scsi: ufs: Add inline encryption support to UFS

Wire up ufshcd.c with the UFS Crypto API, the block layer inline encryption
additions and the keyslot manager.

Many existing inline crypto devices require some additional behaviour not
specified in the UFSHCI v2.1 specification - as such the vendor specific
drivers will need to be updated where necessary to make it possible to use
those devices. Some of these changes have already been proposed upstream,
such as for the Qualcomm 845 SoC at
https://lkml.kernel.org/linux-scsi/20200501045111.665881-1-ebiggers@kernel.org/
and for ufs-mediatek at
https://lkml.kernel.org/linux-scsi/20200304022101.14165-1-stanley.chu@mediatek.com/

This patch has been tested on the db845c, sm8150-mtp and sm8250-mtp
(which have Qualcomm chipsets) and on some mediatek chipsets using these
aforementioned vendor specific driver updates.

Link: https://lore.kernel.org/r/20200706200414.2027450-4-satyat@google.com
Reviewed-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Stanley Chu <stanley.chu@mediatek.com>
Reviewed-by: Alim Akhtar <alim.akhtar@samsung.com>
Signed-off-by: Satya Tangirala <satyat@google.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/scsi/ufs/ufshcd-crypto.h b/drivers/scsi/ufs/ufshcd-crypto.h
index cbc58b4..d53851b 100644 (file)
--- a/drivers/scsi/ufs/ufshcd-crypto.h
+++ b/drivers/scsi/ufs/ufshcd-crypto.h
@@ -10,6 +10,30 @@
 #include "ufshcd.h"
 #include "ufshci.h"
 
+static inline void ufshcd_prepare_lrbp_crypto(struct request *rq,
+                                             struct ufshcd_lrb *lrbp)
+{
+       if (!rq || !rq->crypt_keyslot) {
+               lrbp->crypto_key_slot = -1;
+               return;
+       }
+
+       lrbp->crypto_key_slot = blk_ksm_get_slot_idx(rq->crypt_keyslot);
+       lrbp->data_unit_num = rq->crypt_ctx->bc_dun[0];
+}
+
+static inline void
+ufshcd_prepare_req_desc_hdr_crypto(struct ufshcd_lrb *lrbp, u32 *dword_0,
+                                  u32 *dword_1, u32 *dword_3)
+{
+       if (lrbp->crypto_key_slot >= 0) {
+               *dword_0 |= UTP_REQ_DESC_CRYPTO_ENABLE_CMD;
+               *dword_0 |= lrbp->crypto_key_slot;
+               *dword_1 = lower_32_bits(lrbp->data_unit_num);
+               *dword_3 = upper_32_bits(lrbp->data_unit_num);
+       }
+}
+
 bool ufshcd_crypto_enable(struct ufs_hba *hba);
 
 int ufshcd_hba_init_crypto_capabilities(struct ufs_hba *hba);
@@ -23,6 +47,13 @@ void ufshcd_crypto_destroy_keyslot_manager(struct ufs_hba *hba);
 
 #else /* CONFIG_SCSI_UFS_CRYPTO */
 
+static inline void ufshcd_prepare_lrbp_crypto(struct request *rq,
+                                             struct ufshcd_lrb *lrbp) { }
+
+static inline void
+ufshcd_prepare_req_desc_hdr_crypto(struct ufshcd_lrb *lrbp, u32 *dword_0,
+                                  u32 *dword_1, u32 *dword_3) { }
+
 static inline bool ufshcd_crypto_enable(struct ufs_hba *hba)
 {
        return false;

diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
index b34ab51..efc0a6c 100644 (file)
--- a/drivers/scsi/ufs/ufshcd.c
+++ b/drivers/scsi/ufs/ufshcd.c
@@ -20,6 +20,7 @@
 #include "unipro.h"
 #include "ufs-sysfs.h"
 #include "ufs_bsg.h"
+#include "ufshcd-crypto.h"
 #include <asm/unaligned.h>
 #include <linux/blkdev.h>
 
@@ -837,7 +838,12 @@ static void ufshcd_enable_run_stop_reg(struct ufs_hba *hba)
  */
 static inline void ufshcd_hba_start(struct ufs_hba *hba)
 {
-       ufshcd_writel(hba, CONTROLLER_ENABLE, REG_CONTROLLER_ENABLE);
+       u32 val = CONTROLLER_ENABLE;
+
+       if (ufshcd_crypto_enable(hba))
+               val |= CRYPTO_GENERAL_ENABLE;
+
+       ufshcd_writel(hba, val, REG_CONTROLLER_ENABLE);
 }
 
 /**
@@ -1996,15 +2002,26 @@ int ufshcd_copy_query_response(struct ufs_hba *hba, struct ufshcd_lrb *lrbp)
 /**
  * ufshcd_hba_capabilities - Read controller capabilities
  * @hba: per adapter instance
+ *
+ * Return: 0 on success, negative on error.
  */
-static inline void ufshcd_hba_capabilities(struct ufs_hba *hba)
+static inline int ufshcd_hba_capabilities(struct ufs_hba *hba)
 {
+       int err;
+
        hba->capabilities = ufshcd_readl(hba, REG_CONTROLLER_CAPABILITIES);
 
        /* nutrs and nutmrs are 0 based values */
        hba->nutrs = (hba->capabilities & MASK_TRANSFER_REQUESTS_SLOTS) + 1;
        hba->nutmrs =
        ((hba->capabilities & MASK_TASK_MANAGEMENT_REQUEST_SLOTS) >> 16) + 1;
+
+       /* Read crypto capabilities */
+       err = ufshcd_hba_init_crypto_capabilities(hba);
+       if (err)
+               dev_err(hba->dev, "crypto setup failed\n");
+
+       return err;
 }
 
 /**
@@ -2245,6 +2262,8 @@ static void ufshcd_prepare_req_desc_hdr(struct ufshcd_lrb *lrbp,
        struct utp_transfer_req_desc *req_desc = lrbp->utr_descriptor_ptr;
        u32 data_direction;
        u32 dword_0;
+       u32 dword_1 = 0;
+       u32 dword_3 = 0;
 
        if (cmd_dir == DMA_FROM_DEVICE) {
                data_direction = UTP_DEVICE_TO_HOST;
@@ -2262,10 +2281,12 @@ static void ufshcd_prepare_req_desc_hdr(struct ufshcd_lrb *lrbp,
        if (lrbp->intr_cmd)
                dword_0 |= UTP_REQ_DESC_INT_CMD;
 
+       /* Prepare crypto related dwords */
+       ufshcd_prepare_req_desc_hdr_crypto(lrbp, &dword_0, &dword_1, &dword_3);
+
        /* Transfer request descriptor header fields */
        req_desc->header.dword_0 = cpu_to_le32(dword_0);
-       /* dword_1 is reserved, hence it is set to 0 */
-       req_desc->header.dword_1 = 0;
+       req_desc->header.dword_1 = cpu_to_le32(dword_1);
        /*
         * assigning invalid value for command status. Controller
         * updates OCS on command completion, with the command
@@ -2273,8 +2294,7 @@ static void ufshcd_prepare_req_desc_hdr(struct ufshcd_lrb *lrbp,
         */
        req_desc->header.dword_2 =
                cpu_to_le32(OCS_INVALID_COMMAND_STATUS);
-       /* dword_3 is reserved, hence it is set to 0 */
-       req_desc->header.dword_3 = 0;
+       req_desc->header.dword_3 = cpu_to_le32(dword_3);
 
        req_desc->prd_table_length = 0;
 }
@@ -2529,6 +2549,9 @@ static int ufshcd_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *cmd)
        lrbp->task_tag = tag;
        lrbp->lun = ufshcd_scsi_to_upiu_lun(cmd->device->lun);
        lrbp->intr_cmd = !ufshcd_is_intr_aggr_allowed(hba) ? true : false;
+
+       ufshcd_prepare_lrbp_crypto(cmd->request, lrbp);
+
        lrbp->req_abort_skip = false;
 
        ufshcd_comp_scsi_upiu(hba, lrbp);
@@ -2562,6 +2585,7 @@ static int ufshcd_compose_dev_cmd(struct ufs_hba *hba,
        lrbp->task_tag = tag;
        lrbp->lun = 0; /* device management cmd is not specific to any LUN */
        lrbp->intr_cmd = true; /* No interrupt aggregation */
+       ufshcd_prepare_lrbp_crypto(NULL, lrbp);
        hba->dev_cmd.type = cmd_type;
 
        return ufshcd_comp_devman_upiu(hba, lrbp);
@@ -4670,6 +4694,8 @@ static int ufshcd_slave_configure(struct scsi_device *sdev)
        if (ufshcd_is_rpm_autosuspend_allowed(hba))
                sdev->rpm_autosuspend = 1;
 
+       ufshcd_crypto_setup_rq_keyslot_manager(hba, q);
+
        return 0;
 }
 
@@ -6146,6 +6172,7 @@ static int ufshcd_issue_devman_upiu_cmd(struct ufs_hba *hba,
        lrbp->task_tag = tag;
        lrbp->lun = 0;
        lrbp->intr_cmd = true;
+       ufshcd_prepare_lrbp_crypto(NULL, lrbp);
        hba->dev_cmd.type = cmd_type;
 
        switch (hba->ufs_version) {
@@ -8655,6 +8682,7 @@ EXPORT_SYMBOL_GPL(ufshcd_remove);
  */
 void ufshcd_dealloc_host(struct ufs_hba *hba)
 {
+       ufshcd_crypto_destroy_keyslot_manager(hba);
        scsi_host_put(hba->host);
 }
 EXPORT_SYMBOL_GPL(ufshcd_dealloc_host);
@@ -8755,7 +8783,9 @@ int ufshcd_init(struct ufs_hba *hba, void __iomem *mmio_base, unsigned int irq)
                goto out_error;
 
        /* Read capabilities registers */
-       ufshcd_hba_capabilities(hba);
+       err = ufshcd_hba_capabilities(hba);
+       if (err)
+               goto out_disable;
 
        /* Get UFS version supported by the controller */
        hba->ufs_version = ufshcd_get_ufs_version(hba);
@@ -8865,6 +8895,8 @@ int ufshcd_init(struct ufs_hba *hba, void __iomem *mmio_base, unsigned int irq)
        /* Reset the attached device */
        ufshcd_vops_device_reset(hba);
 
+       ufshcd_init_crypto(hba);
+
        /* Host controller enable */
        err = ufshcd_hba_enable(hba);
        if (err) {

diff --git a/drivers/scsi/ufs/ufshcd.h b/drivers/scsi/ufs/ufshcd.h
index 0fe9588..656c069 100644 (file)
--- a/drivers/scsi/ufs/ufshcd.h
+++ b/drivers/scsi/ufs/ufshcd.h
@@ -155,6 +155,8 @@ struct ufs_pm_lvl_states {
  * @intr_cmd: Interrupt command (doesn't participate in interrupt aggregation)
  * @issue_time_stamp: time stamp for debug purposes
  * @compl_time_stamp: time stamp for statistics
+ * @crypto_key_slot: the key slot to use for inline crypto (-1 if none)
+ * @data_unit_num: the data unit number for the first block for inline crypto
  * @req_abort_skip: skip request abort task flag
  */
 struct ufshcd_lrb {
@@ -179,6 +181,10 @@ struct ufshcd_lrb {
        bool intr_cmd;
        ktime_t issue_time_stamp;
        ktime_t compl_time_stamp;
+#ifdef CONFIG_SCSI_UFS_CRYPTO
+       int crypto_key_slot;
+       u64 data_unit_num;
+#endif
 
        bool req_abort_skip;
 };