On 6.09.2024 8:07 PM, Bartosz Golaszewski wrote: > From: Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx> > > Now that HWKM support has been added to ICE, extend the ICE driver to > support hardware wrapped keys programming coming in from the storage > controllers (UFS and eMMC). This is similar to raw keys where the call is > forwarded to Trustzone, however we also need to clear and re-enable > CFGE before and after programming the key. > > Derive software secret support is also added by forwarding the call to > the corresponding SCM API. > > Tested-by: Neil Armstrong <neil.armstrong@xxxxxxxxxx> > Reviewed-by: Om Prakash Singh <quic_omprsing@xxxxxxxxxxx> > Signed-off-by: Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx> > Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx> > --- [...] > +static int qcom_ice_program_wrapped_key(struct qcom_ice *ice, > + const struct blk_crypto_key *key, > + u8 data_unit_size, int slot) > +{ > + union crypto_cfg cfg; > + int hwkm_slot; > + int err; > + > + hwkm_slot = translate_hwkm_slot(ice, slot); > + > + memset(&cfg, 0, sizeof(cfg)); union crypto_cfg cfg = { 0 }; ? > + cfg.dusize = data_unit_size; > + cfg.capidx = QCOM_SCM_ICE_CIPHER_AES_256_XTS; > + cfg.cfge = 0x80; Or just partially initialize it at declaration time? Also, what's 0x80? Konrad