Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp1691967pxk;
        Fri, 4 Sep 2020 16:56:07 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxe0bLhJxKWcdRjj77kMS/SFJz2aOaepSZmSfTCbXFwI9ojCUmZCiaet9t93q+KKpf1a7Su
X-Received: by 2002:a05:6402:7d2:: with SMTP id u18mr11386501edy.69.1599263767471;
        Fri, 04 Sep 2020 16:56:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1599263767; cv=none;
        d=google.com; s=arc-20160816;
        b=LRZsjpogTlBNLFV2kxBalGwEouU6soE1Kkf3ckTFAEObSpz8siBE3YlnJiZsOtCHYc
         BW42TxCWnxdPPmjJ9p4ftnNxWo9fq0AavTezte0UwMLChIoQYpLG+8RN3JUSo3KJeypY
         JRj03ZqhJreYr771ZD0z6alvoFO3Go+rxlC0IylRibN2Tu8P3zofgJAxGLDsdE1DpEof
         XF7Hvv7sFiaUK9YjtZ7HiFjdWTLn84+T77JlcCvFB0BMLd6xovbsEl1rY7dJFLINymn3
         eFXbNjZqpcoznPvweUeaTlTTZVzCvk9rrxZu3OH7xaN6VsnPO/E7yprTHxAL81lCMHe/
         z5pQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :ironport-sdr:ironport-sdr;
        bh=/PLCQyijl8U/sjaLeDWpBXthqbdrudxLnKbDWKy5V7M=;
        b=J8UpZeO5qmWH0By2mjuWEfERAyAoHuacDN3aOG+LEr/k8WHTE3WHgxM2p0ldB2avKU
         S+pR8Is9oOl/YYjaXGDcyw/IqlquQ/5b1OG5NsfhPd62LQq/W1F7eB6Wt36yFXSUyQn3
         QX741uWLqtFjAxIttQSb9P0iWw9Lq/Ah0q2ipOfmW80pGpMdFTJ+j/MRmlrOZP1quVU6
         G1SvCITsy8TE6mPiU2sxCvyE+I1qyZP8LZP7mhFKQ4xusJ7EiYaVBGqTftNpX/fjNoZq
         bETA9YKNkUtL8mLYRwHodR1Ca7qibKXPuxicHFFAwJJnwDUNJukSdsVreOlWRrD7xVVJ
         Ec7g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id h2si4348553ejy.315.2020.09.04.16.55.45;
        Fri, 04 Sep 2020 16:56:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726575AbgIDXxP (ORCPT <rfc822;israelpgz17@gmail.com>
        + 99 others); Fri, 4 Sep 2020 19:53:15 -0400
Received: from mga06.intel.com ([134.134.136.31]:64693 "EHLO mga06.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726277AbgIDXxP (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 4 Sep 2020 19:53:15 -0400
IronPort-SDR: mIccJCGemNXxJw/qt86/DaS0mejKUhY9YM6/TkhWpi1XYdTdF/H8jWrSNYRsooJStckFfABpAI
 I6CUJX/wPeqg==
X-IronPort-AV: E=McAfee;i="6000,8403,9734"; a="219386181"
X-IronPort-AV: E=Sophos;i="5.76,391,1592895600"; 
   d="scan'208";a="219386181"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Sep 2020 16:53:14 -0700
IronPort-SDR: 7dpd2GJU632sDJcF50/Cxcbw+ivDO5YjBmChaWhWOlZsdsDphgEG780RbM+zvKcJiL3oSC3iP4
 Mhx9VQZXA/mw==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.76,391,1592895600"; 
   d="scan'208";a="284656168"
Received: from rhweight-mobl2.amr.corp.intel.com (HELO rhweight-mobl2.ra.intel.com) ([10.251.151.80])
  by fmsmga008.fm.intel.com with ESMTP; 04 Sep 2020 16:53:13 -0700
From:   Russ Weight <russell.h.weight@intel.com>
To:     mdf@kernel.org, lee.jones@linaro.org, linux-fpga@vger.kernel.org,
        linux-kernel@vger.kernel.org
Cc:     trix@redhat.com, lgoncalv@redhat.com, yilun.xu@intel.com,
        hao.wu@intel.com, matthew.gerlach@intel.com,
        Russ Weight <russell.h.weight@intel.com>
Subject: [PATCH v1 00/12] Intel FPGA Security Manager Class Driver
Date:   Fri,  4 Sep 2020 16:52:53 -0700
Message-Id: <20200904235305.6254-1-russell.h.weight@intel.com>
X-Mailer: git-send-email 2.17.1
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


These patches depend on the patchset: "add regmap-spi-avmm & Intel
Max10 BMC chip support" which is currently under review.

           --------------------------------------------------

This patchset introduces the Intel Security Manager class driver
for managing secure updates on Intel FPGA Cards. It also provides
the n3000bmc-secure mfd sub-driver for the MAX10 BMC for the n3000
Programmable Acceleration Cards (PAC). The n3000bmc-secure driver
is implemented using the Intel Security Manager class driver.

The Intel Security Manager class driver provides a common API for
user-space tools to manage updates for Secure FPGA devices. Device
drivers that instantiate the Intel Security Manager class driver will
interact with the HW secure update engine in order to transfer
new FPGA and BMC images to FLASH so that they will be automatically
loaded when the FPGA card reboots.

The API consists of sysfs nodes and supports the following functions:

(1) Instantiate and monitor a secure update
(2) Display security information including: Root Entry Hashes (REH),
    Cancelled Code Signing Keys (CSK), and flash update counts for
    both BMC and FPGA images.

Secure updates make use of the request_firmware framework, which
requires that image files are accessible under /lib/firmware. A request
for a secure update returns immediately, while the update itself
proceeds in the context of a kernel worker thread. Sysfs files provide
a means for monitoring the progress of a secure update and for
retrieving error information in the event of a failure.

The n3000bmc-secure driver instantiates the Intel Security Manager
class driver and provides the callback functions required to support
secure updates on Intel n3000 PAC devices.

Russ Weight (12):
  fpga: fpga security manager class driver
  fpga: create intel max10 bmc security engine
  fpga: expose max10 flash update counts in sysfs
  fpga: expose max10 canceled keys in sysfs
  fpga: enable secure updates
  fpga: add max10 secure update functions
  fpga: expose sec-mgr update status
  fpga: expose sec-mgr update errors
  fpga: expose sec-mgr update size
  fpga: enable sec-mgr update cancel
  fpga: expose hardware error info in sysfs
  fpga: add max10 get_hw_errinfo callback func

 .../ABI/testing/sysfs-class-ifpga-sec-mgr     | 151 ++++
 MAINTAINERS                                   |   8 +
 drivers/fpga/Kconfig                          |  20 +
 drivers/fpga/Makefile                         |   6 +
 drivers/fpga/ifpga-sec-mgr.c                  | 669 ++++++++++++++++++
 drivers/fpga/intel-m10-bmc-secure.c           | 557 +++++++++++++++
 include/linux/fpga/ifpga-sec-mgr.h            | 201 ++++++
 include/linux/mfd/intel-m10-bmc.h             | 116 +++
 8 files changed, 1728 insertions(+)
 create mode 100644 Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr
 create mode 100644 drivers/fpga/ifpga-sec-mgr.c
 create mode 100644 drivers/fpga/intel-m10-bmc-secure.c
 create mode 100644 include/linux/fpga/ifpga-sec-mgr.h

-- 
2.17.1