From patchwork Fri Jul 22 14:16:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oleksandr Suvorov X-Patchwork-Id: 1659594 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=foundries.io header.i=@foundries.io header.a=rsa-sha256 header.s=google header.b=YD4JaABZ; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4LqBM84gDgz9sGq for ; Sat, 23 Jul 2022 00:16:34 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id A243E83FAE; Fri, 22 Jul 2022 16:16:25 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=foundries.io Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=foundries.io header.i=@foundries.io header.b="YD4JaABZ"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id BC6B383FA0; Fri, 22 Jul 2022 16:16:23 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D466B8210C for ; Fri, 22 Jul 2022 16:16:19 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=foundries.io Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=oleksandr.suvorov@foundries.io Received: by mail-wm1-x329.google.com with SMTP id id17so2880169wmb.1 for ; Fri, 22 Jul 2022 07:16:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foundries.io; s=google; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc; bh=jJrSJJqBdP9U81485zSLESsjyPDvdxhdYx5TF3bk5DM=; b=YD4JaABZfdkmZx1pGQWsb/LYMnUba79ldYirbqtRgQlHPrUyticQglPCVrZAf3272N r1/VhkoSFHD0eR5e5wEqMiHlyd4H8yp0KqFlnWhHjn6KJ6R7IXVxJ437aaIzMs9m3Ukq AEBGKnnmrvEmZEnfVLR1twifKS1u3GPbC1Iod7FpTN4L7sjSDQawt6np0yeE7Gh0AZtB kcqvuQgp2UXmkyRkguoQAKs/b08xkrnzI3b+3z1CkVqhYw1wEu1bXus5rlWFcI6G8BVy bMsm9/WMOeUoAWC0yHDGBytNQx6JrQquq0krBvc61ReNy1tkL0wACHESh+6nNybq6e/e D8yA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc; bh=jJrSJJqBdP9U81485zSLESsjyPDvdxhdYx5TF3bk5DM=; b=rnH9x3nfWK6q7QiUcANrsBOLhuLyzRVbaejUHUce6mQqq6rAS0RLrBiJ1gepa57WdY FS/YkZTvPJfUD8p213jeMqVd+c8dGwRFH1CPut1J9+XmKhPg0tdKwnfdVdwxeuKMZyCI fUpSVlPSynAq/4o95dVOyvQAjSQyLGu1ejOSj0fjIsKucTmF/WJfINz7QQJIIPwfc1Zl g/RBrWzSFHg+7FDIhKte3KDtcaPG8Vt8f6Y1CfGvBIcJFGUpyPoMCyw1Pqzcs81EcUat gNNvUpvZNHIcCRM2zsY+qnTqlLURezZuYY8NuBWSGhHN9Pz8pDKkYLWQivY/DMkM3ZTu vFxA== X-Gm-Message-State: AJIora+hwqmfJsduDLu+hbkUa+Is7CxluVq0ZFKA2gAwHV462NBKwr0j JSuhEm4a1gKjzffvEFJwBOH4ZD8opEqIqQ== X-Google-Smtp-Source: AGRyM1uZjCKmC7tlx90z0XnkbH6Y5iPFaGzFB/aqLRdt19OXO9NvqFcKylYnh9bDx0gh7CTug5xA0w== X-Received: by 2002:a05:600c:1e1e:b0:3a3:10f9:aa02 with SMTP id ay30-20020a05600c1e1e00b003a310f9aa02mr50037wmb.124.1658499378945; Fri, 22 Jul 2022 07:16:18 -0700 (PDT) Received: from cryobook.. ([89.105.248.137]) by smtp.gmail.com with ESMTPSA id d13-20020adf9c8d000000b0021e4c3b2967sm4855364wre.65.2022.07.22.07.16.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Jul 2022 07:16:18 -0700 (PDT) From: Oleksandr Suvorov To: u-boot@lists.denx.de Cc: Michal Simek , Adrian Fiergolski , Ricardo Salveti , Jorge Ramirez-Ortiz , Igor Opaniuk , Oleksandr Suvorov , Alexandru Gagniuc , Artem Lapkin , Ashok Reddy Soma , Aswath Govindraju , Heiko Schocher , Heinrich Schuchardt , Leo Yu-Chi Liang , Masahisa Kojima , Michal Simek , Nishanth Menon , Ovidiu Panait , Simon Glass , Steffen Jaeckel Subject: [PATCH v12 00/13] fpga: zynqmp: Adding support of loading authenticated images Date: Fri, 22 Jul 2022 17:16:01 +0300 Message-Id: <20220722141614.297383-1-oleksandr.suvorov@foundries.io> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This patchset introduces support for the authenticated and encrypted FPGA images on ZynqMP boards, besides that introducing common way to pass the compatible property to any fpga driver. It bases on the initial work by Jorge Ramirez-Ortiz https://patchwork.ozlabs.org/project/uboot/patch/20211015091506.2602-1-jorge@foundries.io/ https://patchwork.ozlabs.org/project/uboot/patch/20211005111324.19749-3-jorge@foundries.io/ Changes in v12: - define the function only if FPGA_LOAD_SECURE enabled; - convert "compatible" to flags only if FPGA_LOAD_SECURE enabled; - fix a commit message - remove obsolete debug() message - exclude all secure-related code if FPGA_LOAD_SECURE is disabled - reduce the size of SPL if FPGA_LOAD_SECURE disabled. Changes in v11: - Fix treating an incoming FPGA image with empty flags parameter as legacy. - add Tested-by records. Changes in v10: - move FPGA flags to macros; - initialize xilinx_desc structs directly, removing *_DESC macros; - initialize flags for mach-zynq; - fix mixed types of return value; - made the message about ignoring legacy compatibe option as debug; - fix grammar - Support DDR images only if FPGA_LOAD_SECURE enabled. - Support ENC images only if FPGA_LOAD_SECURE enabled. Changes in v9: - remove an alien commit from a patchset :) Changes in v8: - Michal Simek's suggestions addressed: -- introduce the compatible flags in xilinx_desc; -- pass a binary compatible flag instead of "compatible" property to an FPGA driver. - Optimize a zynqmp_load() function. Changes in v7: - apply Michal Simek's suggestions As I applied changes on Oleksandr's patches, I indicated it by specifying myself as co-author in the commits logs. I am not sure if that is the convention of marking it. Changes in v6: - add support for the encrypted bitfiles. Changes in v5: - replace ifdef with if() where it's possible. Changes in v4: - change interface to xilinx_desc->operations->open() callback. - fix a bug from previous version of the patchset in dereferencing of a parent fpga_desc structure. Changes in v3: - remove the patch which introduced CMD_SPL_FPGA_LOAD_SECURE. - fix mixing definitions/declarations. - replace strcmp() calls with more secure strncmp(). - document the "u-boot,zynqmp-fpga-ddrauth" compatible string. - fix code style by check-patch recommendations. Changes in v2: - add function fit_fpga_load() to simplify calls of fpga_load() from contexts without a compatible attribute. - move all ZynqMP-specific logic to drivers/fpga/zynqmppl.c - prepare for passing a "compatible" FDT property to any fpga driver. Adrian Fiergolski (1): fpga: zynqmp: support loading encrypted bitfiles Oleksandr Suvorov (12): fpga: add option for loading FPGA secure bitstreams fpga: xilinx: add missed identifier names fpga: xilinx: add bitstream flags to driver desc fpga: zynqmp: add str2flags call fpga: xilinx: pass compatible flags to xilinx_load() fpga: pass compatible flags to fpga_load() fpga: add fpga_compatible2flag spl: fit: pass real compatible flags to fpga_load() fpga: xilinx: pass compatible flags to load() callback fpga: zynqmp: reduce zynqmppl_load() code fpga: zynqmp: add bitstream compatible checking fpga: zynqmp: support loading authenticated images arch/arm/mach-zynq/cpu.c | 1 + board/xilinx/versal/board.c | 5 +- board/xilinx/zynqmp/zynqmp.c | 5 +- boot/Kconfig | 4 +- boot/image-board.c | 4 +- cmd/Kconfig | 3 +- cmd/fpga.c | 8 +-- common/spl/spl_fit.c | 17 +++-- doc/uImage.FIT/source_file_format.txt | 7 +- drivers/fpga/Kconfig | 14 ++++ drivers/fpga/fpga.c | 33 ++++++++- drivers/fpga/spartan2.c | 2 +- drivers/fpga/spartan3.c | 2 +- drivers/fpga/versalpl.c | 2 +- drivers/fpga/virtex2.c | 2 +- drivers/fpga/xilinx.c | 8 +-- drivers/fpga/zynqmppl.c | 99 ++++++++++++++++++++++----- drivers/fpga/zynqpl.c | 2 +- include/fpga.h | 4 +- include/versalpl.h | 3 - include/xilinx.h | 21 ++++-- include/zynqmppl.h | 9 ++- 22 files changed, 199 insertions(+), 56 deletions(-)