Re: [PATCH v2 2/4] mmc: Mediatek: enable crypto hardware engine

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: Linus Walleij <linus.walleij@linaro.org>
Cc: Peng Zhou <peng.zhou@mediatek.com>,
	linux-block <linux-block@vger.kernel.org>,
	Ulf Hansson <ulf.hansson@linaro.org>,
	Chaotian Jing <chaotian.jing@mediatek.com>,
	linux-mmc <linux-mmc@vger.kernel.org>,
	"open list:OPEN FIRMWARE AND FLATTENED DEVICE TREE BINDINGS" 
	<devicetree@vger.kernel.org>,
	Adrian Hunter <adrian.hunter@intel.com>,
	Satya Tangirala <satyat@google.com>,
	Wulin Li <wulin.li@mediatek.com>
Subject: Re: [PATCH v2 2/4] mmc: Mediatek: enable crypto hardware engine
Date: Mon, 15 Mar 2021 16:02:22 -0700	[thread overview]
Message-ID: <YE/nfu8vRETYN9dO@gmail.com> (raw)
In-Reply-To: <CACRpkdb7vmFgH0XTG3Z6OzFv0CfPsBguKqVAZt=PZ+ms2-0WjA@mail.gmail.com>

On Mon, Mar 15, 2021 at 02:41:58PM +0100, Linus Walleij wrote:
> Hi Eric,
> 
> thanks for stepping in and clarifying! I get it better now, I though
> this was some other encryption scheme "on the side".
> 
> There is one worrying thing in the patch still:
> 
> On Thu, Mar 11, 2021 at 8:08 PM Eric Biggers <ebiggers@kernel.org> wrote:
> > On Thu, Mar 11, 2021 at 02:48:23PM +0100, Linus Walleij wrote:
> > > On Tue, Mar 9, 2021 at 3:06 AM Peng Zhou <peng.zhou@mediatek.com> wrote:
> 
> > > > +       /*
> > > > +        * 1: MSDC_AES_CTL_INIT
> > > > +        * 4: cap_id, no-meaning now
> > > > +        * 1: cfg_id, we choose the second cfg group
> > > > +        */
> > > > +       if (mmc->caps2 & MMC_CAP2_CRYPTO)
> > > > +               arm_smccc_smc(MTK_SIP_MMC_CONTROL,
> > > > +                             1, 4, 1, 0, 0, 0, 0, &smccc_res);
> 
> So MSDC_AES_CTL_INIT. Assumes we are using AES and AES
> only I suppose?
> 
> > It happens in the same place, cqhci-crypto.c.  Mediatek's eMMC inline encryption
> > hardware follows the eMMC standard fairly closely, so Peng's patch series just
> > sets MMC_CAP2_CRYPTO to make it use the standard cqhci crypto code, and does a
> > couple extra things to actually enable the hardware's crypto support on Mediatek
> > platforms since it isn't enabled by default.  (*Why* it requires an SMC call to
> > enable instead of just working as expected, I don't know though.)
> 
> Now I don't know the limitations of cqhci crypto. Clearly it only supports
> AES today.
> 
> However would the cqhci crypto grow support for any other crypto
> like 2Fish or DES and the user request this, then I suppose there is
> no way for the MTK driver to announce "uh no I don't do that"?
> 
> Or will this cqhci hardware only ever support AES?

The standard specifies the encryption algorithms that may be supported, and it
specifies that host controllers have a set of crypto capability registers that
list the subset of those algorithms that the hardware actually supports.  See
cqhci_crypto_init() which reads these registers.

If new algorithms get added, the hardware won't declare support for them.
So what you describe won't be a problem.

If, nevertheless, there is broken hardware that declares support for algorithms
it doesn't support, we could work around it using a method in cqhci_host_ops.
That isn't necessary now though.

- Eric

     prev parent reply	other threads:[~2021-03-15 23:02 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-09  1:57 [PATCH v2 2/4] mmc: Mediatek: enable crypto hardware engine Peng Zhou
2021-03-11 11:16 ` Ulf Hansson
2021-03-11 13:48 ` Linus Walleij
2021-03-11 19:08   ` Eric Biggers
2021-03-12  9:05     ` Ulf Hansson
2021-03-12 10:47       ` Arnd Bergmann
     [not found]       ` <1615884533.21508.118.camel@mbjsdccf07>
2021-03-16 10:09         ` Ulf Hansson
     [not found]           ` <1615893329.21508.128.camel@mbjsdccf07>
2021-03-16 13:55             ` Ulf Hansson
2021-03-22 13:45               ` Linus Walleij
2021-03-23 13:37                 ` Ulf Hansson
2021-03-15 13:41     ` Linus Walleij
2021-03-15 23:02       ` Eric Biggers [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YE/nfu8vRETYN9dO@gmail.com \
    --to=ebiggers@kernel.org \
    --cc=adrian.hunter@intel.com \
    --cc=chaotian.jing@mediatek.com \
    --cc=devicetree@vger.kernel.org \
    --cc=linus.walleij@linaro.org \
    --cc=linux-block@vger.kernel.org \
    --cc=linux-mmc@vger.kernel.org \
    --cc=peng.zhou@mediatek.com \
    --cc=satyat@google.com \
    --cc=ulf.hansson@linaro.org \
    --cc=wulin.li@mediatek.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.