| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240726063819.2274324-1-nava.kishore.manne@amd.com> Date: Fri, 26 Jul 2024 12:08:18 +0530 From: Nava kishore Manne <nava.kishore.manne@....com> To: <git@....com>, <mdf@...nel.org>, <hao.wu@...el.com>, <yilun.xu@...el.com>, <trix@...hat.com>, <robh@...nel.org>, <saravanak@...gle.com>, <linux-fpga@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <devicetree@...r.kernel.org> Subject: [RFC 0/1]Add user space interaction for FPGA programming The existing FPGA manager subsystem didn't have any user space interface (other than the status/state in sysfs) in Kernel. Basically, FPGAs are semiconductor devices that can be reprogrammed for desired hardware functionality. FPGAs can be reprogrammed at runtime with different types of logic and IPs as per user need and hence there is a need to use device tree overlays for removing/updating/adding the devices at runtime for the IPs/controllers that are present in FPGA. But we don't have any user interface in kernel for updating the device tree at runtime. Sometime back there was a series sent by Pantelis Antoniou (https://lore.kernel.org/lkml/1414528565-10907-4-git-send-email-pantelis.antoniou@konsulko.com/). This patch introduced a user interface configfs for Device Tree overlays, a method of dynamically altering the kernel's live Device Tree. However, this patch series was not accepted in mainline due to various concerns. For more details refer to this link: https://elinux.org/Frank%27s_Evolving_Overlay_Thoughts#issues_and_what_needs_to_be_completed_--_Not_an_exhaustive_list One of the major valid concerns that were raised with this configfs interface was security. It provides a generic interface (Not specific to the use cases) for modifying the live device tree. In order to configure/program the FPGA devices, All the major vendors of FPGA are using this configfs series as out-of-tree patch for configuring the FPGAs and there was never an attempt to introduce a generic interface to configure/program the FPGA in upstream and hence upstream kernel ended up in not having proper support for FPGAs configure/program. This series tries to address this gap of FPGA programmability by providing a new sysfs interface to the user. This newly added sysfs interface uses Device Tree Overlay (DTO) files to configure/reprogram an FPGA while an operating system is running and it restrict the overlay's subsystem usage only to FPGA regions in order to mitigate the major security concern with configfs.This proposed solution will not change the existing sequence when a DT overlay that targets an FPGA Region is applied. - Disable appropriate FPGA bridges. - Program the FPGA using the FPGA manager. - Enable the FPGA bridges. - The Device Tree overlay is accepted into the live tree. - Child devices are populated. When the overlay is removed, the child nodes will be removed, and the FPGA Region will disable the bridges. Usage: To configure/reprogram an FPGA region: echo "fpga.dtbo" > /sys/class/fpga_region/<region>/device/load To remove an FPGA region: echo "fpga.dtbo" > /sys/class/fpga_region/<region>/device/remove To get an FPGA region status: cat /sys/class/fpga_region/<region>/device/status Nava kishore Manne (1): of-fpga-region: Add sysfs interface support for FPGA configuration .../ABI/testing/sysfs-class-of-fpga-region | 30 ++++++ MAINTAINERS | 1 + drivers/fpga/fpga-region.c | 4 +- drivers/fpga/of-fpga-region.c | 92 +++++++++++++++++++ include/linux/fpga/fpga-region.h | 15 +++ 5 files changed, 141 insertions(+), 1 deletion(-) create mode 100644 Documentation/ABI/testing/sysfs-class-of-fpga-region -- 2.34.1
Powered by blists - more mailing lists