Re: [PATCH 0/8] eMMC inline encryption support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 20 Nov 2020 at 19:54, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>
> On Thu, Nov 12, 2020 at 11:40:03AM -0800, Eric Biggers wrote:
> > Hello,
> >
> > This patchset adds support for eMMC inline encryption, as specified by
> > the upcoming version of the eMMC specification and as already
> > implemented and used on many devices.  Building on that, it then adds
> > Qualcomm ICE support and wires it up for the Snapdragon 630 SoC.
> >
> > Inline encryption hardware improves the performance of storage
> > encryption and reduces power usage.  See
> > Documentation/block/inline-encryption.rst for more information about
> > inline encryption and the blk-crypto framework (upstreamed in v5.8)
> > which supports it.  Most mobile devices already use UFS or eMMC inline
> > encryption hardware; UFS support was already upstreamed in v5.9.
> >
> > Patches 1-3 add support for the standard eMMC inline encryption.
> >
> > However, as with UFS, host controller-specific patches are needed on top
> > of the standard support.  Therefore, patches 4-8 add Qualcomm ICE
> > (Inline Crypto Engine) support and wire it up on the Snapdragon 630 SoC.
> >
> > To test this I took advantage of the recently upstreamed support for the
> > Snapdragon 630 SoC, plus work-in-progress patches from the SoMainline
> > project (https://github.com/SoMainline/linux/tree/konrad/v5.10-rc3).  In
> > particular, I was able to run the fscrypt xfstests for ext4 and f2fs in
> > a Debian chroot.  Among other things, these tests verified that the
> > correct ciphertext is written to disk (the same as software encryption).
> >
> > It will also be possible to add support for Mediatek eMMC inline
> > encryption hardware in mtk-sd, and it should be easier than the Qualcomm
> > hardware since the Mediatek hardware follows the standard more closely.
> > I.e., patches 1-3 should be almost enough for the Mediatek hardware.
> > However, I don't have the hardware to do this yet.
> >
> > This patchset is based on v5.10-rc3, and it can also be retrieved from
> > tag "mmc-crypto-v1" of
> > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git
> >
> > Note: the fscrypt inline encryption support is partially broken in
> > v5.10-rc3, so for testing a fscrypt fix needs to be applied too:
> > https://lkml.kernel.org/r/20201111015224.303073-1-ebiggers@xxxxxxxxxx
> >
> > Eric Biggers (8):
> >   mmc: add basic support for inline encryption
> >   mmc: cqhci: rename cqhci.c to cqhci-core.c
> >   mmc: cqhci: add support for inline encryption
> >   mmc: cqhci: add cqhci_host_ops::program_key
> >   firmware: qcom_scm: update comment for ICE-related functions
> >   dt-bindings: mmc: sdhci-msm: add ICE registers and clock
> >   arm64: dts: qcom: sdm630: add ICE registers and clocks
> >   mmc: sdhci-msm: add Inline Crypto Engine support
>
> Any comments on this patchset?

I have been busy, but just wanted to let you know that I am moving to
start reviewing this series shortly.

I also need to catch up on the eMMC spec a bit, before I can provide
you with comments.

Kind regards
Uffe



[Index of Archives]     [linux Cryptography]     [Asterisk App Development]     [PJ SIP]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]

  Powered by Linux