linux-fpga.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Nava kishore Manne <nava.manne@xilinx.com>
To: <robh+dt@kernel.org>, <michal.simek@xilinx.com>, <mdf@kernel.org>,
	<trix@redhat.com>, <nava.manne@xilinx.com>, <arnd@arndb.de>,
	<rajan.vaja@xilinx.com>, <gregkh@linuxfoundation.org>,
	<amit.sunil.dhamne@xilinx.com>, <tejas.patel@xilinx.com>,
	<zou_wei@huawei.com>, <lakshmi.sai.krishna.potthuri@xilinx.com>,
	<ravi.patel@xilinx.com>, <iwamatsu@nigauri.org>,
	<wendy.liang@xilinx.com>, <devicetree@vger.kernel.org>,
	<linux-arm-kernel@lists.infradead.org>,
	<linux-kernel@vger.kernel.org>, <linux-fpga@vger.kernel.org>,
	<git@xilinx.com>, <chinnikishore369@gmail.com>
Subject: [RFC v2 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support
Date: Wed, 9 Jun 2021 11:22:31 +0530	[thread overview]
Message-ID: <20210609055232.4501-4-nava.manne@xilinx.com> (raw)
In-Reply-To: <20210609055232.4501-1-nava.manne@xilinx.com>

This patch adds user-key encrypted FPGA Image loading support
to the framework.

Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com>
---
Changes for v2:
                -Both DT properties ie; encrypted-key-name and encrypted-user-key-fpga-config
                 are targeted to use for the same use cases but ideally encrypted-key-name
                 is enough to serve the purpose so updated the code to remove the unwanted
                 encrypted-user-key-fpga-config property dependency as suggested by Rob

 drivers/fpga/fpga-mgr.c       | 15 +++++++++++++++
 drivers/fpga/of-fpga-region.c | 11 +++++++++++
 include/linux/fpga/fpga-mgr.h |  7 +++++++
 3 files changed, 33 insertions(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index b85bc47c91a9..3e79ab8cc86f 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -325,6 +325,7 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 				  const char *image_name)
 {
 	struct device *dev = &mgr->dev;
+	const struct firmware *enc_fw;
 	const struct firmware *fw;
 	int ret;
 
@@ -339,8 +340,22 @@ static int fpga_mgr_firmware_load(struct fpga_manager *mgr,
 		return ret;
 	}
 
+	if (info->encrypted_key_name) {
+		ret = request_firmware(&enc_fw, info->encrypted_key_name, dev);
+		if (ret) {
+			mgr->state = FPGA_MGR_STATE_FIRMWARE_REQ_ERR;
+			dev_err(dev, "Error requesting firmware %s\n",
+				info->encrypted_key_name);
+			return ret;
+		}
+		info->enc_key_buf = enc_fw->data;
+		info->enc_key_buf_size = enc_fw->size;
+	}
+
 	ret = fpga_mgr_buf_load(mgr, info, fw->data, fw->size);
 
+	if (info->encrypted_key_name)
+		release_firmware(enc_fw);
 	release_firmware(fw);
 
 	return ret;
diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309baadc..88d8c9049a2f 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -195,6 +195,7 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 {
 	struct device *dev = &region->dev;
 	struct fpga_image_info *info;
+	const char *encrypted_key_name;
 	const char *firmware_name;
 	int ret;
 
@@ -228,6 +229,16 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 	if (of_property_read_bool(overlay, "encrypted-fpga-config"))
 		info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
 
+	if (!of_property_read_string(overlay, "encrypted-key-name",
+				     &encrypted_key_name)) {
+		info->encrypted_key_name =
+			devm_kstrdup(dev, encrypted_key_name, GFP_KERNEL);
+		if (!info->encrypted_key_name)
+			return ERR_PTR(-ENOMEM);
+
+		info->flags |= FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM;
+	}
+
 	if (!of_property_read_string(overlay, "firmware-name",
 				     &firmware_name)) {
 		info->firmware_name = devm_kstrdup(dev, firmware_name,
diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 3a32b8e20185..ff14bc51bdd3 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ * %FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM: indicates bitstream is encrypted
+ *					   with user-key
  */
 #define FPGA_MGR_PARTIAL_RECONFIG	BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG	BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM	BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST	BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM	BIT(4)
+#define FPGA_MGR_ENCRYPTED_USER_KEY_BITSTREAM	BIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
@@ -82,6 +85,7 @@ enum fpga_mgr_states {
  * @config_complete_timeout_us: maximum time for FPGA to switch to operating
  *	   status in the write_complete op.
  * @firmware_name: name of FPGA image firmware file
+ * @encrypted_key_name: name of the FPGA image encrypted user-key file
  * @sgt: scatter/gather table containing FPGA image
  * @buf: contiguous buffer containing FPGA image
  * @count: size of buf
@@ -95,8 +99,11 @@ struct fpga_image_info {
 	u32 disable_timeout_us;
 	u32 config_complete_timeout_us;
 	char *firmware_name;
+	char *encrypted_key_name;
 	struct sg_table *sgt;
+	const char *enc_key_buf;
 	const char *buf;
+	size_t enc_key_buf_size;
 	size_t count;
 	int region_id;
 	struct device *dev;
-- 
2.17.1


  parent reply	other threads:[~2021-06-09  5:53 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-09  5:52 [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Nava kishore Manne
2021-06-09  5:52 ` [RFC v2 1/4] drivers: firmware: Add user encrypted key load API support Nava kishore Manne
2021-06-09  9:55   ` Greg KH
2021-07-09  8:41     ` Nava kishore Manne
2021-07-09  9:49       ` Greg KH
2021-06-09  5:52 ` [RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading Nava kishore Manne
2021-06-09  9:56   ` Greg KH
2021-07-09  8:48     ` Nava kishore Manne
2021-06-09  5:52 ` Nava kishore Manne [this message]
2021-06-09  5:52 ` [RFC v2 4/4] fpga: zynqmp: Add user-key encrypted FPGA Image loading support Nava kishore Manne
2021-06-09  9:55 ` [RFC v2 0/4]Fpga: adds support to load the user-key encrypted FPGA Image loading Greg KH
2021-07-09  8:33   ` Nava kishore Manne

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210609055232.4501-4-nava.manne@xilinx.com \
    --to=nava.manne@xilinx.com \
    --cc=amit.sunil.dhamne@xilinx.com \
    --cc=arnd@arndb.de \
    --cc=chinnikishore369@gmail.com \
    --cc=devicetree@vger.kernel.org \
    --cc=git@xilinx.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=iwamatsu@nigauri.org \
    --cc=lakshmi.sai.krishna.potthuri@xilinx.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-fpga@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mdf@kernel.org \
    --cc=michal.simek@xilinx.com \
    --cc=rajan.vaja@xilinx.com \
    --cc=ravi.patel@xilinx.com \
    --cc=robh+dt@kernel.org \
    --cc=tejas.patel@xilinx.com \
    --cc=trix@redhat.com \
    --cc=wendy.liang@xilinx.com \
    --cc=zou_wei@huawei.com \
    --subject='Re: [RFC v2 3/4] drivers: fpga: Add user-key encrypted FPGA Image loading support' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).