From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 37550C433F5 for ; Tue, 31 May 2022 23:11:50 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id CD9FD8432C; Wed, 1 Jun 2022 01:09:38 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=foundries.io Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foundries.io header.i=@foundries.io header.b="YkNmPpUs"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2C5B884288; Wed, 1 Jun 2022 01:09:17 +0200 (CEST) Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2ED62842A1 for ; Wed, 1 Jun 2022 01:09:09 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=foundries.io Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=oleksandr.suvorov@foundries.io Received: by mail-wr1-x434.google.com with SMTP id u3so22442wrg.3 for ; Tue, 31 May 2022 16:09:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foundries.io; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fCEKv8GSPCs5toeAZj3Ds8TqPi6Tu7ddLnLqRkn8Jxg=; b=YkNmPpUsIMVKr0TAFEQOPFE9q7EXL3wHr7eiLhOM5lvtTWDjG1n/tBDCqSlFJWTx3A l9f2BRsOX3z5+Smctb2KFqWvPs26RUre51AyS9WXy17lOH8MWAkg2KqkmaJKT+t/FCWJ eJDKiDOEX8RyY/6OtDI+i5fipzvzTDpWXDJKV5w1oloGJJG325ZKvaJ3BF9eT11TM0oP GTwM1zbgTbaX5RpnLyvUCdVwj48npchKLQp+kjpzvtmaXYGbh7WdmVxP7jmuX9huVoWI R0SsIRLkZChhJXd8Ljxzh29qyHlCeKaQwE4kDmnwaWqvF+5AA6DH7o/4StWRd9iLP7Yg FuLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fCEKv8GSPCs5toeAZj3Ds8TqPi6Tu7ddLnLqRkn8Jxg=; b=uE+1L85fBk+XVuodtSLy7lYB1QtN7cLCahJq+ZZpMspCXNPmbnklodDWrVlbLtLocE IyYpcDMSmSbbmjleIHV4cs1XrchqoldyNSLQFruLDGiOl4zsLh3j2/xc6xdNw2V4mVyd lC8cM8uOrSO4McTsJPap4jUMMRDJDiz4BRgpt5T+pCIHpYbCCeZcVwxqr97EKhd9QVBE GGv9MRzDu0zCxrBVBuuAGc1ZFJB7455qombIAnn0tpCgBIVvFNSDWWD4rd6WQ+iL55Qf 9eps1B6tbSay0bo4vI2LMwZcwIxq+ayao8CxIIynjtyuLCB7PFtf9FOdsYMS1QCpLcSL LR2g== X-Gm-Message-State: AOAM533XlQt3i/Xt7hENKSDoIFDLWUoV069OYHLqPIO+3xhizLpZbxhN pYB8dYitzJFj5gtx4BHTmtCYoDR5a03/YA== X-Google-Smtp-Source: ABdhPJzlCPMEqaBsfj+JzTj1ye9a4+qtzpCQ+2SiAKMHD6j0exidEo89+XfrIH63DzjPFZQ75wXR3g== X-Received: by 2002:a05:6000:1a87:b0:20f:ecc0:3686 with SMTP id f7-20020a0560001a8700b0020fecc03686mr32834794wry.708.1654038541962; Tue, 31 May 2022 16:09:01 -0700 (PDT) Received: from cryobook.. ([93.188.34.55]) by smtp.gmail.com with ESMTPSA id j12-20020a5d618c000000b002102f4ebf73sm7673539wru.31.2022.05.31.16.09.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 31 May 2022 16:09:01 -0700 (PDT) From: Oleksandr Suvorov To: u-boot@lists.denx.de Cc: Michal Simek , Adrian Fiergolski , Ricardo Salveti , Jorge Ramirez-Ortiz , Igor Opaniuk , Oleksandr Suvorov , Alexandru Gagniuc , Michal Simek , Simon Glass , Steffen Jaeckel Subject: [PATCH v8 13/14] fpga: zynqmp: support loading authenticated images Date: Wed, 1 Jun 2022 02:08:38 +0300 Message-Id: <20220531230839.183690-14-oleksandr.suvorov@foundries.io> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220531230839.183690-13-oleksandr.suvorov@foundries.io> References: <20220531230839.183690-1-oleksandr.suvorov@foundries.io> <20220531230839.183690-2-oleksandr.suvorov@foundries.io> <20220531230839.183690-3-oleksandr.suvorov@foundries.io> <20220531230839.183690-4-oleksandr.suvorov@foundries.io> <20220531230839.183690-5-oleksandr.suvorov@foundries.io> <20220531230839.183690-6-oleksandr.suvorov@foundries.io> <20220531230839.183690-7-oleksandr.suvorov@foundries.io> <20220531230839.183690-8-oleksandr.suvorov@foundries.io> <20220531230839.183690-9-oleksandr.suvorov@foundries.io> <20220531230839.183690-10-oleksandr.suvorov@foundries.io> <20220531230839.183690-11-oleksandr.suvorov@foundries.io> <20220531230839.183690-12-oleksandr.suvorov@foundries.io> <20220531230839.183690-13-oleksandr.suvorov@foundries.io> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.5 at phobos.denx.de X-Virus-Status: Clean Add supporting new compatible string "u-boot,zynqmp-fpga-ddrauth" to handle loading authenticated images (DDR). Based on solution by Jorge Ramirez-Ortiz Signed-off-by: Oleksandr Suvorov --- (no changes since v1) boot/Kconfig | 4 ++-- doc/uImage.FIT/source_file_format.txt | 5 ++++- drivers/fpga/zynqmppl.c | 18 ++++++++++++++++++ include/xilinx.h | 1 + include/zynqmppl.h | 3 ++- 5 files changed, 27 insertions(+), 4 deletions(-) diff --git a/boot/Kconfig b/boot/Kconfig index dff4d23b887..4a06d35acc0 100644 --- a/boot/Kconfig +++ b/boot/Kconfig @@ -210,8 +210,8 @@ config SPL_LOAD_FIT 1. "loadables" images, other than FDTs, which do not have a "load" property will not be loaded. This limitation also applies to FPGA images with the correct "compatible" string. - 2. For FPGA images, only the "compatible" = "u-boot,fpga-legacy" - loading method is supported. + 2. For FPGA images, the supported "compatible" list is in the + doc/uImage.FIT/source_file_format.txt. 3. FDTs are only loaded for images with an "os" property of "u-boot". "linux" images are also supported with Falcon boot mode. diff --git a/doc/uImage.FIT/source_file_format.txt b/doc/uImage.FIT/source_file_format.txt index f93ac6d1c7b..461e2af2a84 100644 --- a/doc/uImage.FIT/source_file_format.txt +++ b/doc/uImage.FIT/source_file_format.txt @@ -184,7 +184,10 @@ the '/images' node should have the following layout: Mandatory for types: "firmware", and "kernel". - compatible : compatible method for loading image. Mandatory for types: "fpga", and images that do not specify a load address. - To use the generic fpga loading routine, use "u-boot,fpga-legacy". + Supported compatible methods: + "u-boot,fpga-legacy" - the generic fpga loading routine. + "u-boot,zynqmp-fpga-ddrauth" - signed non-encrypted FPGA bitstream for + Xilinx Zynq UltraScale+ (ZymqMP) device. Optional nodes: - hash-1 : Each hash sub-node represents separate hash or checksum diff --git a/drivers/fpga/zynqmppl.c b/drivers/fpga/zynqmppl.c index 3dacb10e11f..76efc4b4a90 100644 --- a/drivers/fpga/zynqmppl.c +++ b/drivers/fpga/zynqmppl.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -232,6 +233,7 @@ static int zynqmp_load(xilinx_desc *desc, const void *buf, u32 buf_lo, buf_hi; u32 bsize_req = (u32)bsize; u32 ret_payload[PAYLOAD_ARG_CNT]; + struct fpga_secure_info info = { 0 }; debug("%s called!\n", __func__); @@ -240,6 +242,19 @@ static int zynqmp_load(xilinx_desc *desc, const void *buf, return FPGA_FAIL; } + switch (flags) { + case FPGA_LEGACY: + break; /* Handle the legacy image later in this function */ + case FPGA_XILINX_ZYNQMP_DDRAUTH: + /* DDR authentication */ + info.authflag = ZYNQMP_FPGA_AUTH_DDR; + info.encflag = FPGA_NO_ENC_OR_NO_AUTH; + return desc->operations->loads(desc, buf, bsize, &info); + default: + puts("Unsupported bitstream type\n"); + return FPGA_FAIL; + } + if (zynqmp_firmware_version() <= PMUFW_V1_0) { puts("WARN: PMUFW v1.0 or less is detected\n"); puts("WARN: Not all bitstream formats are supported\n"); @@ -335,6 +350,9 @@ static int zynqmp_str2flag(xilinx_desc *desc, const char *str) if (!strncmp(str, "u-boot,fpga-legacy", 18)) return FPGA_LEGACY; + if (!strncmp(str, "u-boot,zynqmp-fpga-ddrauth", 26)) + return FPGA_XILINX_ZYNQMP_DDRAUTH; + return 0; } diff --git a/include/xilinx.h b/include/xilinx.h index 89a12818311..ffd95ad7225 100644 --- a/include/xilinx.h +++ b/include/xilinx.h @@ -39,6 +39,7 @@ typedef enum { /* typedef xilinx_family */ /* FPGA bitstream supported types */ #define FPGA_LEGACY BIT(0) +#define FPGA_XILINX_ZYNQMP_DDRAUTH BIT(1) typedef struct { /* typedef xilinx_desc */ xilinx_family family; /* part type */ diff --git a/include/zynqmppl.h b/include/zynqmppl.h index a6e171dcb49..c4d7a41220d 100644 --- a/include/zynqmppl.h +++ b/include/zynqmppl.h @@ -26,6 +26,7 @@ extern struct xilinx_fpga_op zynqmp_op; #define XILINX_ZYNQMP_DESC \ -{ xilinx_zynqmp, csu_dma, 1, &zynqmp_op, 0, &zynqmp_op, NULL, FPGA_LEGACY } +{ xilinx_zynqmp, csu_dma, 1, &zynqmp_op, 0, &zynqmp_op, NULL, \ + (FPGA_LEGACY | FPGA_XILINX_ZYNQMP_DDRAUTH) } #endif /* _ZYNQMPPL_H_ */ -- 2.36.1