Message ID | 20210121090140.326380-7-ebiggers@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | eMMC inline encryption support | expand |
- trimmed cc-list On Thu, 21 Jan 2021 at 10:03, Eric Biggers <ebiggers@kernel.org> wrote: > > From: Eric Biggers <ebiggers@google.com> > > The SCM calls QCOM_SCM_ES_INVALIDATE_ICE_KEY and > QCOM_SCM_ES_CONFIG_SET_ICE_KEY are also needed for eMMC inline > encryption support, not just for UFS. Update the comments accordingly. > > Reviewed-by: Satya Tangirala <satyat@google.com> > Signed-off-by: Eric Biggers <ebiggers@google.com> Björn, may I have your ack on this one? I intend to queue this via my mmc tree. Kind regards Uffe > --- > drivers/firmware/qcom_scm.c | 16 +++++++++++----- > 1 file changed, 11 insertions(+), 5 deletions(-) > > diff --git a/drivers/firmware/qcom_scm.c b/drivers/firmware/qcom_scm.c > index 7be48c1bec96d..f57779fc7ee93 100644 > --- a/drivers/firmware/qcom_scm.c > +++ b/drivers/firmware/qcom_scm.c > @@ -965,8 +965,11 @@ EXPORT_SYMBOL(qcom_scm_ice_available); > * qcom_scm_ice_invalidate_key() - Invalidate an inline encryption key > * @index: the keyslot to invalidate > * > - * The UFSHCI standard defines a standard way to do this, but it doesn't work on > - * these SoCs; only this SCM call does. > + * The UFSHCI and eMMC standards define a standard way to do this, but it > + * doesn't work on these SoCs; only this SCM call does. > + * > + * It is assumed that the SoC has only one ICE instance being used, as this SCM > + * call doesn't specify which ICE instance the keyslot belongs to. > * > * Return: 0 on success; -errno on failure. > */ > @@ -995,10 +998,13 @@ EXPORT_SYMBOL(qcom_scm_ice_invalidate_key); > * units, e.g. 1 = 512 bytes, 8 = 4096 bytes, etc. > * > * Program a key into a keyslot of Qualcomm ICE (Inline Crypto Engine), where it > - * can then be used to encrypt/decrypt UFS I/O requests inline. > + * can then be used to encrypt/decrypt UFS or eMMC I/O requests inline. > + * > + * The UFSHCI and eMMC standards define a standard way to do this, but it > + * doesn't work on these SoCs; only this SCM call does. > * > - * The UFSHCI standard defines a standard way to do this, but it doesn't work on > - * these SoCs; only this SCM call does. > + * It is assumed that the SoC has only one ICE instance being used, as this SCM > + * call doesn't specify which ICE instance the keyslot belongs to. > * > * Return: 0 on success; -errno on failure. > */ > -- > 2.30.0 >
On Thu 21 Jan 08:42 CST 2021, Ulf Hansson wrote: > - trimmed cc-list > > On Thu, 21 Jan 2021 at 10:03, Eric Biggers <ebiggers@kernel.org> wrote: > > > > From: Eric Biggers <ebiggers@google.com> > > > > The SCM calls QCOM_SCM_ES_INVALIDATE_ICE_KEY and > > QCOM_SCM_ES_CONFIG_SET_ICE_KEY are also needed for eMMC inline > > encryption support, not just for UFS. Update the comments accordingly. > > > > Reviewed-by: Satya Tangirala <satyat@google.com> > > Signed-off-by: Eric Biggers <ebiggers@google.com> > > Björn, may I have your ack on this one? I intend to queue this via my mmc tree. > Certainly, sorry for not paying attention. Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org> And I presume I'll take the dts patch (8/9) through the Qcom tree... Regards, Bjorn > Kind regards > Uffe > > > --- > > drivers/firmware/qcom_scm.c | 16 +++++++++++----- > > 1 file changed, 11 insertions(+), 5 deletions(-) > > > > diff --git a/drivers/firmware/qcom_scm.c b/drivers/firmware/qcom_scm.c > > index 7be48c1bec96d..f57779fc7ee93 100644 > > --- a/drivers/firmware/qcom_scm.c > > +++ b/drivers/firmware/qcom_scm.c > > @@ -965,8 +965,11 @@ EXPORT_SYMBOL(qcom_scm_ice_available); > > * qcom_scm_ice_invalidate_key() - Invalidate an inline encryption key > > * @index: the keyslot to invalidate > > * > > - * The UFSHCI standard defines a standard way to do this, but it doesn't work on > > - * these SoCs; only this SCM call does. > > + * The UFSHCI and eMMC standards define a standard way to do this, but it > > + * doesn't work on these SoCs; only this SCM call does. > > + * > > + * It is assumed that the SoC has only one ICE instance being used, as this SCM > > + * call doesn't specify which ICE instance the keyslot belongs to. > > * > > * Return: 0 on success; -errno on failure. > > */ > > @@ -995,10 +998,13 @@ EXPORT_SYMBOL(qcom_scm_ice_invalidate_key); > > * units, e.g. 1 = 512 bytes, 8 = 4096 bytes, etc. > > * > > * Program a key into a keyslot of Qualcomm ICE (Inline Crypto Engine), where it > > - * can then be used to encrypt/decrypt UFS I/O requests inline. > > + * can then be used to encrypt/decrypt UFS or eMMC I/O requests inline. > > + * > > + * The UFSHCI and eMMC standards define a standard way to do this, but it > > + * doesn't work on these SoCs; only this SCM call does. > > * > > - * The UFSHCI standard defines a standard way to do this, but it doesn't work on > > - * these SoCs; only this SCM call does. > > + * It is assumed that the SoC has only one ICE instance being used, as this SCM > > + * call doesn't specify which ICE instance the keyslot belongs to. > > * > > * Return: 0 on success; -errno on failure. > > */ > > -- > > 2.30.0 > >
On Thu, 21 Jan 2021 at 16:30, Bjorn Andersson <bjorn.andersson@linaro.org> wrote: > > On Thu 21 Jan 08:42 CST 2021, Ulf Hansson wrote: > > > - trimmed cc-list > > > > On Thu, 21 Jan 2021 at 10:03, Eric Biggers <ebiggers@kernel.org> wrote: > > > > > > From: Eric Biggers <ebiggers@google.com> > > > > > > The SCM calls QCOM_SCM_ES_INVALIDATE_ICE_KEY and > > > QCOM_SCM_ES_CONFIG_SET_ICE_KEY are also needed for eMMC inline > > > encryption support, not just for UFS. Update the comments accordingly. > > > > > > Reviewed-by: Satya Tangirala <satyat@google.com> > > > Signed-off-by: Eric Biggers <ebiggers@google.com> > > > > Björn, may I have your ack on this one? I intend to queue this via my mmc tree. > > > > Certainly, sorry for not paying attention. > > Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org> Thanks! > > > And I presume I'll take the dts patch (8/9) through the Qcom tree... Yep, I leave that for you. [...] Kind regards Uffe
diff --git a/drivers/firmware/qcom_scm.c b/drivers/firmware/qcom_scm.c index 7be48c1bec96d..f57779fc7ee93 100644 --- a/drivers/firmware/qcom_scm.c +++ b/drivers/firmware/qcom_scm.c @@ -965,8 +965,11 @@ EXPORT_SYMBOL(qcom_scm_ice_available); * qcom_scm_ice_invalidate_key() - Invalidate an inline encryption key * @index: the keyslot to invalidate * - * The UFSHCI standard defines a standard way to do this, but it doesn't work on - * these SoCs; only this SCM call does. + * The UFSHCI and eMMC standards define a standard way to do this, but it + * doesn't work on these SoCs; only this SCM call does. + * + * It is assumed that the SoC has only one ICE instance being used, as this SCM + * call doesn't specify which ICE instance the keyslot belongs to. * * Return: 0 on success; -errno on failure. */ @@ -995,10 +998,13 @@ EXPORT_SYMBOL(qcom_scm_ice_invalidate_key); * units, e.g. 1 = 512 bytes, 8 = 4096 bytes, etc. * * Program a key into a keyslot of Qualcomm ICE (Inline Crypto Engine), where it - * can then be used to encrypt/decrypt UFS I/O requests inline. + * can then be used to encrypt/decrypt UFS or eMMC I/O requests inline. + * + * The UFSHCI and eMMC standards define a standard way to do this, but it + * doesn't work on these SoCs; only this SCM call does. * - * The UFSHCI standard defines a standard way to do this, but it doesn't work on - * these SoCs; only this SCM call does. + * It is assumed that the SoC has only one ICE instance being used, as this SCM + * call doesn't specify which ICE instance the keyslot belongs to. * * Return: 0 on success; -errno on failure. */