[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <311e97da-3ec3-407a-920b-fd042392cf0b@linaro.org>
Date: Mon, 17 Jun 2024 19:39:31 +0200
From: Konrad Dybcio <konrad.dybcio@...aro.org>
To: Gaurav Kashyap <quic_gaurkash@...cinc.com>,
linux-arm-msm@...r.kernel.org, linux-scsi@...r.kernel.org,
andersson@...nel.org, ebiggers@...gle.com, neil.armstrong@...aro.org,
srinivas.kandagatla@...aro.org, krzysztof.kozlowski+dt@...aro.org,
conor+dt@...nel.org, robh+dt@...nel.org
Cc: linux-kernel@...r.kernel.org, linux-mmc@...r.kernel.org,
kernel@...cinc.com, linux-crypto@...r.kernel.org,
devicetree@...r.kernel.org, quic_omprsing@...cinc.com,
quic_nguyenb@...cinc.com, bartosz.golaszewski@...aro.org,
ulf.hansson@...aro.org, jejb@...ux.ibm.com, martin.petersen@...cle.com,
mani@...nel.org, davem@...emloft.net, herbert@...dor.apana.org.au,
psodagud@...cinc.com, quic_apurupa@...cinc.com, sonalg@...cinc.com
Subject: Re: [PATCH v5 13/15] dt-bindings: crypto: ice: document the hwkm
property
On 6/17/24 02:51, Gaurav Kashyap wrote:
> When Qualcomm's Inline Crypto Engine (ICE) contains Hardware
> Key Manager (HWKM), and the 'HWKM' mode is enabled, it
> supports wrapped keys. However, this also requires firmware
> support in Trustzone to work correctly, which may not be available
> on all chipsets. In the above scenario, ICE needs to support standard
> keys even though HWKM is integrated from a hardware perspective.
>
> Introducing this property so that Hardware wrapped key support
> can be enabled/disabled from software based on chipset firmware,
> and not just based on hardware version.
>
> Tested-by: Neil Armstrong <neil.armstrong@...aro.org>
> Signed-off-by: Gaurav Kashyap <quic_gaurkash@...cinc.com>
> ---
> .../bindings/crypto/qcom,inline-crypto-engine.yaml | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/crypto/qcom,inline-crypto-engine.yaml b/Documentation/devicetree/bindings/crypto/qcom,inline-crypto-engine.yaml
> index 0304f074cf08..0bb4d008f961 100644
> --- a/Documentation/devicetree/bindings/crypto/qcom,inline-crypto-engine.yaml
> +++ b/Documentation/devicetree/bindings/crypto/qcom,inline-crypto-engine.yaml
> @@ -27,6 +27,16 @@ properties:
> clocks:
> maxItems: 1
>
> + qcom,ice-use-hwkm:
> + type: boolean
> + description:
> + Use the supported Hardware Key Manager (HWKM) in Qualcomm ICE
> + to support wrapped keys. Having this entry helps scenarios where
> + the ICE hardware supports HWKM, but the Trustzone firmware does
> + not have the full capability to use this HWKM and support wrapped
> + keys. Not having this entry enabled would make ICE function in
> + non-HWKM mode supporting standard keys.
Just check if qcom_scm_derive_sw_secret is available instead
Konrad
Powered by blists - more mailing lists