Storage encryption has two IOCTLs for creating, importing
and preparing keys for encryption. For wrapped keys, these
IOCTLs need to interface with Qualcomm's Trustzone, which
require these SCM calls.
generate_key: This is used to generate and return a longterm
wrapped key. Trustzone achieves this by generating
a key and then wrapping it using hwkm, returning
a wrapped keyblob.
import_key: The functionality is similar to generate, but here,
a raw key is imported into hwkm and a longterm wrapped
keyblob is returned.
prepare_key: The longterm wrapped key from import or generate
is made further secure by rewrapping it with a per-boot
ephemeral wrapped key before installing it to the linux
kernel for programming to ICE.
Signed-off-by: Gaurav Kashyap <[email protected]>
Tested-by: Neil Armstrong <[email protected]>
---
drivers/firmware/qcom/qcom_scm.c | 182 +++++++++++++++++++++++++
drivers/firmware/qcom/qcom_scm.h | 3 +
include/linux/firmware/qcom/qcom_scm.h | 5 +
3 files changed, 190 insertions(+)
diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c
index 4882f8a36453..20dbab765c8e 100644
--- a/drivers/firmware/qcom/qcom_scm.c
+++ b/drivers/firmware/qcom/qcom_scm.c
@@ -1285,6 +1285,188 @@ int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size,
}
EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret);
+/**
+ * qcom_scm_generate_ice_key() - Generate a wrapped key for encryption.
+ * @lt_key: the wrapped key returned after key generation
+ * @lt_key_size: size of the wrapped key to be returned.
+ *
+ * Qualcomm wrapped keys need to be generated in a trusted environment.
+ * A generate key IOCTL call is used to achieve this. These are longterm
+ * in nature as they need to be generated and wrapped only once per
+ * requirement.
+ *
+ * Adds support for the create key IOCTL to interface
+ * with the secure environment to generate and return a wrapped key..
+ *
+ * Return: longterm key size on success; -errno on failure.
+ */
+int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size)
+{
+ struct qcom_scm_desc desc = {
+ .svc = QCOM_SCM_SVC_ES,
+ .cmd = QCOM_SCM_ES_GENERATE_ICE_KEY,
+ .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL),
+ .args[1] = lt_key_size,
+ .owner = ARM_SMCCC_OWNER_SIP,
+ };
+
+ void *lt_key_buf;
+ int ret;
+
+ lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
+ if (!lt_key_buf)
+ return -ENOMEM;
+
+ desc.args[0] = qcom_tzmem_to_phys(lt_key_buf);
+
+ ret = qcom_scm_call(__scm->dev, &desc, NULL);
+ if (!ret)
+ memcpy(lt_key, lt_key_buf, lt_key_size);
+
+ memzero_explicit(lt_key_buf, lt_key_size);
+ qcom_tzmem_free(lt_key_buf);
+
+ if (!ret)
+ return lt_key_size;
+
+ return ret;
+}
+EXPORT_SYMBOL_GPL(qcom_scm_generate_ice_key);
+
+/**
+ * qcom_scm_prepare_ice_key() - Get per boot ephemeral wrapped key
+ * @lt_key: the longterm wrapped key
+ * @lt_key_size: size of the wrapped key
+ * @eph_key: ephemeral wrapped key to be returned
+ * @eph_key_size: size of the ephemeral wrapped key
+ *
+ * Qualcomm wrapped keys (longterm keys) are rewrapped with a per-boot
+ * ephemeral key for added protection. These are ephemeral in nature as
+ * they are valid only for that boot. A create key IOCTL is used to
+ * achieve this. These are the keys that are installed into the kernel
+ * to be then unwrapped and programmed into ICE.
+ *
+ * Adds support for the create key IOCTL to interface
+ * with the secure environment to rewrap the wrapped key with an
+ * ephemeral wrapping key.
+ *
+ * Return: ephemeral key size on success; -errno on failure.
+ */
+int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size,
+ u8 *eph_key, size_t eph_key_size)
+{
+ struct qcom_scm_desc desc = {
+ .svc = QCOM_SCM_SVC_ES,
+ .cmd = QCOM_SCM_ES_PREPARE_ICE_KEY,
+ .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO,
+ QCOM_SCM_VAL, QCOM_SCM_RW,
+ QCOM_SCM_VAL),
+ .args[1] = lt_key_size,
+ .args[3] = eph_key_size,
+ .owner = ARM_SMCCC_OWNER_SIP,
+ };
+
+ void *eph_key_buf;
+ void *lt_key_buf;
+ int ret;
+
+ lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
+ if (!lt_key_buf)
+ return -ENOMEM;
+ eph_key_buf = qcom_tzmem_alloc(__scm->mempool, eph_key_size, GFP_KERNEL);
+ if (!eph_key_buf) {
+ ret = -ENOMEM;
+ goto err_free_longterm;
+ }
+
+ memcpy(lt_key_buf, lt_key, lt_key_size);
+ desc.args[0] = qcom_tzmem_to_phys(lt_key_buf);
+ desc.args[2] = qcom_tzmem_to_phys(eph_key_buf);
+
+ ret = qcom_scm_call(__scm->dev, &desc, NULL);
+ if (!ret)
+ memcpy(eph_key, eph_key_buf, eph_key_size);
+
+ memzero_explicit(eph_key_buf, eph_key_size);
+ qcom_tzmem_free(eph_key_buf);
+
+err_free_longterm:
+ memzero_explicit(lt_key_buf, lt_key_size);
+ qcom_tzmem_free(lt_key_buf);
+
+ if (!ret)
+ return eph_key_size;
+
+ return ret;
+}
+EXPORT_SYMBOL_GPL(qcom_scm_prepare_ice_key);
+
+/**
+ * qcom_scm_import_ice_key() - Import a wrapped key for encryption
+ * @imp_key: the raw key that is imported
+ * @imp_key_size: size of the key to be imported
+ * @lt_key: the wrapped key to be returned
+ * @lt_key_size: size of the wrapped key
+ *
+ * Conceptually, this is very similar to generate, the difference being,
+ * here we want to import a raw key and return a longterm wrapped key
+ * from it. The same create key IOCTL is used to achieve this.
+ *
+ * Adds support for the create key IOCTL to interface with
+ * the secure environment to import a raw key and generate a longterm
+ * wrapped key.
+ *
+ * Return: longterm key size on success; -errno on failure.
+ */
+int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_key_size,
+ u8 *lt_key, size_t lt_key_size)
+{
+ struct qcom_scm_desc desc = {
+ .svc = QCOM_SCM_SVC_ES,
+ .cmd = QCOM_SCM_ES_IMPORT_ICE_KEY,
+ .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO,
+ QCOM_SCM_VAL, QCOM_SCM_RW,
+ QCOM_SCM_VAL),
+ .args[1] = imp_key_size,
+ .args[3] = lt_key_size,
+ .owner = ARM_SMCCC_OWNER_SIP,
+ };
+
+ void *imp_key_buf;
+ void *lt_key_buf;
+ int ret;
+
+ imp_key_buf = qcom_tzmem_alloc(__scm->mempool, imp_key_size, GFP_KERNEL);
+ if (!imp_key_buf)
+ return -ENOMEM;
+ lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
+ if (!lt_key_buf) {
+ ret = -ENOMEM;
+ goto err_free_longterm;
+ }
+
+ memcpy(imp_key_buf, imp_key, imp_key_size);
+ desc.args[0] = qcom_tzmem_to_phys(imp_key_buf);
+ desc.args[2] = qcom_tzmem_to_phys(lt_key_buf);
+
+ ret = qcom_scm_call(__scm->dev, &desc, NULL);
+ if (!ret)
+ memcpy(lt_key, lt_key_buf, lt_key_size);
+
+ memzero_explicit(lt_key_buf, lt_key_size);
+ qcom_tzmem_free(lt_key_buf);
+
+err_free_longterm:
+ memzero_explicit(imp_key_buf, imp_key_size);
+ qcom_tzmem_free(imp_key_buf);
+
+ if (!ret)
+ return lt_key_size;
+
+ return ret;
+}
+EXPORT_SYMBOL_GPL(qcom_scm_import_ice_key);
+
/**
* qcom_scm_hdcp_available() - Check if secure environment supports HDCP.
*
diff --git a/drivers/firmware/qcom/qcom_scm.h b/drivers/firmware/qcom/qcom_scm.h
index 56ff0806f5d2..c30d6383b6de 100644
--- a/drivers/firmware/qcom/qcom_scm.h
+++ b/drivers/firmware/qcom/qcom_scm.h
@@ -128,6 +128,9 @@ struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void);
#define QCOM_SCM_ES_INVALIDATE_ICE_KEY 0x03
#define QCOM_SCM_ES_CONFIG_SET_ICE_KEY 0x04
#define QCOM_SCM_ES_DERIVE_SW_SECRET 0x07
+#define QCOM_SCM_ES_GENERATE_ICE_KEY 0x08
+#define QCOM_SCM_ES_PREPARE_ICE_KEY 0x09
+#define QCOM_SCM_ES_IMPORT_ICE_KEY 0xA
#define QCOM_SCM_SVC_HDCP 0x11
#define QCOM_SCM_HDCP_INVOKE 0x01
diff --git a/include/linux/firmware/qcom/qcom_scm.h b/include/linux/firmware/qcom/qcom_scm.h
index 89358478ac67..a0983a40bc09 100644
--- a/include/linux/firmware/qcom/qcom_scm.h
+++ b/include/linux/firmware/qcom/qcom_scm.h
@@ -105,6 +105,11 @@ int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size,
enum qcom_scm_ice_cipher cipher, u32 data_unit_size);
int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size,
u8 *sw_secret, size_t sw_secret_size);
+int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size);
+int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size,
+ u8 *eph_key, size_t eph_size);
+int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_size,
+ u8 *lt_key, size_t lt_key_size);
bool qcom_scm_hdcp_available(void);
int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp);
--
2.43.0
On 1/28/2024 4:44 AM, Gaurav Kashyap wrote:
> Storage encryption has two IOCTLs for creating, importing
> and preparing keys for encryption. For wrapped keys, these
> IOCTLs need to interface with Qualcomm's Trustzone, which
> require these SCM calls.
>
> generate_key: This is used to generate and return a longterm
> wrapped key. Trustzone achieves this by generating
> a key and then wrapping it using hwkm, returning
> a wrapped keyblob.
> import_key: The functionality is similar to generate, but here,
> a raw key is imported into hwkm and a longterm wrapped
> keyblob is returned.
> prepare_key: The longterm wrapped key from import or generate
> is made further secure by rewrapping it with a per-boot
> ephemeral wrapped key before installing it to the linux
> kernel for programming to ICE.
>
> Signed-off-by: Gaurav Kashyap <[email protected]>
> Tested-by: Neil Armstrong <[email protected]>
> ---
> drivers/firmware/qcom/qcom_scm.c | 182 +++++++++++++++++++++++++
> drivers/firmware/qcom/qcom_scm.h | 3 +
> include/linux/firmware/qcom/qcom_scm.h | 5 +
> 3 files changed, 190 insertions(+)
>
> diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c
> index 4882f8a36453..20dbab765c8e 100644
> --- a/drivers/firmware/qcom/qcom_scm.c
> +++ b/drivers/firmware/qcom/qcom_scm.c
> @@ -1285,6 +1285,188 @@ int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size,
> }
> EXPORT_SYMBOL_GPL(qcom_scm_derive_sw_secret);
>
> +/**
> + * qcom_scm_generate_ice_key() - Generate a wrapped key for encryption.
> + * @lt_key: the wrapped key returned after key generation
> + * @lt_key_size: size of the wrapped key to be returned.
> + *
> + * Qualcomm wrapped keys need to be generated in a trusted environment.
> + * A generate key IOCTL call is used to achieve this. These are longterm
> + * in nature as they need to be generated and wrapped only once per
> + * requirement.
> + *
> + * Adds support for the create key IOCTL to interface
> + * with the secure environment to generate and return a wrapped key..
> + *
> + * Return: longterm key size on success; -errno on failure.
Why to return parameter input value? already has it. returning 0 on
success should be the standard unless the returned key size would change.
> + */
> +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size)
> +{
> + struct qcom_scm_desc desc = {
> + .svc = QCOM_SCM_SVC_ES,
> + .cmd = QCOM_SCM_ES_GENERATE_ICE_KEY,
> + .arginfo = QCOM_SCM_ARGS(2, QCOM_SCM_RW, QCOM_SCM_VAL),
> + .args[1] = lt_key_size,
> + .owner = ARM_SMCCC_OWNER_SIP,
> + };
> +
> + void *lt_key_buf;
> + int ret;
> +
> + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
> + if (!lt_key_buf)
> + return -ENOMEM;
> +
> + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf);
> +
> + ret = qcom_scm_call(__scm->dev, &desc, NULL);
> + if (!ret)
> + memcpy(lt_key, lt_key_buf, lt_key_size);
> +
> + memzero_explicit(lt_key_buf, lt_key_size);
> + qcom_tzmem_free(lt_key_buf);
> +
> + if (!ret)
> + return lt_key_size;
return 0 on success. lt_key_size is input value. Caller already has it.
> +
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(qcom_scm_generate_ice_key);
> +
> +/**
> + * qcom_scm_prepare_ice_key() - Get per boot ephemeral wrapped key
> + * @lt_key: the longterm wrapped key
> + * @lt_key_size: size of the wrapped key
> + * @eph_key: ephemeral wrapped key to be returned
> + * @eph_key_size: size of the ephemeral wrapped key
> + *
> + * Qualcomm wrapped keys (longterm keys) are rewrapped with a per-boot
> + * ephemeral key for added protection. These are ephemeral in nature as
> + * they are valid only for that boot. A create key IOCTL is used to
> + * achieve this. These are the keys that are installed into the kernel
> + * to be then unwrapped and programmed into ICE.
> + *
> + * Adds support for the create key IOCTL to interface
> + * with the secure environment to rewrap the wrapped key with an
> + * ephemeral wrapping key.
> + *
> + * Return: ephemeral key size on success; -errno on failure.
> + */
> +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size,
> + u8 *eph_key, size_t eph_key_size)
> +{
> + struct qcom_scm_desc desc = {
> + .svc = QCOM_SCM_SVC_ES,
> + .cmd = QCOM_SCM_ES_PREPARE_ICE_KEY,
> + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO,
> + QCOM_SCM_VAL, QCOM_SCM_RW,
> + QCOM_SCM_VAL),
> + .args[1] = lt_key_size,
> + .args[3] = eph_key_size,
> + .owner = ARM_SMCCC_OWNER_SIP,
> + };
> +
> + void *eph_key_buf;
> + void *lt_key_buf;
> + int ret;
> +
> + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
> + if (!lt_key_buf)
> + return -ENOMEM;
> + eph_key_buf = qcom_tzmem_alloc(__scm->mempool, eph_key_size, GFP_KERNEL);
> + if (!eph_key_buf) {
> + ret = -ENOMEM;
> + goto err_free_longterm;
> + }
> +
> + memcpy(lt_key_buf, lt_key, lt_key_size);
> + desc.args[0] = qcom_tzmem_to_phys(lt_key_buf);
> + desc.args[2] = qcom_tzmem_to_phys(eph_key_buf);
> +
> + ret = qcom_scm_call(__scm->dev, &desc, NULL);
> + if (!ret)
> + memcpy(eph_key, eph_key_buf, eph_key_size);
> +
> + memzero_explicit(eph_key_buf, eph_key_size);
> + qcom_tzmem_free(eph_key_buf);
> +
> +err_free_longterm:
> + memzero_explicit(lt_key_buf, lt_key_size);
> + qcom_tzmem_free(lt_key_buf);
> +
> + if (!ret)
> + return eph_key_size;
return 0 on success. eph_key_size is input value. Caller already has it.
> +
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(qcom_scm_prepare_ice_key);
> +
> +/**
> + * qcom_scm_import_ice_key() - Import a wrapped key for encryption
> + * @imp_key: the raw key that is imported
> + * @imp_key_size: size of the key to be imported
> + * @lt_key: the wrapped key to be returned
> + * @lt_key_size: size of the wrapped key
> + *
> + * Conceptually, this is very similar to generate, the difference being,
> + * here we want to import a raw key and return a longterm wrapped key
> + * from it. The same create key IOCTL is used to achieve this.
> + *
> + * Adds support for the create key IOCTL to interface with
> + * the secure environment to import a raw key and generate a longterm
> + * wrapped key.
> + *
> + * Return: longterm key size on success; -errno on failure.
> + */
> +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_key_size,
> + u8 *lt_key, size_t lt_key_size)
> +{
> + struct qcom_scm_desc desc = {
> + .svc = QCOM_SCM_SVC_ES,
> + .cmd = QCOM_SCM_ES_IMPORT_ICE_KEY,
> + .arginfo = QCOM_SCM_ARGS(4, QCOM_SCM_RO,
> + QCOM_SCM_VAL, QCOM_SCM_RW,
> + QCOM_SCM_VAL),
> + .args[1] = imp_key_size,
> + .args[3] = lt_key_size,
> + .owner = ARM_SMCCC_OWNER_SIP,
> + };
> +
> + void *imp_key_buf;
> + void *lt_key_buf;
> + int ret;
> +
> + imp_key_buf = qcom_tzmem_alloc(__scm->mempool, imp_key_size, GFP_KERNEL);
> + if (!imp_key_buf)
> + return -ENOMEM;
> + lt_key_buf = qcom_tzmem_alloc(__scm->mempool, lt_key_size, GFP_KERNEL);
> + if (!lt_key_buf) {
> + ret = -ENOMEM;
> + goto err_free_longterm;
> + }
> +
> + memcpy(imp_key_buf, imp_key, imp_key_size);
> + desc.args[0] = qcom_tzmem_to_phys(imp_key_buf);
> + desc.args[2] = qcom_tzmem_to_phys(lt_key_buf);
> +
> + ret = qcom_scm_call(__scm->dev, &desc, NULL);
> + if (!ret)
> + memcpy(lt_key, lt_key_buf, lt_key_size);
> +
> + memzero_explicit(lt_key_buf, lt_key_size);
> + qcom_tzmem_free(lt_key_buf);
> +
> +err_free_longterm:
> + memzero_explicit(imp_key_buf, imp_key_size);
> + qcom_tzmem_free(imp_key_buf);
> +
> + if (!ret)
> + return lt_key_size;
return 0 on success. lt_key_size is input value. Caller already has it.
> +
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(qcom_scm_import_ice_key);
> +
> /**
> * qcom_scm_hdcp_available() - Check if secure environment supports HDCP.
> *
> diff --git a/drivers/firmware/qcom/qcom_scm.h b/drivers/firmware/qcom/qcom_scm.h
> index 56ff0806f5d2..c30d6383b6de 100644
> --- a/drivers/firmware/qcom/qcom_scm.h
> +++ b/drivers/firmware/qcom/qcom_scm.h
> @@ -128,6 +128,9 @@ struct qcom_tzmem_pool *qcom_scm_get_tzmem_pool(void);
> #define QCOM_SCM_ES_INVALIDATE_ICE_KEY 0x03
> #define QCOM_SCM_ES_CONFIG_SET_ICE_KEY 0x04
> #define QCOM_SCM_ES_DERIVE_SW_SECRET 0x07
> +#define QCOM_SCM_ES_GENERATE_ICE_KEY 0x08
> +#define QCOM_SCM_ES_PREPARE_ICE_KEY 0x09
> +#define QCOM_SCM_ES_IMPORT_ICE_KEY 0xA
>
> #define QCOM_SCM_SVC_HDCP 0x11
> #define QCOM_SCM_HDCP_INVOKE 0x01
> diff --git a/include/linux/firmware/qcom/qcom_scm.h b/include/linux/firmware/qcom/qcom_scm.h
> index 89358478ac67..a0983a40bc09 100644
> --- a/include/linux/firmware/qcom/qcom_scm.h
> +++ b/include/linux/firmware/qcom/qcom_scm.h
> @@ -105,6 +105,11 @@ int qcom_scm_ice_set_key(u32 index, const u8 *key, u32 key_size,
> enum qcom_scm_ice_cipher cipher, u32 data_unit_size);
> int qcom_scm_derive_sw_secret(const u8 *wkey, size_t wkey_size,
> u8 *sw_secret, size_t sw_secret_size);
> +int qcom_scm_generate_ice_key(u8 *lt_key, size_t lt_key_size);
> +int qcom_scm_prepare_ice_key(const u8 *lt_key, size_t lt_key_size,
> + u8 *eph_key, size_t eph_size);
> +int qcom_scm_import_ice_key(const u8 *imp_key, size_t imp_size,
> + u8 *lt_key, size_t lt_key_size);
>
> bool qcom_scm_hdcp_available(void);
> int qcom_scm_hdcp_req(struct qcom_scm_hdcp_req *req, u32 req_cnt, u32 *resp);