Received: by 2002:a05:7412:e79e:b0:f3:1519:9f41 with SMTP id o30csp38366rdd; Wed, 22 Nov 2023 08:51:56 -0800 (PST) X-Google-Smtp-Source: AGHT+IF/+ykkVQr2vyJAvry9XIJnjFL46MRyKqU0xST9nqR4IUTHnskuwcRuFj0NztR220APA4z7 X-Received: by 2002:a54:4386:0:b0:3ab:38b0:8b84 with SMTP id u6-20020a544386000000b003ab38b08b84mr2868081oiv.17.1700671916215; Wed, 22 Nov 2023 08:51:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700671916; cv=none; d=google.com; s=arc-20160816; b=ilLdWWJPr8TJZtKc7RQSEIWiroAC3AQmUTyA7OjMcGbzjMK/6SnbPXujVv4O2c8rXr 0mX3QuhdMfw+bWBP1vDUDBX4Z12EnRs7tubqFbAUe2R/7HAHeb1+qf79KeMWGEaxBgRo rY8HQtdcHlg+fzX4PVaWJ9CXnXRUv0rpiZo8a1vesIXZfCAm4/meWDxqL+ePlfsSHtyP BIjR6LZ9rB2jawwWF5ezsa1byXGExqXqitvXW+oA12U91dv11pm+rSlO8n4/ZWXD/5PE 7jRL1MV8fbugzyOHQrUMy4frNjYPxUP5q0xomFteupwXh/w0ZM2jyKfLzA35kgFkRdBz Wvkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=XCCdyRNYDxR4txljeT5+YsEI2UCSY0lNyC/xUx8ZiF0=; fh=JavODWSfl2lFV0H9f7OrnwSadBukwDuEtc3/N5SodrU=; b=gopbjzXAkYKumTsWJulebyWwRRlgB2HO5Y2w9nHpZNtB5XF13+6csRi7MWxegkRzN4 mFU6ErcW6dtXPTPLiY7zua6iVlty+mFiT73eU4NjzHnr4y/PD9xGSj+BGj/0OnA76fsG 6cwM4AwaYbzdM32FO8hgwj4vaFQgnnViRyWtEfesMcT9SWcN95miDgyk+3Fv2QttUooZ KtG4nAEsFhmLmtE/pobj0b5cNZIuljwyeQZn0i19sj7SoY34Udsv9PLT3hYAIu7HRj5W z3s6c2Mmwn6PlMFYaroPGQfGkvpxfYGwsvDDjqCFTLBKn0v7YeUi8hFIsPkej8/zPWcW MCoA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=eO3sCieP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id b16-20020a63cf50000000b005b7160263f2si13128965pgj.154.2023.11.22.08.51.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 08:51:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=eO3sCieP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 952D180ABB3D; Wed, 22 Nov 2023 08:51:02 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231683AbjKVQuv (ORCPT + 99 others); Wed, 22 Nov 2023 11:50:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43386 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231429AbjKVQus (ORCPT ); Wed, 22 Nov 2023 11:50:48 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7E39197 for ; Wed, 22 Nov 2023 08:50:44 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 84E08C433C7; Wed, 22 Nov 2023 16:50:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700671844; bh=Gy6ICgLvnTaxWqv9MeYnCJN9AaV4Dv5/UPWRNSFp3n8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=eO3sCiePyO9mju04v/x+bzylbjrmjfLSXFi24QPC7IrjsqVwpV345L93YY432JMAY 4uUghDamU1fVxyA8H7hZowYS5tX2tm3CuVFdUh0AHKLs7oJeHO1pYVsAA6B59l8Fbb 6VItSWg2kYQfm/gj4CHChRNtiWDr1geCJ3irm1Ag/gNeysgcYxvOO5PK9rPtKXjMmS LG7vfpuC9lwQQWv3uy6pk7gecJkI8sStxZWpXyaYwzXIvPaLEI0ZOvpQX8CI1g0NIi /VDKiflfgrmZM5Ufwn3KRAZec9J1OQE/dPpiyRrpp32w1/egGH1cLQanEsJTbJp5k+ Z9AQdxDV0XPaQ== Date: Wed, 22 Nov 2023 16:50:37 +0000 From: Conor Dooley To: Nava kishore Manne Cc: mdf@kernel.org, hao.wu@intel.com, yilun.xu@intel.com, trix@redhat.com, robh+dt@kernel.org, krzysztof.kozlowski+dt@linaro.org, conor+dt@kernel.org, michal.simek@amd.com, mathieu.poirier@linaro.org, ben.levinsky@amd.com, sai.krishna.potthuri@amd.com, tanmay.shah@amd.com, dhaval.r.shah@amd.com, arnd@arndb.de, shubhrajyoti.datta@amd.com, linux-fpga@vger.kernel.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org Subject: Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading Message-ID: <20231122-exert-gleeful-e4476851c489@spud> References: <20231122054404.3764288-1-nava.kishore.manne@amd.com> <20231122054404.3764288-2-nava.kishore.manne@amd.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="fQgRGi9CRaM/leib" Content-Disposition: inline In-Reply-To: <20231122054404.3764288-2-nava.kishore.manne@amd.com> X-Spam-Status: No, score=-1.3 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Wed, 22 Nov 2023 08:51:02 -0800 (PST) --fQgRGi9CRaM/leib Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 22, 2023 at 11:14:02AM +0530, Nava kishore Manne wrote: > Adds =E2=80=98encrypted-key-name=E2=80=99 property to support user-key en= crypted > bitstream loading use case. >=20 > Signed-off-by: Nava kishore Manne > --- > .../devicetree/bindings/fpga/fpga-region.txt | 32 +++++++++++++++++++ Is there a reason that this has not yet been converted to yaml? > 1 file changed, 32 insertions(+) >=20 > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Doc= umentation/devicetree/bindings/fpga/fpga-region.txt > index 528df8a0e6d8..309334558b3f 100644 > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt > @@ -177,6 +177,9 @@ Optional properties: > it indicates that the FPGA has already been programmed with this image. > If this property is in an overlay targeting an FPGA region, it is a > request to program the FPGA with that image. > +- encrypted-key-name : should contain the name of an encrypted key file = located > + on the firmware search path. It will be used to decrypt the FPGA image > + file with user-key. I might be misreading things, but your driver code seems to assume that this is an aes key. Nothing here seems to document that this is supposed to be a key of a particular type. Cheers, Conor. > - fpga-bridges : should contain a list of phandles to FPGA Bridges that = must be > controlled during FPGA programming along with the parent FPGA bridge. > This property is optional if the FPGA Manager handles the bridges. > @@ -459,6 +462,35 @@ programming is the FPGA based bridge of fpga_region1. > }; > }; > =20 > +Device Tree Example: Configure/Reconfigure Encrypted Image With User Key > +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > + > +Users can encrypt FPGA configuration Images with their own key. While de= crypting > +the configuration Image the user needs to provide the same key. > +"encrypted-key-name" Specifies the name of the FPGA image encrypted key = file on > +the firmware search path. The search path is described in the firmware c= lass > +documentation. > + > +/dts-v1/; > +/plugin/; > + > +&fpga_region0 { > + #address-cells =3D <1>; > + #size-cells =3D <1>; > + > + firmware-name =3D "soc_image2.rbf"; > + encrypted-key-name =3D "key.nky"; > + > + gpio@10040 { > + compatible =3D "altr,pio-1.0"; > + reg =3D <0x10040 0x20>; > + clocks =3D <0x2>; > + altr,ngpio =3D <0x4>; > + #gpio-cells =3D <0x2>; > + gpio-controller; > + }; > +}; > + > Constraints > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =20 > --=20 > 2.25.1 >=20 --fQgRGi9CRaM/leib Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQRh246EGq/8RLhDjO14tDGHoIJi0gUCZV4xXQAKCRB4tDGHoIJi 0loFAP9yglWDOnl90C+JIFNKoS8fMwEsVxZA1KeM+gtNfT8IBAEAjdZP9R4ySbJQ anmnejBPkAFFim8ousuPXHi+3dEazAM= =4Jh2 -----END PGP SIGNATURE----- --fQgRGi9CRaM/leib--