Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading

From: Conor Dooley
Date: Wed Nov 22 2023 - 11:50:50 EST

Next message: Andy Shevchenko: "[PATCH v1 15/17] pinctrl: renesas: Convert to use grp member"
Previous message: Jakub Kicinski: "Re: [PATCH net-next v7 15/16] net: ethtool: ts: Let the active time stamping layer be selectable"
In reply to: Nava kishore Manne: "[RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading"
Next in thread: Nava kishore Manne: "[RFC PATCH 2/3] drivers: fpga: Add user-key encrypted FPGA Image loading support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 22, 2023 at 11:14:02AM +0530, Nava kishore Manne wrote:
> Adds ‘encrypted-key-name’ property to support user-key encrypted
> bitstream loading use case.
>
> Signed-off-by: Nava kishore Manne <nava.kishore.manne@xxxxxxx>
> ---
> .../devicetree/bindings/fpga/fpga-region.txt | 32 +++++++++++++++++++

Is there a reason that this has not yet been converted to yaml?

> 1 file changed, 32 insertions(+)
>
> diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> index 528df8a0e6d8..309334558b3f 100644
> --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> @@ -177,6 +177,9 @@ Optional properties:
> it indicates that the FPGA has already been programmed with this image.
> If this property is in an overlay targeting an FPGA region, it is a
> request to program the FPGA with that image.
> +- encrypted-key-name : should contain the name of an encrypted key file located
> + on the firmware search path. It will be used to decrypt the FPGA image
> + file with user-key.

I might be misreading things, but your driver code seems to assume that
this is an aes key. Nothing here seems to document that this is supposed
to be a key of a particular type.

Cheers,
Conor.

> - fpga-bridges : should contain a list of phandles to FPGA Bridges that must be
> controlled during FPGA programming along with the parent FPGA bridge.
> This property is optional if the FPGA Manager handles the bridges.
> @@ -459,6 +462,35 @@ programming is the FPGA based bridge of fpga_region1.
> };
> };
>
> +Device Tree Example: Configure/Reconfigure Encrypted Image With User Key
> +========================================================================
> +
> +Users can encrypt FPGA configuration Images with their own key. While decrypting
> +the configuration Image the user needs to provide the same key.
> +"encrypted-key-name" Specifies the name of the FPGA image encrypted key file on
> +the firmware search path. The search path is described in the firmware class
> +documentation.
> +
> +/dts-v1/;
> +/plugin/;
> +
> +&fpga_region0 {
> + #address-cells = <1>;
> + #size-cells = <1>;
> +
> + firmware-name = "soc_image2.rbf";
> + encrypted-key-name = "key.nky";
> +
> + gpio@10040 {
> + compatible = "altr,pio-1.0";
> + reg = <0x10040 0x20>;
> + clocks = <0x2>;
> + altr,ngpio = <0x4>;
> + #gpio-cells = <0x2>;
> + gpio-controller;
> + };
> +};
> +
> Constraints
> ===========
>
> --
> 2.25.1
>

Attachment: signature.asc
Description: PGP signature

Next message: Andy Shevchenko: "[PATCH v1 15/17] pinctrl: renesas: Convert to use grp member"
Previous message: Jakub Kicinski: "Re: [PATCH net-next v7 15/16] net: ethtool: ts: Let the active time stamping layer be selectable"
In reply to: Nava kishore Manne: "[RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key encrypted bitstream loading"
Next in thread: Nava kishore Manne: "[RFC PATCH 2/3] drivers: fpga: Add user-key encrypted FPGA Image loading support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]