Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp3822248pxb; Tue, 26 Jan 2021 05:49:48 -0800 (PST) X-Google-Smtp-Source: ABdhPJz2pXsxCNlapkthinf4Rw8RiENK6seNyDiZPp3eci8GufElnr5iayIul194p09WMWfKfMO5 X-Received: by 2002:a17:906:b74f:: with SMTP id fx15mr3402873ejb.257.1611668988189; Tue, 26 Jan 2021 05:49:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611668988; cv=none; d=google.com; s=arc-20160816; b=RsJ8HIHTv38gfwMYNa2DX4YIjFQ+7U7LmIrH0zcvbVIozCdFkwEjADue0qILFGJdH0 8pw6B9yc7lEKfpGx5r4DP9yECK5PdiR7YoVT0uOga6KV3aW3E6Gjvv+GGJIU6uJlDrm8 v/MyflzmjM5+ZHZZw2+NQq6wockKdLF9xUi9VXiW4Dq/16blLdVyB4ZTwpIO6EBz/Bh3 dpC+snvSfifL5ortf/jXXvYeR7BTwKQzOK1NeGtqNKUnNzdW2VkFl1gc+FtTbWoQQ9FI 39mqjblt/xNOAiK+AyRTGJF8we2X6iURBpxRoDICaqqka6gKf9CA5rFYFlFFFmTP3Q7E d+Cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=DcuBV4F+uV8Y9Gqb8SUaGhAAycFT0JO8njOvzxxSCv8=; b=u0Ss6I6GfaIXYrGdw8GrWmY6xu7Do5xy2B33/P25i2IMv1vsOPUcHHlD/3OQnxGavk bQhIR3Y1u3ysdD9BeLRMZgIyEQSspxqR1/Klm4xS1Sr7oBkYy+VfJ5CM9idd7sqx8Avp VQALYQOL6Vf7uKveK/F9jUsXnAOVjAzlM47JWgD++7rpJf+2fzLY7eL1UNAg691mTE7X +uy0tl6Bj8lzPYApUwuGVRnC5r8Jgoc8WzaXHo7+7aKs43vZGAJ8nwSDACEdXgkknRij e09TGKK6ymodnoa/XxU+iavOh/bySxSXMGmxoVTi/0GQtwIgXM3XF9vKjvfMKj+H6Ckz g5JA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q8si5734921edw.344.2021.01.26.05.49.22; Tue, 26 Jan 2021 05:49:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2404748AbhAZNov (ORCPT + 99 others); Tue, 26 Jan 2021 08:44:51 -0500 Received: from mga01.intel.com ([192.55.52.88]:33260 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2405243AbhAZNol (ORCPT ); Tue, 26 Jan 2021 08:44:41 -0500 IronPort-SDR: nyj/eVyxZKECFe1XJ8NkTsOk6EE/NnRv2h7b7Vt9alCvOP7x1RZ8KM0G/fCZIQY+DD+8rhDm8u F3nhqmq3COMw== X-IronPort-AV: E=McAfee;i="6000,8403,9875"; a="198689176" X-IronPort-AV: E=Sophos;i="5.79,375,1602572400"; d="scan'208";a="198689176" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jan 2021 05:42:54 -0800 IronPort-SDR: z5HKJiY8UqzEy591AFqdOKmfurt0K0FiY4UyqrhraP4QPIWXdbbJXqlZ+agW+raRY9ZgYyel4I vDaZtVL0XwbQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.79,375,1602572400"; d="scan'208";a="356726394" Received: from marshy.an.intel.com (HELO [10.122.105.143]) ([10.122.105.143]) by orsmga006.jf.intel.com with ESMTP; 26 Jan 2021 05:42:54 -0800 Subject: Re: [PATCHv3 4/6] fpga: of-fpga-region: add authenticate-fpga-config property To: Moritz Fischer Cc: trix@redhat.com, gregkh@linuxfoundation.org, linux-fpga@vger.kernel.org, linux-kernel@vger.kernel.org, dinguyen@kernel.org, sridhar.rajagopal@intel.com, Richard Gong References: <1611608188-25621-1-git-send-email-richard.gong@linux.intel.com> <1611608188-25621-5-git-send-email-richard.gong@linux.intel.com> From: Richard Gong Message-ID: Date: Tue, 26 Jan 2021 08:03:40 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Moritz, On 1/25/21 11:10 PM, Moritz Fischer wrote: > On Mon, Jan 25, 2021 at 02:56:26PM -0600, richard.gong@linux.intel.com wrote: >> From: Richard Gong >> >> Add authenticate-fpga-config property to support FPGA bitstream >> authentication, which makes sure a signed bitstream has valid signatures. >> >> Signed-off-by: Richard Gong >> --- >> v3: no change >> v2: changed in alphabetical order >> --- >> drivers/fpga/of-fpga-region.c | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c >> index e405309..3840883 100644 >> --- a/drivers/fpga/of-fpga-region.c >> +++ b/drivers/fpga/of-fpga-region.c >> @@ -219,6 +219,9 @@ static struct fpga_image_info *of_fpga_region_parse_ov( >> info->overlay = overlay; >> >> /* Read FPGA region properties from the overlay */ >> + if (of_property_read_bool(overlay, "authenticate-fpga-config")) >> + info->flags |= FPGA_MGR_BITSTREM_AUTHENTICATION; >> + > Should you check here that no new nodes are being added as you *only* > authenticate? Sure, I will add additional checks in next submission. > >> if (of_property_read_bool(overlay, "partial-fpga-config")) >> info->flags |= FPGA_MGR_PARTIAL_RECONFIG; >> >> -- >> 2.7.4 >> > > Thanks, > Moritz > Regards, Richard