From: Nava kishore Manne <nava.manne@xilinx.com>
To: <mdf@kernel.org>, <trix@redhat.com>, <robh+dt@kernel.org>,
<michal.simek@xilinx.com>, <arnd@arndb.de>,
<rajan.vaja@xilinx.com>, <gregkh@linuxfoundation.org>,
<linus.walleij@linaro.org>, <amit.sunil.dhamne@xilinx.com>,
<tejas.patel@xilinx.com>, <zou_wei@huawei.com>,
<manish.narani@xilinx.com>,
<lakshmi.sai.krishna.potthuri@xilinx.com>,
<nava.manne@xilinx.com>, <wendy.liang@xilinx.com>,
<linux-fpga@vger.kernel.org>, <devicetree@vger.kernel.org>,
<linux-kernel@vger.kernel.org>,
<linux-arm-kernel@lists.infradead.org>, <git@xilinx.com>,
<chinnikishore369@gmail.com>
Subject: [RFC PATCH 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support
Date: Tue, 4 May 2021 15:52:26 +0530 [thread overview]
Message-ID: <20210504102227.15475-4-nava.manne@xilinx.com> (raw)
In-Reply-To: <20210504102227.15475-1-nava.manne@xilinx.com>
This patch adds user-key encrypted FPGA Image loading support
to the framework.
Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
drivers/fpga/fpga-mgr.c | 15 +++++++++++++++
drivers/fpga/of-fpga-region.c | 13 +++++++++++++
include/linux/fpga/fpga-mgr.h | 7 +++++++
3 files changed, 35 insertions(+)
diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index b85bc47c91a9..3e79ab8cc86f 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -325,6 +325,7 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
const char *image_name)
{
struct device *dev = &mgr->dev;
+ const struct firmware *enc_fw;
const struct firmware *fw;
int ret;
@@ -339,8 +340,22 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
return ret;
}
+ if (info->encrypted_key_name) {
+ ret = request_firmware(&enc_fw, info->encrypted_key_name, dev);
+ if (ret) {
+ mgr->state = FPGA_MGR_STATE_FIRMWARE_REQ_ERR;
+ dev_err(dev, "Error requesting firmware %s\n",
+ info->encrypted_key_name);
+ return ret;
+ }
+ info->enc_key_buf = enc_fw->data;
+ info->enc_key_buf_size = enc_fw->size;
+ }
+
ret = fpga_mgr_buf_load(mgr, info, fw->data, fw->size);
+ if (info->encrypted_key_name)
+ release_firmware(enc_fw);
release_firmware(fw);
return ret;
diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309baadc..19faa463d96e 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -195,6 +195,7 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
{
struct device *dev = ®ion->dev;
struct fpga_image_info *info;
+ const char *encrypted_key_name;
const char *firmware_name;
int ret;
@@ -228,6 +229,18 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
if (of_property_read_bool(overlay, "encrypted-fpga-config"))
info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
+ if (of_property_read_bool(overlay, "encrypted-user-key-fpga-config")) {
+ if (!of_property_read_string(overlay, "encrypted-key-name",
+ &encrypted_key_name)) {
+ info->encrypted_key_name =
+ devm_kstrdup(dev, encrypted_key_name, GFP_KERNEL);
+ if (!info->encrypted_key_name)
+ return ERR_PTR(-ENOMEM);
+ }
+
+ info->flags |= FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM;
+ }
+
if (!of_property_read_string(overlay, "firmware-name",
&firmware_name)) {
info->firmware_name = devm_kstrdup(dev, firmware_name,
diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030a69e5..ac86f4398c3c 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
* %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
*
* %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ * %FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM: indicates bitstream is encrypted
+ * with user-key
*/
#define FPGA_MGR_PARTIAL_RECONFIG BIT(0)
#define FPGA_MGR_EXTERNAL_CONFIG BIT(1)
#define FPGA_MGR_ENCRYPTED_BITSTREAM BIT(2)
#define FPGA_MGR_BITSTREAM_LSB_FIRST BIT(3)
#define FPGA_MGR_COMPRESSED_BITSTREAM BIT(4)
+#define FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM BIT(5)
/**
* struct fpga_image_info - information specific to a FPGA image
@@ -82,6 +85,7 @@ enum fpga_mgr_states {
* @config_complete_timeout_us: maximum time for FPGA to switch to operating
* status in the write_complete op.
* @firmware_name: name of FPGA image firmware file
+ * @encrypted_key_name: name of the FPGA image encrypted user-key file
* @sgt: scatter/gather table containing FPGA image
* @buf: contiguous buffer containing FPGA image
* @count: size of buf
@@ -95,8 +99,11 @@ struct fpga_image_info {
u32 disable_timeout_us;
u32 config_complete_timeout_us;
char *firmware_name;
+ char *encrypted_key_name;
struct sg_table *sgt;
+ const char *enc_key_buf;
const char *buf;
+ size_t enc_key_buf_size;
size_t count;
int region_id;
struct device *dev;
--
2.17.1
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-05-04 10:25 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-04 10:22 [RFC PATCH 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Nava kishore Manne
2021-05-04 10:22 ` [RFC PATCH 1/4] drivers: firmware: Add user encrypted key load API support Nava kishore Manne
2021-05-04 10:22 ` [RFC PATCH 2/4] fpga: Add new properties to support user-key encrypted bitstream loading Nava kishore Manne
2021-05-13 2:31 ` Rob Herring
2021-05-13 10:54 ` Nava kishore Manne
2021-05-13 14:34 ` Rob Herring
2021-05-27 10:50 ` Nava kishore Manne
2021-05-04 10:22 ` Nava kishore Manne [this message]
2021-05-04 10:22 ` [RFC PATCH 4/4] fpga: zynqmp: Add user-key encrypted FPGA Image loading support Nava kishore Manne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210504102227.15475-4-nava.manne@xilinx.com \
--to=nava.manne@xilinx.com \
--cc=amit.sunil.dhamne@xilinx.com \
--cc=arnd@arndb.de \
--cc=chinnikishore369@gmail.com \
--cc=devicetree@vger.kernel.org \
--cc=git@xilinx.com \
--cc=gregkh@linuxfoundation.org \
--cc=lakshmi.sai.krishna.potthuri@xilinx.com \
--cc=linus.walleij@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-fpga@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=manish.narani@xilinx.com \
--cc=mdf@kernel.org \
--cc=michal.simek@xilinx.com \
--cc=rajan.vaja@xilinx.com \
--cc=robh+dt@kernel.org \
--cc=tejas.patel@xilinx.com \
--cc=trix@redhat.com \
--cc=wendy.liang@xilinx.com \
--cc=zou_wei@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).