CLE+VxxevbV2dDTOv218uz8UYLA3YsugaEgYGJaW+KPfUW3xaEwYKcgf2Vk7eSeJAnoa7yKhYNADTwiHRpMM5sfb7VZYJyfBfhOohrxXaUFGOa51ttEpMayQVs0o487AU/pUjgA+AYCKjkPOvpDKnb6w6P2RgIVelJr0lK/iQ1Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=y6nERgIabAfub2KaXbeDDy0nqzjPTegHcWIn9Z4AFKA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=g7thmY4qc5fWQk37fNkJwMD31bbcqQF7kgimIErEXahLGRv7pUga1zlDNdXQtMWMh9Qd8BmxGlANrOdH3qV8uz7jkErKye0XYwkdu58JqU968HfiuFfeDi1P+ptbIJE8zrCbQwtIXtyAw7KJrQwHmLhHBhFFS5+O2qcA6JxknKg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=hxVeykOl; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="hxVeykOl" Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49VLjTH9018957; Fri, 1 Nov 2024 03:15:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=9jP4DTwPqev3gJ+iefMaVX/xYDm3p8x7qnDkjaWFUOw=; b=hx VeykOlShr9CWirv9yWo7limW5GGr9/w07SOgUTxte11WUhZTtMuwkJo/zqvSKKOG jRgtT6PvTHaYq8RQM1QMTm1O0T6vMO5mV122v0QepFtIYcNNS/rCAUD72eDP9Swi Wl8gBghypJkw3hwPlt80DyYG9yPvCkPaDx7xeYFmlX8F5Wtb459nR2c7vVV9TTse FZFdOlbg1Nkws5GdsEEvf9Y3kfVMbW6u2Aq5c510BrSvbO9Bx1bMrNVnP7cg3RFC IMA/x8ik/FhCmC8GEVWbLtANMf3RShFD7bzajvg8o6SwJisIOZFivCE/ozj0k6BK WWL3VRhRRBGzJutvOGWQ== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42k6rpqwqc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:44 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13Fen0010609; Fri, 1 Nov 2024 03:15:40 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4t9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:40 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13Fe2A010584; Fri, 1 Nov 2024 03:15:40 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13Fe8L010580; Fri, 01 Nov 2024 03:15:40 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 7E08A5006D4; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 1/6] mmc: host: support wrapped keys in mmc Date: Fri, 1 Nov 2024 08:45:34 +0530 Message-Id: <20241101031539.13285-2-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: lzztYrSkVKLGOFatPZTwKVLBxwkYaroH X-Proofpoint-GUID: lzztYrSkVKLGOFatPZTwKVLBxwkYaroH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 bulkscore=0 clxscore=1011 mlxlogscore=999 priorityscore=1501 spamscore=0 malwarescore=0 impostorscore=0 mlxscore=0 lowpriorityscore=0 suspectscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Since wrapped keys are not part of the MMC specifications, it needs to be treated as a supported quirk of the MMC controller. This way, based on the quirk set during a host probe, MMC crypto can choose to register either standard or wrapped keys with block crypto profile. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/cqhci-crypto.c | 23 +++++++++++++++-------- drivers/mmc/host/cqhci.h | 6 ++++++ 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/mmc/host/cqhci-crypto.c b/drivers/mmc/host/cqhci-crypto.c index 91da6de1d650..c4e7ae95bc7d 100644 --- a/drivers/mmc/host/cqhci-crypto.c +++ b/drivers/mmc/host/cqhci-crypto.c @@ -91,13 +91,15 @@ static int cqhci_crypto_keyslot_program(struct blk_crypto_profile *profile, cfg.crypto_cap_idx = cap_idx; cfg.config_enable = CQHCI_CRYPTO_CONFIGURATION_ENABLE; - if (ccap_array[cap_idx].algorithm_id == CQHCI_CRYPTO_ALG_AES_XTS) { - /* In XTS mode, the blk_crypto_key's size is already doubled */ - memcpy(cfg.crypto_key, key->raw, key->size/2); - memcpy(cfg.crypto_key + CQHCI_CRYPTO_KEY_MAX_SIZE/2, - key->raw + key->size/2, key->size/2); - } else { - memcpy(cfg.crypto_key, key->raw, key->size); + if (key->crypto_cfg.key_type != BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) { + if (ccap_array[cap_idx].algorithm_id == CQHCI_CRYPTO_ALG_AES_XTS) { + /* In XTS mode, the blk_crypto_key's size is already doubled */ + memcpy(cfg.crypto_key, key->raw, key->size/2); + memcpy(cfg.crypto_key + CQHCI_CRYPTO_KEY_MAX_SIZE/2, + key->raw + key->size/2, key->size/2); + } else { + memcpy(cfg.crypto_key, key->raw, key->size); + } } err = cqhci_crypto_program_key(cq_host, key, &cfg, slot); @@ -211,7 +213,12 @@ int cqhci_crypto_init(struct cqhci_host *cq_host) /* Unfortunately, CQHCI crypto only supports 32 DUN bits. */ profile->max_dun_bytes_supported = 4; - profile->key_types_supported = BLK_CRYPTO_KEY_TYPE_STANDARD; + if (cq_host->quirks & CQHCI_QUIRK_USES_WRAPPED_CRYPTO_KEYS) + profile->key_types_supported = + BLK_CRYPTO_KEY_TYPE_HW_WRAPPED; + else + profile->key_types_supported = + BLK_CRYPTO_KEY_TYPE_STANDARD; /* * Cache all the crypto capabilities and advertise the supported crypto diff --git a/drivers/mmc/host/cqhci.h b/drivers/mmc/host/cqhci.h index 06099fd32f23..f6bc66bc6418 100644 --- a/drivers/mmc/host/cqhci.h +++ b/drivers/mmc/host/cqhci.h @@ -241,6 +241,12 @@ struct cqhci_host { u32 quirks; #define CQHCI_QUIRK_SHORT_TXFR_DESC_SZ 0x1 + /* + * This quirk indicates that EMMC will be using HW wrapped keys + * when using inline encryption. + */ +#define CQHCI_QUIRK_USES_WRAPPED_CRYPTO_KEYS 0x2 + bool enabled; bool halted; bool init_done; From patchwork Fri Nov 1 03:15:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840420 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2A357487BE; Fri, 1 Nov 2024 03:15:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=TrEAlEUU8R43k9x3bGZhUcq/oqsPa30I3VSI8Ys28Uf8BsK5JGJDOYjwLlw0Odg0f0eNt80M19X9XSq/mPImz8+dvNr1a5+OERhqQz4tMJ8U/VWTDIHK8aXr1MlNfEu9Q7+wsUP493ujY5vOSbEvdSlc1UlFMtCATgzosfLijOg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=BXNQBM6G//BrKa1YcI8JgufjQszQqzdvYvQMktRzmaI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=ufqsCF89qBxKXrrTMApjpscEWh+L+/2K5hrXKXiy8ZCU2z+H+tKGrzFxS9sRrJ7UnBxAuPFhXUrg3w22Rww99X97Vz3xOu5hnraz3+HfzzmhsB058pSc1y1m+pXAe7g54hCRq+mNSVTNIWo0rpV1zv6BlMiL/eo2q+5nTVFpecU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=MKlfGn7p; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="MKlfGn7p" Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4A10jlEB009603; Fri, 1 Nov 2024 03:15:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=wJir/rIBeE779G+3/i9b0ZwypdjmGHuZwTf+UAYLSzk=; b=MK lfGn7pXMNFpjqFShvOu1nyUZu+lDU8dcXniH1lsyWGOwm7OcFF0Ufdtw8rXE5JhO HRfLheyIl+hT5Ev0czgsMcmmyuKzgYqKPBR+Lp3rRZwBGu+AI/p9FjS/2OeZlZxp yCk3/+CCaaj7VddsHAWmON7Bv1B4K2YYtI4YCfjs17uLW2RSTjGiXQMnN1Y2as+x bUTav4I/yPjoUoNrCGsKk123fj1qktQ9sgDEAtoRJgcQ4kf79rmT3L+oFnlLY7l+ 94HlmpmPRbEm6Fdas3v4s/kMZMUUeKhyXGhitBJ634BpcCjRWuYwJM6phEiHRXOn OcPPewPtBgG4jl6xYg2w== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42kjm1e09e-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:44 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13Ff9W010612; Fri, 1 Nov 2024 03:15:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4tb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:40 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13FeNC010587; Fri, 1 Nov 2024 03:15:40 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13FeVv010581; Fri, 01 Nov 2024 03:15:40 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 7F3155006D5; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 2/6] mmc: host: add support to derive software secret Date: Fri, 1 Nov 2024 08:45:35 +0530 Message-Id: <20241101031539.13285-3-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: ezw1nIAHbb5kSMANJs-rKadhV2HWSYSU X-Proofpoint-ORIG-GUID: ezw1nIAHbb5kSMANJs-rKadhV2HWSYSU X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 phishscore=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 adultscore=0 mlxscore=0 mlxlogscore=999 spamscore=0 suspectscore=0 clxscore=1015 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Block crypto allows storage controllers like MMC to register an op derive a software secret from wrapped keys added to the kernel. Wrapped keys in most cases will have vendor specific implementations, which means this op would need to have a corresponding MMC variant op. This change adds hooks in MMC to support this variant ops and tie them to the blk crypto op. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/cqhci-crypto.c | 14 ++++++++++++++ drivers/mmc/host/cqhci.h | 5 +++++ 2 files changed, 19 insertions(+) diff --git a/drivers/mmc/host/cqhci-crypto.c b/drivers/mmc/host/cqhci-crypto.c index c4e7ae95bc7d..e2a4700f3153 100644 --- a/drivers/mmc/host/cqhci-crypto.c +++ b/drivers/mmc/host/cqhci-crypto.c @@ -128,6 +128,19 @@ static int cqhci_crypto_keyslot_evict(struct blk_crypto_profile *profile, return cqhci_crypto_clear_keyslot(cq_host, slot); } +static int cqhci_crypto_derive_sw_secret(struct blk_crypto_profile *profile, + const u8 wkey[], size_t wkey_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]) +{ + struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile); + + if (cq_host->ops && cq_host->ops->derive_sw_secret) + return cq_host->ops->derive_sw_secret(cq_host, wkey, wkey_size, + sw_secret); + + return -EOPNOTSUPP; +} + /* * The keyslot management operations for CQHCI crypto. * @@ -139,6 +152,7 @@ static int cqhci_crypto_keyslot_evict(struct blk_crypto_profile *profile, static const struct blk_crypto_ll_ops cqhci_crypto_ops = { .keyslot_program = cqhci_crypto_keyslot_program, .keyslot_evict = cqhci_crypto_keyslot_evict, + .derive_sw_secret = cqhci_crypto_derive_sw_secret, }; static enum blk_crypto_mode_num diff --git a/drivers/mmc/host/cqhci.h b/drivers/mmc/host/cqhci.h index f6bc66bc6418..77368fb97eba 100644 --- a/drivers/mmc/host/cqhci.h +++ b/drivers/mmc/host/cqhci.h @@ -286,6 +286,8 @@ struct cqhci_host { #endif }; +/* @derive_sw_secret: derive sw secret from a wrapped key + */ struct cqhci_host_ops { void (*dumpregs)(struct mmc_host *mmc); void (*write_l)(struct cqhci_host *host, u32 val, int reg); @@ -300,6 +302,9 @@ struct cqhci_host_ops { int (*program_key)(struct cqhci_host *cq_host, const struct blk_crypto_key *bkey, const union cqhci_crypto_cfg_entry *cfg, int slot); + int (*derive_sw_secret)(struct cqhci_host *cq_host, const u8 wkey[], + unsigned int wkey_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]); #endif void (*set_tran_desc)(struct cqhci_host *cq_host, u8 **desc, dma_addr_t addr, int len, bool end, bool dma64); From patchwork Fri Nov 1 03:15:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840153 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A1E74087C; Fri, 1 Nov 2024 03:15:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=HGyjP35h5kxMJ55YTaHbvNQNfSkPfrDErVk3P8PkkajlsFwQjslRFza/Ui2hS8LVAcFzEwl3UzeV2OF/sarQaUjQaVeiFh56yhrNZiXBh0LEmpsTncQ44LBSorN3RoafL4OArE8wEF8k49cuN2mbbmYwmbnGpyoOTbzH+6y+/OY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=Qi2TIe/H41imYOUrpK/3+EKL9hZIl1AOGC+O3M7CsMg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=TE8lJYiFTUr/f7lswmJfG8I9PMxiia8Ht8rSCHICCcc6ADwUlbfSc0R4a8BgwBIGLsygbt7DcOhJC3EJMuxQ/pLlaaFwCMyRHkzJg0tFe3ru8jxuLo3KarjzEm+LlH2IEMxkkHyalzqqeCDfhPnRgWY/N/i5h7sIi/dBMnWoHi8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=C3j/3/PQ; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="C3j/3/PQ" Received: from pps.filterd (m0279862.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49VC6aba020873; Fri, 1 Nov 2024 03:15:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=vHZvSGZuUkj2gV0yO1T3EufIupaO3WzaCX7FueHYY7w=; b=C3 j/3/PQ3C5VUaOfoJefCv/BPCnJ/j/1dNqWNSR8g0Mn36MOD+SX6u7XvHtNcFqi3C DXFFv0Og2ToG0JBetjDO+LF2nJ74bpF7ZoA/zG/iZ9IiVNfVKeJvezT3n3k552wX RGbK1hdU2q40KlT9+N9g/I8Yi1TGRgO/XHmmwxFx1eU3Gew6NCaCiYpJmVd7ONuv 2YmbsE4qW8axJ7NWN9s7loBfsFZQLSPRypMdRYu6vxMQ6Vi/KucGoVb+JJ8HtXMB fvgR31Opaa1Fobdv3bRX8sq6F28So56cE3mKOrT98TVb8jbca0hHQPqnAFOZk6cN vO3eEk8g4Q6igOJ/vHzw== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42m1rpkjh1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:44 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13Fe7b010610; Fri, 1 Nov 2024 03:15:40 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4td-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:40 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13FebW010588; Fri, 1 Nov 2024 03:15:40 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13Fedm010582; Fri, 01 Nov 2024 03:15:40 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 81B65500920; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 3/6] mmc: host: add support for generate, import and prepare keys Date: Fri, 1 Nov 2024 08:45:36 +0530 Message-Id: <20241101031539.13285-4-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: 3yZCzmO_ZfrCPWeBPuYqMs4IIabEcJzc X-Proofpoint-ORIG-GUID: 3yZCzmO_ZfrCPWeBPuYqMs4IIabEcJzc X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 bulkscore=0 mlxlogscore=999 clxscore=1015 suspectscore=0 spamscore=0 adultscore=0 malwarescore=0 priorityscore=1501 impostorscore=0 phishscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Block crypto allows storage controllers like MMC to register ops to generate, prepare and import wrapped keys in the kernel. Wrapped keys in most cases will have vendor specific implementations, which means these ops would need to have corresponding MMC variant ops. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/cqhci-crypto.c | 42 +++++++++++++++++++++++++++++++++ drivers/mmc/host/cqhci.h | 11 +++++++++ 2 files changed, 53 insertions(+) diff --git a/drivers/mmc/host/cqhci-crypto.c b/drivers/mmc/host/cqhci-crypto.c index e2a4700f3153..4a05f5a5d92c 100644 --- a/drivers/mmc/host/cqhci-crypto.c +++ b/drivers/mmc/host/cqhci-crypto.c @@ -141,6 +141,45 @@ static int cqhci_crypto_derive_sw_secret(struct blk_crypto_profile *profile, return -EOPNOTSUPP; } +static int cqhci_crypto_generate_key(struct blk_crypto_profile *profile, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile); + + if (cq_host->ops && cq_host->ops->generate_key) + return cq_host->ops->generate_key(cq_host, lt_key); + + return -EOPNOTSUPP; +} + +static int cqhci_crypto_prepare_key(struct blk_crypto_profile *profile, + const u8 *lt_key, size_t lt_key_size, + u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + + struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile); + + if (cq_host->ops && cq_host->ops->prepare_key) + return cq_host->ops->prepare_key(cq_host, lt_key, + lt_key_size, eph_key); + + return -EOPNOTSUPP; +} + +static int cqhci_crypto_import_key(struct blk_crypto_profile *profile, + const u8 *imp_key, size_t imp_key_size, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + + struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile); + + if (cq_host->ops && cq_host->ops->import_key) + return cq_host->ops->import_key(cq_host, imp_key, + imp_key_size, lt_key); + + return -EOPNOTSUPP; +} + /* * The keyslot management operations for CQHCI crypto. * @@ -153,6 +192,9 @@ static const struct blk_crypto_ll_ops cqhci_crypto_ops = { .keyslot_program = cqhci_crypto_keyslot_program, .keyslot_evict = cqhci_crypto_keyslot_evict, .derive_sw_secret = cqhci_crypto_derive_sw_secret, + .generate_key = cqhci_crypto_generate_key, + .prepare_key = cqhci_crypto_prepare_key, + .import_key = cqhci_crypto_import_key, }; static enum blk_crypto_mode_num diff --git a/drivers/mmc/host/cqhci.h b/drivers/mmc/host/cqhci.h index 77368fb97eba..f2af8aaa4068 100644 --- a/drivers/mmc/host/cqhci.h +++ b/drivers/mmc/host/cqhci.h @@ -287,6 +287,9 @@ struct cqhci_host { }; /* @derive_sw_secret: derive sw secret from a wrapped key + * @generate_key: generate a storage key and return longterm wrapped key + * @prepare_key: unwrap longterm key and return ephemeral wrapped key + * @import_key: import sw storage key and return longterm wrapped key */ struct cqhci_host_ops { void (*dumpregs)(struct mmc_host *mmc); @@ -305,6 +308,14 @@ struct cqhci_host_ops { int (*derive_sw_secret)(struct cqhci_host *cq_host, const u8 wkey[], unsigned int wkey_size, u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]); + int (*generate_key)(struct cqhci_host *cq_host, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]); + int (*prepare_key)(struct cqhci_host *cq_host, + const u8 *lt_key, size_t lt_key_size, + u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]); + int (*import_key)(struct cqhci_host *cq_host, const u8 *imp_key, + size_t imp_key_size, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]); #endif void (*set_tran_desc)(struct cqhci_host *cq_host, u8 **desc, dma_addr_t addr, int len, bool end, bool dma64); From patchwork Fri Nov 1 03:15:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840419 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 45F3183CD2; Fri, 1 Nov 2024 03:15:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=FWu2BIm5SGDZeUOb8jH7h5jL5xo58FdulQzsVe7T+yvoxJyRrvaJAQpwXvB5fRu2w9q42BkCLmquF9SafIChIvJT0cX6AKxt0An4uR2H7mHyiY3HZ8LHGtfrYsTyI+GEI4rZhV+bio2NWbLqfLLrjzMtBFOlBpGdMpraF/7iJ1I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=GuWWKSeR/xNatDcRsPYg1EfWJZ7eZ7CgdI+vagixp5c=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=JmH6zNLlb7COFQjcuTIf0OWVx9TaHi7+HrmOZk375Fs54SUTEndy2LbVYDk5F0ZtR/CfU9QVphnip1O0+QkuIGVAVPyU6s9uxKnQBBKLimNxxTZG30rgl0ioHtHiTsDuMWceR7EBVP9EwT+O70YWi+pkFqdNxv82vpDsBtKVU1s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=H1t9XVOo; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="H1t9XVOo" Received: from pps.filterd (m0279865.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49VIXGRK003880; Fri, 1 Nov 2024 03:15:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=pAAKEslGDmKlUmubCe9qlzDUjPpQGe5AJtyoPPD01fw=; b=H1 t9XVOokBQLGV8XqLW6b37vijT9e4/TX4pf7uoKCFq1c85JMYDrs9BcN6zizI6oc5 fXtpSCK0r3XL1IkdRYVVYWUh9HIARJG7/UvF0P6IzKn4Gj9mq5Gqk1M0UReykcaD ceH/AhL1onJ7BjIHRk0iWPqMJb/gOT6RtR4ys+Bby81yi3Lxde392lTKfx3pry5C NjsEj5FUzZfeqmH3EXwaB1G0a3S7WFkZ+bT+3TcIURc2NqCKjsoxrzeIM0YPJQva GghoyxHPxF/++qbWzVOefu2O0KECHvL7Ivv/bICxp70+/+H+uQME5Fqpg8UlHtBz bbQD9yMUohm8DY7/Nbyg== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42m65pasvd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:44 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13FfF4010613; Fri, 1 Nov 2024 03:15:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4ta-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:41 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13FeTo010586; Fri, 1 Nov 2024 03:15:40 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13FeFL010583; Fri, 01 Nov 2024 03:15:40 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 842BC500921; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 4/6] mmc: host: wrapped keys support in mmc qcom Date: Fri, 1 Nov 2024 08:45:37 +0530 Message-Id: <20241101031539.13285-5-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: voRrEGtRlKVC3TQeXO4L1metYcSjAK2D X-Proofpoint-GUID: voRrEGtRlKVC3TQeXO4L1metYcSjAK2D X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 spamscore=0 phishscore=0 malwarescore=0 clxscore=1011 priorityscore=1501 mlxlogscore=999 suspectscore=0 lowpriorityscore=0 bulkscore=0 adultscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Use the wrapped keys quirk when hwkm is supported/used. Whether to use HWKM or not would be decided during an ICE probe, and based on this information, MMC can decide to use wrapped keys or standard keys. Also, propagate the appropriate key size to the ICE driver when wrapped keys are used. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/sdhci-msm.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c index 0f2ce93f85cc..f031a4dbc719 100644 --- a/drivers/mmc/host/sdhci-msm.c +++ b/drivers/mmc/host/sdhci-msm.c @@ -1834,6 +1834,9 @@ static int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host, msm_host->ice = ice; mmc->caps2 |= MMC_CAP2_CRYPTO; + if (qcom_ice_hwkm_supported(msm_host->ice)) + cq_host->quirks |= CQHCI_QUIRK_USES_WRAPPED_CRYPTO_KEYS; + return 0; } @@ -1880,7 +1883,11 @@ static int sdhci_msm_program_key(struct cqhci_host *cq_host, cap.key_size != CQHCI_CRYPTO_KEY_SIZE_256) return -EINVAL; - ice_key_size = QCOM_ICE_CRYPTO_KEY_SIZE_256; + if (bkey->crypto_cfg.key_type == BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) + ice_key_size = QCOM_ICE_CRYPTO_KEY_SIZE_WRAPPED; + else + ice_key_size = QCOM_ICE_CRYPTO_KEY_SIZE_256; + if (cfg->config_enable & CQHCI_CRYPTO_CONFIGURATION_ENABLE) return qcom_ice_program_key(msm_host->ice, QCOM_ICE_CRYPTO_ALG_AES_XTS, From patchwork Fri Nov 1 03:15:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840152 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8BA3413C83D; Fri, 1 Nov 2024 03:15:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=cXJ+JqIgj17s2l7uc1A0kcDD6l4xBCN0IFWCSdS2xy26WN1nf9CzKfVd8ow9qce1oMQuP7RcG2g7VQpuIMJYrWYzdVmBN6lVjejBcfvjXBxumLcpHL4M46CVqXro+VOyFHD7wO2vz0IErh3+2O98XG0pECqCBv6w5e2O/HEeePQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=Zbw3cciU18XnMOna37Dl9R+P5jMoeNsP2pVcoTOzDV0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=G8jNDwiQSRK2ykbyi887YvSG7smFwHS3oTdDlp5GVqyF6bFToR8keTMZu0dgyc3Im4RAeK40M3jNWWLc5cFv1o6vv0+5tgfiFpHBjNGnM037yYIaspJ9ktgksjGnZlSoliRn5edai+9sPOD1SU8hCf1hwOHscvwpXvaQWz2FqLs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=BI27d5Tj; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="BI27d5Tj" Received: from pps.filterd (m0279869.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49VCX9jH002324; Fri, 1 Nov 2024 03:15:45 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=k+I3jfrOqM1I9wbUUj7pxuJz32A7kXUo2hK6Ue5/OqI=; b=BI 27d5TjZKfsNWs54L5cGD6LcxOOCp+qHrvyQT2720Vrwd95TZhXUbRTbQVaRt4XQg FME8/amRNuqLwFufCKy66b4f+ARaOENGvoRvOMeGwrw4MVlfkPr6i2x1P6Akj667 XDFkauQCv/wpbdekRQlPyA1h5F73+iVwYb8v+b3dnbDRksi0p0/gGWkcoIn83giX PaO7+duZGHOWxWBrL+Z4d3UeQlxIrHZArOrONjbv4ojjmDL4mIAo+izAHRGnLZqQ uW1BHJ/RvY1VDIoWLq1IDWxkLZBzCuvGGb/zsg9dtNxzCuAJ3JsMowL6Z+Ol0yzN Qu7Ws0npgCN3AiutyUEw== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42kmn5dm4f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:44 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13Fen1010609; Fri, 1 Nov 2024 03:15:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4ts-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:41 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13FeNE010587; Fri, 1 Nov 2024 03:15:41 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13FfVR010628; Fri, 01 Nov 2024 03:15:41 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 86991500922; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 5/6] mmc: host: implement derive sw secret vop in mmc qcom Date: Fri, 1 Nov 2024 08:45:38 +0530 Message-Id: <20241101031539.13285-6-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: E6qh5HOpKUXt6sS4s-yC28VEZpKy1Q2u X-Proofpoint-GUID: E6qh5HOpKUXt6sS4s-yC28VEZpKy1Q2u X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 spamscore=0 lowpriorityscore=0 impostorscore=0 phishscore=0 mlxlogscore=982 priorityscore=1501 mlxscore=0 malwarescore=0 bulkscore=0 suspectscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MMC defines a variant op to tie the corresponding derive software secret blk crypto op to the vendor specific implementation of wrapped keys. This patch implements this variant op. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/sdhci-msm.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c index f031a4dbc719..aba1d6e688b6 100644 --- a/drivers/mmc/host/sdhci-msm.c +++ b/drivers/mmc/host/sdhci-msm.c @@ -1897,6 +1897,21 @@ static int sdhci_msm_program_key(struct cqhci_host *cq_host, return qcom_ice_evict_key(msm_host->ice, slot); } +/* + * Derive a software secret from a hardware wrapped key. The key is unwrapped in + * hardware from trustzone and a software key/secret is then derived from it. + */ +static int sdhci_msm_ice_derive_sw_secret(struct cqhci_host *cq_host, const u8 wkey[], + unsigned int wkey_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]) +{ + struct sdhci_host *host = mmc_priv(cq_host->mmc); + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host); + struct sdhci_msm_host *msm_host = sdhci_pltfm_priv(pltfm_host); + + return qcom_ice_derive_sw_secret(msm_host->ice, wkey, wkey_size, sw_secret); +} + #else /* CONFIG_MMC_CRYPTO */ static inline int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host, @@ -2003,6 +2018,7 @@ static const struct cqhci_host_ops sdhci_msm_cqhci_ops = { .disable = sdhci_msm_cqe_disable, #ifdef CONFIG_MMC_CRYPTO .program_key = sdhci_msm_program_key, + .derive_sw_secret = sdhci_msm_ice_derive_sw_secret, #endif }; From patchwork Fri Nov 1 03:15:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seshu Madhavi Puppala X-Patchwork-Id: 840151 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE5C213C9A4; Fri, 1 Nov 2024 03:15:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; cv=none; b=aM8YJny1/zAUsqTJyhLuysr1QVaejspUOL27LHHcQZuFkHuC5fb24KDow+eHziXO43p96PF7CVF09ub3HS2I8CulHETEdNJhVgrPlfndBjYwdl/0Yeg74nuTb5v4JYpD8/rWdWINvmfRBLn48BBQ8uoM+u5EOX/7Pf7256iZRFE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730430950; c=relaxed/simple; bh=0RPPg0R4ALvfhtisl+UWHbWE/CvtOXVfpRFXof/yMDM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References; b=MA3KMoCx4jKHPxLTAUbTZ3TLrTutq+qvpPQ6rs53Alo9s6mSSmzjDNbO5P/IGwjDvy6h5jNd+mfIp8fW6Ay6NW0fRhzyiZE7WyeXVESWmGm4Mrkv2gk7m42IDhIH5AEKn28CImCYcpAAin6C0SBRaGsD5N/53qDAoHE3NNJFY8I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=qualcomm.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=l+xpdnZH; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="l+xpdnZH" Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4A10jlEC009603; Fri, 1 Nov 2024 03:15:45 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= cc:date:from:in-reply-to:message-id:references:subject:to; s= qcppdkim1; bh=PSrDiGHQijChlXUShl5iswxDrOPeP3DojCKDMncNryg=; b=l+ xpdnZHIp6cpmLCYR4pxiw9vLedSvsmP4/uO0qrrcHvgoW6DCYaBQxU2QaIrVslIB RNynXLCeFSn5nTli8bLyK5O+Y9lhzExz3DzFSb/gwIEK6KT/Ptp5fzyih7EswjOS DBgam6irpyvpvHFBz6J/4mync+XxN8jW+LmEkzyz1QLTp+ADvbYbsdOMoOq6C/Xg UNdUODIG7Wkg3I2bUZZDPsKo78Qb+4wfFYRyrFQ7Jccr0UP+S/HpdD8diDeF4yue T6vtuTYAHAuyawPtHnlVtjvy11VdRFYw8uq+rQFRKpQ6Dr4i2s8vjdrr1IuaPPCV uLAak2vh8t3y01+kXCmA== Received: from apblrppmta02.qualcomm.com (blr-bdr-fw-01_GlobalNAT_AllZones-Outside.qualcomm.com [103.229.18.19]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 42kjm1e09g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 01 Nov 2024 03:15:45 +0000 (GMT) Received: from pps.filterd (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (8.18.1.2/8.18.1.2) with ESMTP id 4A13Ff8x010638; Fri, 1 Nov 2024 03:15:41 GMT Received: from pps.reinject (localhost [127.0.0.1]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTPS id 42gsgmd4tt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 01 Nov 2024 03:15:41 +0000 Received: from APBLRPPMTA02.qualcomm.com (APBLRPPMTA02.qualcomm.com [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 4A13Fe2C010584; Fri, 1 Nov 2024 03:15:41 GMT Received: from hu-maiyas-hyd.qualcomm.com (hu-spuppala-hyd.qualcomm.com [10.213.108.54]) by APBLRPPMTA02.qualcomm.com (PPS) with ESMTP id 4A13FfTQ010629; Fri, 01 Nov 2024 03:15:41 +0000 Received: by hu-maiyas-hyd.qualcomm.com (Postfix, from userid 4137148) id 88F68500923; Fri, 1 Nov 2024 08:45:39 +0530 (+0530) From: Seshu Madhavi Puppala To: Adrian Hunter , Asutosh Das , Ulf Hansson Cc: Ritesh Harjani , linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, quic_gaurkash@quicinc.com, quic_neersoni@quicinc.com, quic_spuppala@quicinc.com Subject: [PATCH RFC 6/6] mmc: host: support for generate, import and prepare key Date: Fri, 1 Nov 2024 08:45:39 +0530 Message-Id: <20241101031539.13285-7-quic_spuppala@quicinc.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20241101031539.13285-1-quic_spuppala@quicinc.com> References: <20241101031539.13285-1-quic_spuppala@quicinc.com> X-QCInternal: smtphost X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: dOF_7oWszTKsNxF_Mm_34WLSxcDA-go9 X-Proofpoint-ORIG-GUID: dOF_7oWszTKsNxF_Mm_34WLSxcDA-go9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.60.29 definitions=2024-09-06_09,2024-09-06_01,2024-09-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 phishscore=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 adultscore=0 mlxscore=0 mlxlogscore=999 spamscore=0 suspectscore=0 clxscore=1015 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2409260000 definitions=main-2411010022 Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MMC defines variant ops to support generate, prepare and import wrapped key blk crypto ops to tie these operations to vendor specific implementations. This patch defines and implements these variant ops for Qualcomm SoCs which uses eMMC storage. Signed-off-by: Seshu Madhavi Puppala --- drivers/mmc/host/sdhci-msm.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c index aba1d6e688b6..9b3090c1f917 100644 --- a/drivers/mmc/host/sdhci-msm.c +++ b/drivers/mmc/host/sdhci-msm.c @@ -1912,6 +1912,37 @@ static int sdhci_msm_ice_derive_sw_secret(struct cqhci_host *cq_host, const u8 w return qcom_ice_derive_sw_secret(msm_host->ice, wkey, wkey_size, sw_secret); } +static int sdhci_msm_generate_key(struct cqhci_host *cq_host, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + struct sdhci_host *host = mmc_priv(cq_host->mmc); + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host); + struct sdhci_msm_host *msm_host = sdhci_pltfm_priv(pltfm_host); + + return qcom_ice_generate_key(msm_host->ice, lt_key); +} + +static int sdhci_msm_prepare_key(struct cqhci_host *cq_host, + const u8 *lt_key, size_t lt_key_size, + u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + struct sdhci_host *host = mmc_priv(cq_host->mmc); + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host); + struct sdhci_msm_host *msm_host = sdhci_pltfm_priv(pltfm_host); + + return qcom_ice_prepare_key(msm_host->ice, lt_key, lt_key_size, eph_key); +} + +static int sdhci_msm_import_key(struct cqhci_host *cq_host, + const u8 *imp_key, size_t imp_key_size, + u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]) +{ + struct sdhci_host *host = mmc_priv(cq_host->mmc); + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host); + struct sdhci_msm_host *msm_host = sdhci_pltfm_priv(pltfm_host); + + return qcom_ice_import_key(msm_host->ice, imp_key, imp_key_size, lt_key); +} #else /* CONFIG_MMC_CRYPTO */ static inline int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host, @@ -2019,6 +2050,9 @@ static const struct cqhci_host_ops sdhci_msm_cqhci_ops = { #ifdef CONFIG_MMC_CRYPTO .program_key = sdhci_msm_program_key, .derive_sw_secret = sdhci_msm_ice_derive_sw_secret, + .generate_key = sdhci_msm_generate_key, + .prepare_key = sdhci_msm_prepare_key, + .import_key = sdhci_msm_import_key, #endif };