Received: by 2002:a05:7412:9c07:b0:fa:6e18:a558 with SMTP id lr7csp476908rdb; Sat, 27 Jan 2024 15:31:50 -0800 (PST) X-Google-Smtp-Source: AGHT+IGs/2t8Ot9gyGbgzgkGBN4NmhjLbwiOblmwSwlNdhgOHNei0A7UWzUF1dGVEdlLER/PSdN3 X-Received: by 2002:a17:90a:db09:b0:290:c94b:6667 with SMTP id g9-20020a17090adb0900b00290c94b6667mr3358760pjv.48.1706398310724; Sat, 27 Jan 2024 15:31:50 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706398310; cv=pass; d=google.com; s=arc-20160816; b=mmzG08a53PfAwUH1mynAS5+jCWFQ+M5W9IUOAoqs1Je3SgG3xJXQAL0Vhdq9tD8mzu gqnlgsXnwj9PXD1WLtDVTX8z3KLMxoFKWueVmK/0vavgpas53IBwgR8VhTIdnswbybdV MiByfROkCPVm1GvMjaZ8Be1ANB43IwqeoHu0cyIl7Ry8Fg4bPFsxisq0m2ByISx/hW4c /kXxGPk0IKeupeYlj5hHHl+MZm0a5Ga4N4XMT2BL7T0FpGUNsexJP2sQKNIGkrhCs6M4 BD/Rz1rDxC/tN5PHFj7Ou2U98FNXfbu0ng7x0VvNf9in6cMlSAAiNLOCY1UEvDtN5OCQ Q6AA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=dZsbikU7IrJRDi/3lw/414IWmaPQrY5eY3TdobIUbpQ=; fh=x1ujH+apNbfx6EPYmfSZIXjRGauUMOWMrgzkOfs+fAU=; b=lfSp3X67U0czSXyKKUvPOamQoHLTx+Ncqc7+dvzFki51MzaI5/YqBvKRlm2K58yTQX cdEPb4rjmT5JMDFo1w8hTZYZXR2fQMH66uxg1lc4R/nI4eDmFun0hOc8wwLTEjmQap92 /MDGspBxuDXYtgoOuocE4OKA+i6TlFmVQR293u1MSjofcjntDMU49YqpjtgYIVaGNr3V e2ntvteqGjyo/FL44Z8TkMJVNLYq9Jag7h2zoWZ2lv7HFqkrhDLXCOtcdGNv8uU3vYtl lJFlZnqLXuQ1nZ6+iT6CG+T5d9Wqqrz9zvNOSkU9S+VVUM1aQCK6mLclV4nRVTspdEWa Tdfg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b="m91E/7vp"; arc=pass (i=1 spf=pass spfdomain=quicinc.com dkim=pass dkdomain=quicinc.com dmarc=pass fromdomain=quicinc.com); spf=pass (google.com: domain of linux-kernel+bounces-41454-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41454-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id g23-20020a17090ace9700b0029006dc5d26si5281573pju.16.2024.01.27.15.31.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 27 Jan 2024 15:31:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-41454-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@quicinc.com header.s=qcppdkim1 header.b="m91E/7vp"; arc=pass (i=1 spf=pass spfdomain=quicinc.com dkim=pass dkdomain=quicinc.com dmarc=pass fromdomain=quicinc.com); spf=pass (google.com: domain of linux-kernel+bounces-41454-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41454-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=quicinc.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 954B3B24910 for ; Sat, 27 Jan 2024 23:30:32 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DD06822EEC; Sat, 27 Jan 2024 23:27:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b="m91E/7vp" Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48B0D20DD1; Sat, 27 Jan 2024 23:27:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706398029; cv=none; b=JWbhb/dCTZiK8dTjWw6vdijTuUgQ7PGHP2URUo9yrCdnHV/yxTkWnhghXFn7J2iAFrncWK/uqIKxeZrTLylH5gNZwC2ATi2NH/FyZ0FBhUwgbGL2gdsATEFPh41s8K1G8hi5e94/7+hPW/erEVBXoRJE9+6ll0MOJBslBnQpevg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706398029; c=relaxed/simple; bh=DoC26Zth7EMRgUeXiBNSQ/5UKrMl1Jy4RtBM1jTsoGE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uCBH4d2ISfFdR/F+IGaOV+FO72BClWi/xSKp/6fyHTpuj0Rfrv/ScQtRqeoS6nnrV5S9H7Ri/8iqSF03aRGyVVVe/bi+eh0vyp6CKvQc6FK4qUB/d+qKmD+BgnbPsPZ54E5VQJX35XpcqI0AZIhQcnRxJxGHPrBn2j/O65K+5wY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com; spf=pass smtp.mailfrom=quicinc.com; dkim=pass (2048-bit key) header.d=quicinc.com header.i=@quicinc.com header.b=m91E/7vp; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=quicinc.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=quicinc.com Received: from pps.filterd (m0279871.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 40RNGBPO000738; Sat, 27 Jan 2024 23:26:22 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quicinc.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= qcppdkim1; bh=dZsbikU7IrJRDi/3lw/414IWmaPQrY5eY3TdobIUbpQ=; b=m9 1E/7vpwmCGa4yBxjQS7foexZFt6R1lv+xaKf497pEf1+t1DVJx4cSHq0FxGECZWW nd3pGor1cr4wjGEimQwnR9yKU2NqSD8c1bp42obS5GW4x4CDC9xcYfqK7uiv2OxM LiDlMSqyBMp7sbcHNXqefEwCZjpSTan2gbTAr1BmHabhTNsQO9FOnNlmexbmHgdu 254b1gN84MQMOmgNuyUBqicmnPvv83uOVZ+on/BkGxEwgNAOsnyhEzMEbwIuiRtH dYsQHhGGTGIvDzQJzHXPqvUtsFWVDiAwharxj5CnsRHJjV433TMRiSnT/EAu/csO 4qkFRqosUMAvYAgn00Dw== Received: from nalasppmta05.qualcomm.com (Global_NAT1.qualcomm.com [129.46.96.20]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 3vvse4s53y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 27 Jan 2024 23:26:21 +0000 (GMT) Received: from nalasex01a.na.qualcomm.com (nalasex01a.na.qualcomm.com [10.47.209.196]) by NALASPPMTA05.qualcomm.com (8.17.1.5/8.17.1.5) with ESMTPS id 40RNQKbo010233 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 27 Jan 2024 23:26:20 GMT Received: from hu-gaurkash-lv.qualcomm.com (10.49.16.6) by nalasex01a.na.qualcomm.com (10.47.209.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.40; Sat, 27 Jan 2024 15:26:16 -0800 From: Gaurav Kashyap To: , , , , , , , , CC: , , , , , , , , , , , , , , , Gaurav Kashyap Subject: [PATCH v4 02/15] qcom_scm: scm call for deriving a software secret Date: Sat, 27 Jan 2024 15:14:00 -0800 Message-ID: <20240127232436.2632187-3-quic_gaurkash@quicinc.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240127232436.2632187-1-quic_gaurkash@quicinc.com> References: <20240127232436.2632187-1-quic_gaurkash@quicinc.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: nalasex01c.na.qualcomm.com (10.47.97.35) To nalasex01a.na.qualcomm.com (10.47.209.196) X-QCInternal: smtphost X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=5800 signatures=585085 X-Proofpoint-ORIG-GUID: 2yhUtWzVvm9Biu1q3n5mL9oP-zvLvn4K X-Proofpoint-GUID: 2yhUtWzVvm9Biu1q3n5mL9oP-zvLvn4K X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-25_14,2024-01-25_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 spamscore=0 malwarescore=0 priorityscore=1501 bulkscore=0 phishscore=0 mlxlogscore=984 impostorscore=0 lowpriorityscore=0 suspectscore=0 adultscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2401190000 definitions=main-2401270178 Inline storage encryption may require deriving a software secret from storage keys added to the kernel. For non-wrapped keys, this can be directly done in the kernel as keys are in the clear. However, hardware wrapped keys can only be unwrapped by the wrapping entity. In case of Qualcomm's wrapped key solution, this is done by the Hardware Key Manager (HWKM) from Trustzone. Hence, adding a new SCM call which in the end provides a hook to the software secret crypto profile API provided by the block layer. Signed-off-by: Gaurav Kashyap Tested-by: Neil Armstrong --- drivers/firmware/qcom/qcom_scm.c | 65 ++++++++++++++++++++++++++ drivers/firmware/qcom/qcom_scm.h | 1 + include/linux/firmware/qcom/qcom_scm.h | 2 + 3 files changed, 68 insertions(+) diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c index 7e17fd662bda..4882f8a36453 100644 --- a/drivers/firmware/qcom/qcom_scm.c +++ b/drivers/firmware/qcom/qcom_scm.c @@ -1220,6 +1220,71 @@ int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size, } EXPORT_SYMBOL_GPL(qcom_scm_ice_set_key); +/** + * qcom_scm_derive_sw_secret() - Derive software secret from wrapped key + * @wkey: the hardware wrapped key inaccessible to software + * @wkey_size: size of the wrapped key + * @sw_secret: the secret to be derived which is exactly the secret size + * @sw_secret_size: size of the sw_secret + * + * Derive a software secret from a hardware wrapped key for software crypto + * operations. + * For wrapped keys, the key needs to be unwrapped, in order to derive a + * software secret, which can be done in the hardware from a secure execution + * environment. + * + * For more information on sw secret, please refer to "Hardware-wrapped keys" + * section of Documentation/block/inline-encryption.rst. + * + * Return: 0 on success; -errno on failure. + */ +int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, + u8 *sw_secret, size_t sw_secret_size) +{ + struct qcom_scm_desc desc = { + .svc = QCOM_SCM_SVC_ES, + .cmd = QCOM_SCM_ES_DERIVE_SW_SECRET, + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RW, + QCOM_SCM_VAL, QCOM_SCM_RW, + QCOM_SCM_VAL), + .args[1] = wkey_size, + .args[3] = sw_secret_size, + .owner = ARM_SMCCC_OWNER_SIP, + }; + + void *secret_buf; + void *wkey_buf; + int ret; + + wkey_buf = qcom_tzmem_alloc(__scm->mempool, wkey_size, GFP_KERNEL); + if (!wkey_buf) + return -ENOMEM; + + secret_buf = qcom_tzmem_alloc(__scm->mempool, sw_secret_size, GFP_KERNEL); + if (!secret_buf) { + ret = -ENOMEM; + goto err_free_wrapped; + } + + memcpy(wkey_buf, wkey, wkey_size); + desc.args[0] = qcom_tzmem_to_phys(wkey_buf); + desc.args[2] = qcom_tzmem_to_phys(secret_buf); + + ret = qcom_scm_call(__scm->dev, &desc, NULL); + if (!ret) + memcpy(sw_secret, secret_buf, sw_secret_size); + + memzero_explicit(secret_buf, sw_secret_size); + qcom_tzmem_free(secret_buf); + +err_free_wrapped: + memzero_explicit(wkey_buf, wkey_size); + qcom_tzmem_free(wkey_buf); + + return ret; +} +EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret); + /** * qcom_scm_hdcp_available() - Check if secure environment supports HDCP. * diff --git a/drivers/firmware/qcom/qcom_scm.h b/drivers/firmware/qcom/qcom_scm.h index cb7273aa0a5e..56ff0806f5d2 100644 --- a/drivers/firmware/qcom/qcom_scm.h +++ b/drivers/firmware/qcom/qcom_scm.h @@ -127,6 +127,7 @@ struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void); #define QCOM_SCM_SVC_ES 0x10 /* Enterprise Security */ #define QCOM_SCM_ES_INVALIDATE_ICE_KEY 0x03 #define QCOM_SCM_ES_CONFIG_SET_ICE_KEY 0x04 +#define QCOM_SCM_ES_DERIVE_SW_SECRET 0x07 #define QCOM_SCM_SVC_HDCP 0x11 #define QCOM_SCM_HDCP_INVOKE 0x01 diff --git a/include/linux/firmware/qcom/qcom_scm.h b/include/linux/firmware/qcom/qcom_scm.h index 9b6054813f59..89358478ac67 100644 --- a/include/linux/firmware/qcom/qcom_scm.h +++ b/include/linux/firmware/qcom/qcom_scm.h @@ -103,6 +103,8 @@ bool qcom_scm_ice_available(void); int qcom_scm_ice_invalidate_key(u32 index); int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size, enum qcom_scm_ice_cipher cipher, u32 data_unit_size); +int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size, + u8 *sw_secret, size_t sw_secret_size); bool qcom_scm_hdcp_available(void); int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp); -- 2.43.0