Re: [PATCH v4 15/15] arm64: dts: qcom: sm8550: add hwkm support to ufs ice

From: Dmitry Baryshkov
Date: Sat Jan 27 2024 - 20:01:46 EST


On Sun, 28 Jan 2024 at 01:28, Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx> wrote:
>
> The Inline Crypto Engine (ICE) for UFS/EMMC supports the
> Hardware Key Manager (HWKM) to securely manage storage
> keys. Enable using this hardware on sm8550.
>
> This requires two changes:
> 1. Register size increase: HWKM is an additional piece of hardware
> sitting alongside ICE, and extends the old ICE's register space.
> 2. Explicitly tell the ICE driver to use HWKM with ICE so that
> wrapped keys are used in sm8550.
>
> NOTE: Although wrapped keys cannot be independently generated and
> tested on this platform using generate, prepare and import key calls,
> there are non-kernel paths to create wrapped keys, and still use the
> kernel to program them into ICE. Hence, enabling wrapped key support
> on sm8550 too.
>
> Signed-off-by: Gaurav Kashyap <quic_gaurkash@xxxxxxxxxxx>
> ---
> arch/arm64/boot/dts/qcom/sm8550.dtsi | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/boot/dts/qcom/sm8550.dtsi b/arch/arm64/boot/dts/qcom/sm8550.dtsi
> index ee1ba5a8c8fc..b5b41d0a544c 100644
> --- a/arch/arm64/boot/dts/qcom/sm8550.dtsi
> +++ b/arch/arm64/boot/dts/qcom/sm8550.dtsi
> @@ -1977,7 +1977,8 @@ ufs_mem_hc: ufs@1d84000 {
> ice: crypto@1d88000 {
> compatible = "qcom,sm8550-inline-crypto-engine",
> "qcom,inline-crypto-engine";
> - reg = <0 0x01d88000 0 0x8000>;
> + reg = <0 0x01d88000 0 0x10000>;

Does the driver fail gracefully with the old DT size? At least it
should not crash.

> + qcom,ice-use-hwkm;
> clocks = <&gcc GCC_UFS_PHY_ICE_CORE_CLK>;

--
With best wishes
Dmitry