lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <264f6409-1b07-4608-aee6-26a737664dcb@amd.com>
Date: Mon, 24 Jun 2024 16:43:45 +0200
From: Michal Simek <michal.simek@....com>
To: Mounika Botcha <mounika.botcha@....com>, arnd@...db.de,
 gregkh@...uxfoundation.org, michal.simek@...inx.com,
 linux-arm-kernel@...ts.infradead.org, kalyani.akula@....com
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] firmware: xilinx: Add support for secure image load



On 6/10/24 18:13, Mounika Botcha wrote:
> Add support to load secure image from linux
> 
> Signed-off-by: Mounika Botcha <mounika.botcha@....com>
> ---
>   drivers/firmware/xilinx/zynqmp.c     | 31 +++++++++++++++++++++++++++-
>   include/linux/firmware/xlnx-zynqmp.h |  9 +++++++-
>   2 files changed, 38 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c
> index add8acf66a9c..c46280241589 100644
> --- a/drivers/firmware/xilinx/zynqmp.c
> +++ b/drivers/firmware/xilinx/zynqmp.c
> @@ -3,7 +3,7 @@
>    * Xilinx Zynq MPSoC Firmware layer
>    *
>    *  Copyright (C) 2014-2022 Xilinx, Inc.
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>    *
>    *  Michal Simek <michal.simek@....com>
>    *  Davorin Mista <davorin.mista@...ios.com>
> @@ -1358,6 +1358,35 @@ int zynqmp_pm_load_pdi(const u32 src, const u64 address)
>   }
>   EXPORT_SYMBOL_GPL(zynqmp_pm_load_pdi);
>   
> +/**
> + * zynqmp_pm_secure_load - Provides access to load secure image
> + * @src_addr:	Address of DMA buffer where image is stored
> + * @key_addr:	Key address
> + * @dst:	Destination address where image is verified
> + *
> + * This API provides support to load secure image from linux
> + *
> + * Return: status, either success or error+reason
> + */
> +int zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst)
> +{
> +	u32 ret_payload[PAYLOAD_ARG_CNT];
> +	int ret;
> +
> +	if (!dst)
> +		return -EINVAL;
> +
> +	ret = zynqmp_pm_invoke_fn(PM_SECURE_IMAGE, ret_payload, 4,
> +				  lower_32_bits(src_addr),
> +				  upper_32_bits(src_addr),
> +				  lower_32_bits(key_addr),
> +				  upper_32_bits(key_addr));
> +	*dst = ((u64)ret_payload[1] << 32) | ret_payload[2];
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL_GPL(zynqmp_pm_secure_load);
> +
>   /**
>    * zynqmp_pm_aes_engine - Access AES hardware to encrypt/decrypt the data using
>    * AES-GCM core.
> diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-zynqmp.h
> index d7d07afc0532..6e03f0f72427 100644
> --- a/include/linux/firmware/xlnx-zynqmp.h
> +++ b/include/linux/firmware/xlnx-zynqmp.h
> @@ -3,7 +3,7 @@
>    * Xilinx Zynq MPSoC Firmware layer
>    *
>    *  Copyright (C) 2014-2021 Xilinx
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>    *
>    *  Michal Simek <michal.simek@....com>
>    *  Davorin Mista <davorin.mista@...ios.com>
> @@ -173,6 +173,7 @@ enum pm_api_id {
>   	PM_CLOCK_GETDIVIDER = 40,
>   	PM_CLOCK_SETPARENT = 43,
>   	PM_CLOCK_GETPARENT = 44,
> +	PM_SECURE_IMAGE = 45,
>   	PM_FPGA_READ = 46,
>   	PM_SECURE_AES = 47,
>   	PM_EFUSE_ACCESS = 53,
> @@ -587,6 +588,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const u32 param,
>   int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
>   				 u32 value);
>   int zynqmp_pm_load_pdi(const u32 src, const u64 address);
> +int zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst);
>   int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>   				const u32 wake, const u32 enable);
>   int zynqmp_pm_feature(const u32 api_id);
> @@ -854,6 +856,11 @@ static inline int zynqmp_pm_load_pdi(const u32 src, const u64 address)
>   	return -ENODEV;
>   }
>   
> +static inline int zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst)
> +{
> +	return -ENODEV;
> +}
> +
>   static inline int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>   					      const u32 wake, const u32 enable)
>   {


Acked-by: Michal Simek <michal.simek@....com>

Thanks,
Michal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ