[PATCH 1/2] firmware: xilinx: Add support for secure image load

Thangaraj, Senthil Nathan SenthilNathan.Thangaraj at amd.com
Fri Nov 22 12:32:21 PST 2024



> -----Original Message-----
> From: Mounika Botcha <mounika.botcha at amd.com>
> Sent: Monday, November 18, 2024 10:59 PM
> To: arnd at arndb.de; gregkh at linuxfoundation.org; michal.simek at xilinx.com; linux-
> arm-kernel at lists.infradead.org; Akula, Kalyani <kalyani.akula at amd.com>
> Cc: linux-kernel at vger.kernel.org; git (AMD-Xilinx) <git at amd.com>; Botcha,
> Mounika <Mounika.Botcha at amd.com>
> Subject: [PATCH 1/2] firmware: xilinx: Add support for secure image load
> 
> Add support to load secure image from linux
> 
> Signed-off-by: Mounika Botcha <mounika.botcha at amd.com>
> ---
>  drivers/firmware/xilinx/zynqmp.c     | 31 +++++++++++++++++++++++++++-
>  include/linux/firmware/xlnx-zynqmp.h |  9 +++++++-
>  2 files changed, 38 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c
> index add8acf66a9c..c46280241589 100644
> --- a/drivers/firmware/xilinx/zynqmp.c
> +++ b/drivers/firmware/xilinx/zynqmp.c
> @@ -3,7 +3,7 @@
>   * Xilinx Zynq MPSoC Firmware layer
>   *
>   *  Copyright (C) 2014-2022 Xilinx, Inc.
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>   *
>   *  Michal Simek <michal.simek at amd.com>
>   *  Davorin Mista <davorin.mista at aggios.com> @@ -1358,6 +1358,35 @@ int
> zynqmp_pm_load_pdi(const u32 src, const u64 address)  }
> EXPORT_SYMBOL_GPL(zynqmp_pm_load_pdi);
> 
> +/**
> + * zynqmp_pm_secure_load - Provides access to load secure image
> + * @src_addr:	Address of DMA buffer where image is stored
> + * @key_addr:	Key address
> + * @dst:	Destination address where image is verified
> + *
> + * This API provides support to load secure image from linux
> + *
> + * Return: status, either success or error+reason  */ int
> +zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst) {
> +	u32 ret_payload[PAYLOAD_ARG_CNT];
> +	int ret;
> +
> +	if (!dst)
> +		return -EINVAL;
> +
> +	ret = zynqmp_pm_invoke_fn(PM_SECURE_IMAGE, ret_payload, 4,
> +				  lower_32_bits(src_addr),
> +				  upper_32_bits(src_addr),
> +				  lower_32_bits(key_addr),
> +				  upper_32_bits(key_addr));
> +	*dst = ((u64)ret_payload[1] << 32) | ret_payload[2];
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL_GPL(zynqmp_pm_secure_load);

Can we move the above function definition to zynqmp-secure.c as well? It's essentially a wrapper function for zynqmp_pm_invoke_fn.

> +
>  /**
>   * zynqmp_pm_aes_engine - Access AES hardware to encrypt/decrypt the data
> using
>   * AES-GCM core.
> diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-
> zynqmp.h
> index d7d07afc0532..6e03f0f72427 100644
> --- a/include/linux/firmware/xlnx-zynqmp.h
> +++ b/include/linux/firmware/xlnx-zynqmp.h
> @@ -3,7 +3,7 @@
>   * Xilinx Zynq MPSoC Firmware layer
>   *
>   *  Copyright (C) 2014-2021 Xilinx
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>   *
>   *  Michal Simek <michal.simek at amd.com>
>   *  Davorin Mista <davorin.mista at aggios.com> @@ -173,6 +173,7 @@ enum
> pm_api_id {
>  	PM_CLOCK_GETDIVIDER = 40,
>  	PM_CLOCK_SETPARENT = 43,
>  	PM_CLOCK_GETPARENT = 44,
> +	PM_SECURE_IMAGE = 45,
>  	PM_FPGA_READ = 46,
>  	PM_SECURE_AES = 47,
>  	PM_EFUSE_ACCESS = 53,
> @@ -587,6 +588,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const
> u32 param,  int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
>  				 u32 value);
>  int zynqmp_pm_load_pdi(const u32 src, const u64 address);
> +int zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst);
>  int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>  				const u32 wake, const u32 enable);
>  int zynqmp_pm_feature(const u32 api_id); @@ -854,6 +856,11 @@ static inline int
> zynqmp_pm_load_pdi(const u32 src, const u64 address)
>  	return -ENODEV;
>  }
> 
> +static inline int zynqmp_pm_secure_load(const u64 src_addr, u64
> +key_addr, u64 *dst) {
> +	return -ENODEV;
> +}
> +
>  static inline int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>  					      const u32 wake, const u32 enable)  {
> --
> 2.36.1




More information about the linux-arm-kernel mailing list