[PATCH v11 12/13] fpga: zynqmp: support loading authenticated images
Oleksandr Suvorov
oleksandr.suvorov at foundries.io
Tue Jul 5 21:23:19 CEST 2022
Add supporting new compatible string "u-boot,zynqmp-fpga-ddrauth" to
handle loading authenticated images (DDR).
Based on solution by Jorge Ramirez-Ortiz <jorge at foundries.io>
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov at foundries.io>
Tested-by: Ricardo Salveti <ricardo at foundries.io>
---
Changes in v11:
- Fix treating an incoming FPGA image with empty flags parameter as
legacy.
Changes in v10:
- Support DDR images only if FPGA_LOAD_SECURE enabled.
boot/Kconfig | 4 +--
doc/uImage.FIT/source_file_format.txt | 5 +++-
drivers/fpga/zynqmppl.c | 43 ++++++++++++++++++++++-----
include/xilinx.h | 1 +
include/zynqmppl.h | 4 +++
5 files changed, 47 insertions(+), 10 deletions(-)
diff --git a/boot/Kconfig b/boot/Kconfig
index 08451c65a56..e30643d3071 100644
--- a/boot/Kconfig
+++ b/boot/Kconfig
@@ -210,8 +210,8 @@ config SPL_LOAD_FIT
1. "loadables" images, other than FDTs, which do not have a "load"
property will not be loaded. This limitation also applies to FPGA
images with the correct "compatible" string.
- 2. For FPGA images, only the "compatible" = "u-boot,fpga-legacy"
- loading method is supported.
+ 2. For FPGA images, the supported "compatible" list is in the
+ doc/uImage.FIT/source_file_format.txt.
3. FDTs are only loaded for images with an "os" property of "u-boot".
"linux" images are also supported with Falcon boot mode.
diff --git a/doc/uImage.FIT/source_file_format.txt b/doc/uImage.FIT/source_file_format.txt
index f93ac6d1c7b..461e2af2a84 100644
--- a/doc/uImage.FIT/source_file_format.txt
+++ b/doc/uImage.FIT/source_file_format.txt
@@ -184,7 +184,10 @@ the '/images' node should have the following layout:
Mandatory for types: "firmware", and "kernel".
- compatible : compatible method for loading image.
Mandatory for types: "fpga", and images that do not specify a load address.
- To use the generic fpga loading routine, use "u-boot,fpga-legacy".
+ Supported compatible methods:
+ "u-boot,fpga-legacy" - the generic fpga loading routine.
+ "u-boot,zynqmp-fpga-ddrauth" - signed non-encrypted FPGA bitstream for
+ Xilinx Zynq UltraScale+ (ZymqMP) device.
Optional nodes:
- hash-1 : Each hash sub-node represents separate hash or checksum
diff --git a/drivers/fpga/zynqmppl.c b/drivers/fpga/zynqmppl.c
index 5e74360220e..d8f11c26103 100644
--- a/drivers/fpga/zynqmppl.c
+++ b/drivers/fpga/zynqmppl.c
@@ -9,6 +9,7 @@
#include <common.h>
#include <compiler.h>
#include <cpu_func.h>
+#include <fpga.h>
#include <log.h>
#include <zynqmppl.h>
#include <zynqmp_firmware.h>
@@ -201,9 +202,12 @@ static int zynqmp_validate_bitstream(xilinx_desc *desc, const void *buf,
static int zynqmp_check_compatible(xilinx_desc *desc, int flags)
{
- /* If no flags set, the image is legacy */
+ /*
+ * If no flags set, the image may be legacy, but we need to
+ * signal caller this situation with specific error code.
+ */
if (!flags)
- return 0;
+ return -ENODATA;
/* For legacy bitstream images no need for other methods exist */
if ((flags & desc->flags) && flags == FPGA_LEGACY)
@@ -218,7 +222,7 @@ static int zynqmp_check_compatible(xilinx_desc *desc, int flags)
(flags & desc->flags))
return 0;
- return FPGA_FAIL;
+ return -ENODEV;
}
static int zynqmp_load(xilinx_desc *desc, const void *buf,
@@ -232,11 +236,33 @@ static int zynqmp_load(xilinx_desc *desc, const void *buf,
u32 buf_lo, buf_hi;
u32 bsize_req = (u32)bsize;
u32 ret_payload[PAYLOAD_ARG_CNT];
-
+#if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
+ struct fpga_secure_info info = { 0 };
+#endif
debug("%s called!\n", __func__);
- if (zynqmp_check_compatible(desc, flags)) {
- puts("Missing loads operation or unsupported bitstream type\n");
+ ret = zynqmp_check_compatible(desc, flags);
+ if (ret) {
+ if (ret != -ENODATA) {
+ puts("Missing loads operation or unsupported bitstream type\n");
+ return FPGA_FAIL;
+ }
+ /* If flags is not set, the image treats as legacy */
+ flags = FPGA_LEGACY;
+ }
+
+ switch (flags) {
+ case FPGA_LEGACY:
+ break; /* Handle the legacy image later in this function */
+#if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
+ case FPGA_XILINX_ZYNQMP_DDRAUTH:
+ /* DDR authentication */
+ info.authflag = ZYNQMP_FPGA_AUTH_DDR;
+ info.encflag = FPGA_NO_ENC_OR_NO_AUTH;
+ return desc->operations->loads(desc, buf, bsize, &info);
+#endif
+ default:
+ printf("Unsupported bitstream type %d\n", flags);
return FPGA_FAIL;
}
@@ -334,7 +360,10 @@ static int zynqmp_str2flag(xilinx_desc *desc, const char *str)
{
if (!strncmp(str, "u-boot,fpga-legacy", 18))
return FPGA_LEGACY;
-
+#if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
+ if (!strncmp(str, "u-boot,zynqmp-fpga-ddrauth", 26))
+ return FPGA_XILINX_ZYNQMP_DDRAUTH;
+#endif
return 0;
}
diff --git a/include/xilinx.h b/include/xilinx.h
index 89a12818311..ffd95ad7225 100644
--- a/include/xilinx.h
+++ b/include/xilinx.h
@@ -39,6 +39,7 @@ typedef enum { /* typedef xilinx_family */
/* FPGA bitstream supported types */
#define FPGA_LEGACY BIT(0)
+#define FPGA_XILINX_ZYNQMP_DDRAUTH BIT(1)
typedef struct { /* typedef xilinx_desc */
xilinx_family family; /* part type */
diff --git a/include/zynqmppl.h b/include/zynqmppl.h
index 8401a850afb..87ccd2f394c 100644
--- a/include/zynqmppl.h
+++ b/include/zynqmppl.h
@@ -25,6 +25,10 @@
extern struct xilinx_fpga_op zynqmp_op;
+#if CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)
+#define ZYNQMP_FPGA_FLAGS (FPGA_LEGACY | FPGA_XILINX_ZYNQMP_DDRAUTH)
+#else
#define ZYNQMP_FPGA_FLAGS (FPGA_LEGACY)
+#endif
#endif /* _ZYNQMPPL_H_ */
--
2.36.1
More information about the U-Boot
mailing list