From patchwork Wed Jul 19 17:04:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Gaurav Kashyap (QUIC)" X-Patchwork-Id: 13319277 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2E00BC25B5E for ; Wed, 19 Jul 2023 17:08:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231175AbjGSRIA (ORCPT ); Wed, 19 Jul 2023 13:08:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45244 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230517AbjGSRH4 (ORCPT ); Wed, 19 Jul 2023 13:07:56 -0400 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D70A2B7; Wed, 19 Jul 2023 10:07:53 -0700 (PDT) Received: from pps.filterd (m0279873.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 36JFVvmd016314; Wed, 19 Jul 2023 17:07:51 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=qcppdkim1; bh=wZGSrN3ryzjGN74O3LrwrYA2gjxLkZz/dcsBqvy4nhU=; b=NUw1o0v4i/+WYnDdtm9A8pUdchBgGLms/Nrf0M2pTkkfwG7k5/gvJTwD6dQrhnC4ULNo 2Vz+xAEuSfV25/v4U05PGqNFtYNvQ1bZ1hESEmz2FOyPMxpWV/NVQNTSDR6mgsoRrMhn 2Dj7Jk6cPf4cr6gJHpNNLiOh/8ScqD0rFmMzNS7C2OnSdjpIkFGhnitl0KCY8SYGMphm vh7jO27725AeAEQ8nAwcxqSLcPKTPQvUPEW0x1mqOGbQnWlFZGgwXhb2BpeweBuKcNvJ sagikznLbEKSdUuaV8HCxiipTykZ2I+680ya3hvvHfLrkATMLejuA0P3KH3N11mGe/AM Vg== Received: from nalasppmta01.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3rx7411sww-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 19 Jul 2023 17:07:51 +0000 Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA01.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 36JH7okC010362 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 19 Jul 2023 17:07:50 GMT Received: from hu-gaurkash-lv.qualcomm.com (10.49.16.6) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.30; Wed, 19 Jul 2023 10:07:49 -0700 From: Gaurav Kashyap To: , , CC: , , , , , , , , Gaurav Kashyap Subject: [PATCH v2 04/10] soc: qcom: ice: support for hardware wrapped keys Date: Wed, 19 Jul 2023 10:04:18 -0700 Message-ID: <20230719170423.220033-5-quic_gaurkash@quicinc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230719170423.220033-1-quic_gaurkash@quicinc.com> References: <20230719170423.220033-1-quic_gaurkash@quicinc.com> MIME-Version: 1.0 X-Originating-IP: [10.49.16.6] X-ClientProxiedBy: nalasex01b.na.qualcomm.com (10.47.209.197) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-GUID: URDTOTef0y2ie-CdmmwCysqJBawdM-ET X-Proofpoint-ORIG-GUID: URDTOTef0y2ie-CdmmwCysqJBawdM-ET X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-07-19_11,2023-07-19_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 mlxscore=0 lowpriorityscore=0 phishscore=0 adultscore=0 impostorscore=0 bulkscore=0 suspectscore=0 spamscore=0 priorityscore=1501 mlxlogscore=999 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2306200000 definitions=main-2307190154 Precedence: bulk List-ID: X-Mailing-List: linux-scsi@vger.kernel.org Now that HWKM support is added to ICE, extend the ICE driver to support hardware wrapped keys programming coming in from the storage controllers (ufs and emmc). The patches that follow will add ufs and emmc support. Derive software secret support is also added by forwarding the call the corresponding scm api. Signed-off-by: Gaurav Kashyap --- drivers/soc/qcom/ice.c | 121 +++++++++++++++++++++++++++++++++++++---- include/soc/qcom/ice.h | 4 ++ 2 files changed, 114 insertions(+), 11 deletions(-) diff --git a/drivers/soc/qcom/ice.c b/drivers/soc/qcom/ice.c index 242306d13049..33f67fcfa1bc 100644 --- a/drivers/soc/qcom/ice.c +++ b/drivers/soc/qcom/ice.c @@ -25,6 +25,8 @@ #define QCOM_ICE_REG_BIST_STATUS 0x0070 #define QCOM_ICE_REG_ADVANCED_CONTROL 0x1000 #define QCOM_ICE_REG_CONTROL 0x0 +#define QCOM_ICE_LUT_KEYS_CRYPTOCFG_R16 0x4040 + /* QCOM ICE HWKM registers */ #define QCOM_ICE_REG_HWKM_TZ_KM_CTL 0x1000 #define QCOM_ICE_REG_HWKM_TZ_KM_STATUS 0x1004 @@ -34,6 +36,7 @@ #define QCOM_ICE_REG_HWKM_BANK0_BBAC_3 0x500C #define QCOM_ICE_REG_HWKM_BANK0_BBAC_4 0x5010 +/* QCOM ICE HWKM BIST vals */ #define QCOM_ICE_HWKM_BIST_DONE_V1_VAL 0x11 #define QCOM_ICE_HWKM_BIST_DONE_V2_VAL 0x287 @@ -44,6 +47,8 @@ #define QCOM_ICE_FORCE_HW_KEY0_SETTING_MASK 0x2 #define QCOM_ICE_FORCE_HW_KEY1_SETTING_MASK 0x4 +#define QCOM_ICE_LUT_KEYS_CRYPTOCFG_OFFSET 0x80 + #define QCOM_ICE_HWKM_REG_OFFSET 0x8000 #define HWKM_OFFSET(reg) (reg + QCOM_ICE_HWKM_REG_OFFSET) @@ -60,6 +65,17 @@ struct qcom_ice { struct clk *core_clk; u8 hwkm_version; + bool hwkm_init_complete; +}; + +union crypto_cfg { + __le32 regval; + struct { + u8 dusize; + u8 capidx; + u8 reserved; + u8 cfge; + }; }; static bool qcom_ice_check_supported(struct qcom_ice *ice) @@ -218,6 +234,8 @@ static void qcom_ice_hwkm_init(struct qcom_ice *ice) HWKM_OFFSET(QCOM_ICE_REG_HWKM_BANK0_BBAC_3)); qcom_ice_writel(ice, 0xFFFFFFFF, HWKM_OFFSET(QCOM_ICE_REG_HWKM_BANK0_BBAC_4)); + + ice->hwkm_init_complete = true; } int qcom_ice_enable(struct qcom_ice *ice) @@ -263,6 +281,52 @@ int qcom_ice_suspend(struct qcom_ice *ice) } EXPORT_SYMBOL_GPL(qcom_ice_suspend); +/* + * HW dictates the internal mapping between the ICE and HWKM slots, + * which are different for different versions, make the translation + * here. +*/ +static int translate_hwkm_slot(struct qcom_ice *ice, int slot) +{ + return (ice->hwkm_version == 1) ? + (10 + slot * 2) : (slot * 2); +} + +static int qcom_ice_program_wrapped_key(struct qcom_ice *ice, + const struct blk_crypto_key *key, + u8 data_unit_size, int slot) +{ + int hwkm_slot; + int err; + union crypto_cfg cfg; + + hwkm_slot = translate_hwkm_slot(ice, slot); + + memset(&cfg, 0, sizeof(cfg)); + cfg.dusize = data_unit_size; + cfg.capidx = QCOM_SCM_ICE_CIPHER_AES_256_XTS; + cfg.cfge = 0x80; + + /* Clear CFGE */ + qcom_ice_writel(ice, 0x0, QCOM_ICE_LUT_KEYS_CRYPTOCFG_R16 + + QCOM_ICE_LUT_KEYS_CRYPTOCFG_OFFSET * slot); + + /* Call trustzone to program the wrapped key using hwkm */ + err = qcom_scm_ice_set_key(hwkm_slot, key->raw, key->size, + QCOM_SCM_ICE_CIPHER_AES_256_XTS, data_unit_size); + if (err) { + pr_err("%s:SCM call Error: 0x%x slot %d\n", __func__, err, + slot); + return err; + } + + /* Enable CFGE after programming key */ + qcom_ice_writel(ice, cfg.regval, QCOM_ICE_LUT_KEYS_CRYPTOCFG_R16 + + QCOM_ICE_LUT_KEYS_CRYPTOCFG_OFFSET * slot); + + return err; +} + int qcom_ice_program_key(struct qcom_ice *ice, u8 algorithm_id, u8 key_size, const struct blk_crypto_key *bkey, @@ -278,24 +342,36 @@ int qcom_ice_program_key(struct qcom_ice *ice, /* Only AES-256-XTS has been tested so far. */ if (algorithm_id != QCOM_ICE_CRYPTO_ALG_AES_XTS || - key_size != QCOM_ICE_CRYPTO_KEY_SIZE_256) { + key_size != QCOM_ICE_CRYPTO_KEY_SIZE_256 || + key_size != QCOM_ICE_CRYPTO_KEY_SIZE_WRAPPED) { dev_err_ratelimited(dev, "Unhandled crypto capability; algorithm_id=%d, key_size=%d\n", algorithm_id, key_size); return -EINVAL; } - memcpy(key.bytes, bkey->raw, AES_256_XTS_KEY_SIZE); - - /* The SCM call requires that the key words are encoded in big endian */ - for (i = 0; i < ARRAY_SIZE(key.words); i++) - __cpu_to_be32s(&key.words[i]); + if (bkey->crypto_cfg.key_type == BLK_CRYPTO_KEY_TYPE_HW_WRAPPED) { + if (!ice->hwkm_version) + return -EINVAL; + err = qcom_ice_program_wrapped_key(ice, bkey, slot, + data_unit_size); + } else { + if (bkey->size != QCOM_ICE_CRYPTO_KEY_SIZE_256) + dev_err_ratelimited(dev, + "Incorrect key size; bkey->size=%d\n", + algorithm_id); + return -EINVAL; + memcpy(key.bytes, bkey->raw, AES_256_XTS_KEY_SIZE); - err = qcom_scm_ice_set_key(slot, key.bytes, AES_256_XTS_KEY_SIZE, - QCOM_SCM_ICE_CIPHER_AES_256_XTS, - data_unit_size); + /* The SCM call requires that the key words are encoded in big endian */ + for (i = 0; i < ARRAY_SIZE(key.words); i++) + __cpu_to_be32s(&key.words[i]); - memzero_explicit(&key, sizeof(key)); + err = qcom_scm_ice_set_key(slot, key.bytes, AES_256_XTS_KEY_SIZE, + QCOM_SCM_ICE_CIPHER_AES_256_XTS, + data_unit_size); + memzero_explicit(&key, sizeof(key)); + } return err; } @@ -303,7 +379,21 @@ EXPORT_SYMBOL_GPL(qcom_ice_program_key); int qcom_ice_evict_key(struct qcom_ice *ice, int slot) { - return qcom_scm_ice_invalidate_key(slot); + int hwkm_slot = slot; + + if (ice->hwkm_version) { + hwkm_slot = translate_hwkm_slot(ice, slot); + /* + * Ignore calls to evict key when HWKM is supported and hwkm init + * is not yet done. This is to avoid the clearing all slots call + * during a storage reset when ICE is still in legacy mode. HWKM slave + * in ICE takes care of zeroing out the keytable on reset. + */ + if (!ice->hwkm_init_complete) + return 0; + } + + return qcom_scm_ice_invalidate_key(hwkm_slot); } EXPORT_SYMBOL_GPL(qcom_ice_evict_key); @@ -313,6 +403,15 @@ bool qcom_ice_hwkm_supported(struct qcom_ice *ice) } EXPORT_SYMBOL_GPL(qcom_ice_hwkm_supported); +int qcom_ice_derive_sw_secret(struct qcom_ice *ice, const u8 wrapped_key[], + unsigned int wrapped_key_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]) +{ + return qcom_scm_derive_sw_secret(wrapped_key, wrapped_key_size, + sw_secret, BLK_CRYPTO_SW_SECRET_SIZE); +} +EXPORT_SYMBOL_GPL(qcom_ice_derive_sw_secret); + static struct qcom_ice *qcom_ice_create(struct device *dev, void __iomem *base) { diff --git a/include/soc/qcom/ice.h b/include/soc/qcom/ice.h index 1f52e82e3e1c..22ab8d1a56de 100644 --- a/include/soc/qcom/ice.h +++ b/include/soc/qcom/ice.h @@ -17,6 +17,7 @@ enum qcom_ice_crypto_key_size { QCOM_ICE_CRYPTO_KEY_SIZE_192 = 0x2, QCOM_ICE_CRYPTO_KEY_SIZE_256 = 0x3, QCOM_ICE_CRYPTO_KEY_SIZE_512 = 0x4, + QCOM_ICE_CRYPTO_KEY_SIZE_WRAPPED = 0x5, }; enum qcom_ice_crypto_alg { @@ -35,5 +36,8 @@ int qcom_ice_program_key(struct qcom_ice *ice, u8 data_unit_size, int slot); int qcom_ice_evict_key(struct qcom_ice *ice, int slot); bool qcom_ice_hwkm_supported(struct qcom_ice *ice); +int qcom_ice_derive_sw_secret(struct qcom_ice *ice, const u8 wrapped_key[], + unsigned int wrapped_key_size, + u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]); struct qcom_ice *of_qcom_ice_get(struct device *dev); #endif /* __QCOM_ICE_H__ */