From patchwork Tue Jul 2 07:25:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719058 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7597C146D48; Tue, 2 Jul 2024 07:28:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905291; cv=none; b=GNl9D4cFveI8Ixd7i+YMHEmuVRMC+C4iZB/AQT02g2089otZVxR8EpdJULViwjYDIi10x/poLEq1k+JB76OEVoQM9pgCw0eXnskTWGdTGinqN6fy5GqQAamimgkuHmKlnTli/SH8ibnBX+WR8Qj6i9IcXBnDpfed4yIeYzCvTy8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905291; c=relaxed/simple; bh=JRQrzjSKmZEnwHqJpyPNeF6FH5+h6GWQ1JmhlZoALec=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=O8W2qpr6dUoG1nxjm1dt8PZH7Zq+aEWR7CZVIIu5BP1aa9sbWi7MhOA9BYVPetrkutCEuVLMM0TNue2vU6M5Lii4t+rpirLIO14b4XdoOVq5rQX1fEkHJQKt32+lZ1TtrwHs56la0Iy7kRWHZ9rZX0hwW1bDBKscLo3iEMUinwM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=XwSOp5fa; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="XwSOp5fa" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D014AC4AF0A; Tue, 2 Jul 2024 07:28:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905291; bh=JRQrzjSKmZEnwHqJpyPNeF6FH5+h6GWQ1JmhlZoALec=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XwSOp5faeMU/yho9c34l2ZAc0vzHSbAWDpA5DSJ4Oj6KZ/qxQzHKlBh45lqsW7Z+H XuwbhOUd4eZU1WqakfBZfFkyalHj8YqE9vOnE+3SkMHHQ43e29BI6S8KqegtQ/teOh BEgNrUqM5xSFXjjQ6uygWx2DUKyU4XSuz0AWF9VDPFtGv0uqKhJ2FeqsRtRtj1lu4+ kWdl8J+4L3t3qg+V5aM8G4AzoZ3tWV2f9WE1iz28mKTKyG2zRCuz8YmfEyCLgEHXS9 8+EO7PYitG4VY9iJmgCJCN+q+I06VENu4WqfPt88J0Sr23Py+V5Nt2aiXDjKPGErYJ m27oo4NibLGIQ== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 1/6] scsi: ufs: core: Add UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE Date: Tue, 2 Jul 2024 00:25:05 -0700 Message-ID: <20240702072510.248272-2-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Add UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE which lets UFS host drivers initialize the blk_crypto_profile themselves rather than have it be initialized by ufshcd-core according to the UFSHCI standard. This is needed to support inline encryption on the "Exynos" UFS controller which has a nonstandard interface. Signed-off-by: Eric Biggers Reviewed-by: Peter Griffin --- drivers/ufs/core/ufshcd-crypto.c | 10 +++++++--- include/ufs/ufshcd.h | 9 +++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c index f2c4422cab86..debc925ae439 100644 --- a/drivers/ufs/core/ufshcd-crypto.c +++ b/drivers/ufs/core/ufshcd-crypto.c @@ -157,10 +157,13 @@ int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba) { int cap_idx; int err = 0; enum blk_crypto_mode_num blk_mode_num; + if (hba->quirks & UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE) + return 0; + /* * Don't use crypto if either the hardware doesn't advertise the * standard crypto capability bit *or* if the vendor specific driver * hasn't advertised that crypto is supported. */ @@ -226,13 +229,14 @@ void ufshcd_init_crypto(struct ufs_hba *hba) int slot; if (!(hba->caps & UFSHCD_CAP_CRYPTO)) return; - /* Clear all keyslots - the number of keyslots is (CFGC + 1) */ - for (slot = 0; slot < hba->crypto_capabilities.config_count + 1; slot++) - ufshcd_clear_keyslot(hba, slot); + /* Clear all keyslots. */ + for (slot = 0; slot < hba->crypto_profile.num_slots; slot++) + hba->crypto_profile.ll_ops.keyslot_evict(&hba->crypto_profile, + NULL, slot); } void ufshcd_crypto_register(struct ufs_hba *hba, struct request_queue *q) { if (hba->caps & UFSHCD_CAP_CRYPTO) diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index bad88bd91995..b354a7eee478 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -641,10 +641,19 @@ enum ufshcd_quirks { /* * Some host does not implement SQ Run Time Command (SQRTC) register * thus need this quirk to skip related flow. */ UFSHCD_QUIRK_MCQ_BROKEN_RTC = 1 << 21, + + /* + * This quirk needs to be enabled if the host controller supports inline + * encryption but it needs to initialize the crypto capabilities in a + * nonstandard way and/or needs to override blk_crypto_ll_ops. If + * enabled, the standard code won't initialize the blk_crypto_profile; + * ufs_hba_variant_ops::init() must do it instead. + */ + UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE = 1 << 22, }; enum ufshcd_caps { /* Allow dynamic clk gating */ UFSHCD_CAP_CLK_GATING = 1 << 0, From patchwork Tue Jul 2 07:25:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719059 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B44C1148301; Tue, 2 Jul 2024 07:28:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905291; cv=none; b=F2Bks4rFXM6/sJuVpVVanWxTb5TH5S5piyxs+x+nCWjq2zHR2q/oQKJ4suJb8x/yg1gr5qZA7VUnM/7z+XygqP9DrSxD/nIw/n7yeV40j68P7af45mvOVDij00MwtDz4Ye/V6dc70jHp+jNKUPSS06C4/mpPr7QNS5CxIb+LxDw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905291; c=relaxed/simple; bh=YA5Wzxud6EXdeHJeBEt5IKmz1fvFGpRCpVtCdnLGIDc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UP5b6NBAt9l5NpEdBCHpyfttPJaA0GCFrYFg6N+I8LPTtoui2YesY2closipfEEvHQj174hZy1BtmQxw5ujSwVGFkWoEZ0YMUeGtvGHuCBWoJjfr3H9Q2uccOFWrYwEbWiOOGBBaD8DSk6zgmEhi9gH+ZOtTh7dFvIvyPubGinc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=FvKBArn0; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="FvKBArn0" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 47843C4AF0C; Tue, 2 Jul 2024 07:28:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905291; bh=YA5Wzxud6EXdeHJeBEt5IKmz1fvFGpRCpVtCdnLGIDc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FvKBArn0M8H+HXBQE8CbIgHD8R9y0P7iO3rPe08qacn4yjGAuJB+wnaDL2YAd39ZP eT2zkI/wBWs6uuKGCMXfGuHLPwv+bRan+hGXpWrTEWiNQ5t4Ca2BXQNWVwG2O55j7B NeBQ3ejm8RznqDj4y8OTz1ycX+wjPZ0ovTDWAHjAY6xtmvRzxetti+MRuy89AbB+06 ca9b6gh/8fFF0MeCTWv0u20rEDoKyKZxz8nq6YQuV0bzJcKYZhs53beB0hTbIvbc6m yQTAXDQ/GkTP0LigNh5DiFfkTCnfq17hqdMsBKBP/pBylE50EkyBZEZ0wxAI58b4/F dY4zKHYG7af0Q== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 2/6] scsi: ufs: core: fold ufshcd_clear_keyslot() into its caller Date: Tue, 2 Jul 2024 00:25:06 -0700 Message-ID: <20240702072510.248272-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Fold ufshcd_clear_keyslot() into its only remaining caller. Signed-off-by: Eric Biggers Reviewed-by: Peter Griffin --- drivers/ufs/core/ufshcd-crypto.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c index debc925ae439..b4980fd91cee 100644 --- a/drivers/ufs/core/ufshcd-crypto.c +++ b/drivers/ufs/core/ufshcd-crypto.c @@ -93,31 +93,25 @@ static int ufshcd_crypto_keyslot_program(struct blk_crypto_profile *profile, memzero_explicit(&cfg, sizeof(cfg)); return err; } -static int ufshcd_clear_keyslot(struct ufs_hba *hba, int slot) +static int ufshcd_crypto_keyslot_evict(struct blk_crypto_profile *profile, + const struct blk_crypto_key *key, + unsigned int slot) { + struct ufs_hba *hba = + container_of(profile, struct ufs_hba, crypto_profile); /* * Clear the crypto cfg on the device. Clearing CFGE * might not be sufficient, so just clear the entire cfg. */ union ufs_crypto_cfg_entry cfg = {}; return ufshcd_program_key(hba, &cfg, slot); } -static int ufshcd_crypto_keyslot_evict(struct blk_crypto_profile *profile, - const struct blk_crypto_key *key, - unsigned int slot) -{ - struct ufs_hba *hba = - container_of(profile, struct ufs_hba, crypto_profile); - - return ufshcd_clear_keyslot(hba, slot); -} - bool ufshcd_crypto_enable(struct ufs_hba *hba) { if (!(hba->caps & UFSHCD_CAP_CRYPTO)) return false; From patchwork Tue Jul 2 07:25:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719060 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6988A148847; Tue, 2 Jul 2024 07:28:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905292; cv=none; b=q5JMMliehAOUQMHnf0AxeiD8i210IPScURbgJMYreu6OlzX+ZS7HtWxwn1Y6B+ehepnzTGG3df30+v5mwotKcdJaWMwr+ZQXbLq1WdYc9S88qToMUAoTlHPUinf4JIf84uUd1HQMqhCWkHFvmyytXZFOxwo1OL5Va4Jw5eQb+fM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905292; c=relaxed/simple; bh=fgtjDmvA7l/lm4vzhuNJpYhxPFnEHAPhYNU28MhUq8o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hvoqRryoebugIY5YIAXlz3JugKp76FSCLgYITQrNZ1DWCnvrX/ZrPX95psJw95VQiMjxFE7b+ykOwig8mgrRGaODIsp4BN8IM93YZiJTKmkl+Gij8/4AosczvPNbP4Ieq0+P1L0jhCX3gShgJBUVUTMoX6mJjj/XxrL4+rojBXA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=RXZ0Kzbq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="RXZ0Kzbq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B28A2C32781; Tue, 2 Jul 2024 07:28:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905292; bh=fgtjDmvA7l/lm4vzhuNJpYhxPFnEHAPhYNU28MhUq8o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=RXZ0Kzbq+ULcJ0rUMo8CHKuAVDH/E8mMtJIphdMZxWjICSsip3kxl2CDDjk3L4AqR mNGs/PenbzPMgeq6UKk1+7I6tPe1R7RPg2AWhR494E43fTmKWOCGVmS7SC+ALPWtZy 5Zkq7knL/PfRBGFXrdvi2J9ew8nWy5e2HyztK7yiBEJAqudofgflTK5dp7rYXJtAn6 SIgoEO13d/PU/v0JVA2kSnb5yNVnccJ2SXAls/W0E+scIuYF6v1XGG6qB/wpshdRbt INvJzBsjr+qErmGcfkLXBAuRgSuazlp3URx23ptchVt/0hB1B8/Ucp4p911HuMTCkC G8mPV9q/WVbJQ== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 3/6] scsi: ufs: core: Add UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE Date: Tue, 2 Jul 2024 00:25:07 -0700 Message-ID: <20240702072510.248272-4-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Add UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE which tells the UFS core to not use the crypto enable bit defined by the UFS specification. This is needed to support inline encryption on the "Exynos" UFS controller. Signed-off-by: Eric Biggers Reviewed-by: Peter Griffin --- drivers/ufs/core/ufshcd-crypto.c | 8 ++++++++ include/ufs/ufshcd.h | 7 +++++++ 2 files changed, 15 insertions(+) diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c index b4980fd91cee..a714dad82cd1 100644 --- a/drivers/ufs/core/ufshcd-crypto.c +++ b/drivers/ufs/core/ufshcd-crypto.c @@ -108,17 +108,25 @@ static int ufshcd_crypto_keyslot_evict(struct blk_crypto_profile *profile, union ufs_crypto_cfg_entry cfg = {}; return ufshcd_program_key(hba, &cfg, slot); } +/* + * Reprogram the keyslots if needed, and return true if CRYPTO_GENERAL_ENABLE + * should be used in the host controller initialization sequence. + */ bool ufshcd_crypto_enable(struct ufs_hba *hba) { if (!(hba->caps & UFSHCD_CAP_CRYPTO)) return false; /* Reset might clear all keys, so reprogram all the keys. */ blk_crypto_reprogram_all_keys(&hba->crypto_profile); + + if (hba->quirks & UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE) + return false; + return true; } static const struct blk_crypto_ll_ops ufshcd_crypto_ops = { .keyslot_program = ufshcd_crypto_keyslot_program, diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index b354a7eee478..4b7ad23a4420 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -650,10 +650,17 @@ enum ufshcd_quirks { * nonstandard way and/or needs to override blk_crypto_ll_ops. If * enabled, the standard code won't initialize the blk_crypto_profile; * ufs_hba_variant_ops::init() must do it instead. */ UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE = 1 << 22, + + /* + * This quirk needs to be enabled if the host controller supports inline + * encryption but does not support the CRYPTO_GENERAL_ENABLE bit, i.e. + * host controller initialization fails if that bit is set. + */ + UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE = 1 << 23, }; enum ufshcd_caps { /* Allow dynamic clk gating */ UFSHCD_CAP_CLK_GATING = 1 << 0, From patchwork Tue Jul 2 07:25:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719061 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D0D8F148FE8; Tue, 2 Jul 2024 07:28:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905292; cv=none; b=ExinTio5tzRxQhEp0+mFkie9VwYsDDi+DQWOn2k/8JtkzN/GLKvQgJ4yu6Gj2i0yxgjyKjIVMzEzFeg/zXmjFDeCUpuhyihqreK+tjueR8DCptk4GmUvdXxmTKmiFCuNmFJRtcYgSr3RbD9h6dQ6YFzOUJFdKhLJsn/69iFD1YA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905292; c=relaxed/simple; bh=wdxbvwn5OEVGWzjc/DjUQGsj3FbSX6NwjB9wj/GVnns=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qC/6qPwyTXVvcX98ZxXaGcD0f9Y2jPKXRHHHu8eLWw7BjjwouaO/T1aXMxhnv+galYHCyrh/5l2A2R+Wl2tyU51ii/3M+wiFR6qv3yO4oRTMy2YjuaFiS7puspdnPU2DbGM6hurJcoqEM530GrsvF9sWODYxZpQASJZ3bl1X+1U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=epyvH89j; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="epyvH89j" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2AB60C4AF0D; Tue, 2 Jul 2024 07:28:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905292; bh=wdxbvwn5OEVGWzjc/DjUQGsj3FbSX6NwjB9wj/GVnns=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=epyvH89jEcnMF90ecf5KGnNt6C9kRJN2KahjZvlgK/nEN/zopRvvExKOnMpBwRY1+ qEPhu20iHLdjTFm/bd5qf+8jG5yHc5pAgQXkm4Zqcm1oOmzRC7FpGtn8f8vl0Bt8/B rkTQC5oY8x58BIB7I9QSbPVmaLExgC/jWLHRGQi5Cl+Z59BPfb5/n+h6JOxjwzHjtK cfkmeqkfTiIynX0yhkbfsg0aJPRQx5/Emy4vmYlaqrWlOPkEC8Dngx6wrfyIidKVjq x8ijGcE0xum2YNKiiMfhCKjl/tKbRDVszeAG9kzUNbqnJMn05+Pu9d5H3i5BRazULc s2Xux91YaV63w== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 4/6] scsi: ufs: core: Add fill_crypto_prdt variant op Date: Tue, 2 Jul 2024 00:25:08 -0700 Message-ID: <20240702072510.248272-5-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Add a variant op to allow host drivers to initialize nonstandard crypto-related fields in the PRDT. This is needed to support inline encryption on the "Exynos" UFS controller. Note that this will be used together with the support for overriding the PRDT entry size that was already added by commit ada1e653a5ea ("scsi: ufs: core: Allow UFS host drivers to override the sg entry size"). Signed-off-by: Eric Biggers Reviewed-by: Peter Griffin --- drivers/ufs/core/ufshcd-crypto.h | 19 +++++++++++++++++++ drivers/ufs/core/ufshcd.c | 2 +- include/ufs/ufshcd.h | 4 ++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/drivers/ufs/core/ufshcd-crypto.h b/drivers/ufs/core/ufshcd-crypto.h index be8596f20ba2..3eb8df42e194 100644 --- a/drivers/ufs/core/ufshcd-crypto.h +++ b/drivers/ufs/core/ufshcd-crypto.h @@ -35,10 +35,23 @@ ufshcd_prepare_req_desc_hdr_crypto(struct ufshcd_lrb *lrbp, h->cci = lrbp->crypto_key_slot; h->dunl = cpu_to_le32(lower_32_bits(lrbp->data_unit_num)); h->dunu = cpu_to_le32(upper_32_bits(lrbp->data_unit_num)); } +static inline int ufshcd_crypto_fill_prdt(struct ufs_hba *hba, + struct ufshcd_lrb *lrbp) +{ + struct scsi_cmnd *cmd = lrbp->cmd; + const struct bio_crypt_ctx *crypt_ctx = scsi_cmd_to_rq(cmd)->crypt_ctx; + + if (crypt_ctx && hba->vops && hba->vops->fill_crypto_prdt) + return hba->vops->fill_crypto_prdt(hba, crypt_ctx, + lrbp->ucd_prdt_ptr, + scsi_sg_count(cmd)); + return 0; +} + bool ufshcd_crypto_enable(struct ufs_hba *hba); int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba); void ufshcd_init_crypto(struct ufs_hba *hba); @@ -52,10 +65,16 @@ static inline void ufshcd_prepare_lrbp_crypto(struct request *rq, static inline void ufshcd_prepare_req_desc_hdr_crypto(struct ufshcd_lrb *lrbp, struct request_desc_header *h) { } +static inline int ufshcd_crypto_fill_prdt(struct ufs_hba *hba, + struct ufshcd_lrb *lrbp) +{ + return 0; +} + static inline bool ufshcd_crypto_enable(struct ufs_hba *hba) { return false; } diff --git a/drivers/ufs/core/ufshcd.c b/drivers/ufs/core/ufshcd.c index 1b65e6ae4137..744af9708e51 100644 --- a/drivers/ufs/core/ufshcd.c +++ b/drivers/ufs/core/ufshcd.c @@ -2634,11 +2634,11 @@ static int ufshcd_map_sg(struct ufs_hba *hba, struct ufshcd_lrb *lrbp) if (sg_segments < 0) return sg_segments; ufshcd_sgl_to_prdt(hba, lrbp, sg_segments, scsi_sglist(cmd)); - return 0; + return ufshcd_crypto_fill_prdt(hba, lrbp); } /** * ufshcd_enable_intr - enable interrupts * @hba: per adapter instance diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index 4b7ad23a4420..59aa6c831a41 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -319,10 +319,11 @@ struct ufs_pwr_mode_info { * @dbg_register_dump: used to dump controller debug information * @phy_initialization: used to initialize phys * @device_reset: called to issue a reset pulse on the UFS device * @config_scaling_param: called to configure clock scaling parameters * @program_key: program or evict an inline encryption key + * @fill_crypto_prdt: initialize crypto-related fields in the PRDT * @event_notify: called to notify important events * @reinit_notify: called to notify reinit of UFSHCD during max gear switch * @mcq_config_resource: called to configure MCQ platform resources * @get_hba_mac: called to get vendor specific mac value, mandatory for mcq mode * @op_runtime_config: called to config Operation and runtime regs Pointers @@ -363,10 +364,13 @@ struct ufs_hba_variant_ops { void (*config_scaling_param)(struct ufs_hba *hba, struct devfreq_dev_profile *profile, struct devfreq_simple_ondemand_data *data); int (*program_key)(struct ufs_hba *hba, const union ufs_crypto_cfg_entry *cfg, int slot); + int (*fill_crypto_prdt)(struct ufs_hba *hba, + const struct bio_crypt_ctx *crypt_ctx, + void *prdt, unsigned int num_segments); void (*event_notify)(struct ufs_hba *hba, enum ufs_event_type evt, void *data); void (*reinit_notify)(struct ufs_hba *); int (*mcq_config_resource)(struct ufs_hba *hba); int (*get_hba_mac)(struct ufs_hba *hba); From patchwork Tue Jul 2 07:25:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719062 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 45A0E14AD2E; Tue, 2 Jul 2024 07:28:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905293; cv=none; b=M/WOFeF6cyOdTq+6zXPGjwnJBhpmSl8N6AWAhISgvsAY3bqhYawzRUNcD194a2eTe8sOckBfPfKhHzTnlpGyR3fUUNt1vexqcvqVZnMiZcS2fYA5rqVSR3UdjqdZYPGLowFCubpb5u2i3xR7IFqrojY//HpI4TaMTeKvUXB7sN4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905293; c=relaxed/simple; bh=svMpBL3wAjAMA7+OPjxWHPcVj1+DZNudRpOxqsqEagw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EdQ1iwVM+ggAanKPjf85YjrHbAzWn92wXNoGroMoc1qtsh9aSe+7BTb2DXsDaWCIOX5znD7UxISTCEuH5wuqJmoN+cfTM9WQDCOm7rTZJ4IfoByC0sIEHWF6L9+r5ZCdtw5nxu0FTOSh8Y9JkllhZWhXy6K1mSTadDQwJswLfPA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gTyWE3Un; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gTyWE3Un" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9664DC4AF0C; Tue, 2 Jul 2024 07:28:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905292; bh=svMpBL3wAjAMA7+OPjxWHPcVj1+DZNudRpOxqsqEagw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gTyWE3UnZP1aSUzOP0NKm0+1SqXu87VEQL+AFcOVxVFpvDptJ0gcFjSid+FDZ89br AUqzAfKRh33CHdKtjMAaSJKCjNZ2VkqhPrrRTTPRDruaTyDrFkXp0zWXyJJVjEZ27C Dcw5necq3RdUW5ffBJ1eM9LWojZ9uuEJWfhjD631GmYnHzPJst5HkECU2NWh+wkwo3 w9/AQVxgxhoUu0Hj/LnB/0VputcIRFmZUONejdxv4ldo1/eO2NCNCyh9Awdew3u1NN 8Q4gSTIbgYiWo9YgEyVkbn8dOgclL6tZb319LLTVnjIQLrw4CpAr3UV59ewMbGBLZm W/sNXgF+GhYjg== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 5/6] scsi: ufs: core: Add UFSHCD_QUIRK_KEYS_IN_PRDT Date: Tue, 2 Jul 2024 00:25:09 -0700 Message-ID: <20240702072510.248272-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Since the nonstandard inline encryption support on Exynos SoCs requires that raw cryptographic keys be copied into the PRDT, it is desirable to zeroize those keys after each request to keep them from being left in memory. Therefore, add a quirk bit that enables the zeroization. We could instead do the zeroization unconditionally. However, using a quirk bit avoids adding the zeroization overhead to standard devices. Signed-off-by: Eric Biggers Reviewed-by: Peter Griffin --- drivers/ufs/core/ufshcd-crypto.h | 17 +++++++++++++++++ drivers/ufs/core/ufshcd.c | 1 + include/ufs/ufshcd.h | 8 ++++++++ 3 files changed, 26 insertions(+) diff --git a/drivers/ufs/core/ufshcd-crypto.h b/drivers/ufs/core/ufshcd-crypto.h index 3eb8df42e194..89bb97c14c15 100644 --- a/drivers/ufs/core/ufshcd-crypto.h +++ b/drivers/ufs/core/ufshcd-crypto.h @@ -48,10 +48,24 @@ static inline int ufshcd_crypto_fill_prdt(struct ufs_hba *hba, lrbp->ucd_prdt_ptr, scsi_sg_count(cmd)); return 0; } +static inline void ufshcd_crypto_clear_prdt(struct ufs_hba *hba, + struct ufshcd_lrb *lrbp) +{ + if (!(hba->quirks & UFSHCD_QUIRK_KEYS_IN_PRDT)) + return; + + if (!(scsi_cmd_to_rq(lrbp->cmd)->crypt_ctx)) + return; + + /* Zeroize the PRDT because it can contain cryptographic keys. */ + memzero_explicit(lrbp->ucd_prdt_ptr, + ufshcd_sg_entry_size(hba) * scsi_sg_count(lrbp->cmd)); +} + bool ufshcd_crypto_enable(struct ufs_hba *hba); int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba); void ufshcd_init_crypto(struct ufs_hba *hba); @@ -71,10 +85,13 @@ static inline int ufshcd_crypto_fill_prdt(struct ufs_hba *hba, struct ufshcd_lrb *lrbp) { return 0; } +static inline void ufshcd_crypto_clear_prdt(struct ufs_hba *hba, + struct ufshcd_lrb *lrbp) { } + static inline bool ufshcd_crypto_enable(struct ufs_hba *hba) { return false; } diff --git a/drivers/ufs/core/ufshcd.c b/drivers/ufs/core/ufshcd.c index 744af9708e51..958cc73d8e79 100644 --- a/drivers/ufs/core/ufshcd.c +++ b/drivers/ufs/core/ufshcd.c @@ -5472,10 +5472,11 @@ void ufshcd_release_scsi_cmd(struct ufs_hba *hba, struct ufshcd_lrb *lrbp) { struct scsi_cmnd *cmd = lrbp->cmd; scsi_dma_unmap(cmd); + ufshcd_crypto_clear_prdt(hba, lrbp); ufshcd_release(hba); ufshcd_clk_scaling_update_busy(hba); } /** diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h index 59aa6c831a41..fe0073b37224 100644 --- a/include/ufs/ufshcd.h +++ b/include/ufs/ufshcd.h @@ -661,10 +661,18 @@ enum ufshcd_quirks { * This quirk needs to be enabled if the host controller supports inline * encryption but does not support the CRYPTO_GENERAL_ENABLE bit, i.e. * host controller initialization fails if that bit is set. */ UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE = 1 << 23, + + /* + * This quirk needs to be enabled if the host controller driver copies + * cryptographic keys into the PRDT in order to send them to hardware, + * and therefore the PRDT should be zeroized after each request (as per + * the standard best practice for managing keys). + */ + UFSHCD_QUIRK_KEYS_IN_PRDT = 1 << 24, }; enum ufshcd_caps { /* Allow dynamic clk gating */ UFSHCD_CAP_CLK_GATING = 1 << 0, From patchwork Tue Jul 2 07:25:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 13719063 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 71A6614B08C; Tue, 2 Jul 2024 07:28:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905293; cv=none; b=SOaijr2DGgvkxrg7gEsgZBmNtFbzbVaDWx/3EQgWelxtcR+RHTskw2+TxOhXu+weWUI0quE3DuJXEda9z9MDo6eoVdH31Ff/l8HNtjaCEwcbL8clyBsVTso0rf3nuQySKuApwbgMy/jfpYsNXbFjR/mza/XiFsULxm0y4Y8uaLU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1719905293; c=relaxed/simple; bh=JcITiaOmeyjYHDXneocf1llwgFEAguUgnezj9qcYKJM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DAqAtTd5zEYTRyJSf69MYI7+dKeMtu4HPmgRul0EuB/xZSSqtxcKDqL8rRQsqzQVAofU2e4b49Smxnd3JrevmUthal+VFTUeYNVORn65fdwGOzpunzoDWfwAEYFUDVQk0I06n8B0X+MZbm6LxyS6+szF0SzgVgbgQ6Ikg3SyPlg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=iA1ZJi40; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="iA1ZJi40" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0DC12C116B1; Tue, 2 Jul 2024 07:28:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1719905293; bh=JcITiaOmeyjYHDXneocf1llwgFEAguUgnezj9qcYKJM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=iA1ZJi40WqSHJvMaB9Jkv/CQyycMLNtfbb5I5wbJy5YjxGSKe0EIKR6YAhttVQ8fl yE5H3W38ENyl4OL6dPHA2FSdHQaTJ8qaHhb9u2PlmI3iJBfzhYhBM2/4rPVqYxHBV1 fmVCCgBlcrGo9GjFwB/FagFC/SH89j5uU3qmDlQv4bz15JbGJ+fFsHXYhK+Or0W1uE IcbdX8+yatCUIQuL/7z7X2SPVV3sXpje/bPSAU/TAKra7ysE0t+9stKMtGkAk196+c F5JA9s+/bwGx+gcGHbfHOwMwl+uYxop2l72JGxIBTUocs/En1pPUaGTbOIyhGuEvHx Tea9TxAYXTKeg== From: Eric Biggers To: linux-scsi@vger.kernel.org Cc: linux-samsung-soc@vger.kernel.org, linux-fscrypt@vger.kernel.org, Alim Akhtar , Avri Altman , Bart Van Assche , "Martin K . Petersen" , Peter Griffin , =?utf-8?q?Andr=C3=A9_Draszik?= , William McVicker Subject: [PATCH v2 6/6] scsi: ufs: exynos: Add support for Flash Memory Protector (FMP) Date: Tue, 2 Jul 2024 00:25:10 -0700 Message-ID: <20240702072510.248272-7-ebiggers@kernel.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702072510.248272-1-ebiggers@kernel.org> References: <20240702072510.248272-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-scsi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Add support for Flash Memory Protector (FMP), which is the inline encryption hardware on Exynos and Exynos-based SoCs. Specifically, add support for the "traditional FMP mode" that works on many Exynos-based SoCs including gs101. This is the mode that uses "software keys" and is compatible with the upstream kernel's existing inline encryption framework in the block and filesystem layers. I plan to add support for the wrapped key support on gs101 at a later time. Tested on gs101 (specifically Pixel 6) by running the 'encrypt' group of xfstests on a filesystem mounted with the 'inlinecrypt' mount option. Signed-off-by: Eric Biggers --- drivers/ufs/host/ufs-exynos.c | 228 +++++++++++++++++++++++++++++++++- 1 file changed, 222 insertions(+), 6 deletions(-) diff --git a/drivers/ufs/host/ufs-exynos.c b/drivers/ufs/host/ufs-exynos.c index 88d125d1ee3c..dd545ef7c361 100644 --- a/drivers/ufs/host/ufs-exynos.c +++ b/drivers/ufs/host/ufs-exynos.c @@ -6,10 +6,13 @@ * Author: Seungwon Jeon * Author: Alim Akhtar * */ +#include +#include +#include #include #include #include #include #include @@ -23,16 +26,18 @@ #include #include #include "ufs-exynos.h" +#define DATA_UNIT_SIZE 4096 +#define LOG2_DATA_UNIT_SIZE 12 + /* * Exynos's Vendor specific registers for UFSHCI */ #define HCI_TXPRDT_ENTRY_SIZE 0x00 #define PRDT_PREFECT_EN BIT(31) -#define PRDT_SET_SIZE(x) ((x) & 0x1F) #define HCI_RXPRDT_ENTRY_SIZE 0x04 #define HCI_1US_TO_CNT_VAL 0x0C #define CNT_VAL_1US_MASK 0x3FF #define HCI_UTRL_NEXUS_TYPE 0x40 #define HCI_UTMRL_NEXUS_TYPE 0x44 @@ -1041,12 +1046,12 @@ static int exynos_ufs_post_link(struct ufs_hba *hba) exynos_ufs_establish_connt(ufs); exynos_ufs_fit_aggr_timeout(ufs); hci_writel(ufs, 0xa, HCI_DATA_REORDER); - hci_writel(ufs, PRDT_SET_SIZE(12), HCI_TXPRDT_ENTRY_SIZE); - hci_writel(ufs, PRDT_SET_SIZE(12), HCI_RXPRDT_ENTRY_SIZE); + hci_writel(ufs, LOG2_DATA_UNIT_SIZE, HCI_TXPRDT_ENTRY_SIZE); + hci_writel(ufs, LOG2_DATA_UNIT_SIZE, HCI_RXPRDT_ENTRY_SIZE); hci_writel(ufs, (1 << hba->nutrs) - 1, HCI_UTRL_NEXUS_TYPE); hci_writel(ufs, (1 << hba->nutmrs) - 1, HCI_UTMRL_NEXUS_TYPE); hci_writel(ufs, 0xf, HCI_AXIDMA_RWDATA_BURST_LEN); if (ufs->opts & EXYNOS_UFS_OPT_SKIP_CONNECTION_ESTAB) @@ -1149,10 +1154,218 @@ static inline void exynos_ufs_priv_init(struct ufs_hba *hba, ufs->rx_sel_idx = 0; hba->priv = (void *)ufs; hba->quirks = ufs->drv_data->quirks; } +#ifdef CONFIG_SCSI_UFS_CRYPTO + +/* + * Support for Flash Memory Protector (FMP), which is the inline encryption + * hardware on Exynos and Exynos-based SoCs. The interface to this hardware is + * not compatible with the standard UFS crypto. It requires that encryption be + * configured in the PRDT using a nonstandard extension. + */ + +enum fmp_crypto_algo_mode { + FMP_BYPASS_MODE = 0, + FMP_ALGO_MODE_AES_CBC = 1, + FMP_ALGO_MODE_AES_XTS = 2, +}; +enum fmp_crypto_key_length { + FMP_KEYLEN_256BIT = 1, +}; + +/** + * struct fmp_sg_entry - nonstandard format of PRDT entries when FMP is enabled + * + * @base: The standard PRDT entry, but with nonstandard bitfields in the high + * bits of the 'size' field, i.e. the last 32-bit word. When these + * nonstandard bitfields are zero, the data segment won't be encrypted or + * decrypted. Otherwise they specify the algorithm and key length with + * which the data segment will be encrypted or decrypted. + * @file_iv: The initialization vector (IV) with all bytes reversed + * @file_enckey: The first half of the AES-XTS key with all bytes reserved + * @file_twkey: The second half of the AES-XTS key with all bytes reserved + * @disk_iv: Unused + * @reserved: Unused + */ +struct fmp_sg_entry { + struct ufshcd_sg_entry base; + __be64 file_iv[2]; + __be64 file_enckey[4]; + __be64 file_twkey[4]; + __be64 disk_iv[2]; + __be64 reserved[2]; +}; + +#define SMC_CMD_FMP_SECURITY \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_64, \ + ARM_SMCCC_OWNER_SIP, 0x1810) +#define SMC_CMD_SMU \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_64, \ + ARM_SMCCC_OWNER_SIP, 0x1850) +#define SMC_CMD_FMP_SMU_RESUME \ + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_64, \ + ARM_SMCCC_OWNER_SIP, 0x1860) +#define SMU_EMBEDDED 0 +#define SMU_INIT 0 +#define CFG_DESCTYPE_3 3 + +static void exynos_ufs_fmp_init(struct ufs_hba *hba) +{ + struct blk_crypto_profile *profile = &hba->crypto_profile; + struct arm_smccc_res res; + int err; + + /* + * Check for the standard crypto support bit, since it's available even + * though the rest of the interface to FMP is nonstandard. + * + * This check should have the effect of preventing the driver from + * trying to use FMP on old Exynos SoCs that don't have FMP. + */ + if (!(ufshcd_readl(hba, REG_CONTROLLER_CAPABILITIES) & + MASK_CRYPTO_SUPPORT)) + return; + + /* + * This call (which sets DESCTYPE to 0x3 in the FMPSECURITY0 register) + * is needed to make the hardware use the larger PRDT entry size. + */ + BUILD_BUG_ON(sizeof(struct fmp_sg_entry) != 128); + arm_smccc_smc(SMC_CMD_FMP_SECURITY, 0, SMU_EMBEDDED, CFG_DESCTYPE_3, + 0, 0, 0, 0, &res); + if (res.a0) { + dev_warn(hba->dev, + "SMC_CMD_FMP_SECURITY failed on init: %ld. Disabling FMP support.\n", + res.a0); + return; + } + ufshcd_set_sg_entry_size(hba, sizeof(struct fmp_sg_entry)); + + /* + * This is needed to initialize FMP. Without it, errors occur when + * inline encryption is used. + */ + arm_smccc_smc(SMC_CMD_SMU, SMU_INIT, SMU_EMBEDDED, 0, 0, 0, 0, 0, &res); + if (res.a0) { + dev_err(hba->dev, + "SMC_CMD_SMU(SMU_INIT) failed: %ld. Disabling FMP support.\n", + res.a0); + return; + } + + /* Advertise crypto capabilities to the block layer. */ + err = devm_blk_crypto_profile_init(hba->dev, profile, 0); + if (err) { + /* Only ENOMEM should be possible here. */ + dev_err(hba->dev, "Failed to initialize crypto profile: %d\n", + err); + return; + } + profile->max_dun_bytes_supported = AES_BLOCK_SIZE; + profile->dev = hba->dev; + profile->modes_supported[BLK_ENCRYPTION_MODE_AES_256_XTS] = + DATA_UNIT_SIZE; + + /* Advertise crypto support to ufshcd-core. */ + hba->caps |= UFSHCD_CAP_CRYPTO; + + /* Advertise crypto quirks to ufshcd-core. */ + hba->quirks |= UFSHCD_QUIRK_CUSTOM_CRYPTO_PROFILE | + UFSHCD_QUIRK_BROKEN_CRYPTO_ENABLE | + UFSHCD_QUIRK_KEYS_IN_PRDT; + +} + +static void exynos_ufs_fmp_resume(struct ufs_hba *hba) +{ + struct arm_smccc_res res; + + arm_smccc_smc(SMC_CMD_FMP_SECURITY, 0, SMU_EMBEDDED, CFG_DESCTYPE_3, + 0, 0, 0, 0, &res); + if (res.a0) + dev_err(hba->dev, + "SMC_CMD_FMP_SECURITY failed on resume: %ld\n", res.a0); + + arm_smccc_smc(SMC_CMD_FMP_SMU_RESUME, 0, SMU_EMBEDDED, 0, 0, 0, 0, 0, + &res); + if (res.a0) + dev_err(hba->dev, + "SMC_CMD_FMP_SMU_RESUME failed: %ld\n", res.a0); +} + +static inline __be64 fmp_key_word(const u8 *key, int j) +{ + return cpu_to_be64(get_unaligned_le64( + key + AES_KEYSIZE_256 - (j + 1) * sizeof(u64))); +} + +/* Fill the PRDT for a request according to the given encryption context. */ +static int exynos_ufs_fmp_fill_prdt(struct ufs_hba *hba, + const struct bio_crypt_ctx *crypt_ctx, + void *prdt, unsigned int num_segments) +{ + struct fmp_sg_entry *fmp_prdt = prdt; + const u8 *enckey = crypt_ctx->bc_key->raw; + const u8 *twkey = enckey + AES_KEYSIZE_256; + u64 dun_lo = crypt_ctx->bc_dun[0]; + u64 dun_hi = crypt_ctx->bc_dun[1]; + unsigned int i; + + /* If FMP wasn't enabled, we shouldn't get any encrypted requests. */ + if (WARN_ON_ONCE(!(hba->caps & UFSHCD_CAP_CRYPTO))) + return -EIO; + + /* Configure FMP on each segment of the request. */ + for (i = 0; i < num_segments; i++) { + struct fmp_sg_entry *prd = &fmp_prdt[i]; + int j; + + /* Each segment must be exactly one data unit. */ + if (prd->base.size != cpu_to_le32(DATA_UNIT_SIZE - 1)) { + dev_err(hba->dev, + "data segment is misaligned for FMP\n"); + return -EIO; + } + + /* Set the algorithm and key length. */ + prd->base.size |= cpu_to_le32((FMP_ALGO_MODE_AES_XTS << 28) | + (FMP_KEYLEN_256BIT << 26)); + + /* Set the IV. */ + prd->file_iv[0] = cpu_to_be64(dun_hi); + prd->file_iv[1] = cpu_to_be64(dun_lo); + + /* Set the key. */ + for (j = 0; j < AES_KEYSIZE_256 / sizeof(u64); j++) { + prd->file_enckey[j] = fmp_key_word(enckey, j); + prd->file_twkey[j] = fmp_key_word(twkey, j); + } + + /* Increment the data unit number. */ + dun_lo++; + if (dun_lo == 0) + dun_hi++; + } + return 0; +} + +#else /* CONFIG_SCSI_UFS_CRYPTO */ + +static void exynos_ufs_fmp_init(struct ufs_hba *hba) +{ +} + +static void exynos_ufs_fmp_resume(struct ufs_hba *hba) +{ +} + +#define exynos_ufs_fmp_fill_prdt NULL + +#endif /* !CONFIG_SCSI_UFS_CRYPTO */ + static int exynos_ufs_init(struct ufs_hba *hba) { struct device *dev = hba->dev; struct platform_device *pdev = to_platform_device(dev); struct exynos_ufs *ufs; @@ -1196,10 +1409,12 @@ static int exynos_ufs_init(struct ufs_hba *hba) goto out; } exynos_ufs_priv_init(hba, ufs); + exynos_ufs_fmp_init(hba); + if (ufs->drv_data->drv_init) { ret = ufs->drv_data->drv_init(dev, ufs); if (ret) { dev_err(dev, "failed to init drv-data\n"); goto out; @@ -1211,11 +1426,11 @@ static int exynos_ufs_init(struct ufs_hba *hba) goto out; exynos_ufs_specify_phy_time_attr(ufs); if (!(ufs->opts & EXYNOS_UFS_OPT_UFSPR_SECURE)) exynos_ufs_config_smu(ufs); - hba->host->dma_alignment = SZ_4K - 1; + hba->host->dma_alignment = DATA_UNIT_SIZE - 1; return 0; out: hba->priv = NULL; return ret; @@ -1330,11 +1545,11 @@ static int exynos_ufs_hce_enable_notify(struct ufs_hba *hba, * The maximum segment size must be set after scsi_host_alloc() * has been called and before LUN scanning starts * (ufshcd_async_scan()). Note: this callback may also be called * from other functions than ufshcd_init(). */ - hba->host->max_segment_size = SZ_4K; + hba->host->max_segment_size = DATA_UNIT_SIZE; if (ufs->drv_data->pre_hce_enable) { ret = ufs->drv_data->pre_hce_enable(ufs); if (ret) return ret; @@ -1430,11 +1645,11 @@ static int exynos_ufs_resume(struct ufs_hba *hba, enum ufs_pm_op pm_op) if (!ufshcd_is_link_active(hba)) phy_power_on(ufs->phy); exynos_ufs_config_smu(ufs); - + exynos_ufs_fmp_resume(hba); return 0; } static int exynosauto_ufs_vh_link_startup_notify(struct ufs_hba *hba, enum ufs_notify_change_status status) @@ -1696,10 +1911,11 @@ static const struct ufs_hba_variant_ops ufs_hba_exynos_ops = { .setup_xfer_req = exynos_ufs_specify_nexus_t_xfer_req, .setup_task_mgmt = exynos_ufs_specify_nexus_t_tm_req, .hibern8_notify = exynos_ufs_hibern8_notify, .suspend = exynos_ufs_suspend, .resume = exynos_ufs_resume, + .fill_crypto_prdt = exynos_ufs_fmp_fill_prdt, }; static struct ufs_hba_variant_ops ufs_hba_exynosauto_vh_ops = { .name = "exynosauto_ufs_vh", .init = exynosauto_ufs_vh_init,