1. Add a new quirk in UFS when wrapped keys are supported. Since wrapped keys are not part of the UFS spec, treat it as a supported quirk. 2. Add derive_sw_secret crypto profile op implementation in ufshcd crypto. Signed-off-by: Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx> --- drivers/ufs/core/ufshcd-crypto.c | 40 +++++++++++++++++++++++++------- include/ufs/ufshcd.h | 10 ++++++++ 2 files changed, 42 insertions(+), 8 deletions(-) diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c index 34537cbac622..2d8f43f2df1d 100644 --- a/drivers/ufs/core/ufshcd-crypto.c +++ b/drivers/ufs/core/ufshcd-crypto.c @@ -81,13 +81,15 @@ static int ufshcd_crypto_keyslot_program(struct blk_crypto_profile *profile, cfg.crypto_cap_idx = cap_idx; cfg.config_enable = UFS_CRYPTO_CONFIGURATION_ENABLE; - if (ccap_array[cap_idx].algorithm_id == UFS_CRYPTO_ALG_AES_XTS) { - /* In XTS mode, the blk_crypto_key's size is already doubled */ - memcpy(cfg.crypto_key, key->raw, key->size/2); - memcpy(cfg.crypto_key + UFS_CRYPTO_KEY_MAX_SIZE/2, - key->raw + key->size/2, key->size/2); - } else { - memcpy(cfg.crypto_key, key->raw, key->size); + if (key->crypto_cfg.key_type != BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) { + if (ccap_array[cap_idx].algorithm_id == UFS_CRYPTO_ALG_AES_XTS) { + /* In XTS mode, the blk_crypto_key's size is already doubled */ + memcpy(cfg.crypto_key, key->raw, key->size/2); + memcpy(cfg.crypto_key + UFS_CRYPTO_KEY_MAX_SIZE/2, + key->raw + key->size/2, key->size/2); + } else { + memcpy(cfg.crypto_key, key->raw, key->size); + } } err = ufshcd_program_key(hba, key, &cfg, slot); @@ -127,9 +129,25 @@ bool ufshcd_crypto_enable(struct ufs_hba *hba) return true; } + +static int ufshcd_crypto_derive_sw_secret(struct blk_crypto_profile *profile, + const u8 wrapped_key[], size_t wrapped_key_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]) +{ + struct ufs_hba *hba = + container_of(profile, struct ufs_hba, crypto_profile); + + if (hba->vops && hba->vops->derive_sw_secret) + return hba->vops->derive_sw_secret(hba, wrapped_key, + wrapped_key_size, sw_secret); + + return -EOPNOTSUPP; +} + static const struct blk_crypto_ll_ops ufshcd_crypto_ops = { .keyslot_program = ufshcd_crypto_keyslot_program, .keyslot_evict = ufshcd_crypto_keyslot_evict, + .derive_sw_secret = ufshcd_crypto_derive_sw_secret, }; static enum blk_crypto_mode_num @@ -191,7 +209,13 @@ int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba) hba->crypto_profile.ll_ops = ufshcd_crypto_ops; /* UFS only supports 8 bytes for any DUN */ hba->crypto_profile.max_dun_bytes_supported = 8; - hba->crypto_profile.key_types_supported = BLK_CRYPTO_KEY_TYPE_STANDARD; + if (hba->quirks & UFSHCD_QUIRK_USES_WRAPPED_CRYPTO_KEYS) + hba->crypto_profile.key_types_supported = + BLK_CRYPTO_KEY_TYPE_HW_WRAPPED; + else + hba->crypto_profile.key_types_supported = + BLK_CRYPTO_KEY_TYPE_STANDARD; + hba->crypto_profile.dev = hba->dev; /* diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index ef5995584bc3..cef8e619fe5d 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -299,6 +299,7 @@ struct ufs_pwr_mode_info { * @device_reset: called to issue a reset pulse on the UFS device * @config_scaling_param: called to configure clock scaling parameters * @program_key: program or evict an inline encryption key + * @derive_sw_secret: derive sw secret from a wrapped key * @event_notify: called to notify important events * @reinit_notify: called to notify reinit of UFSHCD during max gear switch * @mcq_config_resource: called to configure MCQ platform resources @@ -343,6 +344,9 @@ struct ufs_hba_variant_ops { int (*program_key)(struct ufs_hba *hba, const struct blk_crypto_key *bkey, const union ufs_crypto_cfg_entry *cfg, int slot); + int (*derive_sw_secret)(struct ufs_hba *hba, const u8 wrapped_key[], + unsigned int wrapped_key_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]); void (*event_notify)(struct ufs_hba *hba, enum ufs_event_type evt, void *data); void (*reinit_notify)(struct ufs_hba *); @@ -624,6 +628,12 @@ enum ufshcd_quirks { * thus need this quirk to skip related flow. */ UFSHCD_QUIRK_MCQ_BROKEN_RTC = 1 << 21, + + /* + * This quirk indicates that UFS will be using HW wrapped keys + * when using inline encryption. + */ + UFSHCD_QUIRK_USES_WRAPPED_CRYPTO_KEYS = 1 << 22, }; enum ufshcd_caps { -- 2.25.1