[RFC v2 2/4] fpga: Add new property to support user-key encrypted bitstream loading
Nava kishore Manne
navam at xilinx.com
Fri Jul 9 01:48:57 PDT 2021
Hi Greg,
Thanks for providing the review comments.
Please find my response inline.
> -----Original Message-----
> From: Greg KH <gregkh at linuxfoundation.org>
> Sent: Wednesday, June 9, 2021 3:26 PM
> To: Nava kishore Manne <navam at xilinx.com>
> Cc: robh+dt at kernel.org; Michal Simek <michals at xilinx.com>;
> mdf at kernel.org; trix at redhat.com; arnd at arndb.de; Rajan Vaja
> <RAJANV at xilinx.com>; Amit Sunil Dhamne <amitsuni at xlnx.xilinx.com>;
> Tejas Patel <tejasp at xlnx.xilinx.com>; zou_wei at huawei.com; Sai Krishna
> Potthuri <lakshmis at xilinx.com>; Ravi Patel <RAVIPATE at xilinx.com>;
> iwamatsu at nigauri.org; Jiaying Liang <jliang at xilinx.com>;
> devicetree at vger.kernel.org; linux-arm-kernel at lists.infradead.org; linux-
> kernel at vger.kernel.org; linux-fpga at vger.kernel.org; git <git at xilinx.com>;
> chinnikishore369 at gmail.com
> Subject: Re: [RFC v2 2/4] fpga: Add new property to support user-key
> encrypted bitstream loading
>
> On Wed, Jun 09, 2021 at 11:22:30AM +0530, Nava kishore Manne wrote:
> > This patch Adds ‘encrypted-key-name’ property to support user-key
> > encrypted bitstream loading use case.
> >
> > Signed-off-by: Nava kishore Manne <nava.manne at xilinx.com>
> > ---
> > Changes for v2:
> > -Both DT properties ie; encrypted-key-name and encrypted-user-
> key-fpga-config
> > are targeted to use for the same use cases but ideally encrypted-
> key-name
> > is enough to serve the purpose so updated the file to remove the
> unwanted
> > encrypted-user-key-fpga-config property as suggested by Rob.
> >
> > Documentation/devicetree/bindings/fpga/fpga-region.txt | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > index d787d57491a1..0de4a1c54650 100644
> > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > @@ -177,6 +177,9 @@ Optional properties:
> > it indicates that the FPGA has already been programmed with this
> image.
> > If this property is in an overlay targeting a FPGA region, it is a
> > request to program the FPGA with that image.
> > +- encrypted-key-name : should contain the name of an encrypted key file
> located
> > + on the firmware search path. It will be used to decrypt the FPGA
> image
> > + file with user-key.
>
> What is the format this "user-key" is in? Where is the documentation for
> how to use this type of thing?
>
Will fix user key format issues in v3.
Will update this binding doc with user key encrypted bitstream loading use case info.
Use case info:
Reconfiguration with encrypted image using AES key
In this case, the FPGA Manager will decrypt the configuration data and
placed it into the programmable logic. To decrypt the configuration data
it uses AES key provided by the user.
DT Overlay contains:
/dts-v1/;
/plugin/;
&fpga_region0 {
#address-cells = <1>;
#size-cells = <1>;
firmware-name = "versal-gpio.bin";
encrypted-key-name = “Aes-key.nky”
gpio1: gpio at 40000000 {
compatible = "xlnx,xps-gpio-1.00.a";
reg = <0x40000000 0x10000>;
gpio-controller;
#gpio-cells = <0x2>;
xlnx,gpio-width= <0x6>;
};
};
Regards,
Navakishore.
More information about the linux-arm-kernel
mailing list