Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp925679pxb; Tue, 9 Feb 2021 16:56:00 -0800 (PST) X-Google-Smtp-Source: ABdhPJzTdx6QEWTyEQPWaE/urSvATW7abscqqmrTD5j5ZN5daR2o0lNBOsPT4Lkmcj89n/HW58na X-Received: by 2002:a17:906:b351:: with SMTP id cd17mr431327ejb.110.1612918560141; Tue, 09 Feb 2021 16:56:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612918560; cv=none; d=google.com; s=arc-20160816; b=xOq5cdyPpk/JSjwVdHDrdaD8lASDeP9MQ3QT6YBx5fEhBPOkC8djohPAr1pgnJoUOZ 2yrcbieATs4DuXX9jltcLR9chxExay0z3gZRqk/E+SzLDsx6F8Jn2ASrBwXI7JvI3vwV iO4BQr4NJZk+dX+Oc1f71+L9iYtU+azDNbDfmdh7SXvn3OEJQCcUZl/w78PvPUOgGtew ee86reVzcGLpCwPjRZbvLq7eLRMMxYNytwUObqSYGQ6Bbw0gsSOJi0FYFScNg5/JJ0Bv WURntJoL5uLIcU1dqwIKPOi46VlAtCszgih+c5ek8ACOPwSKZ8Bi7EsP9rmxe4fUZM+2 Cvtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:ironport-sdr:ironport-sdr; bh=T+NPNylAcTG/X3aOeT80Pg8AwG/Zvz2uuV7jORUHVg8=; b=x3/cOtmxb8SlfaQKQIyQdvAzvNXx7brLuf/5WP9Qpb/s7RjiSp7RsfnJ0hb4C0MG6B eBS4yIjj6em+Tbb8iGIBsa08XjnwSUmEFVn8Nvcd6PiXJKDgNpbHes2hNXdNC/rpW2Y0 7X+iRohUBrZ/KqlChWcVS6y3GqR8WFfMAGQtG6UiGZqI/7ASmWW2v+bf7KhVSQloeF5R 5am+8uzCKcNhV/38x34EEIyi8WrqSMIi7nhrRbRCTuRLagZtEzG7KnW7t/Lgt07CG5Uu EzSD+DoWSMQ0e4STQ61h0NIQI1+yFu+/idjEtnSq9oJleHrDI16KGb50z5NjautFyRUV PFJA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id hh14si209816ejb.457.2021.02.09.16.55.37; Tue, 09 Feb 2021 16:56:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234604AbhBJAwl (ORCPT + 99 others); Tue, 9 Feb 2021 19:52:41 -0500 Received: from mga01.intel.com ([192.55.52.88]:21364 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233737AbhBIWJ0 (ORCPT ); Tue, 9 Feb 2021 17:09:26 -0500 IronPort-SDR: zOC2gByhckXfAN970mQlEB0lr+mUCPyKi1AC02KJThAb5CnnrBO230OWKoXc7jakRq5SyvuYW9 mJLeetX0nAJg== X-IronPort-AV: E=McAfee;i="6000,8403,9890"; a="201058923" X-IronPort-AV: E=Sophos;i="5.81,166,1610438400"; d="scan'208";a="201058923" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Feb 2021 14:02:11 -0800 IronPort-SDR: M2rElMlbAcnOjRx8vKa3mMp9M8g8G37n1wv0etn1DbgCW36x5mzm/fHFBFGyHjBUW3In1Thr40 9ZXP6N9ZvBOQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.81,166,1610438400"; d="scan'208";a="361959982" Received: from marshy.an.intel.com ([10.122.105.143]) by orsmga006.jf.intel.com with ESMTP; 09 Feb 2021 14:02:11 -0800 From: richard.gong@linux.intel.com To: mdf@kernel.org, trix@redhat.com, gregkh@linuxfoundation.org, linux-fpga@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Richard Gong Subject: [PATCHv5 6/7] dt-bindings: fpga: add authenticate-fpga-config property Date: Tue, 9 Feb 2021 16:20:32 -0600 Message-Id: <1612909233-13867-7-git-send-email-richard.gong@linux.intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1612909233-13867-1-git-send-email-richard.gong@linux.intel.com> References: <1612909233-13867-1-git-send-email-richard.gong@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Richard Gong Add authenticate-fpga-config property for FPGA bitstream authentication, which makes sure a signed bitstream has valid signatures. Signed-off-by: Richard Gong --- v5: rewrite the description to highlight two things with authenticate-fpga-config flag v4: explain authenticate-fpga-config flag further v3: no change v2: put authenticate-fpga-config above partial-fpga-config update commit messages --- Documentation/devicetree/bindings/fpga/fpga-region.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt index e811cf8..dca0e37 100644 --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt @@ -182,6 +182,16 @@ Optional properties: This property is optional if the FPGA Manager handles the bridges. If the fpga-region is the child of a fpga-bridge, the list should not contain the parent bridge. +- authenticate-fpga-config : boolean, set if do bitstream authentication only. + If 'authenticate-fpga-config' is added then adding a new node or another + operation is not allowed. + Flag authenticate-fpga-config is used to check the integrity of the + bitstream. + Except for the actual configuration of the device, the authentication + works in the same way as FPGA configuration. If the authentication passes, + other operations such as full or partial reconfiguration can be performed. + When the bitstream into QSPI flash memory at device is programmed, it is + expected that there will be no issue when starting the device. - partial-fpga-config : boolean, set if partial reconfiguration is to be done, otherwise full reconfiguration is done. - external-fpga-config : boolean, set if the FPGA has already been configured -- 2.7.4