lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID:
 <LV3PR12MB92601B314AFB6EFD9BA88881E2232@LV3PR12MB9260.namprd12.prod.outlook.com>
Date: Fri, 22 Nov 2024 20:32:21 +0000
From: "Thangaraj, Senthil Nathan" <SenthilNathan.Thangaraj@....com>
To: "Botcha, Mounika" <Mounika.Botcha@....com>, "arnd@...db.de"
	<arnd@...db.de>, "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"michal.simek@...inx.com" <michal.simek@...inx.com>,
	"linux-arm-kernel@...ts.infradead.org"
	<linux-arm-kernel@...ts.infradead.org>, "Akula, Kalyani"
	<kalyani.akula@....com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "git
 (AMD-Xilinx)" <git@....com>, "Botcha, Mounika" <Mounika.Botcha@....com>
Subject: RE: [PATCH 1/2] firmware: xilinx: Add support for secure image load



> -----Original Message-----
> From: Mounika Botcha <mounika.botcha@....com>
> Sent: Monday, November 18, 2024 10:59 PM
> To: arnd@...db.de; gregkh@...uxfoundation.org; michal.simek@...inx.com; linux-
> arm-kernel@...ts.infradead.org; Akula, Kalyani <kalyani.akula@....com>
> Cc: linux-kernel@...r.kernel.org; git (AMD-Xilinx) <git@....com>; Botcha,
> Mounika <Mounika.Botcha@....com>
> Subject: [PATCH 1/2] firmware: xilinx: Add support for secure image load
> 
> Add support to load secure image from linux
> 
> Signed-off-by: Mounika Botcha <mounika.botcha@....com>
> ---
>  drivers/firmware/xilinx/zynqmp.c     | 31 +++++++++++++++++++++++++++-
>  include/linux/firmware/xlnx-zynqmp.h |  9 +++++++-
>  2 files changed, 38 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/firmware/xilinx/zynqmp.c b/drivers/firmware/xilinx/zynqmp.c
> index add8acf66a9c..c46280241589 100644
> --- a/drivers/firmware/xilinx/zynqmp.c
> +++ b/drivers/firmware/xilinx/zynqmp.c
> @@ -3,7 +3,7 @@
>   * Xilinx Zynq MPSoC Firmware layer
>   *
>   *  Copyright (C) 2014-2022 Xilinx, Inc.
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>   *
>   *  Michal Simek <michal.simek@....com>
>   *  Davorin Mista <davorin.mista@...ios.com> @@ -1358,6 +1358,35 @@ int
> zynqmp_pm_load_pdi(const u32 src, const u64 address)  }
> EXPORT_SYMBOL_GPL(zynqmp_pm_load_pdi);
> 
> +/**
> + * zynqmp_pm_secure_load - Provides access to load secure image
> + * @src_addr:	Address of DMA buffer where image is stored
> + * @key_addr:	Key address
> + * @dst:	Destination address where image is verified
> + *
> + * This API provides support to load secure image from linux
> + *
> + * Return: status, either success or error+reason  */ int
> +zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst) {
> +	u32 ret_payload[PAYLOAD_ARG_CNT];
> +	int ret;
> +
> +	if (!dst)
> +		return -EINVAL;
> +
> +	ret = zynqmp_pm_invoke_fn(PM_SECURE_IMAGE, ret_payload, 4,
> +				  lower_32_bits(src_addr),
> +				  upper_32_bits(src_addr),
> +				  lower_32_bits(key_addr),
> +				  upper_32_bits(key_addr));
> +	*dst = ((u64)ret_payload[1] << 32) | ret_payload[2];
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL_GPL(zynqmp_pm_secure_load);

Can we move the above function definition to zynqmp-secure.c as well? It's essentially a wrapper function for zynqmp_pm_invoke_fn.

> +
>  /**
>   * zynqmp_pm_aes_engine - Access AES hardware to encrypt/decrypt the data
> using
>   * AES-GCM core.
> diff --git a/include/linux/firmware/xlnx-zynqmp.h b/include/linux/firmware/xlnx-
> zynqmp.h
> index d7d07afc0532..6e03f0f72427 100644
> --- a/include/linux/firmware/xlnx-zynqmp.h
> +++ b/include/linux/firmware/xlnx-zynqmp.h
> @@ -3,7 +3,7 @@
>   * Xilinx Zynq MPSoC Firmware layer
>   *
>   *  Copyright (C) 2014-2021 Xilinx
> - *  Copyright (C) 2022 - 2023, Advanced Micro Devices, Inc.
> + *  Copyright (C) 2022 - 2024, Advanced Micro Devices, Inc.
>   *
>   *  Michal Simek <michal.simek@....com>
>   *  Davorin Mista <davorin.mista@...ios.com> @@ -173,6 +173,7 @@ enum
> pm_api_id {
>  	PM_CLOCK_GETDIVIDER = 40,
>  	PM_CLOCK_SETPARENT = 43,
>  	PM_CLOCK_GETPARENT = 44,
> +	PM_SECURE_IMAGE = 45,
>  	PM_FPGA_READ = 46,
>  	PM_SECURE_AES = 47,
>  	PM_EFUSE_ACCESS = 53,
> @@ -587,6 +588,7 @@ int zynqmp_pm_pinctrl_get_config(const u32 pin, const
> u32 param,  int zynqmp_pm_pinctrl_set_config(const u32 pin, const u32 param,
>  				 u32 value);
>  int zynqmp_pm_load_pdi(const u32 src, const u64 address);
> +int zynqmp_pm_secure_load(const u64 src_addr, u64 key_addr, u64 *dst);
>  int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>  				const u32 wake, const u32 enable);
>  int zynqmp_pm_feature(const u32 api_id); @@ -854,6 +856,11 @@ static inline int
> zynqmp_pm_load_pdi(const u32 src, const u64 address)
>  	return -ENODEV;
>  }
> 
> +static inline int zynqmp_pm_secure_load(const u64 src_addr, u64
> +key_addr, u64 *dst) {
> +	return -ENODEV;
> +}
> +
>  static inline int zynqmp_pm_register_notifier(const u32 node, const u32 event,
>  					      const u32 wake, const u32 enable)  {
> --
> 2.36.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ