Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp2151933pxk; Sat, 5 Sep 2020 10:18:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwdC1O08UuXtzZYQIgsCVPO2nvttaWovMohD7pEPiorje4wd4yaHDJkJ9U1H2B36OTG8jQO X-Received: by 2002:a50:fc87:: with SMTP id f7mr14219194edq.162.1599326320555; Sat, 05 Sep 2020 10:18:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599326320; cv=none; d=google.com; s=arc-20160816; b=gZGtAoOo4FkyEvNDKpE4Q69EUmyPpWozo1E/mgFstuyK1mD+E3OSIXVYo9YAB1GayB 7Fji+e8q9pX0U7bi8uWf707GnbFNOIUy9ASfKbXMayuvP9pVnDpOYCb2UlosZ2NOUoAF YeHSgCBCf1ITV+4JQev5kceMxCXYy0QbFNofkBpDSO9kPSzRp1ds7TF/n987R12UOMHP CMLcjpGqDJpXxc20zW84fP7rGSbONyfV38YNaCd8jeLtG8erBLSkg1fn05uuGCKcGWtV AWrRtJQtzRI2IKIhwA/lUEDHLC6joNzabvbSmAflE4UiddbwT1smfVQNHXP70fo4p0FW z3dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:subject:dkim-signature; bh=OGH1OnR/QF8fAlfetLwGLNG+GGcP9kLctGj2h9MJIrs=; b=B+mpGpFThVouoGDV62wMsUZKAjKXAhvzn55WNDzKWwEJKcUer4a3Z3i7KUmbRL2ihS 39xY+QDoBVyTgzHtmgn+3gos+gGzneEX1yzU9yZuICMmhOPt8AQc6WXVcqy/3MelKNrr ZqfJGn6bUhlezsILEN7ue9GVEYfi8cd05cbEQry6Pvy9/JnoXte1+bzIUQaOMVhOmCAJ gAhomx/J/D5f/TxQnF9AFEun/8l8OLMW0SATocL4dNShHG5QrAch37DnKSOqLmvyLCsL V0dyxV4+C/G/lYjAm/DX6o7BN5XPRr5/fYPeMWvilLy98rwE++PBE1hiPmuD82lHBkif H4pQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=b6Kr2cFg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h14si6639230edj.568.2020.09.05.10.18.01; Sat, 05 Sep 2020 10:18:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=b6Kr2cFg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728297AbgIERRG (ORCPT + 99 others); Sat, 5 Sep 2020 13:17:06 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:54906 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728042AbgIERRF (ORCPT ); Sat, 5 Sep 2020 13:17:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599326223; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OGH1OnR/QF8fAlfetLwGLNG+GGcP9kLctGj2h9MJIrs=; b=b6Kr2cFgV6Zpq3sqVqc6PGg1/2tIY8FjPbPSmcS9FSsAg6HRKGlwtV+X7wmX9+APCYeN3c b1If4skq9M8VTs4oVrVwKUem8rZMeJm1X+xKdhbnA/Y3U/9pbkYG8SXAC6zqiZTkGZ/mYY too/cyyuVW2/5rHi9Mo9fzpAf9SWc3E= Received: from mail-qv1-f72.google.com (mail-qv1-f72.google.com [209.85.219.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-173-0EfJSCIGOByPvkJqAHO3_w-1; Sat, 05 Sep 2020 13:17:00 -0400 X-MC-Unique: 0EfJSCIGOByPvkJqAHO3_w-1 Received: by mail-qv1-f72.google.com with SMTP id k14so1296917qvw.20 for ; Sat, 05 Sep 2020 10:16:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=OGH1OnR/QF8fAlfetLwGLNG+GGcP9kLctGj2h9MJIrs=; b=q7iA3O/NkqsmwByaP1LsUTJiNcjocLOT5saLPwHqKCdB1Epo56R9AW7hbSt4MDjiIB MzKjbsgeyxmuVpueVnoAoUbKmk6jn09vk1gB99gClFxa+Qstp0mdV13PjQPnTY8VCtQB BM4VPBMv25X01GBQLZTCwPr54YNyZ1HtJcR36v2pSde0hbW6QNgitv8zuj4iAqPUlWKZ 0zlMa8Oze2doWXDcg5x93cpTHY/HDfGIxBouLp9LEzysaQjDMLYIpXhhzIlZUqIxjAjE eQnd1UA2O7qkKXvOgI1XNIK3p3lUslPhN0s5RHN2YQSFaJNSsnzxJMfG8ugTPfRmiPJ9 bX6Q== X-Gm-Message-State: AOAM532GmWkdvUiRQuRC6QLM+6uSYXMGYFnpV3vDeHRR2vx2WpyXWDBB gwBV1+16iEN1Ogq9K0jJuM9LDTtYrrkwdmGCtx2W5uP12sGfZpEoK5i63M0PUVPAuag54mRmK0X d1uQTLu6SIVWXRTvDxHUjATpK X-Received: by 2002:a05:620a:63a:: with SMTP id 26mr12686357qkv.68.1599326219188; Sat, 05 Sep 2020 10:16:59 -0700 (PDT) X-Received: by 2002:a05:620a:63a:: with SMTP id 26mr12686338qkv.68.1599326218833; Sat, 05 Sep 2020 10:16:58 -0700 (PDT) Received: from trix.remote.csb (075-142-250-213.res.spectrum.com. [75.142.250.213]) by smtp.gmail.com with ESMTPSA id c7sm7024602qkd.92.2020.09.05.10.16.56 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 05 Sep 2020 10:16:58 -0700 (PDT) Subject: Re: [PATCH v1 00/12] Intel FPGA Security Manager Class Driver To: linux-kernel@vger.kernel.org, "linux-fpga@vger.kernel.org" References: <20200904235305.6254-1-russell.h.weight@intel.com> From: Tom Rix Message-ID: <4d554f31-1267-92cc-f717-00992144c41b@redhat.com> Date: Sat, 5 Sep 2020 10:16:55 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <20200904235305.6254-1-russell.h.weight@intel.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org resending. sorry for blowing past 80 chars. On 9/4/20 4:52 PM, Russ Weight wrote: > These patches depend on the patchset: "add regmap-spi-avmm & Intel > Max10 BMC chip support" which is currently under review. https://marc.info/?l=linux-kernel&m=159782274232229&w=2 regmap-spi-avmm is in linux-next. max10 is not. however applying it does not resolve resolve git am conflicts with yesterday's linux-next. I normally build the larger patchsets as a test. > > -------------------------------------------------- > > This patchset introduces the Intel Security Manager class driver > for managing secure updates on Intel FPGA Cards. It also provides > the n3000bmc-secure mfd sub-driver for the MAX10 BMC for the n3000 > Programmable Acceleration Cards (PAC). The n3000bmc-secure driver > is implemented using the Intel Security Manager class driver. > > The Intel Security Manager class driver provides a common API for > user-space tools to manage updates for Secure FPGA devices. Device > drivers that instantiate the Intel Security Manager class driver will > interact with the HW secure update engine in order to transfer > new FPGA and BMC images to FLASH so that they will be automatically > loaded when the FPGA card reboots. > > The API consists of sysfs nodes and supports the following functions: > > (1) Instantiate and monitor a secure update > (2) Display security information including: Root Entry Hashes (REH), > Cancelled Code Signing Keys (CSK), and flash update counts for > both BMC and FPGA images. > > Secure updates make use of the request_firmware framework, which > requires that image files are accessible under /lib/firmware. A request > for a secure update returns immediately, while the update itself > proceeds in the context of a kernel worker thread. Sysfs files provide > a means for monitoring the progress of a secure update and for > retrieving error information in the event of a failure. > > The n3000bmc-secure driver instantiates the Intel Security Manager > class driver and provides the callback functions required to support > secure updates on Intel n3000 PAC devices. This is a good description.  Because security manager is a new interface, there should be a Documentation/fpga/ifpga-sec-mgr.rst to collect this description. How will these devices be discovered ? n3000 is a dfl device, will there be a dfl feature id for it at some point ?  Can you describe if/how the security manager would live outside of dfl ?  I am wondering why this shouldn't be dfl-sec-mgr.  I did not see any version handling.  How would this sw adapt to a newer or older version of the bmc interface? Tom > > Russ Weight (12): > fpga: fpga security manager class driver > fpga: create intel max10 bmc security engine > fpga: expose max10 flash update counts in sysfs > fpga: expose max10 canceled keys in sysfs > fpga: enable secure updates > fpga: add max10 secure update functions > fpga: expose sec-mgr update status > fpga: expose sec-mgr update errors > fpga: expose sec-mgr update size > fpga: enable sec-mgr update cancel > fpga: expose hardware error info in sysfs > fpga: add max10 get_hw_errinfo callback func > > .../ABI/testing/sysfs-class-ifpga-sec-mgr | 151 ++++ > MAINTAINERS | 8 + > drivers/fpga/Kconfig | 20 + > drivers/fpga/Makefile | 6 + > drivers/fpga/ifpga-sec-mgr.c | 669 ++++++++++++++++++ > drivers/fpga/intel-m10-bmc-secure.c | 557 +++++++++++++++ > include/linux/fpga/ifpga-sec-mgr.h | 201 ++++++ > include/linux/mfd/intel-m10-bmc.h | 116 +++ > 8 files changed, 1728 insertions(+) > create mode 100644 Documentation/ABI/testing/sysfs-class-ifpga-sec-mgr > create mode 100644 drivers/fpga/ifpga-sec-mgr.c > create mode 100644 drivers/fpga/intel-m10-bmc-secure.c > create mode 100644 include/linux/fpga/ifpga-sec-mgr.h >