[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-fpga
Subject: Re: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region
From: Moritz Fischer <mdf () kernel ! org>
Date: 2021-03-27 18:09:15
Message-ID: YF90y3Di4RbuJvr0 () epycbox ! lan
[Download RAW message or body]
Hi Richard, Russ,
On Thu, Feb 25, 2021 at 01:07:14PM +0000, Gong, Richard wrote:
> Hi Moritz,
>
> Sorry for asking.
>
> When you have chance, can you help review the version 5 patchset submitted on \
> 02/09/21?
> Regards,
> Richard
>
> -----Original Message-----
> From: richard.gong@linux.intel.com <richard.gong@linux.intel.com>
> Sent: Tuesday, February 9, 2021 4:20 PM
> To: mdf@kernel.org; trix@redhat.com; gregkh@linuxfoundation.org; \
> linux-fpga@vger.kernel.org; linux-kernel@vger.kernel.org
> Cc: Gong, Richard <richard.gong@intel.com>
> Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region
>
> From: Richard Gong <richard.gong@intel.com>
>
> This is 5th submission of Intel service layer and FPGA patches, which includes the \
> missing standalone patch in the 4th submission.
> This submission includes additional changes for Intel service layer driver to get \
> the firmware version running at FPGA SoC device. Then FPGA manager driver, one of \
> Intel service layer driver's client, can decide whether to handle the newly added \
> bitstream authentication function based on the retrieved firmware version. So that \
> we can maintain FPGA manager driver the back compatible.
> Bitstream authentication makes sure a signed bitstream has valid signatures.
>
> The customer sends the bitstream via FPGA framework and overlay, the firmware will \
> authenticate the bitstream but not program the bitstream to device. If the \
> authentication passes, the bitstream will be programmed into QSPI flash and will be \
> expected to boot without issues.
> Extend Intel service layer, FPGA manager and region drivers to support the \
> bitstream authentication feature.
> Richard Gong (7):
> firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
> firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
> firmware: stratix10-svc: extend SVC driver to get the firmware version
> fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
> fpga: of-fpga-region: add authenticate-fpga-config property
> dt-bindings: fpga: add authenticate-fpga-config property
> fpga: stratix10-soc: extend driver for bitstream authentication
>
> .../devicetree/bindings/fpga/fpga-region.txt | 10 ++++
> drivers/firmware/stratix10-svc.c | 12 ++++-
> drivers/fpga/of-fpga-region.c | 24 ++++++---
> drivers/fpga/stratix10-soc.c | 62 +++++++++++++++++++---
> include/linux/firmware/intel/stratix10-smc.h | 21 +++++++-
> .../linux/firmware/intel/stratix10-svc-client.h | 11 +++-
> include/linux/fpga/fpga-mgr.h | 3 ++
> 7 files changed, 125 insertions(+), 18 deletions(-)
>
> --
> 2.7.4
>
Apologies for the epic delay in getting back to this, I took another
look at this patchset and Russ' patchset.
TL;DR I'm not really a fan of using device-tree overlays for this (and
again, apologies, I should've voiced this earlier ...).
Anyways, let's find a common API for this and Russ' work, they're trying
to achieve the same / similar thing, they should use the same API.
I'd like to re-invetigate the possiblity to extend FPGA Manager with
'secure update' ops that work for both these use-cases (and I susspect
hte XRT patchset will follow with a similar requirement, right after).
- Moritz
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic