lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1597672050-25829-1-git-send-email-richard.gong@linux.intel.com>
Date:   Mon, 17 Aug 2020 08:47:28 -0500
From:   richard.gong@...ux.intel.com
To:     derek.kiernan@...inx.com, dragan.cvetic@...inx.com, arnd@...db.de,
        gregkh@...uxfoundation.org
Cc:     linux-kernel@...r.kernel.org, dinguyen@...nel.org,
        richard.gong@...el.com
Subject: [PATCHv2 0/2] add Intel SoCFPGA crypto service driver 

From: Richard Gong <richard.gong@...el.com>

This is the 2nd submission of Intel SoCFPGA crypto service driver.

I followed the process to register or request a valid IOCTL number/letter,
but I got the delivery failure status notification.

Cypto service driver and service layer driver patches have been reviewed
internally by colleagues at Intel.

Intel SoCFPGA is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, remote system update,
crypto and warm reset.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration, Remote System Update and FPGA crypto service (FCS).
Running at privileged exception level (EL1, Exception Level 1), Intel
Stratix10 service layer driver interfaces with the service clients at EL1
and manages secure monitor call (SMC) to communicate with secure monitor
software at secure monitor exception level (EL3).

The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encryption standard (AES) encryption and decryption services.

To perform supporting crypto features on Intel SoCFPGA platforms, Linux
user-space application interacts with FPGA crypto service (FCS) driver via
structures defined in include/uapi/linux/intel_fcs-ioctl.h.

The application allocates spaces for IOCTL structure to hold the contents
or points to the data that FCS driver needs, uses IOCTL calls to passes
data to kernel FCS driver for processing at low level firmware and get
processed data or status back form the low level firmware via FCS driver.

The user-space application named as fcs_client is at
https://github.com/altera-opensource/fcs_apps/tree/fcs_client.

Richard Gong (2):
  firmware: stratix10-svc: extend svc to support new crypto features
  misc: add Intel SoCFPGA crypto service driver

 drivers/firmware/stratix10-svc.c                   | 178 +++++-
 drivers/misc/Kconfig                               |  12 +
 drivers/misc/Makefile                              |   1 +
 drivers/misc/intel-fcs.c                           | 709 +++++++++++++++++++++
 include/linux/firmware/intel/stratix10-smc.h       | 147 ++++-
 .../linux/firmware/intel/stratix10-svc-client.h    |  42 ++
 include/uapi/linux/intel-fcs_ioctl.h               | 222 +++++++
 7 files changed, 1292 insertions(+), 19 deletions(-)
 create mode 100644 drivers/misc/intel-fcs.c
 create mode 100644 include/uapi/linux/intel-fcs_ioctl.h

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ