All of lore.kernel.org
 help / color / mirror / Atom feed
* [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
@ 2021-06-09  5:52 ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch series adds supports user-key encrypted FPGA Image loading using
FPGA Manager framework.

Nava kishore Manne (4):
  drivers: firmware: Add user encrypted key load API support
  fpga: Add new property to support user-key encrypted bitstream loading
  drivers: fpga: Add user-key encrypted FPGA Image loading support
  fpga: zynqmp: Add user-key encrypted FPGA Image loading support

 .../devicetree/bindings/fpga/fpga-region.txt  |  3 +++
 drivers/firmware/xilinx/zynqmp.c              | 17 +++++++++++++
 drivers/fpga/fpga-mgr.c                       | 15 ++++++++++++
 drivers/fpga/of-fpga-region.c                 | 11 +++++++++
 drivers/fpga/zynqmp-fpga.c                    | 24 +++++++++++++++++--
 include/linux/firmware/xlnx-zynqmp.h          |  9 +++++++
 include/linux/fpga/fpga-mgr.h                 |  7 ++++++
 7 files changed, 84 insertions(+), 2 deletions(-)

-- 
2.17.1


^ permalink raw reply	[flat|nested] 24+ messages in thread

* [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
@ 2021-06-09  5:52 ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch series adds supports user-key encrypted FPGA Image loading using
FPGA Manager framework.

Nava kishore Manne (4):
  drivers: firmware: Add user encrypted key load API support
  fpga: Add new property to support user-key encrypted bitstream loading
  drivers: fpga: Add user-key encrypted FPGA Image loading support
  fpga: zynqmp: Add user-key encrypted FPGA Image loading support

 .../devicetree/bindings/fpga/fpga-region.txt  |  3 +++
 drivers/firmware/xilinx/zynqmp.c              | 17 +++++++++++++
 drivers/fpga/fpga-mgr.c                       | 15 ++++++++++++
 drivers/fpga/of-fpga-region.c                 | 11 +++++++++
 drivers/fpga/zynqmp-fpga.c                    | 24 +++++++++++++++++--
 include/linux/firmware/xlnx-zynqmp.h          |  9 +++++++
 include/linux/fpga/fpga-mgr.h                 |  7 ++++++
 7 files changed, 84 insertions(+), 2 deletions(-)

-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
  2021-06-09  5:52 ` Nava kishore Manne
@ 2021-06-09  5:52   ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds user encrypted key load API to support
User key encrypted images loading use cases from Linux.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
		-None.

 drivers/firmware/xilinx/zynqmp.c     | 17 +++++++++++++++++
 include/linux/firmware/xlnx-zynqmp.h |  7 +++++++
 2 files changed, 24 insertions(+)

diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c
index 15b138326ecc..2fa5687a75f8 100644
--- a/drivers/firmware/xilinx/zynqmp.c
+++ b/drivers/firmware/xilinx/zynqmp.c
@@ -787,6 +787,23 @@ int zynqmp_pm_fpga_load(const u64 address, const u32 size, const u32 flags)
 }
 EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_load);
 
+/**
+ * zynqmp_pm_fpga_key_load - Perform to load the bitstream encrypted key
+ * @address:    Address to write
+ * @size:       encrypted key size
+ *
+ * This function provides access to pmufw. To transfer
+ * the required encrypted key.
+ *
+ * Return: Returns status, either success or error+reason
+ */
+int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size)
+{
+	return zynqmp_pm_invoke_fn(PM_ENC_KEY_LOAD, lower_32_bits(address),
+				   upper_32_bits(address), size, 0, NULL);
+}
+EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_enc_key_load);
+
 /**
  * zynqmp_pm_fpga_get_status - Read value from PCAP status register
  * @value: Value to read
diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h
index 9d1a5c175065..7aa9ad40ff53 100644
--- a/include/linux/firmware/xlnx-zynqmp.h
+++ b/include/linux/firmware/xlnx-zynqmp.h
@@ -91,6 +91,7 @@ enum pm_api_id {
 	PM_CLOCK_GETPARENT = 44,
 	PM_SECURE_AES = 47,
 	PM_FEATURE_CHECK = 63,
+	PM_ENC_KEY_LOAD = 64,
 };
 
 /* PMU-FW return status codes */
@@ -411,6 +412,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const u32 param,
 				 u32 *value);
 int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
 				 u32 value);
+int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size);
 #else
 static inline int zynqmp_pm_get_api_version(u32 *version)
 {
@@ -622,6 +624,11 @@ static inline int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
 {
 	return -ENODEV;
 }
+
+static inline int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size)
+{
+	return -ENODEV;
+}
 #endif
 
 #endif /* __FIRMWARE_ZYNQMP_H__ */
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
@ 2021-06-09  5:52   ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds user encrypted key load API to support
User key encrypted images loading use cases from Linux.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
		-None.

 drivers/firmware/xilinx/zynqmp.c     | 17 +++++++++++++++++
 include/linux/firmware/xlnx-zynqmp.h |  7 +++++++
 2 files changed, 24 insertions(+)

diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c
index 15b138326ecc..2fa5687a75f8 100644
--- a/drivers/firmware/xilinx/zynqmp.c
+++ b/drivers/firmware/xilinx/zynqmp.c
@@ -787,6 +787,23 @@ int zynqmp_pm_fpga_load(const u64 address, const u32 size, const u32 flags)
 }
 EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_load);
 
+/**
+ * zynqmp_pm_fpga_key_load - Perform to load the bitstream encrypted key
+ * @address:    Address to write
+ * @size:       encrypted key size
+ *
+ * This function provides access to pmufw. To transfer
+ * the required encrypted key.
+ *
+ * Return: Returns status, either success or error+reason
+ */
+int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size)
+{
+	return zynqmp_pm_invoke_fn(PM_ENC_KEY_LOAD, lower_32_bits(address),
+				   upper_32_bits(address), size, 0, NULL);
+}
+EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_enc_key_load);
+
 /**
  * zynqmp_pm_fpga_get_status - Read value from PCAP status register
  * @value: Value to read
diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h
index 9d1a5c175065..7aa9ad40ff53 100644
--- a/include/linux/firmware/xlnx-zynqmp.h
+++ b/include/linux/firmware/xlnx-zynqmp.h
@@ -91,6 +91,7 @@ enum pm_api_id {
 	PM_CLOCK_GETPARENT = 44,
 	PM_SECURE_AES = 47,
 	PM_FEATURE_CHECK = 63,
+	PM_ENC_KEY_LOAD = 64,
 };
 
 /* PMU-FW return status codes */
@@ -411,6 +412,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const u32 param,
 				 u32 *value);
 int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
 				 u32 value);
+int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size);
 #else
 static inline int zynqmp_pm_get_api_version(u32 *version)
 {
@@ -622,6 +624,11 @@ static inline int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
 {
 	return -ENODEV;
 }
+
+static inline int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size)
+{
+	return -ENODEV;
+}
 #endif
 
 #endif /* __FIRMWARE_ZYNQMP_H__ */
-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
  2021-06-09  5:52 ` Nava kishore Manne
@ 2021-06-09  5:52   ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch Adds ‘encrypted-key-name’ property to
support user-key encrypted bitstream loading
use case.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
                -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
                 are targeted to use for the same use cases but ideally encrypted-key-name
                 is enough to serve the purpose so updated the file to remove the unwanted
                 encrypted-user-key-fpga-config property as suggested by Rob.

 Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index d787d57491a1..0de4a1c54650 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -177,6 +177,9 @@ Optional properties:
 	it indicates that the FPGA has already been programmed with this image.
 	If this property is in an overlay targeting a FPGA region, it is a
 	request to program the FPGA with that image.
+- encrypted-key-name : should contain the name of an encrypted key file located
+	on the firmware search path. It will be used to decrypt the FPGA image
+	file with user-key.
 - fpga-bridges : should contain a list of phandles to FPGA Bridges that must be
 	controlled during FPGA programming along with the parent FPGA bridge.
 	This property is optional if the FPGA Manager handles the bridges.
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
@ 2021-06-09  5:52   ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch Adds ‘encrypted-key-name’ property to
support user-key encrypted bitstream loading
use case.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
                -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
                 are targeted to use for the same use cases but ideally encrypted-key-name
                 is enough to serve the purpose so updated the file to remove the unwanted
                 encrypted-user-key-fpga-config property as suggested by Rob.

 Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index d787d57491a1..0de4a1c54650 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -177,6 +177,9 @@ Optional properties:
 	it indicates that the FPGA has already been programmed with this image.
 	If this property is in an overlay targeting a FPGA region, it is a
 	request to program the FPGA with that image.
+- encrypted-key-name : should contain the name of an encrypted key file located
+	on the firmware search path. It will be used to decrypt the FPGA image
+	file with user-key.
 - fpga-bridges : should contain a list of phandles to FPGA Bridges that must be
 	controlled during FPGA programming along with the parent FPGA bridge.
 	This property is optional if the FPGA Manager handles the bridges.
-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support
  2021-06-09  5:52 ` Nava kishore Manne
@ 2021-06-09  5:52   ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds user-key encrypted FPGA Image loading support
to the framework.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
                -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
                 are targeted to use for the same use cases but ideally encrypted-key-name
                 is enough to serve the purpose so updated the code to remove the unwanted
                 encrypted-user-key-fpga-config property dependency as suggested by Rob

 drivers/fpga/fpga-mgr.c       | 15 +++++++++++++++
 drivers/fpga/of-fpga-region.c | 11 +++++++++++
 include/linux/fpga/fpga-mgr.h |  7 +++++++
 3 files changed, 33 insertions(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index b85bc47c91a9..3e79ab8cc86f 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -325,6 +325,7 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 				  const char *image_name)
 {
 	struct device *dev = &mgr->dev;
+	const struct firmware *enc_fw;
 	const struct firmware *fw;
 	int ret;
 
@@ -339,8 +340,22 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 		return ret;
 	}
 
+	if (info->encrypted_key_name) {
+		ret = request_firmware(&enc_fw, info->encrypted_key_name, dev);
+		if (ret) {
+			mgr->state = FPGA_MGR_STATE_FIRMWARE_REQ_ERR;
+			dev_err(dev, "Error requesting firmware %s\n",
+				info->encrypted_key_name);
+			return ret;
+		}
+		info->enc_key_buf = enc_fw->data;
+		info->enc_key_buf_size = enc_fw->size;
+	}
+
 	ret = fpga_mgr_buf_load(mgr, info, fw->data, fw->size);
 
+	if (info->encrypted_key_name)
+		release_firmware(enc_fw);
 	release_firmware(fw);
 
 	return ret;
diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309baadc..88d8c9049a2f 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -195,6 +195,7 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 {
 	struct device *dev = &region->dev;
 	struct fpga_image_info *info;
+	const char *encrypted_key_name;
 	const char *firmware_name;
 	int ret;
 
@@ -228,6 +229,16 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 	if (of_property_read_bool(overlay, "encrypted-fpga-config"))
 		info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
 
+	if (!of_property_read_string(overlay, "encrypted-key-name",
+				     &encrypted_key_name)) {
+		info->encrypted_key_name =
+			devm_kstrdup(dev, encrypted_key_name, GFP_KERNEL);
+		if (!info->encrypted_key_name)
+			return ERR_PTR(-ENOMEM);
+
+		info->flags |= FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM;
+	}
+
 	if (!of_property_read_string(overlay, "firmware-name",
 				     &firmware_name)) {
 		info->firmware_name = devm_kstrdup(dev, firmware_name,
diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 3a32b8e20185..ff14bc51bdd3 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ * %FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM: indicates bitstream is encrypted
+ *					   with user-key
  */
 #define FPGA_MGR_PARTIAL_RECONFIG	BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG	BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM	BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST	BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM	BIT(4)
+#define FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM	BIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
@@ -82,6 +85,7 @@ enum fpga_mgr_states {
  * @config_complete_timeout_us: maximum time for FPGA to switch to operating
  *	   status in the write_complete op.
  * @firmware_name: name of FPGA image firmware file
+ * @encrypted_key_name: name of the FPGA image encrypted user-key file
  * @sgt: scatter/gather table containing FPGA image
  * @buf: contiguous buffer containing FPGA image
  * @count: size of buf
@@ -95,8 +99,11 @@ struct fpga_image_info {
 	u32 disable_timeout_us;
 	u32 config_complete_timeout_us;
 	char *firmware_name;
+	char *encrypted_key_name;
 	struct sg_table *sgt;
+	const char *enc_key_buf;
 	const char *buf;
+	size_t enc_key_buf_size;
 	size_t count;
 	int region_id;
 	struct device *dev;
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support
@ 2021-06-09  5:52   ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds user-key encrypted FPGA Image loading support
to the framework.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
                -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
                 are targeted to use for the same use cases but ideally encrypted-key-name
                 is enough to serve the purpose so updated the code to remove the unwanted
                 encrypted-user-key-fpga-config property dependency as suggested by Rob

 drivers/fpga/fpga-mgr.c       | 15 +++++++++++++++
 drivers/fpga/of-fpga-region.c | 11 +++++++++++
 include/linux/fpga/fpga-mgr.h |  7 +++++++
 3 files changed, 33 insertions(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index b85bc47c91a9..3e79ab8cc86f 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -325,6 +325,7 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 				  const char *image_name)
 {
 	struct device *dev = &mgr->dev;
+	const struct firmware *enc_fw;
 	const struct firmware *fw;
 	int ret;
 
@@ -339,8 +340,22 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 		return ret;
 	}
 
+	if (info->encrypted_key_name) {
+		ret = request_firmware(&enc_fw, info->encrypted_key_name, dev);
+		if (ret) {
+			mgr->state = FPGA_MGR_STATE_FIRMWARE_REQ_ERR;
+			dev_err(dev, "Error requesting firmware %s\n",
+				info->encrypted_key_name);
+			return ret;
+		}
+		info->enc_key_buf = enc_fw->data;
+		info->enc_key_buf_size = enc_fw->size;
+	}
+
 	ret = fpga_mgr_buf_load(mgr, info, fw->data, fw->size);
 
+	if (info->encrypted_key_name)
+		release_firmware(enc_fw);
 	release_firmware(fw);
 
 	return ret;
diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309baadc..88d8c9049a2f 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -195,6 +195,7 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 {
 	struct device *dev = &region->dev;
 	struct fpga_image_info *info;
+	const char *encrypted_key_name;
 	const char *firmware_name;
 	int ret;
 
@@ -228,6 +229,16 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 	if (of_property_read_bool(overlay, "encrypted-fpga-config"))
 		info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
 
+	if (!of_property_read_string(overlay, "encrypted-key-name",
+				     &encrypted_key_name)) {
+		info->encrypted_key_name =
+			devm_kstrdup(dev, encrypted_key_name, GFP_KERNEL);
+		if (!info->encrypted_key_name)
+			return ERR_PTR(-ENOMEM);
+
+		info->flags |= FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM;
+	}
+
 	if (!of_property_read_string(overlay, "firmware-name",
 				     &firmware_name)) {
 		info->firmware_name = devm_kstrdup(dev, firmware_name,
diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 3a32b8e20185..ff14bc51bdd3 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ * %FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM: indicates bitstream is encrypted
+ *					   with user-key
  */
 #define FPGA_MGR_PARTIAL_RECONFIG	BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG	BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM	BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST	BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM	BIT(4)
+#define FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM	BIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
@@ -82,6 +85,7 @@ enum fpga_mgr_states {
  * @config_complete_timeout_us: maximum time for FPGA to switch to operating
  *	   status in the write_complete op.
  * @firmware_name: name of FPGA image firmware file
+ * @encrypted_key_name: name of the FPGA image encrypted user-key file
  * @sgt: scatter/gather table containing FPGA image
  * @buf: contiguous buffer containing FPGA image
  * @count: size of buf
@@ -95,8 +99,11 @@ struct fpga_image_info {
 	u32 disable_timeout_us;
 	u32 config_complete_timeout_us;
 	char *firmware_name;
+	char *encrypted_key_name;
 	struct sg_table *sgt;
+	const char *enc_key_buf;
 	const char *buf;
+	size_t enc_key_buf_size;
 	size_t count;
 	int region_id;
 	struct device *dev;
-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 4/4] fpga: zynqmp: Add user-key encrypted FPGA Image loading support
  2021-06-09  5:52 ` Nava kishore Manne
@ 2021-06-09  5:52   ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds support to load the user-key encrypted FPGA
Image loading to the Xilinx ZynqMP Soc.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
		-None.

 drivers/fpga/zynqmp-fpga.c           | 24 ++++++++++++++++++++++--
 include/linux/firmware/xlnx-zynqmp.h |  2 ++
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/drivers/fpga/zynqmp-fpga.c b/drivers/fpga/zynqmp-fpga.c
index 125743c9797f..565ebe9e1610 100644
--- a/drivers/fpga/zynqmp-fpga.c
+++ b/drivers/fpga/zynqmp-fpga.c
@@ -22,6 +22,8 @@
  */
 struct zynqmp_fpga_priv {
 	struct device *dev;
+	const char *key_buf;
+	size_t key_size;
 	u32 flags;
 };
 
@@ -33,6 +35,8 @@ static int zynqmp_fpga_ops_write_init(struct fpga_manager *mgr,
 
 	priv = mgr->priv;
 	priv->flags = info->flags;
+	priv->key_buf = info->enc_key_buf;
+	priv->key_size = info->enc_key_buf_size;
 
 	return 0;
 }
@@ -41,9 +45,9 @@ static int zynqmp_fpga_ops_write(struct fpga_manager *mgr,
 				 const char *buf, size_t size)
 {
 	struct zynqmp_fpga_priv *priv;
-	dma_addr_t dma_addr;
+	dma_addr_t dma_addr, key_addr;
 	u32 eemi_flags = 0;
-	char *kbuf;
+	char *kbuf, *key_kbuf;
 	int ret;
 
 	priv = mgr->priv;
@@ -54,13 +58,29 @@ static int zynqmp_fpga_ops_write(struct fpga_manager *mgr,
 
 	memcpy(kbuf, buf, size);
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM) {
+		eemi_flags |= XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY;
+		key_kbuf = dma_alloc_coherent(priv->dev, size, &key_addr,
+					      GFP_KERNEL);
+		if (!key_kbuf)
+			return -ENOMEM;
+		memcpy(key_kbuf, priv->key_buf, priv->key_size);
+	}
+
 	wmb(); /* ensure all writes are done before initiate FW call */
 
 	if (priv->flags & FPGA_MGR_PARTIAL_RECONFIG)
 		eemi_flags |= XILINX_ZYNQMP_PM_FPGA_PARTIAL;
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM)
+		ret = zynqmp_pm_fpga_enc_key_load(key_addr, priv->key_size);
+
 	ret = zynqmp_pm_fpga_load(dma_addr, size, eemi_flags);
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM)
+		dma_free_coherent(priv->dev, priv->key_size,
+				  key_kbuf, key_addr);
+
 	dma_free_coherent(priv->dev, size, kbuf, dma_addr);
 
 	return ret;
diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h
index 7aa9ad40ff53..a767386d930a 100644
--- a/include/linux/firmware/xlnx-zynqmp.h
+++ b/include/linux/firmware/xlnx-zynqmp.h
@@ -56,9 +56,11 @@
  * Firmware FPGA Manager flags
  * XILINX_ZYNQMP_PM_FPGA_FULL:	FPGA full reconfiguration
  * XILINX_ZYNQMP_PM_FPGA_PARTIAL: FPGA partial reconfiguration
+ * XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY: User-key Encrypted FPGA reconfiguration
  */
 #define XILINX_ZYNQMP_PM_FPGA_FULL	0x0U
 #define XILINX_ZYNQMP_PM_FPGA_PARTIAL	BIT(0)
+#define XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY	BIT(3)
 
 enum pm_api_id {
 	PM_GET_API_VERSION = 1,
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 24+ messages in thread

* [RFC v2 4/4] fpga: zynqmp: Add user-key encrypted FPGA Image loading support
@ 2021-06-09  5:52   ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-06-09  5:52 UTC (permalink / raw)
  To: robh+dt, michal.simek, mdf, trix, nava.manne, arnd, rajan.vaja,
	gregkh, amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

This patch adds support to load the user-key encrypted FPGA
Image loading to the Xilinx ZynqMP Soc.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
		-None.

 drivers/fpga/zynqmp-fpga.c           | 24 ++++++++++++++++++++++--
 include/linux/firmware/xlnx-zynqmp.h |  2 ++
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/drivers/fpga/zynqmp-fpga.c b/drivers/fpga/zynqmp-fpga.c
index 125743c9797f..565ebe9e1610 100644
--- a/drivers/fpga/zynqmp-fpga.c
+++ b/drivers/fpga/zynqmp-fpga.c
@@ -22,6 +22,8 @@
  */
 struct zynqmp_fpga_priv {
 	struct device *dev;
+	const char *key_buf;
+	size_t key_size;
 	u32 flags;
 };
 
@@ -33,6 +35,8 @@ static int zynqmp_fpga_ops_write_init(struct fpga_manager *mgr,
 
 	priv = mgr->priv;
 	priv->flags = info->flags;
+	priv->key_buf = info->enc_key_buf;
+	priv->key_size = info->enc_key_buf_size;
 
 	return 0;
 }
@@ -41,9 +45,9 @@ static int zynqmp_fpga_ops_write(struct fpga_manager *mgr,
 				 const char *buf, size_t size)
 {
 	struct zynqmp_fpga_priv *priv;
-	dma_addr_t dma_addr;
+	dma_addr_t dma_addr, key_addr;
 	u32 eemi_flags = 0;
-	char *kbuf;
+	char *kbuf, *key_kbuf;
 	int ret;
 
 	priv = mgr->priv;
@@ -54,13 +58,29 @@ static int zynqmp_fpga_ops_write(struct fpga_manager *mgr,
 
 	memcpy(kbuf, buf, size);
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM) {
+		eemi_flags |= XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY;
+		key_kbuf = dma_alloc_coherent(priv->dev, size, &key_addr,
+					      GFP_KERNEL);
+		if (!key_kbuf)
+			return -ENOMEM;
+		memcpy(key_kbuf, priv->key_buf, priv->key_size);
+	}
+
 	wmb(); /* ensure all writes are done before initiate FW call */
 
 	if (priv->flags & FPGA_MGR_PARTIAL_RECONFIG)
 		eemi_flags |= XILINX_ZYNQMP_PM_FPGA_PARTIAL;
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM)
+		ret = zynqmp_pm_fpga_enc_key_load(key_addr, priv->key_size);
+
 	ret = zynqmp_pm_fpga_load(dma_addr, size, eemi_flags);
 
+	if (priv->flags & FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM)
+		dma_free_coherent(priv->dev, priv->key_size,
+				  key_kbuf, key_addr);
+
 	dma_free_coherent(priv->dev, size, kbuf, dma_addr);
 
 	return ret;
diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h
index 7aa9ad40ff53..a767386d930a 100644
--- a/include/linux/firmware/xlnx-zynqmp.h
+++ b/include/linux/firmware/xlnx-zynqmp.h
@@ -56,9 +56,11 @@
  * Firmware FPGA Manager flags
  * XILINX_ZYNQMP_PM_FPGA_FULL:	FPGA full reconfiguration
  * XILINX_ZYNQMP_PM_FPGA_PARTIAL: FPGA partial reconfiguration
+ * XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY: User-key Encrypted FPGA reconfiguration
  */
 #define XILINX_ZYNQMP_PM_FPGA_FULL	0x0U
 #define XILINX_ZYNQMP_PM_FPGA_PARTIAL	BIT(0)
+#define XILINX_ZYNQMP_PM_FPGA_ENC_USER_KEY	BIT(3)
 
 enum pm_api_id {
 	PM_GET_API_VERSION = 1,
-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply related	[flat|nested] 24+ messages in thread

* Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
  2021-06-09  5:52   ` Nava kishore Manne
@ 2021-06-09  9:55     ` Greg KH
  -1 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:55 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> This patch adds user encrypted key load API to support
> User key encrypted images loading use cases from Linux.

What is "user key encrypted images"?  Do we need more documentation here
for what this is and how to use it?

And why is "User" capitalized?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
@ 2021-06-09  9:55     ` Greg KH
  0 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:55 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> This patch adds user encrypted key load API to support
> User key encrypted images loading use cases from Linux.

What is "user key encrypted images"?  Do we need more documentation here
for what this is and how to use it?

And why is "User" capitalized?

thanks,

greg k-h

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
  2021-06-09  5:52 ` Nava kishore Manne
@ 2021-06-09  9:55   ` Greg KH
  -1 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:55 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:28AM +0530, Nava kishore Manne wrote:
> This patch series adds supports user-key encrypted FPGA Image loading using
> FPGA Manager framework.

Why is this series "RFC"?  Do you not think it is good enough to be
merged?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
@ 2021-06-09  9:55   ` Greg KH
  0 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:55 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:28AM +0530, Nava kishore Manne wrote:
> This patch series adds supports user-key encrypted FPGA Image loading using
> FPGA Manager framework.

Why is this series "RFC"?  Do you not think it is good enough to be
merged?

thanks,

greg k-h

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
  2021-06-09  5:52   ` Nava kishore Manne
@ 2021-06-09  9:56     ` Greg KH
  -1 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:56 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:30AM +0530, Nava kishore Manne wrote:
> This patch Adds ‘encrypted-key-name’ property to
> support user-key encrypted bitstream loading
> use case.
> 
> Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
> ---
> Changes for v2:
>                 -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
>                  are targeted to use for the same use cases but ideally encrypted-key-name
>                  is enough to serve the purpose so updated the file to remove the unwanted
>                  encrypted-user-key-fpga-config property as suggested by Rob.
> 
>  Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> index d787d57491a1..0de4a1c54650 100644
> --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> @@ -177,6 +177,9 @@ Optional properties:
>  	it indicates that the FPGA has already been programmed with this image.
>  	If this property is in an overlay targeting a FPGA region, it is a
>  	request to program the FPGA with that image.
> +- encrypted-key-name : should contain the name of an encrypted key file located
> +	on the firmware search path. It will be used to decrypt the FPGA image
> +	file with user-key.

What is the format this "user-key" is in?  Where is the documentation
for how to use this type of thing?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
@ 2021-06-09  9:56     ` Greg KH
  0 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-06-09  9:56 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, michal.simek, mdf, trix, arnd, rajan.vaja,
	amit.sunil.dhamne, tejas.patel, zou_wei,
	lakshmi.sai.krishna.potthuri, ravi.patel, iwamatsu, wendy.liang,
	devicetree, linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Wed, Jun 09, 2021 at 11:22:30AM +0530, Nava kishore Manne wrote:
> This patch Adds ‘encrypted-key-name’ property to
> support user-key encrypted bitstream loading
> use case.
> 
> Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
> ---
> Changes for v2:
>                 -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
>                  are targeted to use for the same use cases but ideally encrypted-key-name
>                  is enough to serve the purpose so updated the file to remove the unwanted
>                  encrypted-user-key-fpga-config property as suggested by Rob.
> 
>  Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> index d787d57491a1..0de4a1c54650 100644
> --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> @@ -177,6 +177,9 @@ Optional properties:
>  	it indicates that the FPGA has already been programmed with this image.
>  	If this property is in an overlay targeting a FPGA region, it is a
>  	request to program the FPGA with that image.
> +- encrypted-key-name : should contain the name of an encrypted key file located
> +	on the firmware search path. It will be used to decrypt the FPGA image
> +	file with user-key.

What is the format this "user-key" is in?  Where is the documentation
for how to use this type of thing?

thanks,

greg k-h

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
  2021-06-09  9:55   ` Greg KH
@ 2021-07-09  8:33     ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:33 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:25 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted
> FPGA Image loading
> 
> On Wed, Jun 09, 2021 at 11:22:28AM +0530, Nava kishore Manne wrote:
> > This patch series adds supports user-key encrypted FPGA Image loading
> > using FPGA Manager framework.
> 
> Why is this series "RFC"?  Do you not think it is good enough to be merged?
> 

As it's a new feature to the fpga manager subsystem. So i have posted it as RFC to get the inputs.

Regards,
Navakishore.


^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading
@ 2021-07-09  8:33     ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:33 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:25 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 0/4]Fpga: adds support to load the user-key encrypted
> FPGA Image loading
> 
> On Wed, Jun 09, 2021 at 11:22:28AM +0530, Nava kishore Manne wrote:
> > This patch series adds supports user-key encrypted FPGA Image loading
> > using FPGA Manager framework.
> 
> Why is this series "RFC"?  Do you not think it is good enough to be merged?
> 

As it's a new feature to the fpga manager subsystem. So i have posted it as RFC to get the inputs.

Regards,
Navakishore.


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
  2021-06-09  9:55     ` Greg KH
@ 2021-07-09  8:41       ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:41 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:25 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API
> support
> 
> On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> > This patch adds user encrypted key load API to support User key
> > encrypted images loading use cases from Linux.
> 
> What is "user key encrypted images"?  Do we need more documentation
> here for what this is and how to use it?
> 

Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode.
User can supply a 128-bit Initial Vector and 256-bit key(user key).
For more info please refer here: 
https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf 

> And why is "User" capitalized?
> 

Will fix.

Regards,
Navakishore.

^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
@ 2021-07-09  8:41       ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:41 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:25 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API
> support
> 
> On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> > This patch adds user encrypted key load API to support User key
> > encrypted images loading use cases from Linux.
> 
> What is "user key encrypted images"?  Do we need more documentation
> here for what this is and how to use it?
> 

Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode.
User can supply a 128-bit Initial Vector and 256-bit key(user key).
For more info please refer here: 
https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf 

> And why is "User" capitalized?
> 

Will fix.

Regards,
Navakishore.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
  2021-06-09  9:56     ` Greg KH
@ 2021-07-09  8:48       ` Nava kishore Manne
  -1 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:48 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:26 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 2/4] fpga: Add new property to support user-key
> encrypted bitstream loading
> 
> On Wed, Jun 09, 2021 at 11:22:30AM +0530, Nava kishore Manne wrote:
> > This patch Adds ‘encrypted-key-name’ property to support user-key
> > encrypted bitstream loading use case.
> >
> > Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
> > ---
> > Changes for v2:
> >                 -Both DT properties ie; encrypted-key-name and encrypted-user-
> key-fpga-config
> >                  are targeted to use for the same use cases but ideally encrypted-
> key-name
> >                  is enough to serve the purpose so updated the file to remove the
> unwanted
> >                  encrypted-user-key-fpga-config property as suggested by Rob.
> >
> >  Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
> >  1 file changed, 3 insertions(+)
> >
> > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > index d787d57491a1..0de4a1c54650 100644
> > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > @@ -177,6 +177,9 @@ Optional properties:
> >  	it indicates that the FPGA has already been programmed with this
> image.
> >  	If this property is in an overlay targeting a FPGA region, it is a
> >  	request to program the FPGA with that image.
> > +- encrypted-key-name : should contain the name of an encrypted key file
> located
> > +	on the firmware search path. It will be used to decrypt the FPGA
> image
> > +	file with user-key.
> 
> What is the format this "user-key" is in?  Where is the documentation for
> how to use this type of thing?
> 

Will fix user key format issues in v3.

Will update this binding doc with user key  encrypted bitstream loading use case info.

Use case info:
Reconfiguration with encrypted image using AES key
   In this case, the FPGA Manager will decrypt the configuration data and
   placed it into the programmable logic. To decrypt the configuration data
   it uses AES key provided by the user.

DT Overlay contains:
/dts-v1/;
/plugin/;

&fpga_region0 {
        #address-cells = <1>;
        #size-cells = <1>;

        firmware-name = "versal-gpio.bin";
        encrypted-key-name = “Aes-key.nky”

        gpio1: gpio@40000000 {
                compatible = "xlnx,xps-gpio-1.00.a";
                reg = <0x40000000 0x10000>;
                gpio-controller;
                #gpio-cells = <0x2>;
                xlnx,gpio-width= <0x6>;
        };
};

Regards,
Navakishore.




^ permalink raw reply	[flat|nested] 24+ messages in thread

* RE: [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
@ 2021-07-09  8:48       ` Nava kishore Manne
  0 siblings, 0 replies; 24+ messages in thread
From: Nava kishore Manne @ 2021-07-09  8:48 UTC (permalink / raw)
  To: Greg KH
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

Hi Greg,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:26 PM
> To: Nava kishore Manne <navam@xilinx.com>
> Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> chinnikishore369@gmail.com
> Subject: Re: [RFC v2 2/4] fpga: Add new property to support user-key
> encrypted bitstream loading
> 
> On Wed, Jun 09, 2021 at 11:22:30AM +0530, Nava kishore Manne wrote:
> > This patch Adds ‘encrypted-key-name’ property to support user-key
> > encrypted bitstream loading use case.
> >
> > Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
> > ---
> > Changes for v2:
> >                 -Both DT properties ie; encrypted-key-name and encrypted-user-
> key-fpga-config
> >                  are targeted to use for the same use cases but ideally encrypted-
> key-name
> >                  is enough to serve the purpose so updated the file to remove the
> unwanted
> >                  encrypted-user-key-fpga-config property as suggested by Rob.
> >
> >  Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
> >  1 file changed, 3 insertions(+)
> >
> > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > index d787d57491a1..0de4a1c54650 100644
> > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > @@ -177,6 +177,9 @@ Optional properties:
> >  	it indicates that the FPGA has already been programmed with this
> image.
> >  	If this property is in an overlay targeting a FPGA region, it is a
> >  	request to program the FPGA with that image.
> > +- encrypted-key-name : should contain the name of an encrypted key file
> located
> > +	on the firmware search path. It will be used to decrypt the FPGA
> image
> > +	file with user-key.
> 
> What is the format this "user-key" is in?  Where is the documentation for
> how to use this type of thing?
> 

Will fix user key format issues in v3.

Will update this binding doc with user key  encrypted bitstream loading use case info.

Use case info:
Reconfiguration with encrypted image using AES key
   In this case, the FPGA Manager will decrypt the configuration data and
   placed it into the programmable logic. To decrypt the configuration data
   it uses AES key provided by the user.

DT Overlay contains:
/dts-v1/;
/plugin/;

&fpga_region0 {
        #address-cells = <1>;
        #size-cells = <1>;

        firmware-name = "versal-gpio.bin";
        encrypted-key-name = “Aes-key.nky”

        gpio1: gpio@40000000 {
                compatible = "xlnx,xps-gpio-1.00.a";
                reg = <0x40000000 0x10000>;
                gpio-controller;
                #gpio-cells = <0x2>;
                xlnx,gpio-width= <0x6>;
        };
};

Regards,
Navakishore.



_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
  2021-07-09  8:41       ` Nava kishore Manne
@ 2021-07-09  9:49         ` Greg KH
  -1 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-07-09  9:49 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Fri, Jul 09, 2021 at 08:41:35AM +0000, Nava kishore Manne wrote:
> Hi Greg,
> 
> 	Thanks for providing the review comments.
> Please find my response inline.
> 
> > -----Original Message-----
> > From: Greg KH <gregkh@linuxfoundation.org>
> > Sent: Wednesday, June 9, 2021 3:25 PM
> > To: Nava kishore Manne <navam@xilinx.com>
> > Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> > mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> > <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> > Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> > Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> > iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> > devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> > kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> > chinnikishore369@gmail.com
> > Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API
> > support
> > 
> > On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> > > This patch adds user encrypted key load API to support User key
> > > encrypted images loading use cases from Linux.
> > 
> > What is "user key encrypted images"?  Do we need more documentation
> > here for what this is and how to use it?
> > 
> 
> Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode.
> User can supply a 128-bit Initial Vector and 256-bit key(user key).

Please provide the needed information in the changelog comment.

> For more info please refer here: 
> https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf 

External links always grow stale.

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 24+ messages in thread

* Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support
@ 2021-07-09  9:49         ` Greg KH
  0 siblings, 0 replies; 24+ messages in thread
From: Greg KH @ 2021-07-09  9:49 UTC (permalink / raw)
  To: Nava kishore Manne
  Cc: robh+dt, Michal Simek, mdf, trix, arnd, Rajan Vaja,
	Amit Sunil Dhamne, Tejas Patel, zou_wei, Sai Krishna Potthuri,
	Ravi Patel, iwamatsu, Jiaying Liang, devicetree,
	linux-arm-kernel, linux-kernel, linux-fpga, git,
	chinnikishore369

On Fri, Jul 09, 2021 at 08:41:35AM +0000, Nava kishore Manne wrote:
> Hi Greg,
> 
> 	Thanks for providing the review comments.
> Please find my response inline.
> 
> > -----Original Message-----
> > From: Greg KH <gregkh@linuxfoundation.org>
> > Sent: Wednesday, June 9, 2021 3:25 PM
> > To: Nava kishore Manne <navam@xilinx.com>
> > Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>;
> > mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja
> > <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>;
> > Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna
> > Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>;
> > iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>;
> > devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux-
> > kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>;
> > chinnikishore369@gmail.com
> > Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API
> > support
> > 
> > On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote:
> > > This patch adds user encrypted key load API to support User key
> > > encrypted images loading use cases from Linux.
> > 
> > What is "user key encrypted images"?  Do we need more documentation
> > here for what this is and how to use it?
> > 
> 
> Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode.
> User can supply a 128-bit Initial Vector and 256-bit key(user key).

Please provide the needed information in the changelog comment.

> For more info please refer here: 
> https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf 

External links always grow stale.

thanks,

greg k-h

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

^ permalink raw reply	[flat|nested] 24+ messages in thread

end of thread, other threads:[~2021-07-09  9:51 UTC | newest]

Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-09  5:52 [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Nava kishore Manne
2021-06-09  5:52 ` Nava kishore Manne
2021-06-09  5:52 ` [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support Nava kishore Manne
2021-06-09  5:52   ` Nava kishore Manne
2021-06-09  9:55   ` Greg KH
2021-06-09  9:55     ` Greg KH
2021-07-09  8:41     ` Nava kishore Manne
2021-07-09  8:41       ` Nava kishore Manne
2021-07-09  9:49       ` Greg KH
2021-07-09  9:49         ` Greg KH
2021-06-09  5:52 ` [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading Nava kishore Manne
2021-06-09  5:52   ` Nava kishore Manne
2021-06-09  9:56   ` Greg KH
2021-06-09  9:56     ` Greg KH
2021-07-09  8:48     ` Nava kishore Manne
2021-07-09  8:48       ` Nava kishore Manne
2021-06-09  5:52 ` [RFC v2 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support Nava kishore Manne
2021-06-09  5:52   ` Nava kishore Manne
2021-06-09  5:52 ` [RFC v2 4/4] fpga: zynqmp: " Nava kishore Manne
2021-06-09  5:52   ` Nava kishore Manne
2021-06-09  9:55 ` [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Greg KH
2021-06-09  9:55   ` Greg KH
2021-07-09  8:33   ` Nava kishore Manne
2021-07-09  8:33     ` Nava kishore Manne

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.