'Re: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-fpga
Subject:    Re: [PATCHv5 0/7]  Extend Intel service layer, FPGA manager and region
From:       Moritz Fischer <mdf () kernel ! org>
Date:       2021-03-27 18:09:15
Message-ID: YF90y3Di4RbuJvr0 () epycbox ! lan
[Download RAW message or body]

Hi Richard, Russ,

On Thu, Feb 25, 2021 at 01:07:14PM +0000, Gong, Richard wrote:
> Hi Moritz,
> 
> Sorry for asking.
> 
> When you have chance, can you help review the version 5 patchset submitted on \
> 02/09/21? 
> Regards,
> Richard
> 
> -----Original Message-----
> From: richard.gong@linux.intel.com <richard.gong@linux.intel.com> 
> Sent: Tuesday, February 9, 2021 4:20 PM
> To: mdf@kernel.org; trix@redhat.com; gregkh@linuxfoundation.org; \
>                 linux-fpga@vger.kernel.org; linux-kernel@vger.kernel.org
> Cc: Gong, Richard <richard.gong@intel.com>
> Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region
> 
> From: Richard Gong <richard.gong@intel.com>
> 
> This is 5th submission of Intel service layer and FPGA patches, which includes the \
> missing standalone patch in the 4th submission. 
> This submission includes additional changes for Intel service layer driver to get \
> the firmware version running at FPGA SoC device. Then FPGA manager driver, one of \
> Intel service layer driver's client, can decide whether to handle the newly added \
> bitstream authentication function based on the retrieved firmware version. So that \
> we can maintain FPGA manager driver the back compatible. 
> Bitstream authentication makes sure a signed bitstream has valid signatures.
> 
> The customer sends the bitstream via FPGA framework and overlay, the firmware will \
> authenticate the bitstream but not program the bitstream to device. If the \
> authentication passes, the bitstream will be programmed into QSPI flash and will be \
> expected to boot without issues. 
> Extend Intel service layer, FPGA manager and region drivers to support the \
> bitstream authentication feature.  
> Richard Gong (7):
> firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
> firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
> firmware: stratix10-svc: extend SVC driver to get the firmware version
> fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
> fpga: of-fpga-region: add authenticate-fpga-config property
> dt-bindings: fpga: add authenticate-fpga-config property
> fpga: stratix10-soc: extend driver for bitstream authentication
> 
> .../devicetree/bindings/fpga/fpga-region.txt       | 10 ++++
> drivers/firmware/stratix10-svc.c                   | 12 ++++-
> drivers/fpga/of-fpga-region.c                      | 24 ++++++---
> drivers/fpga/stratix10-soc.c                       | 62 +++++++++++++++++++---
> include/linux/firmware/intel/stratix10-smc.h       | 21 +++++++-
> .../linux/firmware/intel/stratix10-svc-client.h    | 11 +++-
> include/linux/fpga/fpga-mgr.h                      |  3 ++
> 7 files changed, 125 insertions(+), 18 deletions(-)
> 
> --
> 2.7.4
> 

Apologies for the epic delay in getting back to this, I took another
look at this patchset and Russ' patchset.

TL;DR I'm not really a fan of using device-tree overlays for this (and
again, apologies, I should've voiced this earlier ...).

Anyways, let's find a common API for this and Russ' work, they're trying
to achieve the same / similar thing, they should use the same API.

I'd like to re-invetigate the possiblity to extend FPGA Manager with
'secure update' ops that work for both these use-cases (and I susspect
hte XRT patchset will follow with a similar requirement, right after).

- Moritz


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic