linux-arm-kernel.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: Nava kishore Manne <nava.manne@xilinx.com>
To: <mdf@kernel.org>, <trix@redhat.com>, <robh+dt@kernel.org>,
	<michal.simek@xilinx.com>, <arnd@arndb.de>,
	<rajan.vaja@xilinx.com>, <gregkh@linuxfoundation.org>,
	<linus.walleij@linaro.org>, <amit.sunil.dhamne@xilinx.com>,
	<tejas.patel@xilinx.com>, <zou_wei@huawei.com>,
	<manish.narani@xilinx.com>,
	<lakshmi.sai.krishna.potthuri@xilinx.com>,
	<nava.manne@xilinx.com>, <wendy.liang@xilinx.com>,
	<linux-fpga@vger.kernel.org>, <devicetree@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>,
	<linux-arm-kernel@lists.infradead.org>, <git@xilinx.com>,
	<chinnikishore369@gmail.com>
Subject: [RFC PATCH 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support
Date: Tue, 4 May 2021 15:52:26 +0530	[thread overview]
Message-ID: <20210504102227.15475-4-nava.manne@xilinx.com> (raw)
In-Reply-To: <20210504102227.15475-1-nava.manne@xilinx.com>

This patch adds user-key encrypted FPGA Image loading support
to the framework.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
 drivers/fpga/fpga-mgr.c       | 15 +++++++++++++++
 drivers/fpga/of-fpga-region.c | 13 +++++++++++++
 include/linux/fpga/fpga-mgr.h |  7 +++++++
 3 files changed, 35 insertions(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index b85bc47c91a9..3e79ab8cc86f 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -325,6 +325,7 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 				  const char *image_name)
 {
 	struct device *dev = &mgr->dev;
+	const struct firmware *enc_fw;
 	const struct firmware *fw;
 	int ret;
 
@@ -339,8 +340,22 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 		return ret;
 	}
 
+	if (info->encrypted_key_name) {
+		ret = request_firmware(&enc_fw, info->encrypted_key_name, dev);
+		if (ret) {
+			mgr->state = FPGA_MGR_STATE_FIRMWARE_REQ_ERR;
+			dev_err(dev, "Error requesting firmware %s\n",
+				info->encrypted_key_name);
+			return ret;
+		}
+		info->enc_key_buf = enc_fw->data;
+		info->enc_key_buf_size = enc_fw->size;
+	}
+
 	ret = fpga_mgr_buf_load(mgr, info, fw->data, fw->size);
 
+	if (info->encrypted_key_name)
+		release_firmware(enc_fw);
 	release_firmware(fw);
 
 	return ret;
diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309baadc..19faa463d96e 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -195,6 +195,7 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 {
 	struct device *dev = &region->dev;
 	struct fpga_image_info *info;
+	const char *encrypted_key_name;
 	const char *firmware_name;
 	int ret;
 
@@ -228,6 +229,18 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 	if (of_property_read_bool(overlay, "encrypted-fpga-config"))
 		info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
 
+	if (of_property_read_bool(overlay, "encrypted-user-key-fpga-config")) {
+		if (!of_property_read_string(overlay, "encrypted-key-name",
+					     &encrypted_key_name)) {
+			info->encrypted_key_name =
+			devm_kstrdup(dev, encrypted_key_name, GFP_KERNEL);
+			if (!info->encrypted_key_name)
+				return ERR_PTR(-ENOMEM);
+		}
+
+		info->flags |= FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM;
+	}
+
 	if (!of_property_read_string(overlay, "firmware-name",
 				     &firmware_name)) {
 		info->firmware_name = devm_kstrdup(dev, firmware_name,
diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030a69e5..ac86f4398c3c 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ * %FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM: indicates bitstream is encrypted
+ *					   with user-key
  */
 #define FPGA_MGR_PARTIAL_RECONFIG	BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG	BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM	BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST	BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM	BIT(4)
+#define FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM	BIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
@@ -82,6 +85,7 @@ enum fpga_mgr_states {
  * @config_complete_timeout_us: maximum time for FPGA to switch to operating
  *	   status in the write_complete op.
  * @firmware_name: name of FPGA image firmware file
+ * @encrypted_key_name: name of the FPGA image encrypted user-key file
  * @sgt: scatter/gather table containing FPGA image
  * @buf: contiguous buffer containing FPGA image
  * @count: size of buf
@@ -95,8 +99,11 @@ struct fpga_image_info {
 	u32 disable_timeout_us;
 	u32 config_complete_timeout_us;
 	char *firmware_name;
+	char *encrypted_key_name;
 	struct sg_table *sgt;
+	const char *enc_key_buf;
 	const char *buf;
+	size_t enc_key_buf_size;
 	size_t count;
 	int region_id;
 	struct device *dev;
-- 
2.17.1


_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  parent reply	other threads:[~2021-05-04 10:25 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-04 10:22 [RFC PATCH 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Nava kishore Manne
2021-05-04 10:22 ` [RFC PATCH 1/4] drivers: firmware: Add user encrypted key load API support Nava kishore Manne
2021-05-04 10:22 ` [RFC PATCH 2/4] fpga: Add new properties to support user-key encrypted bitstream loading Nava kishore Manne
2021-05-13  2:31   ` Rob Herring
2021-05-13 10:54     ` Nava kishore Manne
2021-05-13 14:34       ` Rob Herring
2021-05-27 10:50         ` Nava kishore Manne
2021-05-04 10:22 ` Nava kishore Manne [this message]
2021-05-04 10:22 ` [RFC PATCH 4/4] fpga: zynqmp: Add user-key encrypted FPGA Image loading support Nava kishore Manne

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210504102227.15475-4-nava.manne@xilinx.com \
    --to=nava.manne@xilinx.com \
    --cc=amit.sunil.dhamne@xilinx.com \
    --cc=arnd@arndb.de \
    --cc=chinnikishore369@gmail.com \
    --cc=devicetree@vger.kernel.org \
    --cc=git@xilinx.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=lakshmi.sai.krishna.potthuri@xilinx.com \
    --cc=linus.walleij@linaro.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-fpga@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=manish.narani@xilinx.com \
    --cc=mdf@kernel.org \
    --cc=michal.simek@xilinx.com \
    --cc=rajan.vaja@xilinx.com \
    --cc=robh+dt@kernel.org \
    --cc=tejas.patel@xilinx.com \
    --cc=trix@redhat.com \
    --cc=wendy.liang@xilinx.com \
    --cc=zou_wei@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).