Message ID | 20240127232436.2632187-4-quic_gaurkash@quicinc.com |
---|---|
State | Superseded |
Headers | show |
Series | Hardware wrapped key support for qcom ice and ufs | expand |
On 1/28/2024 4:44 AM, Gaurav Kashyap wrote: > Storage encryption has two IOCTLs for creating, importing > and preparing keys for encryption. For wrapped keys, these > IOCTLs need to interface with Qualcomm's Trustzone, which > require these SCM calls. > > generate_key: This is used to generate and return a longterm > wrapped key. Trustzone achieves this by generating > a key and then wrapping it using hwkm, returning > a wrapped keyblob. > import_key: The functionality is similar to generate, but here, > a raw key is imported into hwkm and a longterm wrapped > keyblob is returned. > prepare_key: The longterm wrapped key from import or generate > is made further secure by rewrapping it with a per-boot > ephemeral wrapped key before installing it to the linux > kernel for programming to ICE. > > Signed-off-by: Gaurav Kashyap <quic_gaurkash@quicinc.com> > Tested-by: Neil Armstrong <neil.armstrong@linaro.org> > --- > drivers/firmware/qcom/qcom_scm.c | 182 +++++++++++++++++++++++++ > drivers/firmware/qcom/qcom_scm.h | 3 + > include/linux/firmware/qcom/qcom_scm.h | 5 + > 3 files changed, 190 insertions(+) > > diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c > index 4882f8a36453..20dbab765c8e 100644 > --- a/drivers/firmware/qcom/qcom_scm.c > +++ b/drivers/firmware/qcom/qcom_scm.c > @@ -1285,6 +1285,188 @@ int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, > } > EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret); > > +/** > + * qcom_scm_generate_ice_key() - Generate a wrapped key for encryption. > + * @lt_key: the wrapped key returned after key generation > + * @lt_key_size: size of the wrapped key to be returned. > + * > + * Qualcomm wrapped keys need to be generated in a trusted environment. > + * A generate key IOCTL call is used to achieve this. These are longterm > + * in nature as they need to be generated and wrapped only once per > + * requirement. > + * > + * Adds support for the create key IOCTL to interface > + * with the secure environment to generate and return a wrapped key.. > + * > + * Return: longterm key size on success; -errno on failure. Why to return parameter input value? already has it. returning 0 on success should be the standard unless the returned key size would change. > + */ > +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size) > +{ > + struct qcom_scm_desc desc = { > + .svc = QCOM_SCM_SVC_ES, > + .cmd = QCOM_SCM_ES_GENERATE_ICE_KEY, > + .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL), > + .args[1] = lt_key_size, > + .owner = ARM_SMCCC_OWNER_SIP, > + }; > + > + void *lt_key_buf; > + int ret; > + > + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); > + if (!lt_key_buf) > + return -ENOMEM; > + > + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf); > + > + ret = qcom_scm_call(__scm->dev, &desc, NULL); > + if (!ret) > + memcpy(lt_key, lt_key_buf, lt_key_size); > + > + memzero_explicit(lt_key_buf, lt_key_size); > + qcom_tzmem_free(lt_key_buf); > + > + if (!ret) > + return lt_key_size; return 0 on success. lt_key_size is input value. Caller already has it. > + > + return ret; > +} > +EXPORT_SYMBOL_GPL(qcom_scm_generate_ice_key); > + > +/** > + * qcom_scm_prepare_ice_key() - Get per boot ephemeral wrapped key > + * @lt_key: the longterm wrapped key > + * @lt_key_size: size of the wrapped key > + * @eph_key: ephemeral wrapped key to be returned > + * @eph_key_size: size of the ephemeral wrapped key > + * > + * Qualcomm wrapped keys (longterm keys) are rewrapped with a per-boot > + * ephemeral key for added protection. These are ephemeral in nature as > + * they are valid only for that boot. A create key IOCTL is used to > + * achieve this. These are the keys that are installed into the kernel > + * to be then unwrapped and programmed into ICE. > + * > + * Adds support for the create key IOCTL to interface > + * with the secure environment to rewrap the wrapped key with an > + * ephemeral wrapping key. > + * > + * Return: ephemeral key size on success; -errno on failure. > + */ > +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size, > + u8 *eph_key, size_t eph_key_size) > +{ > + struct qcom_scm_desc desc = { > + .svc = QCOM_SCM_SVC_ES, > + .cmd = QCOM_SCM_ES_PREPARE_ICE_KEY, > + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO, > + QCOM_SCM_VAL, QCOM_SCM_RW, > + QCOM_SCM_VAL), > + .args[1] = lt_key_size, > + .args[3] = eph_key_size, > + .owner = ARM_SMCCC_OWNER_SIP, > + }; > + > + void *eph_key_buf; > + void *lt_key_buf; > + int ret; > + > + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); > + if (!lt_key_buf) > + return -ENOMEM; > + eph_key_buf = qcom_tzmem_alloc(__scm->mempool, eph_key_size, GFP_KERNEL); > + if (!eph_key_buf) { > + ret = -ENOMEM; > + goto err_free_longterm; > + } > + > + memcpy(lt_key_buf, lt_key, lt_key_size); > + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf); > + desc.args[2] = qcom_tzmem_to_phys(eph_key_buf); > + > + ret = qcom_scm_call(__scm->dev, &desc, NULL); > + if (!ret) > + memcpy(eph_key, eph_key_buf, eph_key_size); > + > + memzero_explicit(eph_key_buf, eph_key_size); > + qcom_tzmem_free(eph_key_buf); > + > +err_free_longterm: > + memzero_explicit(lt_key_buf, lt_key_size); > + qcom_tzmem_free(lt_key_buf); > + > + if (!ret) > + return eph_key_size; return 0 on success. eph_key_size is input value. Caller already has it. > + > + return ret; > +} > +EXPORT_SYMBOL_GPL(qcom_scm_prepare_ice_key); > + > +/** > + * qcom_scm_import_ice_key() - Import a wrapped key for encryption > + * @imp_key: the raw key that is imported > + * @imp_key_size: size of the key to be imported > + * @lt_key: the wrapped key to be returned > + * @lt_key_size: size of the wrapped key > + * > + * Conceptually, this is very similar to generate, the difference being, > + * here we want to import a raw key and return a longterm wrapped key > + * from it. The same create key IOCTL is used to achieve this. > + * > + * Adds support for the create key IOCTL to interface with > + * the secure environment to import a raw key and generate a longterm > + * wrapped key. > + * > + * Return: longterm key size on success; -errno on failure. > + */ > +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_key_size, > + u8 *lt_key, size_t lt_key_size) > +{ > + struct qcom_scm_desc desc = { > + .svc = QCOM_SCM_SVC_ES, > + .cmd = QCOM_SCM_ES_IMPORT_ICE_KEY, > + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO, > + QCOM_SCM_VAL, QCOM_SCM_RW, > + QCOM_SCM_VAL), > + .args[1] = imp_key_size, > + .args[3] = lt_key_size, > + .owner = ARM_SMCCC_OWNER_SIP, > + }; > + > + void *imp_key_buf; > + void *lt_key_buf; > + int ret; > + > + imp_key_buf = qcom_tzmem_alloc(__scm->mempool, imp_key_size, GFP_KERNEL); > + if (!imp_key_buf) > + return -ENOMEM; > + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); > + if (!lt_key_buf) { > + ret = -ENOMEM; > + goto err_free_longterm; > + } > + > + memcpy(imp_key_buf, imp_key, imp_key_size); > + desc.args[0] = qcom_tzmem_to_phys(imp_key_buf); > + desc.args[2] = qcom_tzmem_to_phys(lt_key_buf); > + > + ret = qcom_scm_call(__scm->dev, &desc, NULL); > + if (!ret) > + memcpy(lt_key, lt_key_buf, lt_key_size); > + > + memzero_explicit(lt_key_buf, lt_key_size); > + qcom_tzmem_free(lt_key_buf); > + > +err_free_longterm: > + memzero_explicit(imp_key_buf, imp_key_size); > + qcom_tzmem_free(imp_key_buf); > + > + if (!ret) > + return lt_key_size; return 0 on success. lt_key_size is input value. Caller already has it. > + > + return ret; > +} > +EXPORT_SYMBOL_GPL(qcom_scm_import_ice_key); > + > /** > * qcom_scm_hdcp_available() - Check if secure environment supports HDCP. > * > diff --git a/drivers/firmware/qcom/qcom_scm.h b/drivers/firmware/qcom/qcom_scm.h > index 56ff0806f5d2..c30d6383b6de 100644 > --- a/drivers/firmware/qcom/qcom_scm.h > +++ b/drivers/firmware/qcom/qcom_scm.h > @@ -128,6 +128,9 @@ struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void); > #define QCOM_SCM_ES_INVALIDATE_ICE_KEY 0x03 > #define QCOM_SCM_ES_CONFIG_SET_ICE_KEY 0x04 > #define QCOM_SCM_ES_DERIVE_SW_SECRET 0x07 > +#define QCOM_SCM_ES_GENERATE_ICE_KEY 0x08 > +#define QCOM_SCM_ES_PREPARE_ICE_KEY 0x09 > +#define QCOM_SCM_ES_IMPORT_ICE_KEY 0xA > > #define QCOM_SCM_SVC_HDCP 0x11 > #define QCOM_SCM_HDCP_INVOKE 0x01 > diff --git a/include/linux/firmware/qcom/qcom_scm.h b/include/linux/firmware/qcom/qcom_scm.h > index 89358478ac67..a0983a40bc09 100644 > --- a/include/linux/firmware/qcom/qcom_scm.h > +++ b/include/linux/firmware/qcom/qcom_scm.h > @@ -105,6 +105,11 @@ int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size, > enum qcom_scm_ice_cipher cipher, u32 data_unit_size); > int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, > u8 *sw_secret, size_t sw_secret_size); > +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size); > +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size, > + u8 *eph_key, size_t eph_size); > +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_size, > + u8 *lt_key, size_t lt_key_size); > > bool qcom_scm_hdcp_available(void); > int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp);
On Sun, 28 Jan 2024 at 00:26, Gaurav Kashyap <quic_gaurkash@quicinc.com> wrote: > > Storage encryption has two IOCTLs for creating, importing > and preparing keys for encryption. For wrapped keys, these > IOCTLs need to interface with Qualcomm's Trustzone, which > require these SCM calls. > > generate_key: This is used to generate and return a longterm > wrapped key. Trustzone achieves this by generating > a key and then wrapping it using hwkm, returning > a wrapped keyblob. > import_key: The functionality is similar to generate, but here, > a raw key is imported into hwkm and a longterm wrapped > keyblob is returned. > prepare_key: The longterm wrapped key from import or generate > is made further secure by rewrapping it with a per-boot > ephemeral wrapped key before installing it to the linux > kernel for programming to ICE. > > Signed-off-by: Gaurav Kashyap <quic_gaurkash@quicinc.com> > Tested-by: Neil Armstrong <neil.armstrong@linaro.org> > --- > drivers/firmware/qcom/qcom_scm.c | 182 +++++++++++++++++++++++++ > drivers/firmware/qcom/qcom_scm.h | 3 + > include/linux/firmware/qcom/qcom_scm.h | 5 + > 3 files changed, 190 insertions(+) > > diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c > index 4882f8a36453..20dbab765c8e 100644 > --- a/drivers/firmware/qcom/qcom_scm.c > +++ b/drivers/firmware/qcom/qcom_scm.c > @@ -1285,6 +1285,188 @@ int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, > } > EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret); > > +/** > + * qcom_scm_generate_ice_key() - Generate a wrapped key for encryption. > + * @lt_key: the wrapped key returned after key generation > + * @lt_key_size: size of the wrapped key to be returned. > + * > + * Qualcomm wrapped keys need to be generated in a trusted environment. > + * A generate key IOCTL call is used to achieve this. These are longterm > + * in nature as they need to be generated and wrapped only once per > + * requirement. > + * > + * Adds support for the create key IOCTL to interface > + * with the secure environment to generate and return a wrapped key.. > + * > + * Return: longterm key size on success; -errno on failure. > + */ > +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size) > +{ > + struct qcom_scm_desc desc = { > + .svc = QCOM_SCM_SVC_ES, > + .cmd = QCOM_SCM_ES_GENERATE_ICE_KEY, > + .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL), > + .args[1] = lt_key_size, > + .owner = ARM_SMCCC_OWNER_SIP, > + }; > + > + void *lt_key_buf; > + int ret; > + > + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); Please use __free(qcom_tzmem) everywhere in this series. You can take a look at the calls I converted in the series adding this allocator. It's really useful - especially if the buffer is surely freed within the same scope. Bart [snip]
diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c index 4882f8a36453..20dbab765c8e 100644 --- a/drivers/firmware/qcom/qcom_scm.c +++ b/drivers/firmware/qcom/qcom_scm.c @@ -1285,6 +1285,188 @@ int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, } EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret); +/** + * qcom_scm_generate_ice_key() - Generate a wrapped key for encryption. + * @lt_key: the wrapped key returned after key generation + * @lt_key_size: size of the wrapped key to be returned. + * + * Qualcomm wrapped keys need to be generated in a trusted environment. + * A generate key IOCTL call is used to achieve this. These are longterm + * in nature as they need to be generated and wrapped only once per + * requirement. + * + * Adds support for the create key IOCTL to interface + * with the secure environment to generate and return a wrapped key.. + * + * Return: longterm key size on success; -errno on failure. + */ +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size) +{ + struct qcom_scm_desc desc = { + .svc = QCOM_SCM_SVC_ES, + .cmd = QCOM_SCM_ES_GENERATE_ICE_KEY, + .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL), + .args[1] = lt_key_size, + .owner = ARM_SMCCC_OWNER_SIP, + }; + + void *lt_key_buf; + int ret; + + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); + if (!lt_key_buf) + return -ENOMEM; + + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf); + + ret = qcom_scm_call(__scm->dev, &desc, NULL); + if (!ret) + memcpy(lt_key, lt_key_buf, lt_key_size); + + memzero_explicit(lt_key_buf, lt_key_size); + qcom_tzmem_free(lt_key_buf); + + if (!ret) + return lt_key_size; + + return ret; +} +EXPORT_SYMBOL_GPL(qcom_scm_generate_ice_key); + +/** + * qcom_scm_prepare_ice_key() - Get per boot ephemeral wrapped key + * @lt_key: the longterm wrapped key + * @lt_key_size: size of the wrapped key + * @eph_key: ephemeral wrapped key to be returned + * @eph_key_size: size of the ephemeral wrapped key + * + * Qualcomm wrapped keys (longterm keys) are rewrapped with a per-boot + * ephemeral key for added protection. These are ephemeral in nature as + * they are valid only for that boot. A create key IOCTL is used to + * achieve this. These are the keys that are installed into the kernel + * to be then unwrapped and programmed into ICE. + * + * Adds support for the create key IOCTL to interface + * with the secure environment to rewrap the wrapped key with an + * ephemeral wrapping key. + * + * Return: ephemeral key size on success; -errno on failure. + */ +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size, + u8 *eph_key, size_t eph_key_size) +{ + struct qcom_scm_desc desc = { + .svc = QCOM_SCM_SVC_ES, + .cmd = QCOM_SCM_ES_PREPARE_ICE_KEY, + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO, + QCOM_SCM_VAL, QCOM_SCM_RW, + QCOM_SCM_VAL), + .args[1] = lt_key_size, + .args[3] = eph_key_size, + .owner = ARM_SMCCC_OWNER_SIP, + }; + + void *eph_key_buf; + void *lt_key_buf; + int ret; + + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); + if (!lt_key_buf) + return -ENOMEM; + eph_key_buf = qcom_tzmem_alloc(__scm->mempool, eph_key_size, GFP_KERNEL); + if (!eph_key_buf) { + ret = -ENOMEM; + goto err_free_longterm; + } + + memcpy(lt_key_buf, lt_key, lt_key_size); + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf); + desc.args[2] = qcom_tzmem_to_phys(eph_key_buf); + + ret = qcom_scm_call(__scm->dev, &desc, NULL); + if (!ret) + memcpy(eph_key, eph_key_buf, eph_key_size); + + memzero_explicit(eph_key_buf, eph_key_size); + qcom_tzmem_free(eph_key_buf); + +err_free_longterm: + memzero_explicit(lt_key_buf, lt_key_size); + qcom_tzmem_free(lt_key_buf); + + if (!ret) + return eph_key_size; + + return ret; +} +EXPORT_SYMBOL_GPL(qcom_scm_prepare_ice_key); + +/** + * qcom_scm_import_ice_key() - Import a wrapped key for encryption + * @imp_key: the raw key that is imported + * @imp_key_size: size of the key to be imported + * @lt_key: the wrapped key to be returned + * @lt_key_size: size of the wrapped key + * + * Conceptually, this is very similar to generate, the difference being, + * here we want to import a raw key and return a longterm wrapped key + * from it. The same create key IOCTL is used to achieve this. + * + * Adds support for the create key IOCTL to interface with + * the secure environment to import a raw key and generate a longterm + * wrapped key. + * + * Return: longterm key size on success; -errno on failure. + */ +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_key_size, + u8 *lt_key, size_t lt_key_size) +{ + struct qcom_scm_desc desc = { + .svc = QCOM_SCM_SVC_ES, + .cmd = QCOM_SCM_ES_IMPORT_ICE_KEY, + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO, + QCOM_SCM_VAL, QCOM_SCM_RW, + QCOM_SCM_VAL), + .args[1] = imp_key_size, + .args[3] = lt_key_size, + .owner = ARM_SMCCC_OWNER_SIP, + }; + + void *imp_key_buf; + void *lt_key_buf; + int ret; + + imp_key_buf = qcom_tzmem_alloc(__scm->mempool, imp_key_size, GFP_KERNEL); + if (!imp_key_buf) + return -ENOMEM; + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL); + if (!lt_key_buf) { + ret = -ENOMEM; + goto err_free_longterm; + } + + memcpy(imp_key_buf, imp_key, imp_key_size); + desc.args[0] = qcom_tzmem_to_phys(imp_key_buf); + desc.args[2] = qcom_tzmem_to_phys(lt_key_buf); + + ret = qcom_scm_call(__scm->dev, &desc, NULL); + if (!ret) + memcpy(lt_key, lt_key_buf, lt_key_size); + + memzero_explicit(lt_key_buf, lt_key_size); + qcom_tzmem_free(lt_key_buf); + +err_free_longterm: + memzero_explicit(imp_key_buf, imp_key_size); + qcom_tzmem_free(imp_key_buf); + + if (!ret) + return lt_key_size; + + return ret; +} +EXPORT_SYMBOL_GPL(qcom_scm_import_ice_key); + /** * qcom_scm_hdcp_available() - Check if secure environment supports HDCP. * diff --git a/drivers/firmware/qcom/qcom_scm.h b/drivers/firmware/qcom/qcom_scm.h index 56ff0806f5d2..c30d6383b6de 100644 --- a/drivers/firmware/qcom/qcom_scm.h +++ b/drivers/firmware/qcom/qcom_scm.h @@ -128,6 +128,9 @@ struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void); #define QCOM_SCM_ES_INVALIDATE_ICE_KEY 0x03 #define QCOM_SCM_ES_CONFIG_SET_ICE_KEY 0x04 #define QCOM_SCM_ES_DERIVE_SW_SECRET 0x07 +#define QCOM_SCM_ES_GENERATE_ICE_KEY 0x08 +#define QCOM_SCM_ES_PREPARE_ICE_KEY 0x09 +#define QCOM_SCM_ES_IMPORT_ICE_KEY 0xA #define QCOM_SCM_SVC_HDCP 0x11 #define QCOM_SCM_HDCP_INVOKE 0x01 diff --git a/include/linux/firmware/qcom/qcom_scm.h b/include/linux/firmware/qcom/qcom_scm.h index 89358478ac67..a0983a40bc09 100644 --- a/include/linux/firmware/qcom/qcom_scm.h +++ b/include/linux/firmware/qcom/qcom_scm.h @@ -105,6 +105,11 @@ int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size, enum qcom_scm_ice_cipher cipher, u32 data_unit_size); int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, u8 *sw_secret, size_t sw_secret_size); +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size); +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size, + u8 *eph_key, size_t eph_size); +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_size, + u8 *lt_key, size_t lt_key_size); bool qcom_scm_hdcp_available(void); int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp);