Re: [PATCH 0/8] eMMC inline encryption support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 12, 2020 at 11:40:03AM -0800, Eric Biggers wrote:
> Hello,
> 
> This patchset adds support for eMMC inline encryption, as specified by
> the upcoming version of the eMMC specification and as already
> implemented and used on many devices.  Building on that, it then adds
> Qualcomm ICE support and wires it up for the Snapdragon 630 SoC.
> 
> Inline encryption hardware improves the performance of storage
> encryption and reduces power usage.  See
> Documentation/block/inline-encryption.rst for more information about
> inline encryption and the blk-crypto framework (upstreamed in v5.8)
> which supports it.  Most mobile devices already use UFS or eMMC inline
> encryption hardware; UFS support was already upstreamed in v5.9.
> 
> Patches 1-3 add support for the standard eMMC inline encryption.
> 
> However, as with UFS, host controller-specific patches are needed on top
> of the standard support.  Therefore, patches 4-8 add Qualcomm ICE
> (Inline Crypto Engine) support and wire it up on the Snapdragon 630 SoC.
> 
> To test this I took advantage of the recently upstreamed support for the
> Snapdragon 630 SoC, plus work-in-progress patches from the SoMainline
> project (https://github.com/SoMainline/linux/tree/konrad/v5.10-rc3).  In
> particular, I was able to run the fscrypt xfstests for ext4 and f2fs in
> a Debian chroot.  Among other things, these tests verified that the
> correct ciphertext is written to disk (the same as software encryption).
> 
> It will also be possible to add support for Mediatek eMMC inline
> encryption hardware in mtk-sd, and it should be easier than the Qualcomm
> hardware since the Mediatek hardware follows the standard more closely.
> I.e., patches 1-3 should be almost enough for the Mediatek hardware.
> However, I don't have the hardware to do this yet.
> 
> This patchset is based on v5.10-rc3, and it can also be retrieved from
> tag "mmc-crypto-v1" of
> https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git
> 
> Note: the fscrypt inline encryption support is partially broken in
> v5.10-rc3, so for testing a fscrypt fix needs to be applied too:
> https://lkml.kernel.org/r/20201111015224.303073-1-ebiggers@xxxxxxxxxx
> 
> Eric Biggers (8):
>   mmc: add basic support for inline encryption
>   mmc: cqhci: rename cqhci.c to cqhci-core.c
>   mmc: cqhci: add support for inline encryption
>   mmc: cqhci: add cqhci_host_ops::program_key
>   firmware: qcom_scm: update comment for ICE-related functions
>   dt-bindings: mmc: sdhci-msm: add ICE registers and clock
>   arm64: dts: qcom: sdm630: add ICE registers and clocks
>   mmc: sdhci-msm: add Inline Crypto Engine support

Any comments on this patchset?

- Eric



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux