From: Eric Biggers <ebiggers@kernel.org>
To: Gaurav Kashyap <quic_gaurkash@quicinc.com>
Cc: linux-scsi@vger.kernel.org, linux-arm-msm@vger.kernel.org,
linux-mmc@vger.kernel.org, linux-block@vger.kernel.org,
linux-fscrypt@vger.kernel.org, thara.gopinath@linaro.org,
quic_neersoni@quicinc.com, dineshg@quicinc.com
Subject: Re: [PATCH 04/10] soc: qcom: add HWKM library for storage encryption
Date: Mon, 13 Dec 2021 17:08:36 -0800 [thread overview]
Message-ID: <YbfulLPhUNhd04xY@gmail.com> (raw)
In-Reply-To: <20211206225725.77512-5-quic_gaurkash@quicinc.com>
On Mon, Dec 06, 2021 at 02:57:19PM -0800, Gaurav Kashyap wrote:
> Wrapped keys should utilize hardware to protect the keys
> used for storage encryption. Qualcomm's Inline Crypto Engine
"should utilize" => "utilize"?
> supports a hardware block called Hardware Key Manager (HWKM)
> for key management.
>
> Although most of the interactions to this hardware block happens
> via a secure execution environment, some initializations for the
> slave present in ICE can be done from the kernel.
>
> This can also be a placeholder for when the hardware provides more
> capabilities to be accessed from the linux kernel in the future.
>
This commit message doesn't explain what this commit actually does. Can you
make that clearer?
> diff --git a/drivers/soc/qcom/qti-ice-hwkm.c b/drivers/soc/qcom/qti-ice-hwkm.c
> new file mode 100644
> index 000000000000..3be6b350cd88
> --- /dev/null
> +++ b/drivers/soc/qcom/qti-ice-hwkm.c
> @@ -0,0 +1,111 @@
> +// SPDX-License-Identifier: GPL-2.0-only
> +/*
> + * HWKM ICE library for storage encryption.
> + *
> + * Copyright (c) 2021, Qualcomm Innovation Center. All rights reserved.
> + */
> +
> +#include <linux/qti-ice-common.h>
> +#include "qti-ice-regs.h"
> +
> +static int qti_ice_hwkm_bist_status(const struct ice_mmio_data *mmio, int version)
> +{
> + if (!qti_ice_hwkm_testb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_STATUS,
> + (version == 1) ? BIST_DONE_V1 : BIST_DONE_V2) ||
> + !qti_ice_hwkm_testb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_STATUS,
> + (version == 1) ? CRYPTO_LIB_BIST_DONE_V1 :
> + CRYPTO_LIB_BIST_DONE_V2) ||
> + !qti_ice_hwkm_testb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_STATUS,
> + (version == 1) ? BOOT_CMD_LIST1_DONE_V1 :
> + BOOT_CMD_LIST1_DONE_V2) ||
> + !qti_ice_hwkm_testb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_STATUS,
> + (version == 1) ? BOOT_CMD_LIST0_DONE_V1 :
> + BOOT_CMD_LIST0_DONE_V2) ||
> + !qti_ice_hwkm_testb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_STATUS,
> + (version == 1) ? KT_CLEAR_DONE_V1 :
> + KT_CLEAR_DONE_V2))
> + return -EINVAL;
> + return 0;
> +}
Long "if" statements are hard to read. It would be more readable to have a
separate "if" and "return -EINVAL" for each of these checks.
> +static void qti_ice_hwkm_configure_ice_registers(
> + const struct ice_mmio_data *mmio)
> +{
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0xffffffff,
> + QTI_HWKM_ICE_RG_BANK0_AC_BANKN_BBAC_0);
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0xffffffff,
> + QTI_HWKM_ICE_RG_BANK0_AC_BANKN_BBAC_1);
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0xffffffff,
> + QTI_HWKM_ICE_RG_BANK0_AC_BANKN_BBAC_2);
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0xffffffff,
> + QTI_HWKM_ICE_RG_BANK0_AC_BANKN_BBAC_3);
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0xffffffff,
> + QTI_HWKM_ICE_RG_BANK0_AC_BANKN_BBAC_4);
> +}
> +
> +static int qti_ice_hwkm_init_sequence(const struct ice_mmio_data *mmio,
> + int version)
> +{
> + u32 val = 0;
> +
> + /*
> + * Put ICE in standard mode, ICE defaults to legacy mode.
> + * Legacy mode - ICE HWKM slave not supported.
> + * Standard mode - ICE HWKM slave supported.
> + *
> + * Depending on the version of HWKM, it is controlled by different
> + * registers in ICE.
> + */
> + if (version >= 2) {
> + val = qti_ice_readl(mmio->ice_mmio, QTI_ICE_REGS_CONTROL);
> + val = val & 0xFFFFFFFE;
> + qti_ice_writel(mmio->ice_mmio, val, QTI_ICE_REGS_CONTROL);
> + } else {
> + qti_ice_hwkm_writel(mmio->ice_hwkm_mmio, 0x7,
> + QTI_HWKM_ICE_RG_TZ_KM_CTL);
> + }
So to use wrapped keys, ICE needs to be in "standard mode", and to use standard
keys it needs to be in "legacy mode"? That's confusing. It would be helpful to
explain this more clearly in a comment.
> +
> + /* Check BIST status */
> + if (qti_ice_hwkm_bist_status(mmio, version))
> + return -EINVAL;
Please spell out what BIST stands for. It's "Built-In Self Test", right?
> +
> + /*
> + * Give register bank of the HWKM slave access to read and modify
> + * the keyslots in ICE HWKM slave. Without this, trustzone will not
> + * be able to program keys into ICE.
> + */
> + qti_ice_hwkm_configure_ice_registers(mmio);
> +
> + /* Disable CRC check */
> + qti_ice_hwkm_clearb(mmio->ice_hwkm_mmio, QTI_HWKM_ICE_RG_TZ_KM_CTL,
> + CRC_CHECK_EN);
> +
> + /* Set RSP_FIFO_FULL bit */
> + qti_ice_hwkm_setb(mmio->ice_hwkm_mmio,
> + QTI_HWKM_ICE_RG_BANK0_BANKN_IRQ_STATUS, RSP_FIFO_FULL);
Please expand on comments as much as possible, so that people can understand not
just what the code is doing but why it is doing it. E.g., why does the CRC
check need to be disabled, and why does the RSP_FIFO_FULL bit need to be set?
> +/**
> + * qti_ice_hwkm_init() - Initialize ICE HWKM hardware
> + * @ice_mmio_data: contains ICE register mapping for i/o
> + * @version: version of hwkm hardware
> + *
> + * Perform HWKM initialization in the ICE slave by going
> + * through the slave initialization routine.The registers
> + * can vary slightly based on the version.
> + *
> + * Return: 0 on success; err on failure.
> + */
> +
> +int qti_ice_hwkm_init(const struct ice_mmio_data *mmio, int version)
> +{
> + if (!mmio->ice_hwkm_mmio)
> + return -EINVAL;
> +
> + return qti_ice_hwkm_init_sequence(mmio, version);
> +}
> +EXPORT_SYMBOL_GPL(qti_ice_hwkm_init);
This function is only called from within the same kernel module, so it doesn't
need to be an exported symbol.
> +MODULE_LICENSE("GPL v2");
The main source file for this module (qti-ice-common.c) already has a
MODULE_LICENSE, so there shouldn't be a duplicate one here. MODULE_LICENSE is
for the whole module, not for individual source files.
> +
> +#define qti_ice_hwkm_readl(hwkm_mmio, reg) \
> + (readl_relaxed(hwkm_mmio + (reg)))
> +#define qti_ice_hwkm_writel(hwkm_mmio, val, reg) \
> + (writel_relaxed((val), hwkm_mmio + (reg)))
Why readl_relaxed() and writel_relaxed(), instead of readl() and writel()?
> +static inline bool qti_ice_hwkm_testb(void __iomem *ice_hwkm_mmio,
> + u32 reg, u8 nr)
> +{
> + u32 val = qti_ice_hwkm_readl(ice_hwkm_mmio, reg);
> +
> + val = (val >> nr) & 0x1;
> + if (val == 0)
> + return false;
> + return true;
> +}
This is unnecessarily verbose. It could be just:
return qti_ice_hwkm_readl(ice_hwkm_mmio, reg) & (1U << nr);
- Eric
next prev parent reply other threads:[~2021-12-14 1:08 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-06 22:57 [PATCH 00/10] Add wrapped key support for Qualcomm ICE Gaurav Kashyap
2021-12-06 22:57 ` [PATCH 01/10] soc: qcom: new common library for ICE functionality Gaurav Kashyap
2021-12-07 0:24 ` Randy Dunlap
2021-12-14 0:20 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 02/10] scsi: ufs: qcom: move ICE functionality to common library Gaurav Kashyap
2021-12-14 0:40 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 03/10] qcom_scm: scm call for deriving a software secret Gaurav Kashyap
2021-12-14 0:53 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 04/10] soc: qcom: add HWKM library for storage encryption Gaurav Kashyap
2021-12-14 1:08 ` Eric Biggers [this message]
2021-12-06 22:57 ` [PATCH 05/10] scsi: ufs: prepare to support wrapped keys Gaurav Kashyap
2021-12-14 1:26 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 06/10] soc: qcom: add wrapped key support for ICE Gaurav Kashyap
2021-12-14 1:46 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 07/10] qcom_scm: scm call for create, prepare and import keys Gaurav Kashyap
2021-12-14 1:50 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 08/10] scsi: ufs: add support for generate, import and prepare keys Gaurav Kashyap
2021-12-14 1:53 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 09/10] soc: qcom: support for generate, import and prepare key Gaurav Kashyap
2021-12-14 2:04 ` Eric Biggers
2021-12-06 22:57 ` [PATCH 10/10] arm64: dts: qcom: sm8350: add ice and hwkm mappings Gaurav Kashyap
2022-01-06 19:47 ` [PATCH 00/10] Add wrapped key support for Qualcomm ICE Eric Biggers
2022-01-06 21:14 ` Gaurav Kashyap
2022-01-27 0:51 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YbfulLPhUNhd04xY@gmail.com \
--to=ebiggers@kernel.org \
--cc=dineshg@quicinc.com \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-mmc@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=quic_gaurkash@quicinc.com \
--cc=quic_neersoni@quicinc.com \
--cc=thara.gopinath@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).