The Linux Kernel Mailing List
 help / color / mirror / Atom feed
From: Demi Marie Obenour <demiobenour@gmail.com>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: Eric Biggers <ebiggers@kernel.org>,
	Russell King <linux@armlinux.org.uk>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
	stable@vger.kernel.org
Subject: Re: [PATCH v2] drivers/crypto: Mark QCE as BROKEN
Date: Mon, 13 Jul 2026 15:49:00 -0400	[thread overview]
Message-ID: <dcf16dac-e26d-42b0-a0e7-32990446f7bf@gmail.com> (raw)
In-Reply-To: <2026071320-encode-modify-6193@gregkh>


[-- Attachment #1.1: Type: text/plain, Size: 2631 bytes --]

On 7/13/26 11:31, Greg KH wrote:
> On Mon, Jul 13, 2026 at 10:42:04AM -0400, Demi Marie Obenour wrote:
>> On 7/13/26 09:07, Eric Biggers wrote:
>>> On Mon, Jul 13, 2026 at 06:47:07AM +0200, Greg KH wrote:
>>>> On Sun, Jul 12, 2026 at 05:31:31PM -0400, Demi Marie Obenour via B4 Relay wrote:
>>>>> From: Demi Marie Obenour <demiobenour@gmail.com>
>>>>>
>>>>> This driver is harmful:
>>>>>
>>>>> - It is much slower than the CPU [1] [2].
>>>>> - It Has a history of bugs [2] [3].
>>>>> - It does not have exclusive access to the hardware [4], causing races
>>>>>   with the secure world.
>>>>> - It register its implementations with too low a cra_priority for them
>>>>>   to be actually used [5].
>>>>>
>>>>> Therefore, disable it to ensure that nobody builds it into kernels they
>>>>> intend to ship.
>>>>>
>>>>> In the future, the driver will be used for processing restricted media
>>>>> content.  However, the kernel does not currently support this.  Since
>>>>> the driver will have future uses, allow building it if COMPILE_TEST is
>>>>> enabled.
>>>>
>>>> Why not just delete it now, and then bring it back when it is needed in
>>>> the future?  Otherwise this will just trip up the static code checkers
>>>> who will attempt to "fix" things in it.
>>>
>>> That makes sense to me, but Qualcomm pushed back on deletion:
>>> https://lore.kernel.org/linux-crypto/20260602-qcom-qce-broken-v1-1-a4ef756089e0@oss.qualcomm.com/
>>>
>>> But I've still not seen any evidence that this driver is useful for
>>> anything or has any users.  Even Qualcomm seems to be unwilling to make
>>> such claims; they only claim that the IP is used (i.e., not in Linux)
>>> and that new features are planned.
>>>
>>> - Eric
>>
>> Here is my reading of Qualcomm's statements:
>>
>> QCE is currently used by the Arm secure world.  In the future, QCE
>> will be used by the kernel as part of restricted content playback.
>> Qualcomm wants to add the needed features to the existing driver.
>> This will not use the crypto API.
> 
> Why is a crypto driver not going to use the crypto API?

I suspect that the restricted content playback use-case involves
QCE decrypting data stored in kernel memory, using keys inaccessible
to the kernel, to memory inaccessible to the kernel.  The crypto API
can't express this.

>> I would be fine with the driver being removed, but not if it means
>> another out-of-tree Android driver.
> 
> It's not another out-of-tree Android driver if nothing in Android
> actually uses it :)

Nothing uses it *yet*.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

  reply	other threads:[~2026-07-13 19:49 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-07-12 21:31 [PATCH v2] drivers/crypto: Mark QCE as BROKEN Demi Marie Obenour via B4 Relay
2026-07-13  2:57 ` Eric Biggers
2026-07-13  4:47 ` Greg KH
2026-07-13 13:07   ` Eric Biggers
2026-07-13 13:19     ` Greg KH
2026-07-13 14:42     ` Demi Marie Obenour
2026-07-13 15:31       ` Greg KH
2026-07-13 19:49         ` Demi Marie Obenour [this message]
2026-07-13 19:56           ` Demi Marie Obenour

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=dcf16dac-e26d-42b0-a0e7-32990446f7bf@gmail.com \
    --to=demiobenour@gmail.com \
    --cc=davem@davemloft.net \
    --cc=ebiggers@kernel.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux@armlinux.org.uk \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox