| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0a8b4abe-3348-4f2d-b986-f4f5cc7e68b5@intel.com>
Date: Thu, 16 Oct 2025 10:08:02 +0300
From: Adrian Hunter <adrian.hunter@...el.com>
To: Md Sadre Alam <quic_mdalam@...cinc.com>, <ulf.hansson@...aro.org>,
<linux-arm-msm@...r.kernel.org>, <linux-mmc@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <quic_varada@...cinc.com>
Subject: Re: [PATCH v2] mmc: sdhci-msm: Enable ICE support for non-cmdq eMMC
devices
On 14/10/2025 12:35, Md Sadre Alam wrote:
> Enable Inline Crypto Engine (ICE) support for eMMC devices that operate
> without Command Queue Engine (CQE).This allows hardware-accelerated
> encryption and decryption for standard (non-CMDQ) requests.
>
> This patch:
> - Adds ICE register definitions for non-CMDQ crypto configuration
> - Implements a per-request crypto setup via sdhci_msm_ice_cfg()
> - Hooks into the request path via mmc_host_ops.request
> - Initializes ICE hardware during CQE setup for compatible platforms
>
> With this, non-CMDQ eMMC devices can benefit from inline encryption,
> improving performance for encrypted I/O while maintaining compatibility
> with existing CQE crypto support.
>
> Signed-off-by: Md Sadre Alam <quic_mdalam@...cinc.com>
Acked-by: Adrian Hunter <adrian.hunter@...el.com>
> ---
>
> Change in [v2]
>
> * Moved NONCQ_CRYPTO_PARM and NONCQ_CRYPTO_DUN register definitions into
> sdhci-msm.c
>
> * Introduced use of GENMASK() and FIELD_PREP() macros for cleaner and more
> maintainable bitfield handling in ICE configuration.
>
> * Removed redundant if (!mrq || !cq_host) check from sdhci_msm_ice_cfg()
> as both are guaranteed to be valid in the current call path.
>
> * Added assignment of host->mmc_host_ops.request = sdhci_msm_request; to
> integrate ICE configuration into the standard request path for non-CMDQ
> eMMC devices.
>
> * Removed sdhci_crypto_cfg() from sdhci.c and its invocation in sdhci_request()
>
> Change in [v1]
>
> * Added initial support for Inline Crypto Engine (ICE) on non-CMDQ eMMC
> devices.
>
> drivers/mmc/host/sdhci-msm.c | 71 ++++++++++++++++++++++++++++++++++++
> 1 file changed, 71 insertions(+)
>
> diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c
> index 4e5edbf2fc9b..483aadaca262 100644
> --- a/drivers/mmc/host/sdhci-msm.c
> +++ b/drivers/mmc/host/sdhci-msm.c
> @@ -157,6 +157,18 @@
> #define CQHCI_VENDOR_CFG1 0xA00
> #define CQHCI_VENDOR_DIS_RST_ON_CQ_EN (0x3 << 13)
>
> +/* non command queue crypto enable register*/
> +#define NONCQ_CRYPTO_PARM 0x70
> +#define NONCQ_CRYPTO_DUN 0x74
> +
> +#define DISABLE_CRYPTO BIT(15)
> +#define CRYPTO_GENERAL_ENABLE BIT(1)
> +#define HC_VENDOR_SPECIFIC_FUNC4 0x260
> +#define ICE_HCI_SUPPORT BIT(28)
> +
> +#define ICE_HCI_PARAM_CCI GENMASK(7, 0)
> +#define ICE_HCI_PARAM_CE GENMASK(8, 8)
> +
> struct sdhci_msm_offset {
> u32 core_hc_mode;
> u32 core_mci_data_cnt;
> @@ -1885,6 +1897,48 @@ static void sdhci_msm_set_clock(struct sdhci_host *host, unsigned int clock)
>
> #ifdef CONFIG_MMC_CRYPTO
>
> +static int sdhci_msm_ice_cfg(struct sdhci_host *host, struct mmc_request *mrq,
> + u32 slot)
> +{
> + struct sdhci_pltfm_host *pltfm_host = sdhci_priv(host);
> + struct sdhci_msm_host *msm_host = sdhci_pltfm_priv(pltfm_host);
> + struct mmc_host *mmc = msm_host->mmc;
> + struct cqhci_host *cq_host = mmc->cqe_private;
> + unsigned int crypto_params = 0;
> + int key_index = 0;
> + bool bypass = true;
> + u64 dun = 0;
> +
> + if (mrq->crypto_ctx) {
> + dun = mrq->crypto_ctx->bc_dun[0];
> + bypass = false;
> + key_index = mrq->crypto_key_slot;
> + }
> +
> + crypto_params = FIELD_PREP(ICE_HCI_PARAM_CE, !bypass) |
> + FIELD_PREP(ICE_HCI_PARAM_CCI, key_index);
> +
> + cqhci_writel(cq_host, crypto_params, NONCQ_CRYPTO_PARM);
> +
> + if (mrq->crypto_ctx)
> + cqhci_writel(cq_host, lower_32_bits(dun), NONCQ_CRYPTO_DUN);
> +
> + /* Ensure crypto configuration is written before proceeding */
> + wmb();
> +
> + return 0;
> +}
> +
> +static void sdhci_msm_request(struct mmc_host *mmc, struct mmc_request *mrq)
> +{
> + struct sdhci_host *host = mmc_priv(mmc);
> +
> + if (mmc->caps2 & MMC_CAP2_CRYPTO)
> + sdhci_msm_ice_cfg(host, mrq, 0);
> +
> + sdhci_request(mmc, mrq);
> +}
> +
> static const struct blk_crypto_ll_ops sdhci_msm_crypto_ops; /* forward decl */
>
> static int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host,
> @@ -2131,6 +2185,8 @@ static int sdhci_msm_cqe_add_host(struct sdhci_host *host,
> struct cqhci_host *cq_host;
> bool dma64;
> u32 cqcfg;
> + u32 config;
> + u32 ice_cap;
> int ret;
>
> /*
> @@ -2185,6 +2241,18 @@ static int sdhci_msm_cqe_add_host(struct sdhci_host *host,
> if (ret)
> goto cleanup;
>
> + /* Initialize ICE for non-CMDQ eMMC devices */
> + config = sdhci_readl(host, HC_VENDOR_SPECIFIC_FUNC4);
> + config &= ~DISABLE_CRYPTO;
> + sdhci_writel(host, config, HC_VENDOR_SPECIFIC_FUNC4);
> + ice_cap = cqhci_readl(cq_host, CQHCI_CAP);
> + if (ice_cap & ICE_HCI_SUPPORT) {
> + config = cqhci_readl(cq_host, CQHCI_CFG);
> + config |= CRYPTO_GENERAL_ENABLE;
> + cqhci_writel(cq_host, config, CQHCI_CFG);
> + }
> + sdhci_msm_ice_enable(msm_host);
> +
> dev_info(&pdev->dev, "%s: CQE init: success\n",
> mmc_hostname(host->mmc));
> return ret;
> @@ -2759,6 +2827,9 @@ static int sdhci_msm_probe(struct platform_device *pdev)
>
> msm_host->mmc->caps |= MMC_CAP_WAIT_WHILE_BUSY | MMC_CAP_NEED_RSP_BUSY;
>
> +#ifdef CONFIG_MMC_CRYPTO
> + host->mmc_host_ops.request = sdhci_msm_request;
> +#endif
> /* Set the timeout value to max possible */
> host->max_timeout_count = 0xF;
>
Powered by blists - more mailing lists