Google Git
Sign in
android / kernel / msm.git / 9bf156e282c6de36c604cc5c1ccbdb96fbcf2beb / . / drivers / scsi / ufs / ufshcd-crypto-qti.c
blob: b37486d7995a93aa98c6cb8d4db1c15d13a80a86 [file] [log] [blame]
// SPDX-License-Identifier: GPL-2.0-only
/*
* Copyright (c) 2020, Linux Foundation. All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 and
* only version 2 as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
*/
#include <crypto/algapi.h>
#include <linux/platform_device.h>
#include <linux/crypto-qti-common.h>
#include "ufshcd-crypto-qti.h"
#define MINIMUM_DUN_SIZE 512
#define MAXIMUM_DUN_SIZE 65536
#define NUM_KEYSLOTS(hba) (hba->crypto_capabilities.config_count + 1)
static struct ufs_hba_crypto_variant_ops ufshcd_crypto_qti_variant_ops = {
.hba_init_crypto = ufshcd_crypto_qti_init_crypto,
.enable = ufshcd_crypto_qti_enable,
.disable = ufshcd_crypto_qti_disable,
.resume = ufshcd_crypto_qti_resume,
.debug = ufshcd_crypto_qti_debug,
};
static uint8_t get_data_unit_size_mask(unsigned int data_unit_size)
{
if (data_unit_size < MINIMUM_DUN_SIZE ||
data_unit_size > MAXIMUM_DUN_SIZE ||
!is_power_of_2(data_unit_size))
return 0;
return data_unit_size / MINIMUM_DUN_SIZE;
}
static bool ice_cap_idx_valid(struct ufs_hba *hba,
unsigned int cap_idx)
{
return cap_idx < hba->crypto_capabilities.num_crypto_cap;
}
void ufshcd_crypto_qti_enable(struct ufs_hba *hba)
{
int err = 0;
if (!ufshcd_hba_is_crypto_supported(hba))
return;
err = crypto_qti_enable(hba->crypto_vops->priv);
if (err) {
pr_err("%s: Error enabling crypto, err %d\n",
__func__, err);
ufshcd_crypto_qti_disable(hba);
}
ufshcd_crypto_enable_spec(hba);
}
void ufshcd_crypto_qti_disable(struct ufs_hba *hba)
{
ufshcd_crypto_disable_spec(hba);
crypto_qti_disable(hba->crypto_vops->priv);
}
static int ufshcd_crypto_qti_keyslot_program(struct keyslot_manager *ksm,
const struct blk_crypto_key *key,
unsigned int slot)
{
struct ufs_hba *hba = keyslot_manager_private(ksm);
int err = 0;
u8 data_unit_mask;
int crypto_alg_id;
crypto_alg_id = ufshcd_crypto_cap_find(hba, key->crypto_mode,
key->data_unit_size);
if (!ufshcd_is_crypto_enabled(hba) ||
!ufshcd_keyslot_valid(hba, slot) ||
!ice_cap_idx_valid(hba, crypto_alg_id))
return -EINVAL;
data_unit_mask = get_data_unit_size_mask(key->data_unit_size);
if (!(data_unit_mask &
hba->crypto_cap_array[crypto_alg_id].sdus_mask))
return -EINVAL;
if (!hba->pm_op_in_progress)
pm_runtime_get_sync(hba->dev);
err = ufshcd_hold(hba, false);
if (err) {
pr_err("%s: failed to enable clocks, err %d\n", __func__, err);
goto out;
}
err = crypto_qti_keyslot_program(hba->crypto_vops->priv, key, slot,
data_unit_mask, crypto_alg_id);
if (err)
pr_err("%s: failed with error %d\n", __func__, err);
ufshcd_release(hba, false);
out:
if (!hba->pm_op_in_progress)
pm_runtime_put_sync(hba->dev);
return err;
}
static int ufshcd_crypto_qti_keyslot_evict(struct keyslot_manager *ksm,
const struct blk_crypto_key *key,
unsigned int slot)
{
int err = 0;
struct ufs_hba *hba = keyslot_manager_private(ksm);
if (!ufshcd_is_crypto_enabled(hba) ||
!ufshcd_keyslot_valid(hba, slot))
return -EINVAL;
pm_runtime_get_sync(hba->dev);
err = ufshcd_hold(hba, false);
if (err) {
pr_err("%s: failed to enable clocks, err %d\n", __func__, err);
return err;
}
err = crypto_qti_keyslot_evict(hba->crypto_vops->priv, slot);
if (err) {
pr_err("%s: failed with error %d\n",
__func__, err);
ufshcd_release(hba, false);
pm_runtime_put_sync(hba->dev);
return err;
}
ufshcd_release(hba, false);
pm_runtime_put_sync(hba->dev);
return err;
}
static int ufshcd_crypto_qti_derive_raw_secret(struct keyslot_manager *ksm,
const u8 *wrapped_key,
unsigned int wrapped_key_size,
u8 *secret,
unsigned int secret_size)
{
return crypto_qti_derive_raw_secret(wrapped_key, wrapped_key_size,
secret, secret_size);
}
static const struct keyslot_mgmt_ll_ops ufshcd_crypto_qti_ksm_ops = {
.keyslot_program = ufshcd_crypto_qti_keyslot_program,
.keyslot_evict = ufshcd_crypto_qti_keyslot_evict,
.derive_raw_secret = ufshcd_crypto_qti_derive_raw_secret,
};
static enum blk_crypto_mode_num ufshcd_blk_crypto_qti_mode_num_for_alg_dusize(
enum ufs_crypto_alg ufs_crypto_alg,
enum ufs_crypto_key_size key_size)
{
/*
* This is currently the only mode that UFS and blk-crypto both support.
*/
if (ufs_crypto_alg == UFS_CRYPTO_ALG_AES_XTS &&
key_size == UFS_CRYPTO_KEY_SIZE_256)
return BLK_ENCRYPTION_MODE_AES_256_XTS;
return BLK_ENCRYPTION_MODE_INVALID;
}
static int ufshcd_hba_init_crypto_qti_spec(struct ufs_hba *hba,
const struct keyslot_mgmt_ll_ops *ksm_ops)
{
int cap_idx = 0;
int err = 0;
unsigned int crypto_modes_supported[BLK_ENCRYPTION_MODE_MAX];
enum blk_crypto_mode_num blk_mode_num;
/* Default to disabling crypto */
hba->caps &= ~UFSHCD_CAP_CRYPTO;
if (!(hba->capabilities & MASK_CRYPTO_SUPPORT)) {
err = -ENODEV;
goto out;
}
/*
* Crypto Capabilities should never be 0, because the
* config_array_ptr > 04h. So we use a 0 value to indicate that
* crypto init failed, and can't be enabled.
*/
hba->crypto_capabilities.reg_val =
cpu_to_le32(ufshcd_readl(hba, REG_UFS_CCAP));
hba->crypto_cfg_register =
(u32)hba->crypto_capabilities.config_array_ptr * 0x100;
hba->crypto_cap_array =
devm_kcalloc(hba->dev,
hba->crypto_capabilities.num_crypto_cap,
sizeof(hba->crypto_cap_array[0]),
GFP_KERNEL);
if (!hba->crypto_cap_array) {
err = -ENOMEM;
goto out;
}
memset(crypto_modes_supported, 0, sizeof(crypto_modes_supported));
/*
* Store all the capabilities now so that we don't need to repeatedly
* access the device each time we want to know its capabilities
*/
for (cap_idx = 0; cap_idx < hba->crypto_capabilities.num_crypto_cap;
cap_idx++) {
hba->crypto_cap_array[cap_idx].reg_val =
cpu_to_le32(ufshcd_readl(hba,
REG_UFS_CRYPTOCAP +
cap_idx * sizeof(__le32)));
blk_mode_num = ufshcd_blk_crypto_qti_mode_num_for_alg_dusize(
hba->crypto_cap_array[cap_idx].algorithm_id,
hba->crypto_cap_array[cap_idx].key_size);
if (blk_mode_num == BLK_ENCRYPTION_MODE_INVALID)
continue;
crypto_modes_supported[blk_mode_num] |=
hba->crypto_cap_array[cap_idx].sdus_mask * 512;
}
hba->ksm = keyslot_manager_create(hba->dev, ufshcd_num_keyslots(hba),
ksm_ops,
BLK_CRYPTO_FEATURE_STANDARD_KEYS |
BLK_CRYPTO_FEATURE_WRAPPED_KEYS,
crypto_modes_supported, hba);
if (!hba->ksm) {
err = -ENOMEM;
goto out;
}
pr_debug("%s: keyslot manager created\n", __func__);
return 0;
out:
/* Indicate that init failed by setting crypto_capabilities to 0 */
hba->crypto_capabilities.reg_val = 0;
return err;
}
int ufshcd_crypto_qti_init_crypto(struct ufs_hba *hba,
const struct keyslot_mgmt_ll_ops *ksm_ops)
{
int err = 0;
struct platform_device *pdev = to_platform_device(hba->dev);
void __iomem *mmio_base;
struct resource *mem_res;
mem_res = platform_get_resource_byname(pdev, IORESOURCE_MEM,
"ufs_ice");
mmio_base = devm_ioremap_resource(hba->dev, mem_res);
if (IS_ERR(mmio_base)) {
pr_err("%s: Unable to get ufs_crypto mmio base\n", __func__);
return PTR_ERR(mmio_base);
}
err = ufshcd_hba_init_crypto_qti_spec(hba, &ufshcd_crypto_qti_ksm_ops);
if (err) {
pr_err("%s: Error initiating crypto capabilities, err %d\n",
__func__, err);
return err;
}
err = crypto_qti_init_crypto(hba->dev,
mmio_base, (void **)&hba->crypto_vops->priv);
if (err) {
pr_err("%s: Error initiating crypto, err %d\n",
__func__, err);
}
return err;
}
int ufshcd_crypto_qti_debug(struct ufs_hba *hba)
{
return crypto_qti_debug(hba->crypto_vops->priv);
}
void ufshcd_crypto_qti_set_vops(struct ufs_hba *hba)
{
return ufshcd_crypto_set_vops(hba, &ufshcd_crypto_qti_variant_ops);
}
int ufshcd_crypto_qti_resume(struct ufs_hba *hba,
enum ufs_pm_op pm_op)
{
return crypto_qti_resume(hba->crypto_vops->priv);
}