review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Russ Weight <russell.h.weight@intel.com>
	Mon, 6 Jun 2022 16:00:35 +0000 (09:00 -0700)
committer	Xu Yilun <yilun.xu@intel.com>
	Wed, 8 Jun 2022 09:04:37 +0000 (17:04 +0800)
commit	bdf86d0e6ca307de8c85e9363b31ca8c86c0b0c7
tree	66d81cfa1292c584a941aa4f35c2ab7139721be7	tree \| snapshot
parent	3f83b62a7bfa273959cb124bb581a20a68d114c3	commit \| diff

fpga: m10bmc-sec: create max10 bmc secure update

Create a sub-driver for the FPGA Card BMC in order to support secure
updates. This patch creates the Max10 BMC Secure Update driver and
provides sysfs files for displaying the root entry hashes (REH) for the
FPGA static region (SR), the FPGA Partial Reconfiguration (PR) region,
and the card BMC.

The Intel MAX10 BMC Root of Trust (RoT) requires that all BMC Nios firmware
and FPGA images are authenticated using ECDSA before loading and executing
on the card. Code Signing Keys (CSK) are used to sign images. CSKs are
signed by a root key. The root entry hash is created from the root public
key.

The RoT provides authentication by storing an REH bitstream to a write-once
location. Image signatures are verified against the hash.

Reviewed-by: Tom Rix <trix@redhat.com>
Tested-by: Tianfei Zhang <tianfei.zhang@intel.com>
Signed-off-by: Russ Weight <russell.h.weight@intel.com>
Link: https://lore.kernel.org/r/20220606160038.846236-3-russell.h.weight@intel.com
Signed-off-by: Xu Yilun <yilun.xu@intel.com>

Documentation/ABI/testing/sysfs-driver-intel-m10-bmc-sec-update	[new file with mode: 0644]	blob
MAINTAINERS		diff \| blob \| history
drivers/fpga/Kconfig		diff \| blob \| history
drivers/fpga/Makefile		diff \| blob \| history
drivers/fpga/intel-m10-bmc-sec-update.c	[new file with mode: 0644]	blob