Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp872871rdb; Fri, 22 Dec 2023 07:31:14 -0800 (PST) X-Google-Smtp-Source: AGHT+IFSYe/5TTJJ0V7Q1sP95ScEL45DtZNX+/CYcaD4TrFUe8JYRoaDTSXG9myTvScBwVUp8tdq X-Received: by 2002:a05:6a20:1444:b0:195:4b8d:d9ba with SMTP id a4-20020a056a20144400b001954b8dd9bamr519306pzi.21.1703259073636; Fri, 22 Dec 2023 07:31:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703259073; cv=none; d=google.com; s=arc-20160816; b=vJYfu2z4bfw6K4anTz86BunoCqKoHI6LeKEdbj7q16TPzorLUpEm8qDazaHLR/+E7y O16OOtni34GZbKZ/xPYLAVqmqpA/F5cBVCAQIVIClx0/yfkAWavCZFbKrouFvWbMIXgN mlwz0WhoplYBpDmhILIxbKT/FrlxzfV65kR4XOEVrSoR5VVbdw05yF92qdGpwctYZ8fF B05UA2PXfz4EyxRTQ75l1g52vV7L8NfUFkQWN/8Ex/lzfv4BklzSC6dZduquKOy5Aef9 /fLUslKvr0/FlaFQQMgFQyG11NiQ14CMFp/JVtqegWdxA1CdBOpAeo7eBBbBGRVu9NIw DLmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=+rc/78LJaG7Y2zonr4KGMn+458pC515SBJ+9wtWAT1s=; fh=l7ZF83J6mUuhRKrx0QVO0alveFkegyZdpEUNgdaKQK8=; b=aO5lAB2LVJaf/5vjQtn4dT0rliSS8QanzGPy/dS6QP3/xyDRE/auKiTeoKSoju9kST llepXnFfmG7A0s06/bOZvxDJI33TUsFxR4yW1uwAEh6CYddUKy7Cd+4WWa4fVnGtVGZF Fn6VvGIqd6pRN3ppOyIZJ8CjwlemTJY+WF15lTe5/KuBzKZ91BUn3H2CrI7yHPmWffug Q3yEdHj0232wnBU5vEEpi1lPi1FIY8tXK0O7iYp0W7qFxOeTdBTN8piYM98xnGgnOx0N j5QkvhA6hPd1B4PH8FQO++VoD2vcS07vTY/TQKhgU8oDFAaNriVTrvc9LzOZWzdfdmMA 5l+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fiu2c4+D; spf=pass (google.com: domain of linux-kernel+bounces-9840-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9840-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id a13-20020a65418d000000b005cdc2cc9a1dsi3437223pgq.699.2023.12.22.07.31.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Dec 2023 07:31:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-9840-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fiu2c4+D; spf=pass (google.com: domain of linux-kernel+bounces-9840-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9840-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id ED76828598F for ; Fri, 22 Dec 2023 15:31:12 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 249662376E; Fri, 22 Dec 2023 15:31:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fiu2c4+D" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 557682374E; Fri, 22 Dec 2023 15:31:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DDFC0C433C9; Fri, 22 Dec 2023 15:30:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1703259061; bh=23ZSgydLBjVaFt3Yh6iH3wKTYlOFVd0dReO3P9a3WPI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=fiu2c4+DyXf9b4Jvi8L/cb8nKSCRMRBJMm/YgnQxeu47HYF15yOKuH3i5ohYQva3D 3jAcIppjekZ7hTzmyUlB05Y7iNry4mn13lE3Z104W0YhKVBgN6QjvlTJrwSh/gEYnn 2SnfbD2v6nystt5+rl2VKxIcDAUj1ztMm97mMi+PCi55crmseZPPXwwxTFMobob4SS k4hUhJ+sHeADAZW9PTPltqZd0FWa22IYUgAYGv/x1MD3SWtN90KoL6oBNCF5qFlTZH m5Jk6mwczAunaSanA2wOnLc7kkKl8bvB2Eex4rxSYmRI7uQDB0yOXiebj69/aNjAtE N3Zmczbr6MXNg== Date: Fri, 22 Dec 2023 15:30:55 +0000 From: Conor Dooley To: Krzysztof Kozlowski Cc: "Manne, Nava kishore" , "mdf@kernel.org" , "hao.wu@intel.com" , "yilun.xu@intel.com" , "trix@redhat.com" , "robh+dt@kernel.org" , "krzysztof.kozlowski+dt@linaro.org" , "conor+dt@kernel.org" , "Simek, Michal" , "mathieu.poirier@linaro.org" , "Levinsky, Ben" , "Potthuri, Sai Krishna" , "Shah, Tanmay" , "dhaval.r.shah@amd.com" , "arnd@arndb.de" , "Datta, Shubhrajyoti" , "linux-fpga@vger.kernel.org" , "devicetree@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" Subject: Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading Message-ID: <20231222-unisexual-construct-573e79a488c9@spud> References: <20231122054404.3764288-1-nava.kishore.manne@amd.com> <20231122054404.3764288-2-nava.kishore.manne@amd.com> <20231122-exert-gleeful-e4476851c489@spud> <20231124-tweezers-slug-0349a2188802@spud> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="XAy0YcFeJXVfbE74" Content-Disposition: inline In-Reply-To: --XAy0YcFeJXVfbE74 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 24, 2023 at 04:46:06PM +0100, Krzysztof Kozlowski wrote: > On 24/11/2023 13:48, Conor Dooley wrote: > > On Fri, Nov 24, 2023 at 06:35:19AM +0000, Manne, Nava kishore wrote: > >> Hi Conor, > >> > >> Thanks for providing the review comments. > >> Please find my response inline. > >> > >>> -----Original Message----- > >>> From: Conor Dooley > >>> Sent: Wednesday, November 22, 2023 10:21 PM > >>> To: Manne, Nava kishore > >>> Cc: mdf@kernel.org; hao.wu@intel.com; yilun.xu@intel.com; > >>> trix@redhat.com; robh+dt@kernel.org; krzysztof.kozlowski+dt@linaro.or= g; > >>> conor+dt@kernel.org; Simek, Michal ; > >>> mathieu.poirier@linaro.org; Levinsky, Ben ; > >>> Potthuri, Sai Krishna ; Shah, Tanmay > >>> ; dhaval.r.shah@amd.com; arnd@arndb.de; > >>> Datta, Shubhrajyoti ; linux- > >>> fpga@vger.kernel.org; devicetree@vger.kernel.org; linux- > >>> kernel@vger.kernel.org; linux-arm-kernel@lists.infradead.org > >>> Subject: Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-= key > >>> encrypted bitstream loading > >>> > >>> On Wed, Nov 22, 2023 at 11:14:02AM +0530, Nava kishore Manne wrote: > >>>> Adds =E2=80=98encrypted-key-name=E2=80=99 property to support user-k= ey encrypted > >>>> bitstream loading use case. > >>>> > >>>> Signed-off-by: Nava kishore Manne > >>>> --- > >>>> .../devicetree/bindings/fpga/fpga-region.txt | 32 > >>>> +++++++++++++++++++ > >>> > >>> Is there a reason that this has not yet been converted to yaml? > >>> > >> I am not sure about the complication involved here why it's not conver= ted to yaml format. > >> Due to time constraints, I couldn=E2=80=99t spend much time so I have = used this existing legacy format > >> to add my changes. > >> > >>>> 1 file changed, 32 insertions(+) > >>>> > >>>> diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt > >>>> b/Documentation/devicetree/bindings/fpga/fpga-region.txt > >>>> index 528df8a0e6d8..309334558b3f 100644 > >>>> --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt > >>>> +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt > >>>> @@ -177,6 +177,9 @@ Optional properties: > >>>> it indicates that the FPGA has already been programmed with this > >>> image. > >>>> If this property is in an overlay targeting an FPGA region, it is a > >>>> request to program the FPGA with that image. > >>>> +- encrypted-key-name : should contain the name of an encrypted key = file > >>> located > >>>> + on the firmware search path. It will be used to decrypt the FPGA > >>> image > >>>> + file with user-key. > >>> > >>> I might be misreading things, but your driver code seems to assume th= at this > >>> is an aes key. Nothing here seems to document that this is supposed t= o be a > >>> key of a particular type. > >>> > >> > >> Yes, these changes are intended to add the support for Aes user-key en= crypted bitstream loading use case. > >> Will fix it in v2, something like below. > >> aes-key-file-name : Should contain the AES key file name on the firmwa= re search path. > >> The key file contains the AES key and it will be used to decry= pt the FPGA image. > >=20 > > Then when someone comes along looking for a different type of encryption > > we will end up with national-pride-foo-file-name etc. I think I'd rather > > have a second property that notes what type of cipher is being used and > > if that property is not present default to AES. >=20 > I wonder why does it need to be in DT in the first place? Why it cannot > be appended to the FPGA binary image itself? Which also points to > dubious security aspect of this approach... Shipping FPGA encrypted > image with its decryption key sounds like marvelous idea. >=20 > Even if this is suitable, why not using more arguments of firmware-name? > This would scale even for multiple FPGA firmwares with different keys > (although such need seems unlikely). In case it is not clear (given the month's delay here), this question is for the submitter of the series to answer, not me. Cheers, Conor. --XAy0YcFeJXVfbE74 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQRh246EGq/8RLhDjO14tDGHoIJi0gUCZYWrrwAKCRB4tDGHoIJi 0iV4AQCOA/sumQaZWvBIwXh31tq8aPk1uVs5Vun98uUmt3fpDQD/SdpxFirYLQdV vk6FO14J53pFjO9lA0nJNFRM6Pju1Qo= =7XH3 -----END PGP SIGNATURE----- --XAy0YcFeJXVfbE74--