Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp510074pxb; Wed, 18 Nov 2020 09:58:23 -0800 (PST) X-Google-Smtp-Source: ABdhPJzEmVROK4XoiJAaToD9gl4mWTFx04nc4dI8xPruzFlus7Rn/C/xvXZz8GEdBTaRF0P96iD0 X-Received: by 2002:a05:6402:3105:: with SMTP id dc5mr25918409edb.38.1605722303338; Wed, 18 Nov 2020 09:58:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605722303; cv=none; d=google.com; s=arc-20160816; b=zS7k9C9znFZhKp5GvQsmqz/iZFo6543wyiC4+CAdNIDo/bCqYcM4AfTHcFgYMHxCJn xcAq9ccA+Rk70/GZzD3BNYBLv+tFDk0JEaZ9DabdMN2CPk04/5hf0JHwbH06Xn3lOSyU Ay29z4/l9kAZBvZfcddKt3/+e+fyRpbymHiRJx3imqjMwDt0SlbwA8VvMztfczc2BHwp w5blAmZWwGxKNnTXBE8qjVboawrqBGY6xwsRadAzZdaRx7t3svHRxxUtTJFa/ElEOZsg GOXBpcNVM7sQXlqJWX2NJE6ao+3F31ToweZpOu+wRiXvaD4jkCTM9HjjWSRBZ8/uf9AJ ZrkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:references:cc :to:subject:from:ironport-sdr:ironport-sdr; bh=+U4INau88StlP7AJooVwkEqfiliMDYhaW97ikyPkkuc=; b=ryy1Z1t4heCqfZ/OgI/ezfvicsmLkDkLDkP3xuZH0wniIDiZfOoAOsq7OQ+vDXz8XG 2UA1ZclUMgcfloEA4anvlJpbMC1NfriqRpj0wndTrVJsZpD+kLyCGyugFqQCb4daXp/n JoNbWAJX6kxIYck7F1CY0aj2e7XDuvZdSfyb2M6HeIEECrDjo99GHX2UjCvhqfg2M7ww d6nWVvmjZufhPCPk1E/bVPN0hEYHqN6PymB9ALynH01NLFk+RM2nxaydDvPCQTzB6QcT +HmROCFj164Fu01sTtvbmhVhVBY5WHaRmC4Yd/1e8jpB8LicboT+1O9OIfxcJvqQgzX3 PtSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u19si3326376ejf.121.2020.11.18.09.58.00; Wed, 18 Nov 2020 09:58:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726306AbgKRRzM (ORCPT + 99 others); Wed, 18 Nov 2020 12:55:12 -0500 Received: from mga11.intel.com ([192.55.52.93]:54544 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725822AbgKRRzM (ORCPT ); Wed, 18 Nov 2020 12:55:12 -0500 IronPort-SDR: 7Mv/Yn38UvRQ8KRG396fpP7R4DkN07DavvwHQDdyYFMjD/XbPfpo9qkINUymEGekIK1ZI+d9RH 0mxx7zVRG9BQ== X-IronPort-AV: E=McAfee;i="6000,8403,9809"; a="167647891" X-IronPort-AV: E=Sophos;i="5.77,488,1596524400"; d="scan'208";a="167647891" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Nov 2020 09:55:11 -0800 IronPort-SDR: A5VeSJnIRUs3Iu1CA37zWlEeXwPm7btFNbSL2hyrERlSDqHvOhGgOFIcVjqVGXWaR8Z53gxktI vJrGhFwbuA6g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,488,1596524400"; d="scan'208";a="532816133" Received: from marshy.an.intel.com (HELO [10.122.105.143]) ([10.122.105.143]) by fmsmga006.fm.intel.com with ESMTP; 18 Nov 2020 09:55:10 -0800 From: Richard Gong Subject: Re: [PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag To: Moritz Fischer Cc: gregkh@linuxfoundation.org, trix@redhat.com, linux-fpga@vger.kernel.org, linux-kernel@vger.kernel.org, dinguyen@kernel.org, sridhar.rajagopal@intel.com, richard.gong@intel.com References: <1605709753-7800-1-git-send-email-richard.gong@linux.intel.com> <1605709753-7800-2-git-send-email-richard.gong@linux.intel.com> Message-ID: Date: Wed, 18 Nov 2020 12:16:09 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Moritz, On 11/18/20 9:30 AM, Moritz Fischer wrote: > On Wed, Nov 18, 2020 at 08:29:09AM -0600, richard.gong@linux.intel.com wrote: >> From: Richard Gong >> >> Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream >> authentication feature. Authenticating a bistream is to make sure a signed >> bitstream has the valid signatures. >> >> Except for the actual configuration of the device, the bitstream >> authentication works the same way as FPGA configuration does. If the >> authentication passes, the signed bitstream will be programmed into QSPI >> flash memory and will be expected to boot without issues. >> >> Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which >> aligns with the firmware settings. > > Should this be down with the v2: ? I think the commit message should describe all the changes made in the patch, is it? >> >> Signed-off-by: Richard Gong >> --- >> v2: new added >> --- >> include/linux/firmware/intel/stratix10-svc-client.h | 11 ++++++++--- >> 1 file changed, 8 insertions(+), 3 deletions(-) >> >> diff --git a/include/linux/firmware/intel/stratix10-svc-client.h b/include/linux/firmware/intel/stratix10-svc-client.h >> index a93d859..85463c8 100644 >> --- a/include/linux/firmware/intel/stratix10-svc-client.h >> +++ b/include/linux/firmware/intel/stratix10-svc-client.h >> @@ -51,12 +51,17 @@ >> #define SVC_STATUS_NO_SUPPORT 6 >> >> /** >> - * Flag bit for COMMAND_RECONFIG >> + * Flag bit for COMMAND_RECONFIG, in bit number >> * >> * COMMAND_RECONFIG_FLAG_PARTIAL: >> - * Set to FPGA configuration type (full or partial). >> + * Set for partial FPGA configuration. >> + * >> + * COMMAND_AUTHENTICATE_BITSTREAM: >> + * Set for bitstream authentication, which makes sure a signed bitstream >> + * has valid signatures before committing it to QSPI flash memory. >> */ >> -#define COMMAND_RECONFIG_FLAG_PARTIAL 1 >> +#define COMMAND_RECONFIG_FLAG_PARTIAL 0 >> +#define COMMAND_AUTHENTICATE_BITSTREAM 1 > > Can you explain how this commit by itself doesn't break things? > > Before this change firmware expected BIT(0) to be set for partial > reconfiguration, now BIT(0) suddenly means authentication? How doest his > work? :) > > Was there a firmware version change? Did this never work before? > > If this is version depenedent for firmware, then this might need a > different compatible string / id / some form of probing? > > Entirely possible that I'm missing something, but it doesn't *seem* > right. >> It did work before. Before this change, firmware only checks if the received flag value is zero. If the value is zero, it preforms full reconfiguration. Otherwise it does partial reconfiguration. To support bitstream authentication feature, firmware is updated to check the received flag value as below: 0 --- full reconfiguration BIT(0) --- partial reconfiguration BIT(1) --- bitstream authentication Therefore I have updated the command flag setting at Intel service layer driver to align with firmware. Regards, Richard >> /** >> * Timeout settings for service clients: >> -- >> 2.7.4 >> > > Cheers, > Moritz >