From: Russ Weight <russell.h.weight@intel.com>
To: mdf@kernel.org, lee.jones@linaro.org, linux-fpga@vger.kernel.org,
linux-kernel@vger.kernel.org
Cc: trix@redhat.com, lgoncalv@redhat.com, yilun.xu@intel.com,
hao.wu@intel.com, matthew.gerlach@intel.com,
Russ Weight <russell.h.weight@intel.com>
Subject: [PATCH v1 00/12] Intel FPGA Security Manager Class Driver
Date: Fri, 4 Sep 2020 16:52:53 -0700 [thread overview]
Message-ID: <20200904235305.6254-1-russell.h.weight@intel.com> (raw)
These patches depend on the patchset: "add regmap-spi-avmm & Intel
Max10 BMC chip support" which is currently under review.
--------------------------------------------------
This patchset introduces the Intel Security Manager class driver
for managing secure updates on Intel FPGA Cards. It also provides
the n3000bmc-secure mfd sub-driver for the MAX10 BMC for the n3000
Programmable Acceleration Cards (PAC). The n3000bmc-secure driver
is implemented using the Intel Security Manager class driver.
The Intel Security Manager class driver provides a common API for
user-space tools to manage updates for Secure FPGA devices. Device
drivers that instantiate the Intel Security Manager class driver will
interact with the HW secure update engine in order to transfer
new FPGA and BMC images to FLASH so that they will be automatically
loaded when the FPGA card reboots.
The API consists of sysfs nodes and supports the following functions:
(1) Instantiate and monitor a secure update
(2) Display security information including: Root Entry Hashes (REH),
Cancelled Code Signing Keys (CSK), and flash update counts for
both BMC and FPGA images.
Secure updates make use of the request_firmware framework, which
requires that image files are accessible under /lib/firmware. A request
for a secure update returns immediately, while the update itself
proceeds in the context of a kernel worker thread. Sysfs files provide
a means for monitoring the progress of a secure update and for
retrieving error information in the event of a failure.
The n3000bmc-secure driver instantiates the Intel Security Manager
class driver and provides the callback functions required to support
secure updates on Intel n3000 PAC devices.
Russ Weight (12):
fpga: fpga security manager class driver
fpga: create intel max10 bmc security engine
fpga: expose max10 flash update counts in sysfs
fpga: expose max10 canceled keys in sysfs
fpga: enable secure updates
fpga: add max10 secure update functions
fpga: expose sec-mgr update status
fpga: expose sec-mgr update errors
fpga: expose sec-mgr update size
fpga: enable sec-mgr update cancel
fpga: expose hardware error info in sysfs
fpga: add max10 get_hw_errinfo callback func
.../ABI/testing/sysfs-class-ifpga-sec-mgr | 151 ++++
MAINTAINERS | 8 +
drivers/fpga/Kconfig | 20 +
drivers/fpga/Makefile | 6 +
drivers/fpga/ifpga-sec-mgr.c | 669 ++++++++++++++++++
drivers/fpga/intel-m10-bmc-secure.c | 557 +++++++++++++++
include/linux/fpga/ifpga-sec-mgr.h | 201 ++++++
include/linux/mfd/intel-m10-bmc.h | 116 +++
8 files changed, 1728 insertions(+)
create mode 100644 Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr
create mode 100644 drivers/fpga/ifpga-sec-mgr.c
create mode 100644 drivers/fpga/intel-m10-bmc-secure.c
create mode 100644 include/linux/fpga/ifpga-sec-mgr.h
--
2.17.1
next reply other threads:[~2020-09-04 23:53 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-04 23:52 Russ Weight [this message]
2020-09-04 23:52 ` [PATCH v1 01/12] fpga: fpga security manager class driver Russ Weight
2020-09-04 23:57 ` Randy Dunlap
2020-09-05 0:23 ` Moritz Fischer
2020-09-05 0:44 ` Russ Weight
2020-09-05 13:39 ` Wu, Hao
2020-09-05 19:09 ` Tom Rix
[not found] ` <ebf251a0-5f13-d1a1-6915-e3c940bb19fe@intel.com>
2020-09-10 21:51 ` Tom Rix
2020-09-10 23:05 ` Russ Weight
2020-09-16 20:16 ` Moritz Fischer
2020-09-30 20:54 ` Russ Weight
2020-10-01 0:31 ` Moritz Fischer
2020-10-01 1:07 ` Russ Weight
2020-10-01 19:07 ` Moritz Fischer
2020-09-04 23:52 ` [PATCH v1 02/12] fpga: create intel max10 bmc security engine Russ Weight
2020-09-05 0:01 ` Randy Dunlap
2020-09-05 0:05 ` Russ Weight
2020-09-05 20:22 ` Tom Rix
2020-09-14 19:07 ` Russ Weight
2020-09-14 20:48 ` Tom Rix
2020-09-14 21:40 ` Russ Weight
2020-09-16 20:33 ` Moritz Fischer
2020-09-30 23:14 ` Russ Weight
2020-09-04 23:52 ` [PATCH v1 03/12] fpga: expose max10 flash update counts in sysfs Russ Weight
2020-09-05 20:39 ` Tom Rix
2020-09-16 18:37 ` Russ Weight
2020-09-04 23:52 ` [PATCH v1 04/12] fpga: expose max10 canceled keys " Russ Weight
2020-09-05 20:52 ` Tom Rix
2020-09-04 23:52 ` [PATCH v1 05/12] fpga: enable secure updates Russ Weight
2020-09-05 22:04 ` Tom Rix
[not found] ` <1d90bfb6-417c-55df-9290-991c391158a9@intel.com>
2020-09-20 15:24 ` Tom Rix
2020-09-04 23:52 ` [PATCH v1 06/12] fpga: add max10 secure update functions Russ Weight
2020-09-06 16:10 ` Tom Rix
2020-09-22 1:15 ` Russ Weight
2020-09-08 8:05 ` Lee Jones
2020-09-04 23:53 ` [PATCH v1 07/12] fpga: expose sec-mgr update status Russ Weight
2020-09-06 16:16 ` Tom Rix
2020-09-22 22:31 ` Russ Weight
2020-09-04 23:53 ` [PATCH v1 08/12] fpga: expose sec-mgr update errors Russ Weight
2020-09-06 16:27 ` Tom Rix
2020-09-22 23:42 ` Russ Weight
2020-09-23 12:52 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 09/12] fpga: expose sec-mgr update size Russ Weight
2020-09-06 16:39 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 10/12] fpga: enable sec-mgr update cancel Russ Weight
2020-09-06 17:00 ` Tom Rix
[not found] ` <678f8d39-a244-42d0-4c56-91eb859b43f0@intel.com>
2020-09-23 13:02 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 11/12] fpga: expose hardware error info in sysfs Russ Weight
2020-09-06 17:06 ` Tom Rix
2020-09-04 23:53 ` [PATCH v1 12/12] fpga: add max10 get_hw_errinfo callback func Russ Weight
2020-09-06 17:14 ` Tom Rix
2020-09-24 21:48 ` Russ Weight
2020-09-05 14:13 ` [PATCH v1 00/12] Intel FPGA Security Manager Class Driver Wu, Hao
2020-10-01 20:42 ` Russ Weight
2020-09-05 16:10 ` Tom Rix
2020-09-05 17:16 ` Tom Rix
2020-10-01 0:19 ` Russ Weight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200904235305.6254-1-russell.h.weight@intel.com \
--to=russell.h.weight@intel.com \
--cc=hao.wu@intel.com \
--cc=lee.jones@linaro.org \
--cc=lgoncalv@redhat.com \
--cc=linux-fpga@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew.gerlach@intel.com \
--cc=mdf@kernel.org \
--cc=trix@redhat.com \
--cc=yilun.xu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).