[PATCH v6 7/7] fpga: zynqmp: support loading encrypted bitfiles

Michal Simek michal.simek at xilinx.com
Thu Apr 7 10:15:13 CEST 2022 


On 2/7/22 12:18, Adrian Fiergolski wrote:
> Add supporting new compatible string "u-boot,zynqmp-fpga-enc" to handle
> loading encrypted bitfiles.
> 
> This feature requires encrypted FSBL,as according to UG1085:
> "The CSU automatically locks out the AES key, stored in either BBRAM or eFUSEs,
>   as a key source to the AES engine if the FSBL is not encrypted. This prevents
>   using the BBRAM or eFUSE as the key source to the AES engine during run-time
>   applications."
> 
> Signed-off-and-tested-by: Adrian Fiergolski <adrian.fiergolski at fastree3d.com>
> ---
>   doc/uImage.FIT/source_file_format.txt |  2 ++
>   drivers/fpga/zynqmppl.c               | 16 ++++++++++++----
>   2 files changed, 14 insertions(+), 4 deletions(-)
> 
> diff --git a/doc/uImage.FIT/source_file_format.txt b/doc/uImage.FIT/source_file_format.txt
> index 461e2af2a8..2cf77ba3e9 100644
> --- a/doc/uImage.FIT/source_file_format.txt
> +++ b/doc/uImage.FIT/source_file_format.txt
> @@ -188,6 +188,8 @@ the '/images' node should have the following layout:
>       "u-boot,fpga-legacy" - the generic fpga loading routine.
>       "u-boot,zynqmp-fpga-ddrauth" - signed non-encrypted FPGA bitstream for
>       Xilinx Zynq UltraScale+ (ZymqMP) device.
> +    "u-boot,zynqmp-fpga-enc" - encrypted FPGA bitstream for Xilinx Zynq
> +    UltraScale+ (ZymqMP) device.

ZynqMP

>   
>     Optional nodes:
>     - hash-1 : Each hash sub-node represents separate hash or checksum
> diff --git a/drivers/fpga/zynqmppl.c b/drivers/fpga/zynqmppl.c
> index bf6f56e1c4..5fcca8d1b8 100644
> --- a/drivers/fpga/zynqmppl.c
> +++ b/drivers/fpga/zynqmppl.c
> @@ -214,7 +214,9 @@ static int zynqmp_load(xilinx_desc **desc_ptr, const void *buf, size_t bsize,
>   	fpga_desc *fdesc = container_of((void *)desc_ptr, fpga_desc, devdesc);
>   
>   	if (fdesc && fdesc->compatible &&
> -	    !strcmp(fdesc->compatible, "u-boot,zynqmp-fpga-ddrauth")) {
> +	    ( !strcmp(fdesc->compatible, "u-boot,zynqmp-fpga-ddrauth") ||
> +	      !strcmp(fdesc->compatible, "u-boot,zynqmp-fpga-enc") )
> +	      ) {

coding style and I think you should revert the logic here. You should check 
u-boot-fpga-legacy and use inverted logic if possible which should save some bytes.

And strncmp


>   		if (CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)) {
>   			struct fpga_secure_info info = { 0 };
>   
> @@ -222,9 +224,15 @@ static int zynqmp_load(xilinx_desc **desc_ptr, const void *buf, size_t bsize,
>   				printf("%s: Missing load operation\n", __func__);
>   				return FPGA_FAIL;
>   			}
> -			/* DDR authentication */
> -			info.authflag = 1;
> -			info.encflag = 2;
> +			if(!strcmp(fdesc->compatible+19, "enc")){

coding style issues and use strncmp.

> +			  /* Encryption using device key*/

coding style issues.

> +			  info.authflag = 2;
> +			  info.encflag = 0;

You should use macros for it.


> +			} else {
> +			  /* DDR authentication */
> +			  info.authflag = 1;
> +			  info.encflag = 2;

ditto.

> +			}
>   			return desc->operations->loads(desc, buf, bsize, &info);
>   		} else {
>   			printf("No support for %s\n", fdesc->compatible);

M

More information about the U-Boot mailing list