Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp430797pxa; Tue, 11 Aug 2020 06:42:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw7GkF9mS4zf/jWptnWq4i939vDBpY72a6Cnzy+vl0X5KMLfbv11wKCYupVCFG00A9ICjz1 X-Received: by 2002:a17:906:7104:: with SMTP id x4mr27770233ejj.417.1597153370656; Tue, 11 Aug 2020 06:42:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597153370; cv=none; d=google.com; s=arc-20160816; b=xX0F23OaJ4Ee0YOHc+AHakC14Kd0+8JwwVW3smYR0rCOTg0FZdig/yKIr6EMmc/vrR H9Zf5MCDlEpJlvKCsrv7OOr8ZYXOy6aG9oSL2VuQoFihOTpVzYrfry/7yC9xQpAID7nh lkLOr8RAPuM2AV5jiPlABPwJCkKvYaJrJaRL/i1JQz4pssDwuWlmN/U3rY4NpYly0Jex +O3bPkZJ/UFGA+4x8VPwQdvi5QTMIRTQPyREELCuIzBBhe1YQnA4c2SCImenjrmISkgg jBwuhNKc/HJrMzHE9LVexByBcw4gGo1AQnChfdebZKHG6tk2mXRBUqcYncMYLgvVKB++ 13UA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=bDDdUGPvtzozfYRgOpe74OHQoye3mg5M7ZI+7EFzyAA=; b=aHJHe6dxydwfexk1IkQTnM7ez+wPcdnnrXYBOKS7tbDAEagMSbMXs3urTsJKGQ4ReG J/3B+XFad0AJEG4yYKE3vLzfoCw5NE8VKyp18ibrgYwB2F9EPJMSaDq04ej1DYy3csyF DlWz+z0zslq4VLeeOgijdMDuHdAByzJbAiseYI8KU9yEeU9u7Rem14DKqx70IhgITxgO nXqN4s7envvfHnDJixMAJoNRLUYo7UTIB37VtgGe01Pk5V2GoyBladNsgQrhD9PS85IK 9c/F7ycYZoYQSK2TCOG3J5A2WPoAvFA23XR0ztqp2GVohXWQl1Lxw6/YJHxOhaQ1Pr8S mhsw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p3si12590959edr.352.2020.08.11.06.42.16; Tue, 11 Aug 2020 06:42:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728550AbgHKNmH (ORCPT + 99 others); Tue, 11 Aug 2020 09:42:07 -0400 Received: from mga03.intel.com ([134.134.136.65]:57763 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728516AbgHKNmH (ORCPT ); Tue, 11 Aug 2020 09:42:07 -0400 IronPort-SDR: Y11Yc7pNhBGKsxSlnnnnXKTUqnG/KHhEoMWsAFDaizpQWRoX6LHPMfYCSZwAGJSzfASUyoE8b3 XgvMpPb03LoQ== X-IronPort-AV: E=McAfee;i="6000,8403,9709"; a="153705350" X-IronPort-AV: E=Sophos;i="5.75,461,1589266800"; d="scan'208";a="153705350" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Aug 2020 06:42:06 -0700 IronPort-SDR: nyPLAC8Y2gUJePBr9q89mD3hWjPd2t6n+2/9jm2tASx+VAWfg5XPRL3c1/babEAYSEajSWYC0e JQo/MHRgEH9Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,461,1589266800"; d="scan'208";a="495150631" Received: from marshy.an.intel.com ([10.122.105.159]) by fmsmga005.fm.intel.com with ESMTP; 11 Aug 2020 06:42:05 -0700 From: richard.gong@linux.intel.com To: herbert@gondor.apana.org.au, davem@davemloft.net, gregkh@linuxfoundation.org Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, dinguyen@kernel.org, richard.gong@intel.com Subject: [PATCHv1 0/2] add Intel SoCFPGA crypto service driver Date: Tue, 11 Aug 2020 08:56:20 -0500 Message-Id: <1597154182-26970-1-git-send-email-richard.gong@linux.intel.com> X-Mailer: git-send-email 2.7.4 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Richard Gong I followed the process to register or request a valid IOCTL number/letter, but I got the delivery failure status notification. Cypto service driver and service layer driver patches have been reviewed internally by colleagues at Intel. Intel SoCFPGA is composed of a 64 bit quad-core ARM Cortex A53 hard processor system (HPS) and Secure Device Manager (SDM). SDM is the hardware which does the FPGA configuration, QSPI, remote system update, crypto and warm reset. To meet the whole system security needs and support virtual machine requesting communication with SDM, only the secure world of software (EL3, Exception Level 3) can interface with SDM. All software entities running on other exception levels must channel through the EL3 software whenever it needs service from SDM. Intel Stratix10 service layer driver is added to provide the service for FPGA configuration, Remote System Update and FPGA crypto service (FCS). Running at privileged exception level (EL1, Exception Level 1), Intel Stratix10 service layer driver interfaces with the service clients at EL1 and manages secure monitor call (SMC) to communicate with secure monitor software at secure monitor exception level (EL3). The crypto services include security certificate, image boot validation, security key cancellation, get provision data, random number generation, advance encryption standard (AES) encryption and decryption services. To perform supporting crypto features on Intel SoCFPGA platforms, Linux user-space application interacts with FPGA crypto service (FCS) driver via structures defined in include/uapi/linux/intel_fcs-ioctl.h. The application allocates spaces for IOCTL structure to hold the contents or points to the data that FCS driver needs, uses IOCTL calls to passes data to kernel FCS driver for processing at low level firmware and get processed data or status back form the low level firmware via FCS driver. The user-space application named as fcs_client is at https://github.com/altera-opensource/fcs_apps/tree/fcs_client. Richard Gong (2): firmware: stratix10-svc: extend svc to support new crypto features crypto: add Intel SoCFPGA crypto service driver drivers/crypto/Kconfig | 11 + drivers/crypto/Makefile | 1 + drivers/crypto/intel_fcs.c | 709 +++++++++++++++++++++ drivers/firmware/stratix10-svc.c | 178 +++++- include/linux/firmware/intel/stratix10-smc.h | 147 ++++- .../linux/firmware/intel/stratix10-svc-client.h | 42 ++ include/uapi/linux/intel_fcs-ioctl.h | 222 +++++++ 7 files changed, 1291 insertions(+), 19 deletions(-) create mode 100644 drivers/crypto/intel_fcs.c create mode 100644 include/uapi/linux/intel_fcs-ioctl.h -- 2.7.4