Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2667905ybv; Fri, 21 Feb 2020 21:00:16 -0800 (PST) X-Google-Smtp-Source: APXvYqyu4jLSK3v7XADrn8ioJZ8s1nmXENA1nd2tR2sP+rcfq9mkZ2YOXrHpEeKcXvXet3aY7raJ X-Received: by 2002:a9d:171a:: with SMTP id i26mr26890627ota.202.1582347615952; Fri, 21 Feb 2020 21:00:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582347615; cv=none; d=google.com; s=arc-20160816; b=xTuDmKqzTiVx6yMDkbkuDN0Ec9iFLi6GA582YN/hGYYT0ynnkdYej3F46G0xQcd0Bu n7zWQJLXtQoUB7GeCH6v40wvQU8N7PVcoD2w/avyqcI5nmHhyBM0rkQYG8RaHFe1nb9g LAVLXe+shsoSauSjvqgfr2LhvxEXvw0ByMKYozh7TlkqfJFINfZh+9reYEI4maUhlM5L SAPHPjOQSGcm+O0iVtc4WtHB7n/vjR0YL8ygmVitZpx8r0r9CgmCSrgmGQF31z3jljkF fSrTlXajjvqVUXSl5A/wlNsf3HdMykSnzNwvApSrpVivlTXQnqAQYLJ724ShwNx0BgXF BZHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=8IEFCksZdIjWHq8tRt8Hel6dX2zFkfcXhNkTI5aA0d0=; b=0Iu+0Bn3UHZZ0Qpbu8wO+8ptU1Ss62d8vIhbpWm0touW5aUn22pFlXPxmw8Ua5uUT8 H/S/HTxbmHDP9p8loZ7FRyWAfwlPQh3JQUhrRXdnofl4fBY2w8ad68M6uHMFr63x/Uo/ +EIZkwwz0Qv2bKfG4WH3W13tKN6JnERaXX1A2mLfdLz3AW2gJEIaSz6F5edDrSPNttSr IEaocRYz+HWRq/dy10QRHPBJnlHelwU0OmN97gkWwdxPMlkgdehr5eYW3hAqve3cZMq0 kWdJ3JnN5m+d2ra38Yhxas3ep2wKlmdxky5r7XNIkPP3Ua1KrtgG6f5J6YxDYl+SyVND ByDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Q0HvI0cr; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k1si1999365oic.245.2020.02.21.20.59.47; Fri, 21 Feb 2020 21:00:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Q0HvI0cr; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727987AbgBVE7n (ORCPT + 99 others); Fri, 21 Feb 2020 23:59:43 -0500 Received: from mail.kernel.org ([198.145.29.99]:33650 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726713AbgBVE7m (ORCPT ); Fri, 21 Feb 2020 23:59:42 -0500 Received: from sol.localdomain (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EA3CE208C4; Sat, 22 Feb 2020 04:59:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1582347581; bh=jdJmeQHWfLzP8iz4Tg3BFePEIfcyOXGqPSQppwKYUwU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Q0HvI0crrpMhLs1nOWpn7ktNXLBProFVDGFa0wVWZuVo1gjW+5QBddmI96dXgFhxN rEuxK240Ae6MPYrnjIXaj0GJotk49aI+loEDIQ2lTYmrBXGaFRhEeIv6gWE+d6aa1x NmUalpfEJEEU2QAV4KffW/alTYtb+icN8cdA8YPY= Date: Fri, 21 Feb 2020 20:59:39 -0800 From: Eric Biggers To: Satya Tangirala Cc: linux-block@vger.kernel.org, linux-scsi@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net, linux-ext4@vger.kernel.org, Barani Muthukumaran , Kuohong Wang , Kim Boojin Subject: Re: [PATCH v7 5/9] scsi: ufs: UFS crypto API Message-ID: <20200222045939.GA848@sol.localdomain> References: <20200221115050.238976-1-satyat@google.com> <20200221115050.238976-6-satyat@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200221115050.238976-6-satyat@google.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org On Fri, Feb 21, 2020 at 03:50:46AM -0800, Satya Tangirala wrote: > +static int ufshcd_crypto_cap_find(struct ufs_hba *hba, > + enum blk_crypto_mode_num crypto_mode, > + unsigned int data_unit_size) > +{ > + enum ufs_crypto_alg ufs_alg; > + u8 data_unit_mask; > + int cap_idx; > + enum ufs_crypto_key_size ufs_key_size; > + union ufs_crypto_cap_entry *ccap_array = hba->crypto_cap_array; > + > + if (!ufshcd_hba_is_crypto_supported(hba)) > + return -EINVAL; > + > + switch (crypto_mode) { > + case BLK_ENCRYPTION_MODE_AES_256_XTS: > + ufs_alg = UFS_CRYPTO_ALG_AES_XTS; > + ufs_key_size = UFS_CRYPTO_KEY_SIZE_256; > + break; > + default: > + return -EINVAL; > + } [...] > +bool ufshcd_blk_crypto_mode_num_for_alg_dusize( > + enum ufs_crypto_alg ufs_crypto_alg, > + enum ufs_crypto_key_size key_size, > + enum blk_crypto_mode_num *blk_mode_num, > + unsigned int *max_dun_bytes_supported) > +{ > + /* > + * This is currently the only mode that UFS and blk-crypto both support. > + */ > + if (ufs_crypto_alg == UFS_CRYPTO_ALG_AES_XTS && > + key_size == UFS_CRYPTO_KEY_SIZE_256) { > + *blk_mode_num = BLK_ENCRYPTION_MODE_AES_256_XTS; > + *max_dun_bytes_supported = 8; > + return true; > + } > + > + return false; > +} In UFS, max_dun_bytes_supported is always 8 because it's a property of how the DUN is conveyed in the UFS standard, not specific to the crypto algorithm. So, ufshcd_hba_init_crypto() should just set to 8, and there's no need for this code that pretends like it could be a per-algorithm thing. Also, perhaps ufshcd_crypto_cap_find() and this would be better served by a table that maps between the different conventions for representing the algorithms? For now it would just have one entry: static const struct { enum ufs_crypto_alg ufs_alg; enum ufs_crypto_key_size ufs_key_size; enum blk_crypto_mode_num blk_mode; } ufs_crypto_algs[] = { { .ufs_alg = UFS_CRYPTO_ALG_AES_XTS, .ufs_key_size = UFS_CRYPTO_KEY_SIZE_256, .blk_mode = BLK_ENCRYPTION_MODE_AES_256_XTS, }, }; But then it would be super easy to add another entry later. I think the only reason not to do that is if we didn't expect any more algorithms to be added later. But in that case it would be simpler to remove ufshcd_blk_crypto_mode_num_for_alg_dusize() and just hard-code AES-256-XTS, and likewise make ufshcd_crypto_cap_find() use 'if' instead of 'switch'. (Note that ufshcd_blk_crypto_mode_num_for_alg_dusize() is also misnamed, as it doesn't have anything to do with the data unit size. And it should be 'static'.) > + > +/** > + * ufshcd_hba_init_crypto - Read crypto capabilities, init crypto fields in hba > + * @hba: Per adapter instance > + * > + * Return: 0 if crypto was initialized or is not supported, else a -errno value. > + */ > +int ufshcd_hba_init_crypto(struct ufs_hba *hba) > +{ > + int cap_idx = 0; > + int err = 0; > + enum blk_crypto_mode_num blk_mode_num; > + unsigned int max_dun_bytes; > + > + /* Default to disabling crypto */ > + hba->caps &= ~UFSHCD_CAP_CRYPTO; > + > + /* Return 0 if crypto support isn't present */ > + if (!(hba->capabilities & MASK_CRYPTO_SUPPORT) || > + (hba->quirks & UFSHCD_QUIRK_BROKEN_CRYPTO)) > + goto out; > + > + /* > + * Crypto Capabilities should never be 0, because the > + * config_array_ptr > 04h. So we use a 0 value to indicate that > + * crypto init failed, and can't be enabled. > + */ > + hba->crypto_capabilities.reg_val = > + cpu_to_le32(ufshcd_readl(hba, REG_UFS_CCAP)); > + hba->crypto_cfg_register = > + (u32)hba->crypto_capabilities.config_array_ptr * 0x100; > + hba->crypto_cap_array = > + devm_kcalloc(hba->dev, > + hba->crypto_capabilities.num_crypto_cap, > + sizeof(hba->crypto_cap_array[0]), > + GFP_KERNEL); > + if (!hba->crypto_cap_array) { > + err = -ENOMEM; > + goto out; > + } > + > + err = blk_ksm_init(&hba->ksm, hba->dev, ufshcd_num_keyslots(hba)); > + if (err) > + goto out_free_caps; > + > + hba->ksm.ksm_ll_ops = ufshcd_ksm_ops; > + hba->ksm.ll_priv_data = hba; ll_priv_data isn't used anymore, so it should be removed. > + > + memset(hba->ksm.crypto_modes_supported, 0, > + sizeof(hba->ksm.crypto_modes_supported)); > + memset(hba->ksm.max_dun_bytes_supported, 0, > + sizeof(hba->ksm.max_dun_bytes_supported)); No need to zero these arrays here, since it's already done by blk_ksm_init(). > + /* > + * Store all the capabilities now so that we don't need to repeatedly > + * access the device each time we want to know its capabilities > + */ This comment is a bit misleading now, since now this loop also initializes the crypto_modes_supported array, which is *required* and not just a performance optimization. - Eric