Message ID | 20210609055232.4501-2-nava.manne@xilinx.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | Fpga: adds support to load the user-key encrypted FPGA Image loading | expand |
On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote: > This patch adds user encrypted key load API to support > User key encrypted images loading use cases from Linux. What is "user key encrypted images"? Do we need more documentation here for what this is and how to use it? And why is "User" capitalized? thanks, greg k-h
Hi Greg, Thanks for providing the review comments. Please find my response inline. > -----Original Message----- > From: Greg KH <gregkh@linuxfoundation.org> > Sent: Wednesday, June 9, 2021 3:25 PM > To: Nava kishore Manne <navam@xilinx.com> > Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>; > mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja > <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>; > Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna > Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>; > iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>; > devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux- > kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>; > chinnikishore369@gmail.com > Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API > support > > On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote: > > This patch adds user encrypted key load API to support User key > > encrypted images loading use cases from Linux. > > What is "user key encrypted images"? Do we need more documentation > here for what this is and how to use it? > Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode. User can supply a 128-bit Initial Vector and 256-bit key(user key). For more info please refer here: https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf > And why is "User" capitalized? > Will fix. Regards, Navakishore.
On Fri, Jul 09, 2021 at 08:41:35AM +0000, Nava kishore Manne wrote: > Hi Greg, > > Thanks for providing the review comments. > Please find my response inline. > > > -----Original Message----- > > From: Greg KH <gregkh@linuxfoundation.org> > > Sent: Wednesday, June 9, 2021 3:25 PM > > To: Nava kishore Manne <navam@xilinx.com> > > Cc: robh+dt@kernel.org; Michal Simek <michals@xilinx.com>; > > mdf@kernel.org; trix@redhat.com; arnd@arndb.de; Rajan Vaja > > <RAJANV@xilinx.com>; Amit Sunil Dhamne <amitsuni@xlnx.xilinx.com>; > > Tejas Patel <tejasp@xlnx.xilinx.com>; zou_wei@huawei.com; Sai Krishna > > Potthuri <lakshmis@xilinx.com>; Ravi Patel <RAVIPATE@xilinx.com>; > > iwamatsu@nigauri.org; Jiaying Liang <jliang@xilinx.com>; > > devicetree@vger.kernel.org; linux-arm-kernel@lists.infradead.org; linux- > > kernel@vger.kernel.org; linux-fpga@vger.kernel.org; git <git@xilinx.com>; > > chinnikishore369@gmail.com > > Subject: Re: [RFC v2 1/4] drivers: firmware: Add user encrypted key load API > > support > > > > On Wed, Jun 09, 2021 at 11:22:29AM +0530, Nava kishore Manne wrote: > > > This patch adds user encrypted key load API to support User key > > > encrypted images loading use cases from Linux. > > > > What is "user key encrypted images"? Do we need more documentation > > here for what this is and how to use it? > > > > Xilinx bitstream writer, using AES, encrypts the bitstream. This feature allows user to encrypt bitstream using 256-bit AES encryption in cipher block chaining (CBC) mode. > User can supply a 128-bit Initial Vector and 256-bit key(user key). Please provide the needed information in the changelog comment. > For more info please refer here: > https://www.xilinx.com/support/documentation/application_notes/xapp1239-fpga-bitstream-encryption.pdf External links always grow stale. thanks, greg k-h
diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c index 15b138326ecc..2fa5687a75f8 100644 --- a/drivers/firmware/xilinx/zynqmp.c +++ b/drivers/firmware/xilinx/zynqmp.c @@ -787,6 +787,23 @@ int zynqmp_pm_fpga_load(const u64 address, const u32 size, const u32 flags) } EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_load); +/** + * zynqmp_pm_fpga_key_load - Perform to load the bitstream encrypted key + * @address: Address to write + * @size: encrypted key size + * + * This function provides access to pmufw. To transfer + * the required encrypted key. + * + * Return: Returns status, either success or error+reason + */ +int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size) +{ + return zynqmp_pm_invoke_fn(PM_ENC_KEY_LOAD, lower_32_bits(address), + upper_32_bits(address), size, 0, NULL); +} +EXPORT_SYMBOL_GPL(zynqmp_pm_fpga_enc_key_load); + /** * zynqmp_pm_fpga_get_status - Read value from PCAP status register * @value: Value to read diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h index 9d1a5c175065..7aa9ad40ff53 100644 --- a/include/linux/firmware/xlnx-zynqmp.h +++ b/include/linux/firmware/xlnx-zynqmp.h @@ -91,6 +91,7 @@ enum pm_api_id { PM_CLOCK_GETPARENT = 44, PM_SECURE_AES = 47, PM_FEATURE_CHECK = 63, + PM_ENC_KEY_LOAD = 64, }; /* PMU-FW return status codes */ @@ -411,6 +412,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const u32 param, u32 *value); int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param, u32 value); +int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size); #else static inline int zynqmp_pm_get_api_version(u32 *version) { @@ -622,6 +624,11 @@ static inline int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param, { return -ENODEV; } + +static inline int zynqmp_pm_fpga_enc_key_load(const u64 address, const u32 size) +{ + return -ENODEV; +} #endif #endif /* __FIRMWARE_ZYNQMP_H__ */
This patch adds user encrypted key load API to support User key encrypted images loading use cases from Linux. Signed-off-by: Nava kishore Manne <nava.manne@xilinx.com> --- Changes for v2: -None. drivers/firmware/xilinx/zynqmp.c | 17 +++++++++++++++++ include/linux/firmware/xlnx-zynqmp.h | 7 +++++++ 2 files changed, 24 insertions(+)