From: "Jorge Ramirez-Ortiz, Foundries" <jorge@foundries.io>
To: Michal Simek <michal.simek@xilinx.com>
Cc: Jorge Ramirez-Ortiz <jorge@foundries.io>,
trini@konsulko.com, sjg@chromium.org, mr.nuke.me@gmail.com,
u-boot@lists.denx.de, ricardo@foundries.io, mike@foundries.io,
igor.opaniuk@foundries.io
Subject: Re: [RFC PATCH 2/2] fpga: xilinx: allow loading authenticated images (DDR)
Date: Tue, 5 Oct 2021 16:03:54 +0200 [thread overview]
Message-ID: <20211005140354.GA30050@trex> (raw)
In-Reply-To: <7b6f41a8-7812-c2b6-a4f5-1bdad7d2a784@xilinx.com>
On 05/10/21, Michal Simek wrote:
>
>
> On 10/5/21 1:13 PM, Jorge Ramirez-Ortiz wrote:
> > Add new compatible string u-boot,zynqmp-fpga-ddrauth to handle this
> > use case.
> >
> > Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
> > ---
> > drivers/fpga/xilinx.c | 29 +++++++++++++++++++++++++----
> > drivers/fpga/zynqmppl.c | 4 ++--
> > include/xilinx.h | 2 +-
> > 3 files changed, 28 insertions(+), 7 deletions(-)
> >
> > diff --git a/drivers/fpga/xilinx.c b/drivers/fpga/xilinx.c
> > index cbebefb55f..c8035105e2 100644
> > --- a/drivers/fpga/xilinx.c
> > +++ b/drivers/fpga/xilinx.c
> > @@ -135,23 +135,44 @@ int fpga_loadbitstream(int devnum, char *fpgadata, size_t size,
> > dataptr += 4;
> > printf(" bytes in bitstream = %d\n", swapsize);
> >
> > - return fpga_load(devnum, dataptr, swapsize, bstype);
> > + return fpga_load(devnum, dataptr, swapsize, bstype, NULL);
> > }
> >
> > int xilinx_load(xilinx_desc *desc, const void *buf, size_t bsize,
> > - bitstream_type bstype)
> > + bitstream_type bstype, const char *compatible)
> > {
> > + struct fpga_secure_info info = { 0 };
> > +
> > if (!xilinx_validate (desc, (char *)__FUNCTION__)) {
> > printf ("%s: Invalid device descriptor\n", __FUNCTION__);
> > return FPGA_FAIL;
> > }
> >
> > - if (!desc->operations || !desc->operations->load) {
> > + if (!desc->operations) {
> > printf("%s: Missing load operation\n", __func__);
> > return FPGA_FAIL;
> > }
> >
> > - return desc->operations->load(desc, buf, bsize, bstype);
> > + if (!compatible || !strcmp(compatible, "u-boot,fpga-legacy")) {
> > + if (!desc->operations->load) {
> > + printf("%s: Missing load operation\n", __func__);
> > + return FPGA_FAIL;
> > + }
> > + return desc->operations->load(desc, buf, bsize, bstype);
> > + }
> > +
> > + if (!strcmp(compatible, "u-boot,zynqmp-fpga-ddrauth")) {
> > + if (!desc->operations->loads) {
> > + printf("%s: Missing load operation\n", __func__);
> > + return FPGA_FAIL;
> > + }
> > + /* DDR authentication */
> > + info.authflag = 1;
> > + return desc->operations->loads(desc, buf, bsize, &info);
> > + }
>
> I am not sure about this solution. First of all it forces SPL to have
> additional code which just extending size. It means there must be a way
> to enable/disable it.
that can be contained of course...so not really an issue (ie compile
out either fpga_load or fpga_loads depending on needs).
>
> The next thing is that you have zynqmp string in generic xilinx file
> which doesn't look right. It would be better to deal with image types
> directly in driver which is capable to handle it.
sure that is easy..but the idea is the same
> It means record fit image compatible string in the driver with
> hooks/flags and determined what should be called.
what about the compatible names? will you define those? or should I do
it?
For our use case, we need DDR authentication so that must be
defined. I can add others and someone else can add the support needed?
>
> And the same style should work for SPL and also for U-Boot proper.
sure.
thanks for the quick response.
>
> Thanks,
> Michal
next prev parent reply other threads:[~2021-10-05 14:04 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-05 11:13 [PATCH] arm64: zynqmp: Print the secure boot status information in EL3 Jorge Ramirez-Ortiz
2021-10-05 11:13 ` [RFC PATCH 1/2] fpga_load: pass compatible string Jorge Ramirez-Ortiz
2021-10-14 15:09 ` Simon Glass
2021-10-15 8:57 ` Jorge Ramirez-Ortiz, Foundries
2021-10-05 11:13 ` [RFC PATCH 2/2] fpga: xilinx: allow loading authenticated images (DDR) Jorge Ramirez-Ortiz
2021-10-05 12:38 ` Michal Simek
2021-10-05 14:03 ` Jorge Ramirez-Ortiz, Foundries [this message]
2021-10-05 15:16 ` Michal Simek
2021-10-05 11:19 ` [PATCH] arm64: zynqmp: Print the secure boot status information in EL3 Igor Opaniuk
2021-10-05 11:28 ` Oleksandr Suvorov
2021-10-05 12:23 ` Michal Simek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211005140354.GA30050@trex \
--to=jorge@foundries.io \
--cc=igor.opaniuk@foundries.io \
--cc=michal.simek@xilinx.com \
--cc=mike@foundries.io \
--cc=mr.nuke.me@gmail.com \
--cc=ricardo@foundries.io \
--cc=sjg@chromium.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.