From: "Jorge Ramirez-Ortiz, Foundries" <jorge@foundries.io>
To: Michal Simek <michal.simek@xilinx.com>
Cc: Jorge Ramirez-Ortiz <jorge@foundries.io>,
trini@konsulko.com, sjg@chromium.org, mr.nuke.me@gmail.com,
u-boot@lists.denx.de, ricardo@foundries.io, mike@foundries.io,
igor.opaniuk@foundries.io
Subject: Re: [RFC PATCH 2/2] fpga: xilinx: allow loading authenticated images (DDR)
Date: Tue, 5 Oct 2021 16:03:54 +0200 [thread overview]
Message-ID: <20211005140354.GA30050@trex> (raw)
In-Reply-To: <7b6f41a8-7812-c2b6-a4f5-1bdad7d2a784@xilinx.com>
On 05/10/21, Michal Simek wrote:
>
>
> On 10/5/21 1:13 PM, Jorge Ramirez-Ortiz wrote:
> > Add new compatible string u-boot,zynqmp-fpga-ddrauth to handle this
> > use case.
> >
> > Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
> > ---
> > drivers/fpga/xilinx.c | 29 +++++++++++++++++++++++++----
> > drivers/fpga/zynqmppl.c | 4 ++--
> > include/xilinx.h | 2 +-
> > 3 files changed, 28 insertions(+), 7 deletions(-)
> >
> > diff --git a/drivers/fpga/xilinx.c b/drivers/fpga/xilinx.c
> > index cbebefb55f..c8035105e2 100644
> > --- a/drivers/fpga/xilinx.c
> > +++ b/drivers/fpga/xilinx.c
> > @@ -135,23 +135,44 @@ int fpga_loadbitstream(int devnum, char *fpgadata, size_t size,
> > dataptr += 4;
> > printf(" bytes in bitstream = %d\n", swapsize);
> >
> > - return fpga_load(devnum, dataptr, swapsize, bstype);
> > + return fpga_load(devnum, dataptr, swapsize, bstype, NULL);
> > }
> >
> > int xilinx_load(xilinx_desc *desc, const void *buf, size_t bsize,
> > - bitstream_type bstype)
> > + bitstream_type bstype, const char *compatible)
> > {
> > + struct fpga_secure_info info = { 0 };
> > +
> > if (!xilinx_validate (desc, (char *)__FUNCTION__)) {
> > printf ("%s: Invalid device descriptor\n", __FUNCTION__);
> > return FPGA_FAIL;
> > }
> >
> > - if (!desc->operations || !desc->operations->load) {
> > + if (!desc->operations) {
> > printf("%s: Missing load operation\n", __func__);
> > return FPGA_FAIL;
> > }
> >
> > - return desc->operations->load(desc, buf, bsize, bstype);
> > + if (!compatible || !strcmp(compatible, "u-boot,fpga-legacy")) {
> > + if (!desc->operations->load) {
> > + printf("%s: Missing load operation\n", __func__);
> > + return FPGA_FAIL;
> > + }
> > + return desc->operations->load(desc, buf, bsize, bstype);
> > + }
> > +
> > + if (!strcmp(compatible, "u-boot,zynqmp-fpga-ddrauth")) {
> > + if (!desc->operations->loads) {
> > + printf("%s: Missing load operation\n", __func__);
> > + return FPGA_FAIL;
> > + }
> > + /* DDR authentication */
> > + info.authflag = 1;
> > + return desc->operations->loads(desc, buf, bsize, &info);
> > + }
>
> I am not sure about this solution. First of all it forces SPL to have
> additional code which just extending size. It means there must be a way
> to enable/disable it.
that can be contained of course...so not really an issue (ie compile
out either fpga_load or fpga_loads depending on needs).
>
> The next thing is that you have zynqmp string in generic xilinx file
> which doesn't look right. It would be better to deal with image types
> directly in driver which is capable to handle it.
sure that is easy..but the idea is the same
> It means record fit image compatible string in the driver with
> hooks/flags and determined what should be called.
what about the compatible names? will you define those? or should I do
it?
For our use case, we need DDR authentication so that must be
defined. I can add others and someone else can add the support needed?
>
> And the same style should work for SPL and also for U-Boot proper.
sure.
thanks for the quick response.
>
> Thanks,
> Michal
next prev parent reply other threads:[~2021-10-05 14:04 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-05 11:13 [PATCH] arm64: zynqmp: Print the secure boot status information in EL3 Jorge Ramirez-Ortiz
2021-10-05 11:13 ` [RFC PATCH 1/2] fpga_load: pass compatible string Jorge Ramirez-Ortiz
2021-10-14 15:09 ` Simon Glass
2021-10-15 8:57 ` Jorge Ramirez-Ortiz, Foundries
2021-10-05 11:13 ` [RFC PATCH 2/2] fpga: xilinx: allow loading authenticated images (DDR) Jorge Ramirez-Ortiz
2021-10-05 12:38 ` Michal Simek
2021-10-05 14:03 ` Jorge Ramirez-Ortiz, Foundries [this message]
2021-10-05 15:16 ` Michal Simek
2021-10-05 11:19 ` [PATCH] arm64: zynqmp: Print the secure boot status information in EL3 Igor Opaniuk
2021-10-05 11:28 ` Oleksandr Suvorov
2021-10-05 12:23 ` Michal Simek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211005140354.GA30050@trex \
--to=jorge@foundries.io \
--cc=igor.opaniuk@foundries.io \
--cc=michal.simek@xilinx.com \
--cc=mike@foundries.io \
--cc=mr.nuke.me@gmail.com \
--cc=ricardo@foundries.io \
--cc=sjg@chromium.org \
--cc=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox