@@ -141,6 +141,45 @@ static int cqhci_crypto_derive_sw_secret(struct blk_crypto_profile *profile,
return -EOPNOTSUPP;
}
+static int cqhci_crypto_generate_key(struct blk_crypto_profile *profile,
+ u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+ struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile);
+
+ if (cq_host->ops && cq_host->ops->generate_key)
+ return cq_host->ops->generate_key(cq_host, lt_key);
+
+ return -EOPNOTSUPP;
+}
+
+static int cqhci_crypto_prepare_key(struct blk_crypto_profile *profile,
+ const u8 *lt_key, size_t lt_key_size,
+ u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+
+ struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile);
+
+ if (cq_host->ops && cq_host->ops->prepare_key)
+ return cq_host->ops->prepare_key(cq_host, lt_key,
+ lt_key_size, eph_key);
+
+ return -EOPNOTSUPP;
+}
+
+static int cqhci_crypto_import_key(struct blk_crypto_profile *profile,
+ const u8 *imp_key, size_t imp_key_size,
+ u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+
+ struct cqhci_host *cq_host = cqhci_host_from_crypto_profile(profile);
+
+ if (cq_host->ops && cq_host->ops->import_key)
+ return cq_host->ops->import_key(cq_host, imp_key,
+ imp_key_size, lt_key);
+
+ return -EOPNOTSUPP;
+}
+
/*
* The keyslot management operations for CQHCI crypto.
*
@@ -153,6 +192,9 @@ static const struct blk_crypto_ll_ops cqhci_crypto_ops = {
.keyslot_program = cqhci_crypto_keyslot_program,
.keyslot_evict = cqhci_crypto_keyslot_evict,
.derive_sw_secret = cqhci_crypto_derive_sw_secret,
+ .generate_key = cqhci_crypto_generate_key,
+ .prepare_key = cqhci_crypto_prepare_key,
+ .import_key = cqhci_crypto_import_key,
};
static enum blk_crypto_mode_num
@@ -287,6 +287,9 @@ struct cqhci_host {
};
/* @derive_sw_secret: derive sw secret from a wrapped key
+ * @generate_key: generate a storage key and return longterm wrapped key
+ * @prepare_key: unwrap longterm key and return ephemeral wrapped key
+ * @import_key: import sw storage key and return longterm wrapped key
*/
struct cqhci_host_ops {
void (*dumpregs)(struct mmc_host *mmc);
@@ -305,6 +308,14 @@ struct cqhci_host_ops {
int (*derive_sw_secret)(struct cqhci_host *cq_host, const u8 wkey[],
unsigned int wkey_size,
u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE]);
+ int (*generate_key)(struct cqhci_host *cq_host,
+ u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]);
+ int (*prepare_key)(struct cqhci_host *cq_host,
+ const u8 *lt_key, size_t lt_key_size,
+ u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]);
+ int (*import_key)(struct cqhci_host *cq_host, const u8 *imp_key,
+ size_t imp_key_size,
+ u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE]);
#endif
void (*set_tran_desc)(struct cqhci_host *cq_host, u8 **desc,
dma_addr_t addr, int len, bool end, bool dma64);
Block crypto allows storage controllers like MMC to register ops to generate, prepare and import wrapped keys in the kernel. Wrapped keys in most cases will have vendor specific implementations, which means these ops would need to have corresponding MMC variant ops. Signed-off-by: Seshu Madhavi Puppala <quic_spuppala@quicinc.com> --- drivers/mmc/host/cqhci-crypto.c | 42 +++++++++++++++++++++++++++++++++ drivers/mmc/host/cqhci.h | 11 +++++++++ 2 files changed, 53 insertions(+)