[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240906-wrapped-keys-v6-13-d59e61bc0cb4@linaro.org>
Date: Fri, 06 Sep 2024 20:07:16 +0200
From: Bartosz Golaszewski <brgl@...ev.pl>
To: Jens Axboe <axboe@...nel.dk>, Jonathan Corbet <corbet@....net>,
Alasdair Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...nel.org>,
Mikulas Patocka <mpatocka@...hat.com>,
Adrian Hunter <adrian.hunter@...el.com>,
Asutosh Das <quic_asutoshd@...cinc.com>,
Ritesh Harjani <ritesh.list@...il.com>,
Ulf Hansson <ulf.hansson@...aro.org>, Alim Akhtar <alim.akhtar@...sung.com>,
Avri Altman <avri.altman@....com>, Bart Van Assche <bvanassche@....org>,
"James E.J. Bottomley" <James.Bottomley@...senPartnership.com>,
"Martin K. Petersen" <martin.petersen@...cle.com>,
Eric Biggers <ebiggers@...nel.org>, "Theodore Y. Ts'o" <tytso@....edu>,
Jaegeuk Kim <jaegeuk@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
Bjorn Andersson <andersson@...nel.org>,
Konrad Dybcio <konradybcio@...nel.org>,
Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>,
Dmitry Baryshkov <dmitry.baryshkov@...aro.org>,
Gaurav Kashyap <quic_gaurkash@...cinc.com>,
Neil Armstrong <neil.armstrong@...aro.org>
Cc: linux-block@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, dm-devel@...ts.linux.dev,
linux-mmc@...r.kernel.org, linux-scsi@...r.kernel.org,
linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-arm-msm@...r.kernel.org,
Bartosz Golaszewski <bartosz.golaszewski@...aro.org>,
Om Prakash Singh <quic_omprsing@...cinc.com>
Subject: [PATCH v6 13/17] ufs: core: add support for deriving the software
secret
From: Gaurav Kashyap <quic_gaurkash@...cinc.com>
Extend the UFS core to allow calling the block layer's callback for
deriving the software secret from a wrapped key. This is needed as in
most cases the wrapped key support will be vendor-specific and the
implementation will live in the specific UFS driver.
Tested-by: Neil Armstrong <neil.armstrong@...aro.org>
Reviewed-by: Om Prakash Singh <quic_omprsing@...cinc.com>
Signed-off-by: Gaurav Kashyap <quic_gaurkash@...cinc.com>
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@...aro.org>
---
drivers/ufs/core/ufshcd-crypto.c | 15 +++++++++++++++
include/ufs/ufshcd.h | 3 +++
2 files changed, 18 insertions(+)
diff --git a/drivers/ufs/core/ufshcd-crypto.c b/drivers/ufs/core/ufshcd-crypto.c
index 64389e876910..2530239d42af 100644
--- a/drivers/ufs/core/ufshcd-crypto.c
+++ b/drivers/ufs/core/ufshcd-crypto.c
@@ -113,6 +113,20 @@ static int ufshcd_crypto_keyslot_evict(struct blk_crypto_profile *profile,
return ufshcd_program_key(hba, NULL, &cfg, slot);
}
+static int ufshcd_crypto_derive_sw_secret(struct blk_crypto_profile *profile,
+ const u8 wkey[], size_t wkey_size,
+ u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
+{
+ struct ufs_hba *hba =
+ container_of(profile, struct ufs_hba, crypto_profile);
+
+ if (hba->vops && hba->vops->derive_sw_secret)
+ return hba->vops->derive_sw_secret(hba, wkey, wkey_size,
+ sw_secret);
+
+ return -EOPNOTSUPP;
+}
+
/*
* Reprogram the keyslots if needed, and return true if CRYPTO_GENERAL_ENABLE
* should be used in the host controller initialization sequence.
@@ -134,6 +148,7 @@ bool ufshcd_crypto_enable(struct ufs_hba *hba)
static const struct blk_crypto_ll_ops ufshcd_crypto_ops = {
.keyslot_program = ufshcd_crypto_keyslot_program,
.keyslot_evict = ufshcd_crypto_keyslot_evict,
+ .derive_sw_secret = ufshcd_crypto_derive_sw_secret,
};
static enum blk_crypto_mode_num
diff --git a/include/ufs/ufshcd.h b/include/ufs/ufshcd.h
index a2dad4f982c2..c11dd3baf53c 100644
--- a/include/ufs/ufshcd.h
+++ b/include/ufs/ufshcd.h
@@ -372,6 +372,9 @@ struct ufs_hba_variant_ops {
int (*program_key)(struct ufs_hba *hba,
const struct blk_crypto_key *bkey,
const union ufs_crypto_cfg_entry *cfg, int slot);
+ int (*derive_sw_secret)(struct ufs_hba *hba, const u8 wkey[],
+ unsigned int wkey_size,
+ u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]);
int (*fill_crypto_prdt)(struct ufs_hba *hba,
const struct bio_crypt_ctx *crypt_ctx,
void *prdt, unsigned int num_segments);
--
2.43.0
Powered by blists - more mailing lists