RE: [RFC PATCH v3 4/4] scsi: ufs-qcom: add Inline Crypto Engine support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Eric,

The crypto_variant_ops exposed were not a guess, we had worked with Satya to add the functionality that is required.

Can we define the below crypto_variant_ops that exposes the same functionality you have added, this allows us to extend this in the future in a seamless manner. As an example QC implementation uses 'debug', 'suspend' and we can add that when we upstream the implementation in the next few weeks once our validation is complete. Thanks.

struct ufs_hba_crypto_variant_ops {
int (*hba_init_crypto)(struct ufs_hba *hba,
       const struct keyslot_mgmt_ll_ops *ksm_ops);
void (*enable)(struct ufs_hba *hba);
int (*resume)(struct ufs_hba *hba);
int (*program_key(struct ufs_hba *hba,
      const union ufs_crypto_cfg_entry *cfg, int slot);
};

-----Original Message-----
From: Eric Biggers <ebiggers@xxxxxxxxxx>
Sent: Thursday, March 12, 2020 12:06 PM
To: Barani Muthukumaran <bmuthuku@xxxxxxxxxxxxxxxx>
Cc: linux-scsi@xxxxxxxxxxxxxxx; linux-arm-msm@xxxxxxxxxxxxxxx; linux-block@xxxxxxxxxxxxxxx; linux-fscrypt@xxxxxxxxxxxxxxx; Alim Akhtar <alim.akhtar@xxxxxxxxxxx>; Andy Gross <agross@xxxxxxxxxx>; Avri Altman <avri.altman@xxxxxxx>; bjorn.andersson@xxxxxxxxxx; Can Guo <cang@xxxxxxxxxxxxxx>; Elliot Berman <eberman@xxxxxxxxxxxxxx>; Jaegeuk Kim <jaegeuk@xxxxxxxxxx>; John Stultz <john.stultz@xxxxxxxxxx>; Satya Tangirala <satyat@xxxxxxxxxx>
Subject: [EXT] Re: [RFC PATCH v3 4/4] scsi: ufs-qcom: add Inline Crypto Engine support

Hi Barani,

On Thu, Mar 12, 2020 at 06:21:02PM +0000, Barani Muthukumaran wrote:
> Hi Eric,
>
> I am confused on why you are trying to re-implement functions already
> present within the crypto_vops. Is there a reason why the ICE driver
> cannot register for KSM with its own function for keyslot_program and
> keyslot_evict and register for crypto_vops with its own functions for
> 'init/enable/disable/suspend/resume/debug'. Given that the ufs-crypto
> has the interface to do this why do we have to re-implement the same
> functionality with another set of functions. In addition in the future
> if for performance reasons (with per-file keys) we have to use
> passthrough KSM and use prepare/complete_lrbp_crypto that can easily be added as well.
>
> IMO the crypto_vops is a clean way for vendors to override the default
> functionality rather than using direct function calls from within the
> UFS driver and this can easily be extended for eMMC.

ufshcd_hba_crypto_variant_ops doesn't exist in the patchset for upstream.

We had to add ufshcd_hba_crypto_variant_ops out-of-tree to the Android common kernels to unblock vendors implementing their drivers this year, because we didn't know exactly what functionality they'd need.  So we just had to guess and add ~10 different operations just in case people needed them.  (Note that some or all of these may go away next year, once we see what was actually used.)

That's not acceptable for upstream.  For upstream we can only add variant operations that are actually used by in-tree drivers.

So far the only hardware support actually proposed upstream are my patch for ufs-qcom, and Stanley's patch for ufs-mediatek.  ufs-qcom only needs
->program_key(), and ufs-mediatek doesn't need any new variant op.

So, that's why only ->program_key() has been proposed upstream thus far: it's the minimal functionality that's been demonstrated to be needed.

Of course, if someone actually posts patches to support hardware that diverges from the UFS standard in new and "exciting" ways (whether it's another vendor's hardware or future Qualcomm hardware) then they'll need to post any variant
operation(s) they need.  They need to be targetted to only the specific quirk(s) needed, so that drivers don't have to unnecessarily re-implement stuff.

- Eric




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux