Thread (38 messages) 38 messages, 7 authors, 2024-09-26

Re: [PATCH v6 10/17] soc: qcom: ice: add support for hardware wrapped keys

From: Konrad Dybcio <konradybcio@kernel.org>
Date: 2024-09-09 11:51:46
Also in: dm-devel, linux-arm-msm, linux-doc, linux-fscrypt, linux-fsdevel, linux-mmc, linux-scsi, lkml

On 6.09.2024 8:07 PM, Bartosz Golaszewski wrote:
From: Gaurav Kashyap <redacted>

Now that HWKM support has been added to ICE, extend the ICE driver to
support hardware wrapped keys programming coming in from the storage
controllers (UFS and eMMC). This is similar to raw keys where the call is
forwarded to Trustzone, however we also need to clear and re-enable
CFGE before and after programming the key.

Derive software secret support is also added by forwarding the call to
the corresponding SCM API.

Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Reviewed-by: Om Prakash Singh <redacted>
Signed-off-by: Gaurav Kashyap <redacted>
Signed-off-by: Bartosz Golaszewski <redacted>
---
[...]

+static int qcom_ice_program_wrapped_key(struct qcom_ice *ice,
+					const struct blk_crypto_key *key,
+					u8 data_unit_size, int slot)
+{
+	union crypto_cfg cfg;
+	int hwkm_slot;
+	int err;
+
+	hwkm_slot = translate_hwkm_slot(ice, slot);
+
+	memset(&cfg, 0, sizeof(cfg));
union crypto_cfg cfg = { 0 };

?
+	cfg.dusize = data_unit_size;
+	cfg.capidx = QCOM_SCM_ICE_CIPHER_AES_256_XTS;
+	cfg.cfge = 0x80;
Or just partially initialize it at declaration time?

Also, what's 0x80?

Konrad
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help