From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 49841C61D99 for ; Wed, 22 Nov 2023 16:51:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: In-Reply-To:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=/enXOqod9doz32aKtEUUU24Ec2wRDjpkbTlNiofie1w=; b=jPMv7vXSyMgarTwS76grv/ID68 n0DeAQa/hjNhIYXBXk2O5Pp7ff4HWVcQAAhw/iZTVVo9iLgaH45ulC02cvAWVa3HqiFS34xkn6p0S ohDqDyjeDfsl0b/s/QwYCBy09AbMof2cC7FApM9RhMacCDCgHIq9lVRSjpBjWHcdVUtwPgYyEGnEw DfiCotkoFf+JDmePWK2eh7D3SIlLCLxgqv0fInRGmeYbTZHEmsKZchFL+X01cWatZalZVbAjnEQDf CXljHdrh0PgmWEUE9RHsl1wTDI0XMkli1p9U+ceBdhR9JobPyMN1x0qaJiK8J0JDvMXHThcWxgGD7 KRchtmXw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1r5qR8-002ZQx-2k; Wed, 22 Nov 2023 16:50:50 +0000 Received: from ams.source.kernel.org ([145.40.68.75]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1r5qR4-002ZP5-2G for linux-arm-kernel@lists.infradead.org; Wed, 22 Nov 2023 16:50:49 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by ams.source.kernel.org (Postfix) with ESMTP id F1E0DB8276E; Wed, 22 Nov 2023 16:50:44 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 84E08C433C7; Wed, 22 Nov 2023 16:50:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700671844; bh=Gy6ICgLvnTaxWqv9MeYnCJN9AaV4Dv5/UPWRNSFp3n8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=eO3sCiePyO9mju04v/x+bzylbjrmjfLSXFi24QPC7IrjsqVwpV345L93YY432JMAY 4uUghDamU1fVxyA8H7hZowYS5tX2tm3CuVFdUh0AHKLs7oJeHO1pYVsAA6B59l8Fbb 6VItSWg2kYQfm/gj4CHChRNtiWDr1geCJ3irm1Ag/gNeysgcYxvOO5PK9rPtKXjMmS LG7vfpuC9lwQQWv3uy6pk7gecJkI8sStxZWpXyaYwzXIvPaLEI0ZOvpQX8CI1g0NIi /VDKiflfgrmZM5Ufwn3KRAZec9J1OQE/dPpiyRrpp32w1/egGH1cLQanEsJTbJp5k+ Z9AQdxDV0XPaQ== Date: Wed, 22 Nov 2023 16:50:37 +0000 From: Conor Dooley To: Nava kishore Manne Cc: mdf@kernel.org, hao.wu@intel.com, yilun.xu@intel.com, trix@redhat.com, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, conor+dt@kernel.org, michal.simek@amd.com, mathieu.poirier@linaro.org, ben.levinsky@amd.com, sai.krishna.potthuri@amd.com, tanmay.shah@amd.com, dhaval.r.shah@amd.com, arnd@arndb.de, shubhrajyoti.datta@amd.com, linux-fpga@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Subject: Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading Message-ID: <20231122-exert-gleeful-e4476851c489@spud> References: <20231122054404.3764288-1-nava.kishore.manne@amd.com> <20231122054404.3764288-2-nava.kishore.manne@amd.com> MIME-Version: 1.0 In-Reply-To: <20231122054404.3764288-2-nava.kishore.manne@amd.com> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20231122_085047_036950_F64E0E1C X-CRM114-Status: GOOD ( 24.48 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0746204494269667410==" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org --===============0746204494269667410== Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="fQgRGi9CRaM/leib" Content-Disposition: inline --fQgRGi9CRaM/leib Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 22, 2023 at 11:14:02AM +0530, Nava kishore Manne wrote: > Adds =E2=80=98encrypted-key-name=E2=80=99 property to support user-key en= crypted > bitstream loading use case. >=20 > Signed-off-by: Nava kishore Manne > --- > .../devicetree/bindings/fpga/fpga-region.txt | 32 +++++++++++++++++++ Is there a reason that this has not yet been converted to yaml? > 1 file changed, 32 insertions(+) >=20 > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Doc= umentation/devicetree/bindings/fpga/fpga-region.txt > index 528df8a0e6d8..309334558b3f 100644 > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt > @@ -177,6 +177,9 @@ Optional properties: > it indicates that the FPGA has already been programmed with this image. > If this property is in an overlay targeting an FPGA region, it is a > request to program the FPGA with that image. > +- encrypted-key-name : should contain the name of an encrypted key file = located > + on the firmware search path. It will be used to decrypt the FPGA image > + file with user-key. I might be misreading things, but your driver code seems to assume that this is an aes key. Nothing here seems to document that this is supposed to be a key of a particular type. Cheers, Conor. > - fpga-bridges : should contain a list of phandles to FPGA Bridges that = must be > controlled during FPGA programming along with the parent FPGA bridge. > This property is optional if the FPGA Manager handles the bridges. > @@ -459,6 +462,35 @@ programming is the FPGA based bridge of fpga_region1. > }; > }; > =20 > +Device Tree Example: Configure/Reconfigure Encrypted Image With User Key > +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > + > +Users can encrypt FPGA configuration Images with their own key. While de= crypting > +the configuration Image the user needs to provide the same key. > +"encrypted-key-name" Specifies the name of the FPGA image encrypted key = file on > +the firmware search path. The search path is described in the firmware c= lass > +documentation. > + > +/dts-v1/; > +/plugin/; > + > +&fpga_region0 { > + #address-cells =3D <1>; > + #size-cells =3D <1>; > + > + firmware-name =3D "soc_image2.rbf"; > + encrypted-key-name =3D "key.nky"; > + > + gpio@10040 { > + compatible =3D "altr,pio-1.0"; > + reg =3D <0x10040 0x20>; > + clocks =3D <0x2>; > + altr,ngpio =3D <0x4>; > + #gpio-cells =3D <0x2>; > + gpio-controller; > + }; > +}; > + > Constraints > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =20 > --=20 > 2.25.1 >=20 --fQgRGi9CRaM/leib Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQRh246EGq/8RLhDjO14tDGHoIJi0gUCZV4xXQAKCRB4tDGHoIJi 0loFAP9yglWDOnl90C+JIFNKoS8fMwEsVxZA1KeM+gtNfT8IBAEAjdZP9R4ySbJQ anmnejBPkAFFim8ousuPXHi+3dEazAM= =4Jh2 -----END PGP SIGNATURE----- --fQgRGi9CRaM/leib-- --===============0746204494269667410== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel --===============0746204494269667410==--