[PATCHv2 0/2] add Intel SoCFPGA crypto service driver
From: richard . gong
Date: Mon Aug 17 2020 - 09:33:33 EST
From: Richard Gong <richard.gong@xxxxxxxxx>
This is the 2nd submission of Intel SoCFPGA crypto service driver.
I followed the process to register or request a valid IOCTL number/letter,
but I got the delivery failure status notification.
Cypto service driver and service layer driver patches have been reviewed
internally by colleagues at Intel.
Intel SoCFPGA is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, remote system update,
crypto and warm reset.
To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.
Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration, Remote System Update and FPGA crypto service (FCS).
Running at privileged exception level (EL1, Exception Level 1), Intel
Stratix10 service layer driver interfaces with the service clients at EL1
and manages secure monitor call (SMC) to communicate with secure monitor
software at secure monitor exception level (EL3).
The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encryption standard (AES) encryption and decryption services.
To perform supporting crypto features on Intel SoCFPGA platforms, Linux
user-space application interacts with FPGA crypto service (FCS) driver via
structures defined in include/uapi/linux/intel_fcs-ioctl.h.
The application allocates spaces for IOCTL structure to hold the contents
or points to the data that FCS driver needs, uses IOCTL calls to passes
data to kernel FCS driver for processing at low level firmware and get
processed data or status back form the low level firmware via FCS driver.
The user-space application named as fcs_client is at
https://github.com/altera-opensource/fcs_apps/tree/fcs_client.
Richard Gong (2):
firmware: stratix10-svc: extend svc to support new crypto features
misc: add Intel SoCFPGA crypto service driver
drivers/firmware/stratix10-svc.c | 178 +++++-
drivers/misc/Kconfig | 12 +
drivers/misc/Makefile | 1 +
drivers/misc/intel-fcs.c | 709 +++++++++++++++++++++
include/linux/firmware/intel/stratix10-smc.h | 147 ++++-
.../linux/firmware/intel/stratix10-svc-client.h | 42 ++
include/uapi/linux/intel-fcs_ioctl.h | 222 +++++++
7 files changed, 1292 insertions(+), 19 deletions(-)
create mode 100644 drivers/misc/intel-fcs.c
create mode 100644 include/uapi/linux/intel-fcs_ioctl.h
--
2.7.4