fpga: zynqmp: support loading encrypted bitfiles

Add supporting new compatible string "u-boot,zynqmp-fpga-enc" to handle loading encrypted bitfiles. This feature requires encrypted FSBL, as according to UG1085: "The CSU automatically locks out the AES key, stored in either BBRAM or eFUSEs, as a key source to the AES engine if the FSBL is not encrypted. This prevents using the BBRAM or eFUSE as the key source to the AES engine during run-time applications." Signed-off-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com> Co-developed-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> Tested-by: Adrian Fiergolski <adrian.fiergolski@fastree3d.com> Link: https://lore.kernel.org/r/20220722141614.297383-14-oleksandr.suvorov@foundries.io Signed-off-by: Michal Simek <michal.simek@amd.com>
2022-07-22 17:16:14 +03:00 · 2022-07-22 17:16:14 +03:00 · b524f8fb1e
commit b524f8fb1e
parent a3a1afb747
5 changed files with 15 additions and 1 deletions
--- a/doc/uImage.FIT/source_file_format.txt
+++ b/doc/uImage.FIT/source_file_format.txt
@ -188,6 +188,8 @@ the '/images' node should have the following layout:
    "u-boot,fpga-legacy" - the generic fpga loading routine.
    "u-boot,zynqmp-fpga-ddrauth" - signed non-encrypted FPGA bitstream for
    Xilinx Zynq UltraScale+ (ZymqMP) device.
+    "u-boot,zynqmp-fpga-enc" - encrypted FPGA bitstream for Xilinx Zynq
+    UltraScale+ (ZynqMP) device.

  Optional nodes:
  - hash-1 : Each hash sub-node represents separate hash or checksum
--- a/drivers/fpga/zynqmppl.c
+++ b/drivers/fpga/zynqmppl.c
@ -257,6 +257,11 @@ static int zynqmp_load(xilinx_desc *desc, const void *buf, size_t bsize,
 		info.authflag = ZYNQMP_FPGA_AUTH_DDR;
 		info.encflag = FPGA_NO_ENC_OR_NO_AUTH;
 		return desc->operations->loads(desc, buf, bsize, &info);
+	case FPGA_XILINX_ZYNQMP_ENC:
+		/* Encryption using device key */
+		info.authflag = FPGA_NO_ENC_OR_NO_AUTH;
+		info.encflag = FPGA_ENC_DEV_KEY;
+		return desc->operations->loads(desc, buf, bsize, &info);
 #endif
 	default:
 		printf("Unsupported bitstream type %d\n", flags);
@ -360,6 +365,9 @@ static int __maybe_unused zynqmp_str2flag(xilinx_desc *desc, const char *str)
 #if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
 	if (!strncmp(str, "u-boot,zynqmp-fpga-ddrauth", 26))
 		return FPGA_XILINX_ZYNQMP_DDRAUTH;
+
+	if (!strncmp(str, "u-boot,zynqmp-fpga-enc", 22))
+		return FPGA_XILINX_ZYNQMP_ENC;
 #endif
 	return 0;
 }
--- a/include/fpga.h
+++ b/include/fpga.h
@ -20,6 +20,7 @@
 /* device numbers must be non-negative */
 #define FPGA_INVALID_DEVICE	-1

+#define FPGA_ENC_DEV_KEY	0
 #define FPGA_ENC_USR_KEY	1
 #define FPGA_NO_ENC_OR_NO_AUTH	2

--- a/include/xilinx.h
+++ b/include/xilinx.h
@ -40,6 +40,7 @@ typedef enum {			/* typedef xilinx_family */
 /* FPGA bitstream supported types */
 #define FPGA_LEGACY			BIT(0)
 #define FPGA_XILINX_ZYNQMP_DDRAUTH	BIT(1)
+#define FPGA_XILINX_ZYNQMP_ENC		BIT(2)

 typedef struct {		/* typedef xilinx_desc */
 	xilinx_family family;	/* part type */
--- a/include/zynqmppl.h
+++ b/include/zynqmppl.h
@ -26,7 +26,9 @@
 extern struct xilinx_fpga_op zynqmp_op;

 #if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
-#define ZYNQMP_FPGA_FLAGS	(FPGA_LEGACY | FPGA_XILINX_ZYNQMP_DDRAUTH)
+#define ZYNQMP_FPGA_FLAGS	(FPGA_LEGACY | \
+				 FPGA_XILINX_ZYNQMP_DDRAUTH | \
+				 FPGA_XILINX_ZYNQMP_ENC)
 #else
 #define ZYNQMP_FPGA_FLAGS	(FPGA_LEGACY)
 #endif