Message ID | 20210126001456.382989-1-ebiggers@kernel.org (mailing list archive) |
---|---|
Headers | show |
Series | eMMC inline encryption support | expand |
On Tue, 26 Jan 2021 at 01:15, Eric Biggers <ebiggers@kernel.org> wrote: > > [Resending because most of the patches didn't make it to the lists for > some reason...] > > Hello, > > This patchset adds support for eMMC inline encryption, as specified by > the upcoming version of the eMMC specification and as already > implemented and used on many devices. Building on that, it then adds > Qualcomm ICE support and wires it up for the Snapdragon 630 SoC. > > Inline encryption hardware improves the performance of storage > encryption and reduces power usage. See > Documentation/block/inline-encryption.rst for more information about > inline encryption and the blk-crypto framework (upstreamed in v5.8) > which supports it. Most mobile devices already use UFS or eMMC inline > encryption hardware; UFS support was already upstreamed in v5.9. > > Patches 1-4 add support for the standard eMMC inline encryption. > > However, as with UFS, host controller-specific patches are needed on top > of the standard support. Therefore, patches 5-9 add Qualcomm ICE > (Inline Crypto Engine) support and wire it up on the Snapdragon 630 SoC. > > To test this I took advantage of the recently upstreamed support for the > Snapdragon 630 SoC, plus work-in-progress patches from the SoMainline > project (https://github.com/SoMainline/linux/tree/konrad/v5.10-rc3). In > particular, I was able to run the fscrypt xfstests for ext4 and f2fs in > a Debian chroot. Among other things, these tests verified that the > correct ciphertext is written to disk (the same as software encryption). > > It will also be possible to add support for Mediatek eMMC inline > encryption hardware in mtk-sd, and it should be easier than the Qualcomm > hardware since the Mediatek hardware follows the standard more closely. > I.e., patches 1-4 should be almost enough for the Mediatek hardware. > > This patchset is based on the "next" branch (commit 42af8761bc84) of > https://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc.git, > plus the patch "block/keyslot-manager: introduce devm_blk_ksm_init()" > (https://lkml.kernel.org/r/20210121082155.111333-2-ebiggers@kernel.org). > It can also be retrieved from tag "mmc-crypto-v6" of > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git > > Changed in v6: > - Define MMC_CAP2_CRYPTO to 0 when !CONFIG_MMC_CRYPTO. > - Moved the sdm630 device tree update to the end of the series, > since it will go in through a different tree. > - Added an Acked-by. > > Changed in v5: > - Use the proposed resource-managed variant of blk_ksm_init(). > - Removed an unnecessary call to devm_kfree(). > > Changed in v4: > - Added Acked-by and Reviewed-and-tested-by tags. > - Rebased onto v5.11-rc2. > > Changed in v3: > - Improved comment for sdhci_msm_ice_wait_bist_status() > - Removed an unhelpful comment in union cqhci_crypto_cfg_entry. > - Fixed the commit message of "mmc: cqhci: initialize upper 64 bits of > 128-bit task descriptors". > - Added Reviewed-by's and Acked-by's. > > Changed in v2: > - Only select QCOM_SCM if ARCH_QCOM. (Fixes a build break.) > - Split most of the cqhci_prep_task_desc() change into its own patch. > - Made sdhci_msm_ice_wait_bist_status() use readl_poll_timeout(). > - Added a couple more comments. > - Added some Acked-by's. > > Eric Biggers (9): > mmc: add basic support for inline encryption > mmc: cqhci: rename cqhci.c to cqhci-core.c > mmc: cqhci: initialize upper 64 bits of 128-bit task descriptors > mmc: cqhci: add support for inline encryption > mmc: cqhci: add cqhci_host_ops::program_key > firmware: qcom_scm: update comment for ICE-related functions > dt-bindings: mmc: sdhci-msm: add ICE registers and clock > mmc: sdhci-msm: add Inline Crypto Engine support > arm64: dts: qcom: sdm630: add ICE registers and clocks > > .../devicetree/bindings/mmc/sdhci-msm.txt | 3 + > arch/arm64/boot/dts/qcom/sdm630.dtsi | 10 +- > drivers/firmware/qcom_scm.c | 16 +- > drivers/mmc/core/Kconfig | 8 + > drivers/mmc/core/Makefile | 1 + > drivers/mmc/core/block.c | 3 + > drivers/mmc/core/core.c | 3 + > drivers/mmc/core/crypto.c | 48 +++ > drivers/mmc/core/crypto.h | 40 +++ > drivers/mmc/core/host.c | 1 + > drivers/mmc/core/queue.c | 3 + > drivers/mmc/host/Kconfig | 1 + > drivers/mmc/host/Makefile | 2 + > drivers/mmc/host/{cqhci.c => cqhci-core.c} | 69 ++++- > drivers/mmc/host/cqhci-crypto.c | 242 +++++++++++++++ > drivers/mmc/host/cqhci-crypto.h | 47 +++ > drivers/mmc/host/cqhci.h | 84 +++++- > drivers/mmc/host/sdhci-msm.c | 276 +++++++++++++++++- > include/linux/mmc/core.h | 6 + > include/linux/mmc/host.h | 11 + > 20 files changed, 849 insertions(+), 25 deletions(-) > create mode 100644 drivers/mmc/core/crypto.c > create mode 100644 drivers/mmc/core/crypto.h > rename drivers/mmc/host/{cqhci.c => cqhci-core.c} (94%) > create mode 100644 drivers/mmc/host/cqhci-crypto.c > create mode 100644 drivers/mmc/host/cqhci-crypto.h > > -- > 2.30.0 > Applied for next (leaving patch9 for arm soc), thanks! Kind regards Uffe