Add supporting new compatible string "u-boot,zynqmp-fpga-enc" to handle loading encrypted bitfiles.
This feature requires encrypted FSBL,as according to UG1085: "The CSU automatically locks out the AES key, stored in either BBRAM or eFUSEs, as a key source to the AES engine if the FSBL is not encrypted. This prevents using the BBRAM or eFUSE as the key source to the AES engine during run-time applications." Signed-off-and-tested-by: Adrian Fiergolski <[email protected]> --- doc/uImage.FIT/source_file_format.txt | 2 ++ drivers/fpga/zynqmppl.c | 14 ++++++++++---- include/fpga.h | 1 + 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/doc/uImage.FIT/source_file_format.txt b/doc/uImage.FIT/source_file_format.txt index 461e2af2a8..6870111840 100644 --- a/doc/uImage.FIT/source_file_format.txt +++ b/doc/uImage.FIT/source_file_format.txt @@ -188,6 +188,8 @@ the '/images' node should have the following layout: "u-boot,fpga-legacy" - the generic fpga loading routine. "u-boot,zynqmp-fpga-ddrauth" - signed non-encrypted FPGA bitstream for Xilinx Zynq UltraScale+ (ZymqMP) device. + "u-boot,zynqmp-fpga-enc" - encrypted FPGA bitstream for Xilinx Zynq + UltraScale+ (ZynqMP) device. Optional nodes: - hash-1 : Each hash sub-node represents separate hash or checksum diff --git a/drivers/fpga/zynqmppl.c b/drivers/fpga/zynqmppl.c index 0ce641e495..1090734936 100644 --- a/drivers/fpga/zynqmppl.c +++ b/drivers/fpga/zynqmppl.c @@ -214,7 +214,7 @@ static int zynqmp_load(xilinx_desc **desc_ptr, const void *buf, size_t bsize, fpga_desc *fdesc = container_of((void *)desc_ptr, fpga_desc, devdesc); if (fdesc && fdesc->compatible && - !strcmp(fdesc->compatible, "u-boot,zynqmp-fpga-ddrauth")) { + strncmp(fdesc->compatible, "u-boot,fpga-legacy", 18)) { struct fpga_secure_info info = { 0 }; if (!CONFIG_IS_ENABLED(FPGA_LOAD_SECURE)) { @@ -226,9 +226,15 @@ static int zynqmp_load(xilinx_desc **desc_ptr, const void *buf, size_t bsize, printf("%s: Missing load operation\n", __func__); return FPGA_FAIL; } - /* DDR authentication */ - info.authflag = 1; - info.encflag = 2; + if (!strncmp(fdesc->compatible+19, "enc", 3)) { + /* Encryption using device key */ + info.authflag = FPGA_NO_ENC_OR_NO_AUTH; + info.encflag = FPGA_ENC_DEV_KEY; + } else { + /* DDR authentication */ + info.authflag = ZYNQMP_FPGA_AUTH_DDR; + info.encflag = FPGA_NO_ENC_OR_NO_AUTH; + } return desc->operations->loads(desc, buf, bsize, &info); } diff --git a/include/fpga.h b/include/fpga.h index 2891f32106..cdf80fedf6 100644 --- a/include/fpga.h +++ b/include/fpga.h @@ -20,6 +20,7 @@ /* device numbers must be non-negative */ #define FPGA_INVALID_DEVICE -1 +#define FPGA_ENC_DEV_KEY 0 #define FPGA_ENC_USR_KEY 1 #define FPGA_NO_ENC_OR_NO_AUTH 2 -- 2.35.1
