18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 28c2ecf20Sopenharmony_ci/* 38c2ecf20Sopenharmony_ci * Copyright 2019 Google LLC 48c2ecf20Sopenharmony_ci */ 58c2ecf20Sopenharmony_ci 68c2ecf20Sopenharmony_ci#include "ufshcd.h" 78c2ecf20Sopenharmony_ci#include "ufshcd-crypto.h" 88c2ecf20Sopenharmony_ci 98c2ecf20Sopenharmony_ci/* Blk-crypto modes supported by UFS crypto */ 108c2ecf20Sopenharmony_cistatic const struct ufs_crypto_alg_entry { 118c2ecf20Sopenharmony_ci enum ufs_crypto_alg ufs_alg; 128c2ecf20Sopenharmony_ci enum ufs_crypto_key_size ufs_key_size; 138c2ecf20Sopenharmony_ci} ufs_crypto_algs[BLK_ENCRYPTION_MODE_MAX] = { 148c2ecf20Sopenharmony_ci [BLK_ENCRYPTION_MODE_AES_256_XTS] = { 158c2ecf20Sopenharmony_ci .ufs_alg = UFS_CRYPTO_ALG_AES_XTS, 168c2ecf20Sopenharmony_ci .ufs_key_size = UFS_CRYPTO_KEY_SIZE_256, 178c2ecf20Sopenharmony_ci }, 188c2ecf20Sopenharmony_ci}; 198c2ecf20Sopenharmony_ci 208c2ecf20Sopenharmony_cistatic int ufshcd_program_key(struct ufs_hba *hba, 218c2ecf20Sopenharmony_ci const union ufs_crypto_cfg_entry *cfg, int slot) 228c2ecf20Sopenharmony_ci{ 238c2ecf20Sopenharmony_ci int i; 248c2ecf20Sopenharmony_ci u32 slot_offset = hba->crypto_cfg_register + slot * sizeof(*cfg); 258c2ecf20Sopenharmony_ci int err = 0; 268c2ecf20Sopenharmony_ci 278c2ecf20Sopenharmony_ci ufshcd_hold(hba, false); 288c2ecf20Sopenharmony_ci 298c2ecf20Sopenharmony_ci if (hba->vops && hba->vops->program_key) { 308c2ecf20Sopenharmony_ci err = hba->vops->program_key(hba, cfg, slot); 318c2ecf20Sopenharmony_ci goto out; 328c2ecf20Sopenharmony_ci } 338c2ecf20Sopenharmony_ci 348c2ecf20Sopenharmony_ci /* Ensure that CFGE is cleared before programming the key */ 358c2ecf20Sopenharmony_ci ufshcd_writel(hba, 0, slot_offset + 16 * sizeof(cfg->reg_val[0])); 368c2ecf20Sopenharmony_ci for (i = 0; i < 16; i++) { 378c2ecf20Sopenharmony_ci ufshcd_writel(hba, le32_to_cpu(cfg->reg_val[i]), 388c2ecf20Sopenharmony_ci slot_offset + i * sizeof(cfg->reg_val[0])); 398c2ecf20Sopenharmony_ci } 408c2ecf20Sopenharmony_ci /* Write dword 17 */ 418c2ecf20Sopenharmony_ci ufshcd_writel(hba, le32_to_cpu(cfg->reg_val[17]), 428c2ecf20Sopenharmony_ci slot_offset + 17 * sizeof(cfg->reg_val[0])); 438c2ecf20Sopenharmony_ci /* Dword 16 must be written last */ 448c2ecf20Sopenharmony_ci ufshcd_writel(hba, le32_to_cpu(cfg->reg_val[16]), 458c2ecf20Sopenharmony_ci slot_offset + 16 * sizeof(cfg->reg_val[0])); 468c2ecf20Sopenharmony_ciout: 478c2ecf20Sopenharmony_ci ufshcd_release(hba); 488c2ecf20Sopenharmony_ci return err; 498c2ecf20Sopenharmony_ci} 508c2ecf20Sopenharmony_ci 518c2ecf20Sopenharmony_cistatic int ufshcd_crypto_keyslot_program(struct blk_keyslot_manager *ksm, 528c2ecf20Sopenharmony_ci const struct blk_crypto_key *key, 538c2ecf20Sopenharmony_ci unsigned int slot) 548c2ecf20Sopenharmony_ci{ 558c2ecf20Sopenharmony_ci struct ufs_hba *hba = container_of(ksm, struct ufs_hba, ksm); 568c2ecf20Sopenharmony_ci const union ufs_crypto_cap_entry *ccap_array = hba->crypto_cap_array; 578c2ecf20Sopenharmony_ci const struct ufs_crypto_alg_entry *alg = 588c2ecf20Sopenharmony_ci &ufs_crypto_algs[key->crypto_cfg.crypto_mode]; 598c2ecf20Sopenharmony_ci u8 data_unit_mask = key->crypto_cfg.data_unit_size / 512; 608c2ecf20Sopenharmony_ci int i; 618c2ecf20Sopenharmony_ci int cap_idx = -1; 628c2ecf20Sopenharmony_ci union ufs_crypto_cfg_entry cfg = {}; 638c2ecf20Sopenharmony_ci int err; 648c2ecf20Sopenharmony_ci 658c2ecf20Sopenharmony_ci BUILD_BUG_ON(UFS_CRYPTO_KEY_SIZE_INVALID != 0); 668c2ecf20Sopenharmony_ci for (i = 0; i < hba->crypto_capabilities.num_crypto_cap; i++) { 678c2ecf20Sopenharmony_ci if (ccap_array[i].algorithm_id == alg->ufs_alg && 688c2ecf20Sopenharmony_ci ccap_array[i].key_size == alg->ufs_key_size && 698c2ecf20Sopenharmony_ci (ccap_array[i].sdus_mask & data_unit_mask)) { 708c2ecf20Sopenharmony_ci cap_idx = i; 718c2ecf20Sopenharmony_ci break; 728c2ecf20Sopenharmony_ci } 738c2ecf20Sopenharmony_ci } 748c2ecf20Sopenharmony_ci 758c2ecf20Sopenharmony_ci if (WARN_ON(cap_idx < 0)) 768c2ecf20Sopenharmony_ci return -EOPNOTSUPP; 778c2ecf20Sopenharmony_ci 788c2ecf20Sopenharmony_ci cfg.data_unit_size = data_unit_mask; 798c2ecf20Sopenharmony_ci cfg.crypto_cap_idx = cap_idx; 808c2ecf20Sopenharmony_ci cfg.config_enable = UFS_CRYPTO_CONFIGURATION_ENABLE; 818c2ecf20Sopenharmony_ci 828c2ecf20Sopenharmony_ci if (ccap_array[cap_idx].algorithm_id == UFS_CRYPTO_ALG_AES_XTS) { 838c2ecf20Sopenharmony_ci /* In XTS mode, the blk_crypto_key's size is already doubled */ 848c2ecf20Sopenharmony_ci memcpy(cfg.crypto_key, key->raw, key->size/2); 858c2ecf20Sopenharmony_ci memcpy(cfg.crypto_key + UFS_CRYPTO_KEY_MAX_SIZE/2, 868c2ecf20Sopenharmony_ci key->raw + key->size/2, key->size/2); 878c2ecf20Sopenharmony_ci } else { 888c2ecf20Sopenharmony_ci memcpy(cfg.crypto_key, key->raw, key->size); 898c2ecf20Sopenharmony_ci } 908c2ecf20Sopenharmony_ci 918c2ecf20Sopenharmony_ci err = ufshcd_program_key(hba, &cfg, slot); 928c2ecf20Sopenharmony_ci 938c2ecf20Sopenharmony_ci memzero_explicit(&cfg, sizeof(cfg)); 948c2ecf20Sopenharmony_ci return err; 958c2ecf20Sopenharmony_ci} 968c2ecf20Sopenharmony_ci 978c2ecf20Sopenharmony_cistatic int ufshcd_clear_keyslot(struct ufs_hba *hba, int slot) 988c2ecf20Sopenharmony_ci{ 998c2ecf20Sopenharmony_ci /* 1008c2ecf20Sopenharmony_ci * Clear the crypto cfg on the device. Clearing CFGE 1018c2ecf20Sopenharmony_ci * might not be sufficient, so just clear the entire cfg. 1028c2ecf20Sopenharmony_ci */ 1038c2ecf20Sopenharmony_ci union ufs_crypto_cfg_entry cfg = {}; 1048c2ecf20Sopenharmony_ci 1058c2ecf20Sopenharmony_ci return ufshcd_program_key(hba, &cfg, slot); 1068c2ecf20Sopenharmony_ci} 1078c2ecf20Sopenharmony_ci 1088c2ecf20Sopenharmony_cistatic int ufshcd_crypto_keyslot_evict(struct blk_keyslot_manager *ksm, 1098c2ecf20Sopenharmony_ci const struct blk_crypto_key *key, 1108c2ecf20Sopenharmony_ci unsigned int slot) 1118c2ecf20Sopenharmony_ci{ 1128c2ecf20Sopenharmony_ci struct ufs_hba *hba = container_of(ksm, struct ufs_hba, ksm); 1138c2ecf20Sopenharmony_ci 1148c2ecf20Sopenharmony_ci return ufshcd_clear_keyslot(hba, slot); 1158c2ecf20Sopenharmony_ci} 1168c2ecf20Sopenharmony_ci 1178c2ecf20Sopenharmony_cibool ufshcd_crypto_enable(struct ufs_hba *hba) 1188c2ecf20Sopenharmony_ci{ 1198c2ecf20Sopenharmony_ci if (!(hba->caps & UFSHCD_CAP_CRYPTO)) 1208c2ecf20Sopenharmony_ci return false; 1218c2ecf20Sopenharmony_ci 1228c2ecf20Sopenharmony_ci /* Reset might clear all keys, so reprogram all the keys. */ 1238c2ecf20Sopenharmony_ci blk_ksm_reprogram_all_keys(&hba->ksm); 1248c2ecf20Sopenharmony_ci return true; 1258c2ecf20Sopenharmony_ci} 1268c2ecf20Sopenharmony_ci 1278c2ecf20Sopenharmony_cistatic const struct blk_ksm_ll_ops ufshcd_ksm_ops = { 1288c2ecf20Sopenharmony_ci .keyslot_program = ufshcd_crypto_keyslot_program, 1298c2ecf20Sopenharmony_ci .keyslot_evict = ufshcd_crypto_keyslot_evict, 1308c2ecf20Sopenharmony_ci}; 1318c2ecf20Sopenharmony_ci 1328c2ecf20Sopenharmony_cistatic enum blk_crypto_mode_num 1338c2ecf20Sopenharmony_ciufshcd_find_blk_crypto_mode(union ufs_crypto_cap_entry cap) 1348c2ecf20Sopenharmony_ci{ 1358c2ecf20Sopenharmony_ci int i; 1368c2ecf20Sopenharmony_ci 1378c2ecf20Sopenharmony_ci for (i = 0; i < ARRAY_SIZE(ufs_crypto_algs); i++) { 1388c2ecf20Sopenharmony_ci BUILD_BUG_ON(UFS_CRYPTO_KEY_SIZE_INVALID != 0); 1398c2ecf20Sopenharmony_ci if (ufs_crypto_algs[i].ufs_alg == cap.algorithm_id && 1408c2ecf20Sopenharmony_ci ufs_crypto_algs[i].ufs_key_size == cap.key_size) { 1418c2ecf20Sopenharmony_ci return i; 1428c2ecf20Sopenharmony_ci } 1438c2ecf20Sopenharmony_ci } 1448c2ecf20Sopenharmony_ci return BLK_ENCRYPTION_MODE_INVALID; 1458c2ecf20Sopenharmony_ci} 1468c2ecf20Sopenharmony_ci 1478c2ecf20Sopenharmony_ci/** 1488c2ecf20Sopenharmony_ci * ufshcd_hba_init_crypto_capabilities - Read crypto capabilities, init crypto 1498c2ecf20Sopenharmony_ci * fields in hba 1508c2ecf20Sopenharmony_ci * @hba: Per adapter instance 1518c2ecf20Sopenharmony_ci * 1528c2ecf20Sopenharmony_ci * Return: 0 if crypto was initialized or is not supported, else a -errno value. 1538c2ecf20Sopenharmony_ci */ 1548c2ecf20Sopenharmony_ciint ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba) 1558c2ecf20Sopenharmony_ci{ 1568c2ecf20Sopenharmony_ci int cap_idx; 1578c2ecf20Sopenharmony_ci int err = 0; 1588c2ecf20Sopenharmony_ci enum blk_crypto_mode_num blk_mode_num; 1598c2ecf20Sopenharmony_ci 1608c2ecf20Sopenharmony_ci /* 1618c2ecf20Sopenharmony_ci * Don't use crypto if either the hardware doesn't advertise the 1628c2ecf20Sopenharmony_ci * standard crypto capability bit *or* if the vendor specific driver 1638c2ecf20Sopenharmony_ci * hasn't advertised that crypto is supported. 1648c2ecf20Sopenharmony_ci */ 1658c2ecf20Sopenharmony_ci if (!(hba->capabilities & MASK_CRYPTO_SUPPORT) || 1668c2ecf20Sopenharmony_ci !(hba->caps & UFSHCD_CAP_CRYPTO)) 1678c2ecf20Sopenharmony_ci goto out; 1688c2ecf20Sopenharmony_ci 1698c2ecf20Sopenharmony_ci hba->crypto_capabilities.reg_val = 1708c2ecf20Sopenharmony_ci cpu_to_le32(ufshcd_readl(hba, REG_UFS_CCAP)); 1718c2ecf20Sopenharmony_ci hba->crypto_cfg_register = 1728c2ecf20Sopenharmony_ci (u32)hba->crypto_capabilities.config_array_ptr * 0x100; 1738c2ecf20Sopenharmony_ci hba->crypto_cap_array = 1748c2ecf20Sopenharmony_ci devm_kcalloc(hba->dev, hba->crypto_capabilities.num_crypto_cap, 1758c2ecf20Sopenharmony_ci sizeof(hba->crypto_cap_array[0]), GFP_KERNEL); 1768c2ecf20Sopenharmony_ci if (!hba->crypto_cap_array) { 1778c2ecf20Sopenharmony_ci err = -ENOMEM; 1788c2ecf20Sopenharmony_ci goto out; 1798c2ecf20Sopenharmony_ci } 1808c2ecf20Sopenharmony_ci 1818c2ecf20Sopenharmony_ci /* The actual number of configurations supported is (CFGC+1) */ 1828c2ecf20Sopenharmony_ci err = blk_ksm_init(&hba->ksm, 1838c2ecf20Sopenharmony_ci hba->crypto_capabilities.config_count + 1); 1848c2ecf20Sopenharmony_ci if (err) 1858c2ecf20Sopenharmony_ci goto out_free_caps; 1868c2ecf20Sopenharmony_ci 1878c2ecf20Sopenharmony_ci hba->ksm.ksm_ll_ops = ufshcd_ksm_ops; 1888c2ecf20Sopenharmony_ci /* UFS only supports 8 bytes for any DUN */ 1898c2ecf20Sopenharmony_ci hba->ksm.max_dun_bytes_supported = 8; 1908c2ecf20Sopenharmony_ci hba->ksm.dev = hba->dev; 1918c2ecf20Sopenharmony_ci 1928c2ecf20Sopenharmony_ci /* 1938c2ecf20Sopenharmony_ci * Cache all the UFS crypto capabilities and advertise the supported 1948c2ecf20Sopenharmony_ci * crypto modes and data unit sizes to the block layer. 1958c2ecf20Sopenharmony_ci */ 1968c2ecf20Sopenharmony_ci for (cap_idx = 0; cap_idx < hba->crypto_capabilities.num_crypto_cap; 1978c2ecf20Sopenharmony_ci cap_idx++) { 1988c2ecf20Sopenharmony_ci hba->crypto_cap_array[cap_idx].reg_val = 1998c2ecf20Sopenharmony_ci cpu_to_le32(ufshcd_readl(hba, 2008c2ecf20Sopenharmony_ci REG_UFS_CRYPTOCAP + 2018c2ecf20Sopenharmony_ci cap_idx * sizeof(__le32))); 2028c2ecf20Sopenharmony_ci blk_mode_num = ufshcd_find_blk_crypto_mode( 2038c2ecf20Sopenharmony_ci hba->crypto_cap_array[cap_idx]); 2048c2ecf20Sopenharmony_ci if (blk_mode_num != BLK_ENCRYPTION_MODE_INVALID) 2058c2ecf20Sopenharmony_ci hba->ksm.crypto_modes_supported[blk_mode_num] |= 2068c2ecf20Sopenharmony_ci hba->crypto_cap_array[cap_idx].sdus_mask * 512; 2078c2ecf20Sopenharmony_ci } 2088c2ecf20Sopenharmony_ci 2098c2ecf20Sopenharmony_ci return 0; 2108c2ecf20Sopenharmony_ci 2118c2ecf20Sopenharmony_ciout_free_caps: 2128c2ecf20Sopenharmony_ci devm_kfree(hba->dev, hba->crypto_cap_array); 2138c2ecf20Sopenharmony_ciout: 2148c2ecf20Sopenharmony_ci /* Indicate that init failed by clearing UFSHCD_CAP_CRYPTO */ 2158c2ecf20Sopenharmony_ci hba->caps &= ~UFSHCD_CAP_CRYPTO; 2168c2ecf20Sopenharmony_ci return err; 2178c2ecf20Sopenharmony_ci} 2188c2ecf20Sopenharmony_ci 2198c2ecf20Sopenharmony_ci/** 2208c2ecf20Sopenharmony_ci * ufshcd_init_crypto - Initialize crypto hardware 2218c2ecf20Sopenharmony_ci * @hba: Per adapter instance 2228c2ecf20Sopenharmony_ci */ 2238c2ecf20Sopenharmony_civoid ufshcd_init_crypto(struct ufs_hba *hba) 2248c2ecf20Sopenharmony_ci{ 2258c2ecf20Sopenharmony_ci int slot; 2268c2ecf20Sopenharmony_ci 2278c2ecf20Sopenharmony_ci if (!(hba->caps & UFSHCD_CAP_CRYPTO)) 2288c2ecf20Sopenharmony_ci return; 2298c2ecf20Sopenharmony_ci 2308c2ecf20Sopenharmony_ci /* Clear all keyslots - the number of keyslots is (CFGC + 1) */ 2318c2ecf20Sopenharmony_ci for (slot = 0; slot < hba->crypto_capabilities.config_count + 1; slot++) 2328c2ecf20Sopenharmony_ci ufshcd_clear_keyslot(hba, slot); 2338c2ecf20Sopenharmony_ci} 2348c2ecf20Sopenharmony_ci 2358c2ecf20Sopenharmony_civoid ufshcd_crypto_setup_rq_keyslot_manager(struct ufs_hba *hba, 2368c2ecf20Sopenharmony_ci struct request_queue *q) 2378c2ecf20Sopenharmony_ci{ 2388c2ecf20Sopenharmony_ci if (hba->caps & UFSHCD_CAP_CRYPTO) 2398c2ecf20Sopenharmony_ci blk_ksm_register(&hba->ksm, q); 2408c2ecf20Sopenharmony_ci} 2418c2ecf20Sopenharmony_ci 2428c2ecf20Sopenharmony_civoid ufshcd_crypto_destroy_keyslot_manager(struct ufs_hba *hba) 2438c2ecf20Sopenharmony_ci{ 2448c2ecf20Sopenharmony_ci blk_ksm_destroy(&hba->ksm); 2458c2ecf20Sopenharmony_ci} 246