Hi, On Fri, 2020-02-21 at 10:11 -0800, Eric Biggers wrote: > On Fri, Feb 21, 2020 at 09:22:44AM -0800, Christoph Hellwig wrote: > > On Fri, Feb 21, 2020 at 03:50:47AM -0800, Satya Tangirala wrote: > > > Wire up ufshcd.c with the UFS Crypto API, the block layer inline > > > encryption additions and the keyslot manager. > > > > > > Also, introduce UFSHCD_QUIRK_BROKEN_CRYPTO that certain UFS drivers > > > that don't yet support inline encryption need to use - taken from > > > patches by John Stultz <john.stultz@xxxxxxxxxx> > > > (https://android-review.googlesource.com/c/kernel/common/+/1162224/5) > > > (https://android-review.googlesource.com/c/kernel/common/+/1162225/5) > > > (https://android-review.googlesource.com/c/kernel/common/+/1164506/1) > > > > Between all these quirks, with what upstream SOC does this feature > > actually work? > > It will work on DragonBoard 845c, i.e. Qualcomm's Snapdragon 845 SoC, if we > apply my patchset > https://lkml.kernel.org/linux-block/20200110061634.46742-1-ebiggers@xxxxxxxxxx/. > It's currently based on Satya's v6 patchset, but I'll be rebasing it onto v7 and > resending. It uses all the UFS standard crypto code that Satya is adding except > for ufshcd_program_key(), which has to be replaced with a vendor-specific > operation. It does also add vendor-specific code to ufs-qcom to initialize the > crypto hardware, but that's in addition to the standard code, not replacing it. > > DragonBoard 845c is a commercially available development board that boots the > mainline kernel (modulo two arm-smmu IOMMU patches that Linaro is working on), > so I think it counts as an "upstream SoC". > > That's all that we currently have the hardware to verify ourselves, though > Mediatek says that Satya's patches are working on their hardware too. And the > UFS controller on Mediatek SoCs is supported by the upstream kernel via > ufs-mediatek. But I don't know whether it just works exactly as-is or whether > they needed to patch ufs-mediatek too. Stanley or Kuohong, can you confirm? Yes, MediaTek is keeping work closely with inline encryption patch sets. Currently the v6 version can work well (without UFSHCD_QUIRK_BROKEN_CRYPTO quirk) at least in our MT6779 SoC platform which basic SoC support and some other peripheral drivers are under upstreaming as below link, https://patchwork.kernel.org/project/linux-mediatek/list/?state=% 2A&q=6779&series=&submitter=&delegate=&archive=both The integration with inline encryption patch set needs to patch ufs-mediatek and patches are ready in downstream. We plan to upstream them soon after inline encryption patch sets get merged. > > We're also hoping that the patches are usable with the UFS controllers from > Cadence Design Systems and Synopsys, which have upstream kernel support in > drivers/scsi/ufs/cdns-pltfrm.c and drivers/scsi/ufs/ufshcd-dwc.c. But we don't > currently have a way to verify this. But in 2018, both companies had tried to > get the UFS v2.1 standard crypto support upstream, so presumably they must have > implemented it in their hardware. +Cc the people who were working on that. > > - Eric Thanks, Stanley Chu
