lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <DM6PR12MB3993F0EC4930E68C54299B36CDB8A@DM6PR12MB3993.namprd12.prod.outlook.com>
Date:   Fri, 24 Nov 2023 06:35:19 +0000
From:   "Manne, Nava kishore" <nava.kishore.manne@....com>
To:     Conor Dooley <conor@...nel.org>
CC:     "mdf@...nel.org" <mdf@...nel.org>,
        "hao.wu@...el.com" <hao.wu@...el.com>,
        "yilun.xu@...el.com" <yilun.xu@...el.com>,
        "trix@...hat.com" <trix@...hat.com>,
        "robh+dt@...nel.org" <robh+dt@...nel.org>,
        "krzysztof.kozlowski+dt@...aro.org" 
        <krzysztof.kozlowski+dt@...aro.org>,
        "conor+dt@...nel.org" <conor+dt@...nel.org>,
        "Simek, Michal" <michal.simek@....com>,
        "mathieu.poirier@...aro.org" <mathieu.poirier@...aro.org>,
        "Levinsky, Ben" <ben.levinsky@....com>,
        "Potthuri, Sai Krishna" <sai.krishna.potthuri@....com>,
        "Shah, Tanmay" <tanmay.shah@....com>,
        "dhaval.r.shah@....com" <dhaval.r.shah@....com>,
        "arnd@...db.de" <arnd@...db.de>,
        "Datta, Shubhrajyoti" <shubhrajyoti.datta@....com>,
        "linux-fpga@...r.kernel.org" <linux-fpga@...r.kernel.org>,
        "devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>
Subject: RE: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key
 encrypted bitstream loading

Hi Conor,

	Thanks for providing the review comments.
Please find my response inline.

> -----Original Message-----
> From: Conor Dooley <conor@...nel.org>
> Sent: Wednesday, November 22, 2023 10:21 PM
> To: Manne, Nava kishore <nava.kishore.manne@....com>
> Cc: mdf@...nel.org; hao.wu@...el.com; yilun.xu@...el.com;
> trix@...hat.com; robh+dt@...nel.org; krzysztof.kozlowski+dt@...aro.org;
> conor+dt@...nel.org; Simek, Michal <michal.simek@....com>;
> mathieu.poirier@...aro.org; Levinsky, Ben <ben.levinsky@....com>;
> Potthuri, Sai Krishna <sai.krishna.potthuri@....com>; Shah, Tanmay
> <tanmay.shah@....com>; dhaval.r.shah@....com; arnd@...db.de;
> Datta, Shubhrajyoti <shubhrajyoti.datta@....com>; linux-
> fpga@...r.kernel.org; devicetree@...r.kernel.org; linux-
> kernel@...r.kernel.org; linux-arm-kernel@...ts.infradead.org
> Subject: Re: [RFC PATCH 1/3] dt-bindings: fpga: Add support for user-key
> encrypted bitstream loading
> 
> On Wed, Nov 22, 2023 at 11:14:02AM +0530, Nava kishore Manne wrote:
> > Adds ‘encrypted-key-name’ property to support user-key encrypted
> > bitstream loading use case.
> >
> > Signed-off-by: Nava kishore Manne <nava.kishore.manne@....com>
> > ---
> >  .../devicetree/bindings/fpga/fpga-region.txt  | 32
> > +++++++++++++++++++
> 
> Is there a reason that this has not yet been converted to yaml?
> 
I am not sure about the complication involved here why it's not converted to yaml format.
Due to time constraints, I couldn’t spend much time so I have used this existing legacy format
to add my changes.

> >  1 file changed, 32 insertions(+)
> >
> > diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > index 528df8a0e6d8..309334558b3f 100644
> > --- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > +++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
> > @@ -177,6 +177,9 @@ Optional properties:
> >  	it indicates that the FPGA has already been programmed with this
> image.
> >  	If this property is in an overlay targeting an FPGA region, it is a
> >  	request to program the FPGA with that image.
> > +- encrypted-key-name : should contain the name of an encrypted key file
> located
> > +	on the firmware search path. It will be used to decrypt the FPGA
> image
> > +	file with user-key.
> 
> I might be misreading things, but your driver code seems to assume that this
> is an aes key. Nothing here seems to document that this is supposed to be a
> key of a particular type.
> 

Yes, these changes are intended to add the support for Aes user-key encrypted bitstream loading use case.
Will fix it in v2, something like below.
aes-key-file-name : Should contain the AES key file name on the firmware search path.
		      The key file contains the AES key and it will be used to decrypt the FPGA image.

Regards,
Navakishore.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ