RE: [RFC PATCH 2/4] fpga: Add new properties to support user-key encrypted bitstream loading
From: Nava kishore Manne <hidden>
Date: 2021-05-13 10:55:17
Also in:
linux-devicetree, linux-fpga, lkml
Hi Rob, Please find my response inline.
-----Original Message----- From: Rob Herring <robh@kernel.org> Sent: Thursday, May 13, 2021 8:01 AM To: Nava kishore Manne <redacted> Cc: mdf@kernel.org; trix@redhat.com; Michal Simek <redacted>; arnd@arndb.de; Rajan Vaja [off-list ref]; gregkh@linuxfoundation.org; linus.walleij@linaro.org; Amit Sunil Dhamne [off-list ref]; Tejas Patel [off-list ref]; zou_wei@huawei.com; Manish Narani [off-list ref]; Sai Krishna Potthuri [off-list ref]; Jiaying Liang [off-list ref]; linux- fpga@vger.kernel.org; devicetree@vger.kernel.org; linux- kernel@vger.kernel.org; linux-arm-kernel@lists.infradead.org; git [off-list ref]; chinnikishore369@gmail.com Subject: Re: [RFC PATCH 2/4] fpga: Add new properties to support user-key encrypted bitstream loading On Tue, May 04, 2021 at 03:52:25PM +0530, Nava kishore Manne wrote:quoted
This patch Adds ‘encrypted-key-name’ and ‘encrypted-user-key-fpga-config’ properties to support user-key encrypted bitstream loading use case. Signed-off-by: Nava kishore Manne <redacted> --- Documentation/devicetree/bindings/fpga/fpga-region.txt | 5 +++++ 1 file changed, 5 insertions(+)diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txtb/Documentation/devicetree/bindings/fpga/fpga-region.txt index d787d57491a1..957dc6cbcd9e 100644--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt@@ -177,6 +177,9 @@ Optional properties: it indicates that the FPGA has already been programmed with thisimage.quoted
If this property is in an overlay targeting a FPGA region, it is a request to program the FPGA with that image. +- encrypted-key-name : should contain the name of an encrypted key filelocatedquoted
+ on the firmware search path. It will be used to decrypt the FPGAimagequoted
+ file. - fpga-bridges : should contain a list of phandles to FPGA Bridges that mustbequoted
controlled during FPGA programming along with the parent FPGAbridge.quoted
This property is optional if the FPGA Manager handles the bridges.@@ -187,6 +190,8 @@ Optional properties: - external-fpga-config : boolean, set if the FPGA has already beenconfiguredquoted
prior to OS boot up. - encrypted-fpga-config : boolean, set if the bitstream is encrypted +- encrypted-user-key-fpga-config : boolean, set if the bitstream isencryptedquoted
+ with user key.What's the relationship with encrypted-fpga-config? Both present or mutually exclusive? Couldn't this be implied by encrypted-key-name being present?
In Encryption we have two kinds of use case one is Encrypted Bitstream loading with Device-key and Other one is Encrypted Bitstream loading with User-key. encrypted-fpga-config and encrypted-user-key-fpga-config are mutually exclusive. To differentiate both the use cases I have added this new flag and Aes Key file(encrypted-key-name) is needed only for encrypted-user-key-fpga-config use cases. Regards, Navakishore. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel