[PATCHv1] Add Intel Stratix10 service layer binding

2018-01-23 Thread richard . gong
From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
configured from HPS, there needs to be a way for HPS to notify SDM the
location and size of the configuration data. Then SDM will get the
configuration data from that location and perform the FPGA configuration.

To meet the whole system security needs and support virtual machine requesting
communication with SDM, only the secure world of software (EL3, Exception
Layer 3) can interface with SDM. All software entities running on other
exception layers must channel through the EL3 software whenever it needs
service from SDM.

Intel Stratix10 service layer driver, running at privileged exception level
(EL1, Exception Layer 1), interfaces with the service providers and provides
the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
driver also manages secure monitor call (SMC) to communicate with secure monitor
code running in EL3.

This patch adds a device tree binding for Intel Stratix10 service layer driver

Richard Gong (1):
  dt-bindings: misc: add Intel Stratix10 service layer binding

 .../devicetree/bindings/misc/intel-service.txt | 56 ++
 1 file changed, 56 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/misc/intel-service.txt

-- 
2.7.4



[PATCHv1] dt-bindings: misc: add Intel Stratix10 service layer binding

2018-01-23 Thread richard . gong
From: Richard Gong 

Add a device tree binding for the Intel Stratix10 service layer driver

Signed-off-by: Richard Gong 
---
 .../devicetree/bindings/misc/intel-service.txt | 56 ++
 1 file changed, 56 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/misc/intel-service.txt

diff --git a/Documentation/devicetree/bindings/misc/intel-service.txt 
b/Documentation/devicetree/bindings/misc/intel-service.txt
new file mode 100644
index 000..254e4a1
--- /dev/null
+++ b/Documentation/devicetree/bindings/misc/intel-service.txt
@@ -0,0 +1,56 @@
+Intel Service Layer Driver for Stratix10 SoC
+
+Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
+configured from HPS, there needs to be a way for HPS to notify SDM the
+location and size of the configuration data. Then SDM will get the
+configuration data from that location and perform the FPGA configuration.
+
+To meet the whole system security needs and support virtual machine requesting
+communication with SDM, only the secure world of software (EL3, Exception
+Layer 3) can interface with SDM. All software entities running on other
+exception layers must channel through the EL3 software whenever it needs
+service from SDM.
+
+Intel Stratix10 service layer driver, running at privileged exception level
+(EL1, Exception Layer 1), interfaces with the service providers and provides
+the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
+driver also manages secure monitor call (SMC) to communicate with secure 
monitor
+code running in EL3.
+
+Required properties:
+
+The following are the mandatory properties:
+
+- compatible:
+   "intc,svc-1.0"
+- method:
+   smc or hvc
+   smc - Secure Monitor Call
+   hvc - Hypervisor Call
+- memory-region:
+   phandle to the reserved memory node. See
+   
Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
+   for details
+
+Example:
+
+
+   reserved-memory {
+#address-cells = <2>;
+#size-cells = <2>;
+ranges;
+
+service_reserved: svcbuffer@0 {
+compatible = "shared-dma-pool";
+reg = <0x0 0x0 0x0 0x100>;
+alignment = <0x1000>;
+no-map;
+};
+};
+
+   svc {
+   compatible = "intc,svc-1.0";
+   method = "smc";
+   memory-region = <&service_reserved>
+   };
-- 
2.7.4



[PATCHv1] Add Intel Stratix10 service layer driver

2018-01-25 Thread richard . gong
From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the hardware
which does the FPGA configuration, QSPI, Crypto and warm reset.

When the FPGA is configured from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA 
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever it
needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

Richard Gong (1):
  driver: misc: add Intel Stratix10 service layer driver

 drivers/misc/Kconfig   |   3 +-
 drivers/misc/Makefile  |   3 +-
 drivers/misc/intel-service/Kconfig |   9 +
 drivers/misc/intel-service/Makefile|   2 +
 drivers/misc/intel-service/intel_service.c | 703 +
 include/linux/intel-service-client.h   | 227 ++
 include/linux/intel-service.h  | 122 +
 include/linux/intel-smc.h  | 246 ++
 8 files changed, 1313 insertions(+), 2 deletions(-)
 create mode 100644 drivers/misc/intel-service/Kconfig
 create mode 100644 drivers/misc/intel-service/Makefile
 create mode 100644 drivers/misc/intel-service/intel_service.c
 create mode 100644 include/linux/intel-service-client.h
 create mode 100644 include/linux/intel-service.h
 create mode 100644 include/linux/intel-smc.h

-- 
2.7.4



[PATCHv1] driver: misc: add Intel Stratix10 service layer driver

2018-01-25 Thread richard . gong
From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, Crypto and warm reset.

When the FPGA is configured from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Signed-off-by: Richard Gong 
---
 drivers/misc/Kconfig   |   3 +-
 drivers/misc/Makefile  |   3 +-
 drivers/misc/intel-service/Kconfig |   9 +
 drivers/misc/intel-service/Makefile|   2 +
 drivers/misc/intel-service/intel_service.c | 703 +
 include/linux/intel-service-client.h   | 227 ++
 include/linux/intel-service.h  | 122 +
 include/linux/intel-smc.h  | 246 ++
 8 files changed, 1313 insertions(+), 2 deletions(-)
 create mode 100644 drivers/misc/intel-service/Kconfig
 create mode 100644 drivers/misc/intel-service/Makefile
 create mode 100644 drivers/misc/intel-service/intel_service.c
 create mode 100644 include/linux/intel-service-client.h
 create mode 100644 include/linux/intel-service.h
 create mode 100644 include/linux/intel-smc.h

diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 4c842e8..eaca4bb 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig
@@ -1,4 +1,4 @@
-#
+# SPDX-License-Identifier: GPL-2.0
 # Misc strange devices
 #
 
@@ -528,6 +528,7 @@ source "drivers/misc/eeprom/Kconfig"
 source "drivers/misc/cb710/Kconfig"
 source "drivers/misc/ti-st/Kconfig"
 source "drivers/misc/lis3lv02d/Kconfig"
+source "drivers/misc/intel-service/Kconfig"
 source "drivers/misc/altera-stapl/Kconfig"
 source "drivers/misc/mei/Kconfig"
 source "drivers/misc/vmw_vmci/Kconfig"
diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index e07c116..6ee779d 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile
@@ -1,4 +1,4 @@
-#
+# SPDX-License-Identifier: GPL-2.0
 # Makefile for misc devices that really don't fit anywhere else.
 #
 
@@ -58,6 +58,7 @@ obj-$(CONFIG_CXL_BASE)+= cxl/
 obj-$(CONFIG_ASPEED_LPC_CTRL)  += aspeed-lpc-ctrl.o
 obj-$(CONFIG_ASPEED_LPC_SNOOP) += aspeed-lpc-snoop.o
 obj-$(CONFIG_PCI_ENDPOINT_TEST)+= pci_endpoint_test.o
+obj-$(CONFIG_INTEL_SERVICE)+= intel-service/
 
 lkdtm-$(CONFIG_LKDTM)  += lkdtm_core.o
 lkdtm-$(CONFIG_LKDTM)  += lkdtm_bugs.o
diff --git a/drivers/misc/intel-service/Kconfig 
b/drivers/misc/intel-service/Kconfig
new file mode 100644
index 000..69ce397
--- /dev/null
+++ b/drivers/misc/intel-service/Kconfig
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: GPL-2.0
+config INTEL_SERVICE
+   tristate "Intel Service Controller"
+   default y
+   depends on ARCH_STRATIX10
+   help
+An implementation of Intel service controller. It is used to provide 
service to
+FPGA manager on Intel Stratix 10 SOC for FPGA configuration. Say Y 
here if you
+want Intel service controller support
diff --git a/drivers/misc/intel-service/Makefile 
b/drivers/misc/intel-service/Makefile
new file mode 100644
index 000..9509b91
--- /dev/null
+++ b/drivers/misc/intel-service/Makefile
@@ -0,0 +1,2 @@
+# SPDX-License-Identifier: GPL-2.0
+obj-y += intel_service.o
diff --git a/drivers/misc/intel-service/intel_service.c 
b/drivers/misc/intel-service/intel_service.c
new file mode 100644
index 000..90f883c
--- /dev/null
+++ b/drivers/misc/intel-service/intel_service.c
@@ -0,0 +1,703 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2017-2018, Intel Corporation
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ 

Re: [PATCHv1] dt-bindings: misc: add Intel Stratix10 service layer binding

2018-02-01 Thread Richard Gong



On 01/30/2018 10:57 AM, Rob Herring wrote:

On Tue, Jan 23, 2018 at 01:25:02PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add a device tree binding for the Intel Stratix10 service layer driver

Signed-off-by: Richard Gong 
---
  .../devicetree/bindings/misc/intel-service.txt | 56 ++
  1 file changed, 56 insertions(+)
  create mode 100644 Documentation/devicetree/bindings/misc/intel-service.txt

diff --git a/Documentation/devicetree/bindings/misc/intel-service.txt 
b/Documentation/devicetree/bindings/misc/intel-service.txt
new file mode 100644
index 000..254e4a1
--- /dev/null
+++ b/Documentation/devicetree/bindings/misc/intel-service.txt
@@ -0,0 +1,56 @@
+Intel Service Layer Driver for Stratix10 SoC
+
+Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
+configured from HPS, there needs to be a way for HPS to notify SDM the
+location and size of the configuration data. Then SDM will get the
+configuration data from that location and perform the FPGA configuration.
+
+To meet the whole system security needs and support virtual machine requesting
+communication with SDM, only the secure world of software (EL3, Exception
+Layer 3) can interface with SDM. All software entities running on other
+exception layers must channel through the EL3 software whenever it needs
+service from SDM.
+
+Intel Stratix10 service layer driver, running at privileged exception level
+(EL1, Exception Layer 1), interfaces with the service providers and provides
+the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
+driver also manages secure monitor call (SMC) to communicate with secure 
monitor
+code running in EL3.
+
+Required properties:
+
+The following are the mandatory properties:
+
+- compatible:
+   "intc,svc-1.0"
+- method:
+   smc or hvc
+   smc - Secure Monitor Call
+   hvc - Hypervisor Call

Do you really need to support hvc or you are just copying and pasting
from other implementations?

Thanks for the review.
Yes, We need to support hvc.



+- memory-region:
+   phandle to the reserved memory node. See
+   
Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
+   for details

Please also put the svc node under the /firmware node and state that in
the binding.

Sure, I will fix that in the next version.

Regards,
Richard



+
+Example:
+
+
+   reserved-memory {
+#address-cells = <2>;
+#size-cells = <2>;
+ranges;
+
+service_reserved: svcbuffer@0 {
+compatible = "shared-dma-pool";
+reg = <0x0 0x0 0x0 0x100>;
+alignment = <0x1000>;
+no-map;
+};
+};
+
+   svc {
+   compatible = "intc,svc-1.0";
+   method = "smc";
+   memory-region = <&service_reserved>
+   };
--
2.7.4





Re: [PATCHv1] Add Intel Stratix10 service layer driver

2018-01-29 Thread Richard Gong

Hi Greg,

Many thanks for your reviews.


On 01/25/2018 10:53 AM, Greg KH wrote:

On Thu, Jan 25, 2018 at 10:39:03AM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the hardware
which does the FPGA configuration, QSPI, Crypto and warm reset.

When the FPGA is configured from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA 
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever it
needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

Richard Gong (1):
   driver: misc: add Intel Stratix10 service layer driver

  drivers/misc/Kconfig   |   3 +-
  drivers/misc/Makefile  |   3 +-
  drivers/misc/intel-service/Kconfig |   9 +
  drivers/misc/intel-service/Makefile|   2 +
  drivers/misc/intel-service/intel_service.c | 703 +
  include/linux/intel-service-client.h   | 227 ++
  include/linux/intel-service.h  | 122 +
  include/linux/intel-smc.h  | 246 ++

Simple questions first:
  - why do you have 3 different .h files for a single .c file?
This is because service layer driver interface with both the service 
provider and secure monitor SW.
intel-service-client.h is created to define interface between service 
providers (FPGA manager is one of them) and service layer. Alan Tull's 
FPGA manager .c file includes this header file
intel-smc.h defines the secure monitor call (SMC) message protocols used 
for service layer driver in normal world (EL1) to communicate with 
secure monitor SW in secure monitor exception level 3 (EL3). Also this 
header file is shared with firmware since both (FW, service layer) 
utilizes the same SMC message protocol.
intel-sevice.h is created to define service layer's own data structures 
(service controller, channel for communicating with service provider, 
shared memory region, private data etc)



  - why do you have any public .h files for a single .c file?

intel-service-client.h is public .h and should be at include/linux/
intel-service.h and intel-smc.h are private .h files, should be in 
driver/misc/ (assume I move .c file from driver/misc/intel-service/ to 
driver/misc/)

  - use the correct SPDX markers for your file licenses, Intel legal
knows all about this, please follow their rules.

I will follow those rules.

  - why is this in a subdirectory for a single .c file?
Currently service layer is implemented to support FPGA configuration 
only. We have the new requirements and need to extend service layer to 
support additional features such as QSPI, Crypto and warm reset. It is 
expected that a few new files will be added later.
For now I can move the single .c file from driver/misc/intel-service/ to 
driver/misc/.


Regards,
Richard

thanks,

greg k-h




[PATCHv11 0/8] Add Intel Stratix10 FPGA manager and service layer

2018-11-13 Thread richard . gong
From: Richard Gong 

This is the 11th submission of Intel Stratix10 service layer and FPGA
manager driver patches. Starting from 10th submission Stratix10 service
layer driver .c file is moved to drivers/firmware, header files is moved
to include/linux/firmware/intel. And other firmware interface includes
Stratix10 service layer document.

Stratix10 service layer patches have been reviewed internally by Alan Tull
and other colleagues at Intel.

Some features of the Intel Stratix10 SoC require a level of privilege
higher than the kernel is granted. Such secure features include
FPGA programming, remote status update, read and write the secure
registers. In terms of the ARMv8 architecture, the kernel runs at Exception
Level 1 (EL1), access to the features requires Exception Level 3 (EL3).

The Intel Stratix10 service layer provides kernel APIs for drivers to
request access to the secure features. The requests are queued and
processed one by one. ARM’s SMCCC is used to pass the execution of the
requests on to a secure monitor (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

v2: add patches for FPGA manager, FPGA manager binding, dts and defconfig
remove intel-service subdirectory and intel-service.h, move intel-smc.h
and intel-service.c to driver/misc subdirectory.
remove global variables.
change service layer driver be 'default n'.
correct SPDX markers.
add timeout for do..while() loop.
add kernel-doc for the functions and structs, correct multiline
comments.
replace kfifo_in and kfifo_out with kfifo_in_spinlocked and
kfifo_out_spinlocked.
rename struct intel_svc_data (at client header) to
intel_svc_client_msg.
rename struct intel_svc_private_mem to intel_svc_data.
other corrections/changes from Intel internal code reviews.
v3: change all exported functions with "intel_svc_" as the prefix.
increase timeout values for claiming back submitted buffer(s).
rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload.
add pr_err() to provide the error return value.
change to put fpga_mgr node under firmware/svc node.
change to FPGA manager to align the update of service client APIs, and
the update of fpga_mgr device node.
Other corrections/changes.
v4: s/intel/stratix10/ on some variables, structs, functions, and file
names intel-service.c -> stratix10-svc.c
intel-smc.h -> stratix10-smc.h
intel-service-client.h -> stratix10-svc-client.h.
remove non-kernel-doc formatting.
s/fpga-mgr@0/fpga-mgr/ to remove unit_address at fpga_mgr node.
add Rob's Reviewed-by.
add Richard's signed-off-by.
v5: add a new API statix10_svc_done() which is called by service client
when client request is completed or error occurs during request
process. Which allows service layer to free its resources.
remove dummy client from service layer client header and service layer
source file.
add Rob's Reviewed-by.
add a new file stratix10-svc.rst and add that to driver-api/index.rst.
kernel-doc fixes.
v6: replace kthread_create_on_cpu() with kthread_create_on_node().
extend stratix_svc_send() to support service client which doesn't use
memory allocated by service layer.
add S10_RECONFIG_TIMEOUT.
rename s/S10_BUF_TIMEOUT/S10_BUFFER_TIMEOUT/.
fix service layer and FPGA manager Klocwork errors.
v7: add remote status update client support.
s/pr_debug/dev_dbg, s/dev_info/dev_dbg.
add unlock buffer if s10_svc_send_msg() fails.
add release channel if fpga_mgr_create() fails.
handle invalid pointer at svc if the client passed an invalid name.
v8: move stratix10-smc.h to include/linux from driver/misc.
revert version 7 error code & smc function ID value changes at
stratix10-smc.h.
add a goto and common error handling at the end of fpga driver's.
probe function.
v9: remove a patch on defconfig for enable service layer and FPGA manager.
resolve a issue found at git-bisect test.
remove kernel-doc markups that aren't being built.
v10:move stratix10-smc.h and stratix10-svc-client.h to
include/linux/firmware/intel.
move stratix10-svc.c to drivers/firmware.
s/STRATIX10_SERVICE/INTEL_STRATIX10_SERVICE, fix a Klocwork error at
service layer driver.
s/stratix10_svc_command_reconfig_payload/
stratix10_svc_command_config_type.
add stratix10 service layer document to other firmware interface.
update path for the included header in Stratix10 FPGA manager driver.
v11:add Acked-by Moritz Fischer
add additional space at Kconfig file's help text
fix a type in commit message from patch #8

Alan Tull (3):
  dt-bindings: fpga: add Stratix10 SoC FPGA manager binding
  arm64: dts: stratix10: add fpga manager and region
  fpga: add intel stratix10 soc fpga manager dr

[PATCHv5 5/8] arm64: dts: stratix10: add fpga manager and region

2018-05-24 Thread richard . gong
From: Alan Tull 

Add the Stratix10 FPGA manager and a FPGA region to the
device tree.

Signed-off-by: Alan Tull 
Signed-off-by: Richard Gong 
---
v2: this patch is added in patch set version 2
v3: change to put fpga_mgr node under firmware/svc node
v4: s/fpga-mgr@0/fpga-mgr/ to remove unit_address
add Richard's signed-off-by
v5: no change
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 12 
 1 file changed, 12 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index c257287..8f8f409 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -106,6 +106,14 @@
interrupt-parent = <&intc>;
ranges = <0 0 0 0x>;
 
+   base_fpga_region {
+   #address-cells = <0x1>;
+   #size-cells = <0x1>;
+
+   compatible = "fpga-region";
+   fpga-mgr = <&fpga_mgr>;
+   };
+
clkmgr: clock-controller@ffd1 {
compatible = "intel,stratix10-clkmgr";
reg = <0xffd1 0x1000>;
@@ -506,6 +514,10 @@
compatible = "intel,stratix10-svc";
method = "smc";
memory-region = <&service_reserved>;
+
+   fpga_mgr: fpga-mgr {
+   compatible = 
"intel,stratix10-soc-fpga-mgr";
+   };
};
};
};
-- 
2.7.4



[PATCHv5 1/8] dt-bindings, firmware: add Intel Stratix10 service layer binding

2018-05-24 Thread richard . gong
From: Richard Gong 

Add a device tree binding for the Intel Stratix10 service layer driver

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
Reviewed-by: Rob Herring 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
v3: No change
v4: Add Rob's Reviewed-by
v5: No change
---
 .../bindings/firmware/intel,stratix10-svc.txt  | 57 ++
 1 file changed, 57 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt

diff --git a/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt 
b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
new file mode 100644
index 000..1fa6606
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
@@ -0,0 +1,57 @@
+Intel Service Layer Driver for Stratix10 SoC
+
+Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
+configured from HPS, there needs to be a way for HPS to notify SDM the
+location and size of the configuration data. Then SDM will get the
+configuration data from that location and perform the FPGA configuration.
+
+To meet the whole system security needs and support virtual machine requesting
+communication with SDM, only the secure world of software (EL3, Exception
+Layer 3) can interface with SDM. All software entities running on other
+exception layers must channel through the EL3 software whenever it needs
+service from SDM.
+
+Intel Stratix10 service layer driver, running at privileged exception level
+(EL1, Exception Layer 1), interfaces with the service providers and provides
+the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
+driver also manages secure monitor call (SMC) to communicate with secure 
monitor
+code running in EL3.
+
+Required properties:
+---
+The svc node has the following mandatory properties, must be located under
+the firmware node.
+
+- compatible: "intel,stratix10-svc"
+- method: smc or hvc
+smc - Secure Monitor Call
+hvc - Hypervisor Call
+- memory-region:
+   phandle to the reserved memory node. See
+   Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
+   for details
+
+Example:
+---
+
+   reserved-memory {
+#address-cells = <2>;
+#size-cells = <2>;
+ranges;
+
+service_reserved: svcbuffer@0 {
+compatible = "shared-dma-pool";
+reg = <0x0 0x0 0x0 0x100>;
+alignment = <0x1000>;
+no-map;
+};
+};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
-- 
2.7.4



[PATCHv5 8/8] Documentation: driver-api: add stratix10 service layer

2018-05-24 Thread richard . gong
From: Richard Gong 

Add new file stratix10-svc.rst
Add stratix10-svc.rst to driver-api/index.rst

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v5: this patch is added in patch set version 5
---
 Documentation/driver-api/index.rst |  1 +
 Documentation/driver-api/stratix10-svc.rst | 32 ++
 2 files changed, 33 insertions(+)
 create mode 100644 Documentation/driver-api/stratix10-svc.rst

diff --git a/Documentation/driver-api/index.rst 
b/Documentation/driver-api/index.rst
index 6d8352c..4b31109 100644
--- a/Documentation/driver-api/index.rst
+++ b/Documentation/driver-api/index.rst
@@ -49,6 +49,7 @@ available subsections can be seen below.
dmaengine/index
slimbus
soundwire/index
+   stratix10-svc
 
 .. only::  subproject and html
 
diff --git a/Documentation/driver-api/stratix10-svc.rst 
b/Documentation/driver-api/stratix10-svc.rst
new file mode 100644
index 000..ed361d8
--- /dev/null
+++ b/Documentation/driver-api/stratix10-svc.rst
@@ -0,0 +1,32 @@
+
+Intel Stratix10 SoC Service Layer
+=
+
+Some features of the Intel Stratix10 SoC require a level of privilege
+higher than the kernel is granted. Such secure features include
+FPGA programming. In terms of the ARMv8 architecture, the kernel runs
+at Exception Level 1 (EL1), access to the features requires
+Exception Level 3 (EL3).
+
+The Intel Stratix10 SoC service layer provides an in kernel API for
+drivers to request access to the secure features. The requests are queued
+and processed one by one. ARM’s SMCCC is used to pass the execution
+of the requests on to a secure monitor (EL3).
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_command_code
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_client_msg
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_command_reconfig_payload
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_cb_data
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_client
+
+.. kernel-doc:: drivers/misc/stratix10-svc.c
+   :export:
-- 
2.7.4



[PATCHv5 0/8] Add Intel Stratix10 FPGA manager and service layer

2018-05-24 Thread richard . gong
From: Richard Gong 

This is the 5th submission of Intel stratix10 service layer patches. Intel
Stratix10 FPGA manager, which is 1st Stratix10 service layer client, is
included in this submission.

Stratix10 service layer patches have been reviewed internally by Alan Tull
and other colleagues at Intel.

Some features of the Intel Stratix10 SoC require a level of privilege
higher than the kernel is granted. Such secure features include
FPGA programming. In terms of the ARMv8 architecture, the kernel runs
at Exception Level 1 (EL1), access to the features requires
Exception Level 3 (EL3).

The Intel Stratix10 service layer provides an in kernel API for drivers to
request access to the secure features. The requests are queued and
processed one by one. ARM’s SMCCC is used to pass the execution of the
requests on to a secure monitor (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

v2: add patches for FPGA manager, FPGA manager binding, dts and defconfig
remove intel-service subdirectory and intel-service.h, move intel-smc.h
and intel-service.c to driver/misc subdirectory
remove global variables
change service layer driver be 'default n'
correct SPDX markers
add timeout for do..while() loop
add kernel-doc for the functions and structs, correct multiline comments
replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
other corrections/changes from Intel internal code reviews
v3: change all exported functions with "intel_svc_" as the prefix
increase timeout values for claiming back submitted buffer(s)
rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload
add pr_err() to provide the error return value
change to put fpga_mgr node under firmware/svc node
change to FPGA manager to align the update of service client APIs, and the
update of fpga_mgr device node
Other corrections/changes
v4: s/intel/stratix10/ on some variables, structs, functions, and file names
intel-service.c -> stratix10-svc.c
intel-smc.h -> stratix10-smc.h
intel-service-client.h -> stratix10-svc-client.h
remove non-kernel-doc formatting
s/fpga-mgr@0/fpga-mgr/ to remove unit_address at fpga_mgr node
add Rob's Reviewed-by
add Richard's signed-off-by
v5: add a new API statix10_svc_done() which is called by service client
when client request is completed or error occurs during request
process. Which allows service layer to free its resources.
remove dummy client from service layer client header and service layer
source file.
add Rob's Reviewed-by
add a new file stratix10-svc.rst and add that to driver-api/index.rst
kernel-doc fixes

Alan Tull (3):
  dt-bindings: fpga: add Stratix10 SoC FPGA manager binding
  arm64: dts: stratix10: add fpga manager and region
  fpga: add intel stratix10 soc fpga manager driver

Richard Gong (5):
  dt-bindings, firmware: add Intel Stratix10 service layer binding
  arm64: dts: stratix10: add stratix10 service driver binding to base
dtsi
  driver, misc: add Intel Stratix10 service layer driver
  defconfig: enable fpga and service layer
  Documentation: driver-api: add stratix10 service layer

 .../bindings/firmware/intel,stratix10-svc.txt  |  57 ++
 .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt |  17 +
 Documentation/driver-api/index.rst |   1 +
 Documentation/driver-api/stratix10-svc.rst |  32 +
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi  |  33 +
 arch/arm64/configs/defconfig   |   6 +
 drivers/fpga/Kconfig   |   6 +
 drivers/fpga/Makefile  |   1 +
 drivers/fpga/stratix10-soc.c   | 545 
 drivers/misc/Kconfig   |  12 +
 drivers/misc/Makefile  |   1 +
 drivers/misc/stratix10-smc.h   | 205 +
 drivers/misc/stratix10-svc.c   | 984 +
 include/linux/stratix10-svc-client.h   | 199 +
 14 files changed, 2099 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
 create mode 100644 Documentation/driver-api/stratix10-svc.rst
 create mode 100644 drivers/fpga/stratix10-soc.c
 create mode 100644 drivers/misc/stratix10-smc.h
 create mode 100644 drivers/misc/stratix10-svc.c
 create mode 100644 include/linux/stratix10-svc-client.h

-- 
2.7.4



[PATCHv5 6/8] fpga: add intel stratix10 soc fpga manager driver

2018-05-24 Thread richard . gong
From: Alan Tull 

Add driver for reconfiguring Intel Stratix10 SoC FPGA devices.
This driver communicates through the Intel Service Driver which
does communication with privileged hardware (that does the
FPGA programming) through a secure mailbox.

Signed-off-by: Alan Tull 
Signed-off-by: Richard Gong 
---
v2: this patch is added in patch set version 2
v3: change to align to the update of service client APIs, and the
update of fpga_mgr device node
v4: changes to align with stratix10-svc-client API updates
add Richard's signed-off-by
v5: update to align changes at service layer to minimize service
layer thread usages
---
 drivers/fpga/Kconfig |   6 +
 drivers/fpga/Makefile|   1 +
 drivers/fpga/stratix10-soc.c | 545 +++
 3 files changed, 552 insertions(+)
 create mode 100644 drivers/fpga/stratix10-soc.c

diff --git a/drivers/fpga/Kconfig b/drivers/fpga/Kconfig
index f47ef84..1624a73 100644
--- a/drivers/fpga/Kconfig
+++ b/drivers/fpga/Kconfig
@@ -57,6 +57,12 @@ config FPGA_MGR_ZYNQ_FPGA
help
  FPGA manager driver support for Xilinx Zynq FPGAs.
 
+config FPGA_MGR_STRATIX10_SOC
+   tristate "Intel Stratix10 SoC FPGA Manager"
+   depends on (ARCH_STRATIX10 && STRATIX10_SERVICE)
+   help
+ FPGA manager driver support for the Intel Stratix10 SoC.
+
 config FPGA_MGR_XILINX_SPI
tristate "Xilinx Configuration over Slave Serial (SPI)"
depends on SPI
diff --git a/drivers/fpga/Makefile b/drivers/fpga/Makefile
index 3cb276a..6eef670 100644
--- a/drivers/fpga/Makefile
+++ b/drivers/fpga/Makefile
@@ -12,6 +12,7 @@ obj-$(CONFIG_FPGA_MGR_ALTERA_PS_SPI)  += altera-ps-spi.o
 obj-$(CONFIG_FPGA_MGR_ICE40_SPI)   += ice40-spi.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA) += socfpga.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA_A10) += socfpga-a10.o
+obj-$(CONFIG_FPGA_MGR_STRATIX10_SOC)   += stratix10-soc.o
 obj-$(CONFIG_FPGA_MGR_TS73XX)  += ts73xx-fpga.o
 obj-$(CONFIG_FPGA_MGR_XILINX_SPI)  += xilinx-spi.o
 obj-$(CONFIG_FPGA_MGR_ZYNQ_FPGA)   += zynq-fpga.o
diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
new file mode 100644
index 000..d645ef7
--- /dev/null
+++ b/drivers/fpga/stratix10-soc.c
@@ -0,0 +1,545 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * FPGA Manager Driver for Intel Stratix10 SoC
+ *
+ *  Copyright (C) 2018 Intel Corporation
+ */
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+/*
+ * FPGA programming requires a higher level of privilege (EL3), per the SoC
+ * design.
+ */
+#define NUM_SVC_BUFS   4
+#define SVC_BUF_SIZE   SZ_512K
+
+/* Indicates buffer is in use if set */
+#define SVC_BUF_LOCK   0
+
+/**
+ * struct s10_svc_buf
+ * @buf: virtual address of buf provided by service layer
+ * @lock: locked if buffer is in use
+ */
+struct s10_svc_buf {
+   char *buf;
+   unsigned long lock;
+};
+
+struct s10_priv {
+   struct stratix10_svc_chan *chan;
+   struct stratix10_svc_client client;
+   struct completion status_return_completion;
+   struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
+   unsigned long status;
+};
+
+static int s10_svc_send_msg(struct s10_priv *priv,
+   enum stratix10_svc_command_code command,
+   void *payload, u32 payload_length)
+{
+   struct stratix10_svc_chan *chan = priv->chan;
+   struct stratix10_svc_client_msg msg;
+   int ret;
+
+   pr_debug("%s cmd=%d payload=%p legnth=%d\n",
+__func__, command, payload, payload_length);
+
+   msg.command = command;
+   msg.payload = payload;
+   msg.payload_length = payload_length;
+
+   ret = stratix10_svc_send(chan, &msg);
+   pr_debug("stratix10_svc_send returned status %d\n", ret);
+
+   return ret;
+}
+
+/**
+ * s10_free_buffers
+ * Free buffers allocated from the service layer's pool that are not in use.
+ * @mgr: fpga manager struct
+ * Free all buffers that are not in use.
+ * Return true when all buffers are freed.
+ */
+static bool s10_free_buffers(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++) {
+   if (!priv->svc_bufs[i].buf) {
+   num_free++;
+   continue;
+   }
+
+   if (!test_and_set_bit_lock(SVC_BUF_LOCK,
+  &priv->svc_bufs[i].lock)) {
+   stratix10_svc_free_memory(priv->chan,
+ priv->svc_bufs[i].buf);
+   priv->svc_bufs[i].buf = NULL;
+   num_free++;
+   }
+   }
+
+   return num_free == NUM_SVC_BUFS;
+}
+
+/**
+ * s10_free_buffer_count
+ * Count how many buffers are not in use.
+ * @mgr: fpga manager s

[PATCHv5 7/8] defconfig: enable fpga and service layer

2018-05-24 Thread richard . gong
From: Richard Gong 

Enable fpga framework, Stratix 10 SoC FPGA manager and Stratix10
Service Layer

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
v3: no change
v4: s/CONFIG_INTEL_SERVICE/CONFIG_STRATIX10_SERVICE/
add CONFIG_OF_FPGA_REGION=y
s/Intel/Stratix10/ in subject line
v5: no change
---
 arch/arm64/configs/defconfig | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index ecf6137..5f7a9b7 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -180,6 +180,7 @@ CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_NBD=m
 CONFIG_VIRTIO_BLK=y
 CONFIG_BLK_DEV_NVME=m
+CONFIG_STRATIX10_SERVICE=y
 CONFIG_SRAM=y
 CONFIG_EEPROM_AT25=m
 # CONFIG_SCSI_PROC_FS is not set
@@ -595,6 +596,11 @@ CONFIG_PHY_TEGRA_XUSB=y
 CONFIG_QCOM_L2_PMU=y
 CONFIG_QCOM_L3_PMU=y
 CONFIG_MESON_EFUSE=m
+CONFIG_FPGA=y
+CONFIG_FPGA_MGR_STRATIX10_SOC=y
+CONFIG_FPGA_REGION=y
+CONFIG_FPGA_BRIDGE=y
+CONFIG_OF_FPGA_REGION=y
 CONFIG_QCOM_QFPROM=y
 CONFIG_UNIPHIER_EFUSE=y
 CONFIG_TEE=y
-- 
2.7.4



[PATCHv5 3/8] driver, misc: add Intel Stratix10 service layer driver

2018-05-24 Thread richard . gong
From: Richard Gong 

Some features of the Intel Stratix10 SoC require a level of privilege
higher than the kernel is granted. Such secure features include
FPGA programming. In terms of the ARMv8 architecture, the kernel runs
at Exception Level 1 (EL1), access to the features requires
Exception Level 3 (EL3).

The Intel Stratix10 SoC service layer provides an in kernel API for
drivers to request access to the secure features. The requests are queued
and processed one by one. ARM’s SMCCC is used to pass the execution
of the requests on to a secure monitor (EL3).

The header file stratix10-sve-client.h defines the interface between
service providers (FPGA manager is one of them) and service layer.

The header file stratix10-smc.h defines the secure monitor call (SMC)
message protocols used for service layer driver in normal world
(EL1) to communicate with secure monitor SW in secure monitor exception
level 3 (EL3).

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Remove intel-service subdirectory and intel-service.h, move
intel-smc.h and intel-service.c to driver/misc subdirectory
Correct SPDX markers
Change service layer driver be 'default n'
Remove global variables
Add timeout for do..while() loop
Add kernel-doc for the functions and structs, correct multiline comments
Replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
Other corrections/changes from Intel internal code reviews
v3: Change all exported functions with "intel_svc_" as the prefix
Increase timeout values for claiming back submitted buffer(s)
Rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload
Add pr_err() to provide the error return value
Other corrections/changes
v4: s/intel/stratix10/ on some variables, structs, functions, and file names
intel-service.c -> stratix10-svc.c
intel-smc.h -> stratix10-smc.h
intel-service-client.h -> stratix10-svc-client.h
Remove non-kernel-doc formatting
v5: add a new API statix10_svc_done() which is called by service client
when client request is completed or error occurs during request
process. Which allows service layer to free its resources.
remove dummy client from service layer client header and service
layer source file.
kernel-doc fixes
---
 drivers/misc/Kconfig |  12 +
 drivers/misc/Makefile|   1 +
 drivers/misc/stratix10-smc.h | 205 
 drivers/misc/stratix10-svc.c | 984 +++
 include/linux/stratix10-svc-client.h | 199 +++
 5 files changed, 1401 insertions(+)
 create mode 100644 drivers/misc/stratix10-smc.h
 create mode 100644 drivers/misc/stratix10-svc.c
 create mode 100644 include/linux/stratix10-svc-client.h

diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 5d71300..5d5b648 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig
@@ -138,6 +138,18 @@ config INTEL_MID_PTI
  an Intel Atom (non-netbook) mobile device containing a MIPI
  P1149.7 standard implementation.
 
+config STRATIX10_SERVICE
+   tristate "Stratix10 Service Layer"
+   depends on HAVE_ARM_SMCCC
+   default n
+   help
+Stratix10 service layer runs at privileged exception level, interfaces 
with
+the service providers (FPGA manager is one of them) and manages secure
+monitor call to communicate with secure monitor software at secure 
monitor
+exception level.
+
+Say Y here if you want Stratix10 service layer support.
+
 config SGI_IOC4
tristate "SGI IOC4 Base IO support"
depends on PCI
diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index 20be70c..99fed8b 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile
@@ -8,6 +8,7 @@ obj-$(CONFIG_AD525X_DPOT)   += ad525x_dpot.o
 obj-$(CONFIG_AD525X_DPOT_I2C)  += ad525x_dpot-i2c.o
 obj-$(CONFIG_AD525X_DPOT_SPI)  += ad525x_dpot-spi.o
 obj-$(CONFIG_INTEL_MID_PTI)+= pti.o
+obj-$(CONFIG_STRATIX10_SERVICE) += stratix10-svc.o
 obj-$(CONFIG_ATMEL_SSC)+= atmel-ssc.o
 obj-$(CONFIG_ATMEL_TCLIB)  += atmel_tclib.o
 obj-$(CONFIG_DUMMY_IRQ)+= dummy-irq.o
diff --git a/drivers/misc/stratix10-smc.h b/drivers/misc/stratix10-smc.h
new file mode 100644
index 000..94615f4
--- /dev/null
+++ b/drivers/misc/stratix10-smc.h
@@ -0,0 +1,205 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) 2017-2018, Intel Corporation
+ */
+
+#ifndef __STRATIX10_SMC_H
+#define __STRATIX10_SMC_H
+
+#include 
+#include 
+
+/**
+ * This file defines the Secure Monitor Call (SMC) message protocol used for
+ * service layer driver in normal world (EL1) to communicate with secure
+ * monitor software in Secure Monitor Exception Level

[PATCHv5 4/8] dt-bindings: fpga: add Stratix10 SoC FPGA manager binding

2018-05-24 Thread richard . gong
From: Alan Tull 

Add a Device Tree binding for the Intel Stratix10 SoC FPGA manager.

Signed-off-by: Alan Tull 
Signed-off-by: Richard Gong 
Reviewed-by: Rob Herring 
---
v2: this patch is added in patch set version 2
v3: change to put fpga_mgr node under firmware/svc node
v4: s/fpga-mgr@0/fpga-mgr/ to remove unit_address
add Richard's signed-off-by
v5: add Reviewed-by Rob Herring
---
 .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt  | 17 +
 1 file changed, 17 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt

diff --git 
a/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt 
b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
new file mode 100644
index 000..6e03f79
--- /dev/null
+++ b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
@@ -0,0 +1,17 @@
+Intel Stratix10 SoC FPGA Manager
+
+Required properties:
+The fpga_mgr node has the following mandatory property, must be located under
+firmware/svc node.
+
+- compatible : should contain "intel,stratix10-soc-fpga-mgr"
+
+Example:
+
+   firmware {
+   svc {
+   fpga_mgr: fpga-mgr {
+   compatible = "intel,stratix10-soc-fpga-mgr";
+   };
+   };
+   };
-- 
2.7.4



[PATCHv5 2/8] arm64: dts: stratix10: add stratix10 service driver binding to base dtsi

2018-05-24 Thread richard . gong
From: Richard Gong 

Add Intel Stratix10 service layer to the device tree

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
v3: No change
v4: s/service driver/stratix10 service driver/ in subject line
v5: No change
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 21 +
 1 file changed, 21 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index d8c94d5..c257287 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -24,6 +24,19 @@
#address-cells = <2>;
#size-cells = <2>;
 
+   reserved-memory {
+   #address-cells = <2>;
+   #size-cells = <2>;
+   ranges;
+
+   service_reserved: svcbuffer@0 {
+   compatible = "shared-dma-pool";
+   reg = <0x0 0x0 0x0 0x100>;
+   alignment = <0x1000>;
+   no-map;
+   };
+   };
+
cpus {
#address-cells = <1>;
#size-cells = <0>;
@@ -487,5 +500,13 @@
 
status = "disabled";
};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
};
 };
-- 
2.7.4



[PATCHv10 0/8] Add Intel Stratix10 FPGA manager and service layer

2018-11-06 Thread richard . gong
From: Richard Gong 

This is the 10th submission of Intel Stratix10 service layer and FPGA
manager driver patches. In this submission I have moved Stratix10 service
layer driver .c file to drivers/firmware and header files to
include/linux/firmware/intel. I have added Stratix10 service layer
document to other firmware interface.

Stratix10 service layer patches have been reviewed internally by Alan Tull
and other colleagues at Intel.

Some features of the Intel Stratix10 SoC require a level of privilege
higher than the kernel is granted. Such secure features include
FPGA programming, remote status update, read and write the secure
registers. In terms of the ARMv8 architecture, the kernel runs at Exception
Level 1 (EL1), access to the features requires Exception Level 3 (EL3).

The Intel Stratix10 service layer provides kernel APIs for drivers to
request access to the secure features. The requests are queued and
processed one by one. ARM’s SMCCC is used to pass the execution of the
requests on to a secure monitor (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

v2: add patches for FPGA manager, FPGA manager binding, dts and defconfig
remove intel-service subdirectory and intel-service.h, move intel-smc.h
and intel-service.c to driver/misc subdirectory.
remove global variables.
change service layer driver be 'default n'.
correct SPDX markers.
add timeout for do..while() loop.
add kernel-doc for the functions and structs, correct multiline
comments.
replace kfifo_in and kfifo_out with kfifo_in_spinlocked and
kfifo_out_spinlocked.
rename struct intel_svc_data (at client header) to
intel_svc_client_msg.
rename struct intel_svc_private_mem to intel_svc_data.
other corrections/changes from Intel internal code reviews.
v3: change all exported functions with "intel_svc_" as the prefix.
increase timeout values for claiming back submitted buffer(s).
rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload.
add pr_err() to provide the error return value.
change to put fpga_mgr node under firmware/svc node.
change to FPGA manager to align the update of service client APIs, and
the update of fpga_mgr device node.
Other corrections/changes.
v4: s/intel/stratix10/ on some variables, structs, functions, and file
names intel-service.c -> stratix10-svc.c
intel-smc.h -> stratix10-smc.h
intel-service-client.h -> stratix10-svc-client.h.
remove non-kernel-doc formatting.
s/fpga-mgr@0/fpga-mgr/ to remove unit_address at fpga_mgr node.
add Rob's Reviewed-by.
add Richard's signed-off-by.
v5: add a new API statix10_svc_done() which is called by service client
when client request is completed or error occurs during request
process. Which allows service layer to free its resources.
remove dummy client from service layer client header and service layer
source file.
add Rob's Reviewed-by.
add a new file stratix10-svc.rst and add that to driver-api/index.rst.
kernel-doc fixes.
v6: replace kthread_create_on_cpu() with kthread_create_on_node().
extend stratix_svc_send() to support service client which doesn't use
memory allocated by service layer.
add S10_RECONFIG_TIMEOUT.
rename s/S10_BUF_TIMEOUT/S10_BUFFER_TIMEOUT/.
fix service layer and FPGA manager Klocwork errors.
v7: add remote status update client support.
s/pr_debug/dev_dbg, s/dev_info/dev_dbg.
add unlock buffer if s10_svc_send_msg() fails.
add release channel if fpga_mgr_create() fails.
handle invalid pointer at svc if the client passed an invalid name.
v8: move stratix10-smc.h to include/linux from driver/misc.
revert version 7 error code & smc function ID value changes at
stratix10-smc.h.
add a goto and common error handling at the end of fpga driver's.
probe function.
v9: remove a patch on defconfig for enable service layer and FPGA manager.
resolve a issue found at git-bisect test.
remove kernel-doc markups that aren't being built.
v10:move stratix10-smc.h and stratix10-svc-client.h to
include/linux/firmware/intel.
move stratix10-svc.c to drivers/firmware.
s/STRATIX10_SERVICE/INTEL_STRATIX10_SERVICE, fix a Klocwork error at
service layer driver.
s/stratix10_svc_command_reconfig_payload/
stratix10_svc_command_config_type.
add stratix10 service layer document to other firmware interface.
update path for the included header in Stratix10 FPGA manager driver.

Alan Tull (3):
  dt-bindings: fpga: add Stratix10 SoC FPGA manager binding
  arm64: dts: stratix10: add fpga manager and region
  fpga: add intel stratix10 soc fpga manager driver

Richard Gong (5):
  dt-bindings, firmware: add Intel Stratix10 service layer binding
  arm64: dts: stratix10: add stratix10 service driver b

[PATCHv10 2/8] arm64: dts: stratix10: add stratix10 service driver binding to base dtsi

2018-11-06 Thread richard . gong
From: Richard Gong 

Add Intel Stratix10 service layer to the device tree

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
Acked-by: Moritz Fischer 
---
v2: change to put service layer driver node under the firmware node
change compatible to "intel, stratix10-svc"
v3: no change
v4: s/service driver/stratix10 service driver/ in subject line
v5: no change
v6: add Moritz's Acked-by
v7: no change
v8: no change
v9: no change
v10: no change
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 21 +
 1 file changed, 21 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 8253a1a..a43ed05 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -24,6 +24,19 @@
#address-cells = <2>;
#size-cells = <2>;
 
+   reserved-memory {
+   #address-cells = <2>;
+   #size-cells = <2>;
+   ranges;
+
+   service_reserved: svcbuffer@0 {
+   compatible = "shared-dma-pool";
+   reg = <0x0 0x0 0x0 0x100>;
+   alignment = <0x1000>;
+   no-map;
+   };
+   };
+
cpus {
#address-cells = <1>;
#size-cells = <0>;
@@ -534,5 +547,13 @@
 
status = "disabled";
};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
};
 };
-- 
2.7.4



[PATCHv7 8/9] Documentation: driver-api: add stratix10 service layer

2018-07-18 Thread richard . gong
From: Richard Gong 

Add new file stratix10-svc.rst
Add stratix10-svc.rst to driver-api/index.rst

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v5: this patch is added in patch set version 5
v6: no change
v7: no change
---
 Documentation/driver-api/index.rst |  1 +
 Documentation/driver-api/stratix10-svc.rst | 32 ++
 2 files changed, 33 insertions(+)
 create mode 100644 Documentation/driver-api/stratix10-svc.rst

diff --git a/Documentation/driver-api/index.rst 
b/Documentation/driver-api/index.rst
index 6d9f2f9..d4d2671 100644
--- a/Documentation/driver-api/index.rst
+++ b/Documentation/driver-api/index.rst
@@ -53,6 +53,7 @@ available subsections can be seen below.
slimbus
soundwire/index
fpga/index
+   stratix10-svc
 
 .. only::  subproject and html
 
diff --git a/Documentation/driver-api/stratix10-svc.rst 
b/Documentation/driver-api/stratix10-svc.rst
new file mode 100644
index 000..ed361d8
--- /dev/null
+++ b/Documentation/driver-api/stratix10-svc.rst
@@ -0,0 +1,32 @@
+
+Intel Stratix10 SoC Service Layer
+=
+
+Some features of the Intel Stratix10 SoC require a level of privilege
+higher than the kernel is granted. Such secure features include
+FPGA programming. In terms of the ARMv8 architecture, the kernel runs
+at Exception Level 1 (EL1), access to the features requires
+Exception Level 3 (EL3).
+
+The Intel Stratix10 SoC service layer provides an in kernel API for
+drivers to request access to the secure features. The requests are queued
+and processed one by one. ARM’s SMCCC is used to pass the execution
+of the requests on to a secure monitor (EL3).
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_command_code
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_client_msg
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_command_reconfig_payload
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_cb_data
+
+.. kernel-doc:: include/linux/stratix10-svc-client.h
+   :functions: stratix10_svc_client
+
+.. kernel-doc:: drivers/misc/stratix10-svc.c
+   :export:
-- 
2.7.4



[PATCHv7 6/9] fpga: add intel stratix10 soc fpga manager driver

2018-07-18 Thread richard . gong
From: Alan Tull 

Add driver for reconfiguring Intel Stratix10 SoC FPGA devices.
This driver communicates through the Intel Service Driver which
does communication with privileged hardware (that does the
FPGA programming) through a secure mailbox.

Signed-off-by: Alan Tull 
Signed-off-by: Richard Gong 
---
v2: this patch is added in patch set version 2
v3: change to align to the update of service client APIs, and the
update of fpga_mgr device node
v4: changes to align with stratix10-svc-client API updates
add Richard's signed-off-by
v5: update to align changes at service layer to minimize service
layer thread usages
v6: add S10_RECONFIG_TIMEOUT
rename s/S10_BUF_TIMEOUT/S10_BUFFER_TIMEOUT/
fix klocwork errors
v7: s/pr_debug/dev_dbg, s/dev_info/dev_dbg
add unlock buffer if s10_svc_send_msg() fails
add release channel if fpga_mgr_create() fails
---
 drivers/fpga/Kconfig |   6 +
 drivers/fpga/Makefile|   1 +
 drivers/fpga/stratix10-soc.c | 558 +++
 3 files changed, 565 insertions(+)
 create mode 100644 drivers/fpga/stratix10-soc.c

diff --git a/drivers/fpga/Kconfig b/drivers/fpga/Kconfig
index ee9c542..7d20743 100644
--- a/drivers/fpga/Kconfig
+++ b/drivers/fpga/Kconfig
@@ -56,6 +56,12 @@ config FPGA_MGR_ZYNQ_FPGA
help
  FPGA manager driver support for Xilinx Zynq FPGAs.
 
+config FPGA_MGR_STRATIX10_SOC
+   tristate "Intel Stratix10 SoC FPGA Manager"
+   depends on (ARCH_STRATIX10 && STRATIX10_SERVICE)
+   help
+ FPGA manager driver support for the Intel Stratix10 SoC.
+
 config FPGA_MGR_XILINX_SPI
tristate "Xilinx Configuration over Slave Serial (SPI)"
depends on SPI
diff --git a/drivers/fpga/Makefile b/drivers/fpga/Makefile
index f9803da..9f17b7f 100644
--- a/drivers/fpga/Makefile
+++ b/drivers/fpga/Makefile
@@ -13,6 +13,7 @@ obj-$(CONFIG_FPGA_MGR_ICE40_SPI)  += ice40-spi.o
 obj-$(CONFIG_FPGA_MGR_MACHXO2_SPI) += machxo2-spi.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA) += socfpga.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA_A10) += socfpga-a10.o
+obj-$(CONFIG_FPGA_MGR_STRATIX10_SOC)   += stratix10-soc.o
 obj-$(CONFIG_FPGA_MGR_TS73XX)  += ts73xx-fpga.o
 obj-$(CONFIG_FPGA_MGR_XILINX_SPI)  += xilinx-spi.o
 obj-$(CONFIG_FPGA_MGR_ZYNQ_FPGA)   += zynq-fpga.o
diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
new file mode 100644
index 000..f34830d
--- /dev/null
+++ b/drivers/fpga/stratix10-soc.c
@@ -0,0 +1,558 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * FPGA Manager Driver for Intel Stratix10 SoC
+ *
+ *  Copyright (C) 2018 Intel Corporation
+ */
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/*
+ * FPGA programming requires a higher level of privilege (EL3), per the SoC
+ * design.
+ */
+#define NUM_SVC_BUFS   4
+#define SVC_BUF_SIZE   SZ_512K
+
+/* Indicates buffer is in use if set */
+#define SVC_BUF_LOCK   0
+
+#define S10_BUFFER_TIMEOUT (msecs_to_jiffies(SVC_RECONFIG_BUFFER_TIMEOUT_MS))
+#define S10_RECONFIG_TIMEOUT 
(msecs_to_jiffies(SVC_RECONFIG_REQUEST_TIMEOUT_MS))
+
+/**
+ * struct s10_svc_buf
+ * @buf: virtual address of buf provided by service layer
+ * @lock: locked if buffer is in use
+ */
+struct s10_svc_buf {
+   char *buf;
+   unsigned long lock;
+};
+
+struct s10_priv {
+   struct stratix10_svc_chan *chan;
+   struct stratix10_svc_client client;
+   struct completion status_return_completion;
+   struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
+   unsigned long status;
+};
+
+static int s10_svc_send_msg(struct s10_priv *priv,
+   enum stratix10_svc_command_code command,
+   void *payload, u32 payload_length)
+{
+   struct stratix10_svc_chan *chan = priv->chan;
+   struct device *dev = priv->client.dev;
+   struct stratix10_svc_client_msg msg;
+   int ret;
+
+   dev_dbg(dev, "%s cmd=%d payload=%p length=%d\n",
+   __func__, command, payload, payload_length);
+
+   msg.command = command;
+   msg.payload = payload;
+   msg.payload_length = payload_length;
+
+   ret = stratix10_svc_send(chan, &msg);
+   dev_dbg(dev, "stratix10_svc_send returned status %d\n", ret);
+
+   return ret;
+}
+
+/**
+ * s10_free_buffers
+ * Free buffers allocated from the service layer's pool that are not in use.
+ * @mgr: fpga manager struct
+ * Free all buffers that are not in use.
+ * Return true when all buffers are freed.
+ */
+static bool s10_free_buffers(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++) {
+   if (!priv->svc_bufs[i].buf) {
+   num_free++;
+   continue;
+   }
+
+   if (!test_and_set_bit_lock(SVC

[PATCHv7 5/9] arm64: dts: stratix10: add fpga manager and region

2018-07-18 Thread richard . gong
From: Alan Tull 

Add the Stratix10 FPGA manager and a FPGA region to the
device tree.

Signed-off-by: Alan Tull 
Signed-off-by: Richard Gong 
---
v2: this patch is added in patch set version 2
v3: change to put fpga_mgr node under firmware/svc node
v4: s/fpga-mgr@0/fpga-mgr/ to remove unit_address
add Richard's signed-off-by
v5: no change
v6: no change
v7: no change
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 12 
 1 file changed, 12 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index ee4715a..0b20209 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -106,6 +106,14 @@
interrupt-parent = <&intc>;
ranges = <0 0 0 0x>;
 
+   base_fpga_region {
+   #address-cells = <0x1>;
+   #size-cells = <0x1>;
+
+   compatible = "fpga-region";
+   fpga-mgr = <&fpga_mgr>;
+   };
+
clkmgr: clock-controller@ffd1 {
compatible = "intel,stratix10-clkmgr";
reg = <0xffd1 0x1000>;
@@ -512,6 +520,10 @@
compatible = "intel,stratix10-svc";
method = "smc";
memory-region = <&service_reserved>;
+
+   fpga_mgr: fpga-mgr {
+   compatible = 
"intel,stratix10-soc-fpga-mgr";
+   };
};
};
};
-- 
2.7.4



Re: [PATCHv5 1/7] firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0

2021-02-15 Thread Richard Gong

Hi Tom,

On 2/13/21 9:44 AM, Tom Rix wrote:


On 2/9/21 2:20 PM, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.

Fixes: 36847f9e3e56 ("firmware: stratix10-svc: correct reconfig flag and timeout 
values")
Signed-off-by: Richard Gong 
---
v5: new add, add the missing standalone patch
---
  include/linux/firmware/intel/stratix10-svc-client.h | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index a93d859..f843c6a 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -56,7 +56,7 @@
   * COMMAND_RECONFIG_FLAG_PARTIAL:
   * Set to FPGA configuration type (full or partial).
   */
-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0


Is this the stand alone fix split from v3's patch 1 ?

https://lore.kernel.org/linux-fpga/ybfw50lpp%2fyeb...@kroah.com/
Yes, it is a stand-alone patch.



Tom

  
  /**

   * Timeout settings for service clients:



Regards,
Richard


[PATCHv2 2/7] arm64: dts: stratix10: add service driver binding to base dtsi

2018-03-01 Thread richard . gong
From: Richard Gong 

Add Intel Stratix10 service layer to the device tree

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 22 ++
 1 file changed, 22 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 5a6a699..4395e76 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -24,6 +24,20 @@
#address-cells = <2>;
#size-cells = <2>;
 
+   reserved-memory {
+   #address-cells = <2>;
+   #size-cells = <2>;
+   ranges;
+
+   service_reserved: svcbuffer@0 {
+   compatible = "shared-dma-pool";
+   reg = <0x0 0x0 0x0 0x100>;
+   alignment = <0x1000>;
+   no-map;
+   };
+   };
+
+
cpus {
#address-cells = <1>;
#size-cells = <0>;
@@ -433,5 +447,13 @@
resets = <&rst WATCHDOG3_RESET>;
status = "disabled";
};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
};
 };
-- 
2.7.4



[PATCHv2 5/7] arm64: dts: stratix10: add fpga manager and region

2018-03-01 Thread richard . gong
From: Alan Tull 

Add the Stratix10 FPGA manager and a FPGA region to the
device tree.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 12 
 1 file changed, 12 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 4395e76..2f0067e 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -107,6 +107,14 @@
interrupt-parent = <&intc>;
ranges = <0 0 0 0x>;
 
+   base_fpga_region {
+   #address-cells = <0x1>;
+   #size-cells = <0x1>;
+
+   compatible = "fpga-region";
+   fpga-mgr = <&fpga_mgr>;
+   };
+
clkmgr: clock-controller@ffd1 {
compatible = "intel,stratix10-clkmgr";
reg = <0xffd1 0x1000>;
@@ -138,6 +146,10 @@
};
};
 
+   fpga_mgr: fpga-mgr@0 {
+   compatible = "intel,stratix10-soc-fpga-mgr";
+   };
+
gmac0: ethernet@ff80 {
compatible = "altr,socfpga-stmmac", "snps,dwmac-3.74a", 
"snps,dwmac";
reg = <0xff80 0x2000>;
-- 
2.7.4



[PATCHv2 6/7] fpga: add intel stratix10 soc fpga manager driver

2018-03-01 Thread richard . gong
From: Alan Tull 

Add driver for reconfiguring Intel Stratix10 SoC FPGA devices.
This driver communicates through the Intel Service Driver which
does communication with privileged hardware (that does the
FPGA programming) through a secure mailbox.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
---
 drivers/fpga/Kconfig |   6 +
 drivers/fpga/Makefile|   1 +
 drivers/fpga/stratix10-soc.c | 503 +++
 3 files changed, 510 insertions(+)
 create mode 100644 drivers/fpga/stratix10-soc.c

diff --git a/drivers/fpga/Kconfig b/drivers/fpga/Kconfig
index f47ef84..cbcbced 100644
--- a/drivers/fpga/Kconfig
+++ b/drivers/fpga/Kconfig
@@ -57,6 +57,12 @@ config FPGA_MGR_ZYNQ_FPGA
help
  FPGA manager driver support for Xilinx Zynq FPGAs.
 
+config FPGA_MGR_STRATIX10_SOC
+   tristate "Intel Stratix10 SoC FPGA Manager"
+   depends on (ARCH_STRATIX10 && INTEL_SERVICE)
+   help
+ FPGA manager driver support for the Intel Stratix10 SoC.
+
 config FPGA_MGR_XILINX_SPI
tristate "Xilinx Configuration over Slave Serial (SPI)"
depends on SPI
diff --git a/drivers/fpga/Makefile b/drivers/fpga/Makefile
index 3cb276a..6eef670 100644
--- a/drivers/fpga/Makefile
+++ b/drivers/fpga/Makefile
@@ -12,6 +12,7 @@ obj-$(CONFIG_FPGA_MGR_ALTERA_PS_SPI)  += altera-ps-spi.o
 obj-$(CONFIG_FPGA_MGR_ICE40_SPI)   += ice40-spi.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA) += socfpga.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA_A10) += socfpga-a10.o
+obj-$(CONFIG_FPGA_MGR_STRATIX10_SOC)   += stratix10-soc.o
 obj-$(CONFIG_FPGA_MGR_TS73XX)  += ts73xx-fpga.o
 obj-$(CONFIG_FPGA_MGR_XILINX_SPI)  += xilinx-spi.o
 obj-$(CONFIG_FPGA_MGR_ZYNQ_FPGA)   += zynq-fpga.o
diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
new file mode 100644
index 000..e132372
--- /dev/null
+++ b/drivers/fpga/stratix10-soc.c
@@ -0,0 +1,503 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * FPGA Manager Driver for Intel Stratix10 SoC
+ *
+ *  Copyright (C) 2018 Intel Corporation
+ */
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/*
+ * FPGA programming requires a higher level of privilege (EL3), per the SoC
+ * design.
+ */
+#define NUM_SVC_BUFS   4
+#define SVC_BUF_SIZE   SZ_512K
+
+/* Indicates buffer is in use if set */
+#define SVC_BUF_LOCK   0
+
+/**
+ * struct s10_svc_buf
+ * @buf: virtual address of buf provided by service layer
+ * @lock: locked if buffer is in use
+ */
+struct s10_svc_buf {
+   char *buf;
+   unsigned long lock;
+};
+
+struct s10_priv {
+   struct intel_svc_chan *chan;
+   struct intel_svc_client client;
+   struct completion status_return_completion;
+   struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
+   unsigned long status;
+};
+
+static int s10_svc_send_msg(struct s10_priv *priv,
+   enum intel_svc_command_code command,
+   void *payload, u32 payload_length)
+{
+   struct intel_svc_chan *chan = priv->chan;
+   struct intel_svc_client_msg msg;
+   int ret;
+
+   pr_debug("%s cmd=%d payload=%p legnth=%d\n",
+__func__, command, payload, payload_length);
+
+   msg.command = command;
+   msg.payload = payload;
+   msg.payload_length = payload_length;
+
+   ret = intel_svc_send(chan, &msg);
+   pr_debug("intel_svc_send returned status %d\n", ret);
+
+   return ret;
+}
+
+/**
+ * s10_free_buffers
+ * Free buffers allocated from the service layer's pool that are not in use.
+ * @mgr: fpga manager struct
+ * Free all buffers that are not in use.
+ * Return true when all buffers are freed.
+ */
+static bool s10_free_buffers(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++) {
+   if (!priv->svc_bufs[i].buf) {
+   num_free++;
+   continue;
+   }
+
+   if (!test_and_set_bit_lock(SVC_BUF_LOCK,
+  &priv->svc_bufs[i].lock)) {
+   intel_svc_free_memory(priv->chan,
+ priv->svc_bufs[i].buf);
+   priv->svc_bufs[i].buf = NULL;
+   num_free++;
+   }
+   }
+
+   return num_free == NUM_SVC_BUFS;
+}
+
+/**
+ * s10_free_buffer_count
+ * Count how many buffers are not in use.
+ * @mgr: fpga manager struct
+ * Return # of buffers that are not in use.
+ */
+static uint s10_free_buffer_count(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++)
+   if (!priv->svc_bufs[i].buf)
+   num_free++;
+
+   return num_free;
+}
+
+/**
+ * s10_unlock_bufs
+ * Given the returned buffer address, match that address to 

[PATCHv2 1/7] dt-bindings, firmware: add Intel Stratix10 service layer binding

2018-03-01 Thread richard . gong
From: Richard Gong 

Add a device tree binding for the Intel Stratix10 service layer driver

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
---
 .../bindings/firmware/intel,stratix10-svc.txt  | 57 ++
 1 file changed, 57 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt

diff --git a/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt 
b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
new file mode 100644
index 000..1fa6606
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
@@ -0,0 +1,57 @@
+Intel Service Layer Driver for Stratix10 SoC
+
+Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
+configured from HPS, there needs to be a way for HPS to notify SDM the
+location and size of the configuration data. Then SDM will get the
+configuration data from that location and perform the FPGA configuration.
+
+To meet the whole system security needs and support virtual machine requesting
+communication with SDM, only the secure world of software (EL3, Exception
+Layer 3) can interface with SDM. All software entities running on other
+exception layers must channel through the EL3 software whenever it needs
+service from SDM.
+
+Intel Stratix10 service layer driver, running at privileged exception level
+(EL1, Exception Layer 1), interfaces with the service providers and provides
+the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
+driver also manages secure monitor call (SMC) to communicate with secure 
monitor
+code running in EL3.
+
+Required properties:
+---
+The svc node has the following mandatory properties, must be located under
+the firmware node.
+
+- compatible: "intel,stratix10-svc"
+- method: smc or hvc
+smc - Secure Monitor Call
+hvc - Hypervisor Call
+- memory-region:
+   phandle to the reserved memory node. See
+   Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
+   for details
+
+Example:
+---
+
+   reserved-memory {
+#address-cells = <2>;
+#size-cells = <2>;
+ranges;
+
+service_reserved: svcbuffer@0 {
+compatible = "shared-dma-pool";
+reg = <0x0 0x0 0x0 0x100>;
+alignment = <0x1000>;
+no-map;
+};
+};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
-- 
2.7.4



[PATCHv2 4/7] dt-bindings: fpga: add Stratix10 SoC FPGA manager binding

2018-03-01 Thread richard . gong
From: Alan Tull 

Add a Device Tree binding for the Intel Stratix10 SoC FPGA manager.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
---
 .../devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt  | 10 ++
 1 file changed, 10 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt

diff --git 
a/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt 
b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
new file mode 100644
index 000..78de689
--- /dev/null
+++ b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
@@ -0,0 +1,10 @@
+Intel Stratix10 SoC FPGA Manager
+
+Required properties:
+- compatible : should contain "intel,stratix10-soc-fpga-mgr"
+
+Example:
+
+   fpga_mgr: fpga-mgr@0 {
+   compatible = "intel,stratix10-soc-fpga-mgr";
+   };
-- 
2.7.4



[PATCHv2 7/7] defconfig: enable fpga and service layer

2018-03-01 Thread richard . gong
From: Richard Gong 

Enable fpga framework, Stratix 10 SoC FPGA manager, and Intel Service Layer

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
---
 arch/arm64/configs/defconfig | 5 +
 1 file changed, 5 insertions(+)

diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 634b373..44b226b 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -169,6 +169,7 @@ CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_NBD=m
 CONFIG_VIRTIO_BLK=y
 CONFIG_BLK_DEV_NVME=m
+CONFIG_INTEL_SERVICE=y
 CONFIG_SRAM=y
 CONFIG_EEPROM_AT25=m
 # CONFIG_SCSI_PROC_FS is not set
@@ -559,6 +560,10 @@ CONFIG_PHY_ROCKCHIP_INNO_USB2=y
 CONFIG_PHY_ROCKCHIP_EMMC=y
 CONFIG_PHY_ROCKCHIP_PCIE=m
 CONFIG_PHY_XGENE=y
+CONFIG_FPGA=y
+CONFIG_FPGA_REGION=y
+CONFIG_FPGA_MGR_STRATIX10_SOC=y
+CONFIG_FPGA_BRIDGE=y
 CONFIG_PHY_TEGRA_XUSB=y
 CONFIG_QCOM_L2_PMU=y
 CONFIG_QCOM_L3_PMU=y
-- 
2.7.4



[PATCHv2 3/7] driver, misc: add Intel Stratix10 service layer driver

2018-03-01 Thread richard . gong
From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, Crypto and warm reset.

When the FPGA is configured from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Header file intel-service-client.h defines the interface between service
providers (FPGA manager is one of them) and service layer.

Header file intel-smc.h defines the secure monitor call (SMC)
message protocols used for service layer driver in normal world
(EL1) to communicate with secure monitor SW in secure monitor exception
level 3 (EL3). This file is shared with secure firmware (FW) which is
out of kernel tree.

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Remove intel-service subdirectory and intel-service.h, move
intel-smc.h and intel-service.c to driver/misc subdirectory
Correct SPDX markers
Change service layer driver be 'default n'
Remove global variables
Add timeout for do..while() loop
Add kernel-doc for the functions and structs, correct multiline comments
Replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
Other corrections/changes from Intel internal code reviews
---
 drivers/misc/Kconfig |  12 +
 drivers/misc/Makefile|   1 +
 drivers/misc/intel-service.c | 960 +++
 drivers/misc/intel-smc.h | 205 
 include/linux/intel-service-client.h | 188 +++
 5 files changed, 1366 insertions(+)
 create mode 100644 drivers/misc/intel-service.c
 create mode 100644 drivers/misc/intel-smc.h
 create mode 100644 include/linux/intel-service-client.h

diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 03605f8..ec225fa7 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig
@@ -139,6 +139,18 @@ config INTEL_MID_PTI
  an Intel Atom (non-netbook) mobile device containing a MIPI
  P1149.7 standard implementation.
 
+config INTEL_SERVICE
+   tristate "Intel Service Layer"
+   depends on HAVE_ARM_SMCCC
+   default n
+   help
+Intel service layer runs at privileged exception level, interfaces with
+the service providers (FPGA manager is one of them) and manages secure
+monitor call to communicate with secure monitor software at secure 
monitor
+exception level.
+
+Say Y here if you want Intel service layer support.
+
 config SGI_IOC4
tristate "SGI IOC4 Base IO support"
depends on PCI
diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index c3c8624..3857fc2 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile
@@ -8,6 +8,7 @@ obj-$(CONFIG_AD525X_DPOT)   += ad525x_dpot.o
 obj-$(CONFIG_AD525X_DPOT_I2C)  += ad525x_dpot-i2c.o
 obj-$(CONFIG_AD525X_DPOT_SPI)  += ad525x_dpot-spi.o
 obj-$(CONFIG_INTEL_MID_PTI)+= pti.o
+obj-$(CONFIG_INTEL_SERVICE) += intel-service.o
 obj-$(CONFIG_ATMEL_SSC)+= atmel-ssc.o
 obj-$(CONFIG_ATMEL_TCLIB)  += atmel_tclib.o
 obj-$(CONFIG_DUMMY_IRQ)+= dummy-irq.o
diff --git a/drivers/misc/intel-service.c b/drivers/misc/intel-service.c
new file mode 100644
index 000..8681c2f
--- /dev/null
+++ b/drivers/misc/intel-service.c
@@ -0,0 +1,960 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2017-2018, Intel Corporation
+ */
+
+/*
+ *  Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+ *  processor system (HPS) and Secure Device Manager (SDM). SDM is the
+ *  hardware which does the FPGA configuration, QSPI, Crypto and warm reset.
+ *
+ *  When the FPGA is configured from HPS, there needs to be a way for HPS to
+ *  notify SDM the location and size of the configuration data. Then SDM will
+ *  get the configuration data from that location and perform the FPGA
+ *  configuration.
+ *
+ *  To meet the whole system security nee

[PATCHv2 0/7] Add Intel Stratix10 FPGA manager and service layer

2018-03-01 Thread richard . gong
From: Richard Gong 

This is the 2nd submission of Intel service layer patches. Intel Stratix10
FPGA manager, which is 1st service layer client, is included in this submission.

Service layer patches have been reviewed internally by Alan Tull and other
colleagues at Intel.

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the hardware
which does the FPGA configuration, QSPI, Crypto and warm reset.

When the FPGA is configured from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA 
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever it
needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

v2: add patches for FPGA manager, FPGA manager binding, dts and defconfig
remove intel-service subdirectory and intel-service.h, move intel-smc.h
and intel-service.c to driver/misc subdirectory
remove global variables
change service layer driver be 'default n'
correct SPDX markers
add timeout for do..while() loop
add kernel-doc for the functions and structs, correct multiline comments
replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
other corrections/changes from Intel internal code reviews

Alan Tull (3):
  dt-bindings: fpga: add Stratix10 SoC FPGA manager binding
  arm64: dts: stratix10: add fpga manager and region
  fpga: add intel stratix10 soc fpga manager driver

Richard Gong (4):
  dt-bindings, firmware: add Intel Stratix10 service layer binding
  arm64: dts: stratix10: add service driver binding to base dtsi
  driver, misc: add Intel Stratix10 service layer driver
  defconfig: enable fpga and service layer

 .../bindings/firmware/intel,stratix10-svc.txt  |  57 ++
 .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt |  10 +
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi  |  34 +
 arch/arm64/configs/defconfig   |   5 +
 drivers/fpga/Kconfig   |   6 +
 drivers/fpga/Makefile  |   1 +
 drivers/fpga/stratix10-soc.c   | 503 +++
 drivers/misc/Kconfig   |  12 +
 drivers/misc/Makefile  |   1 +
 drivers/misc/intel-service.c   | 960 +
 drivers/misc/intel-smc.h   | 205 +
 include/linux/intel-service-client.h   | 188 
 12 files changed, 1982 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
 create mode 100644 drivers/fpga/stratix10-soc.c
 create mode 100644 drivers/misc/intel-service.c
 create mode 100644 drivers/misc/intel-smc.h
 create mode 100644 include/linux/intel-service-client.h

-- 
2.7.4



[PATCHv3 1/7] dt-bindings, firmware: add Intel Stratix10 service layer binding

2018-03-27 Thread richard . gong
From: Richard Gong 

Add a device tree binding for the Intel Stratix10 service layer driver

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
v3: No change
---
 .../bindings/firmware/intel,stratix10-svc.txt  | 57 ++
 1 file changed, 57 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt

diff --git a/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt 
b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
new file mode 100644
index 000..1fa6606
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
@@ -0,0 +1,57 @@
+Intel Service Layer Driver for Stratix10 SoC
+
+Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
+configured from HPS, there needs to be a way for HPS to notify SDM the
+location and size of the configuration data. Then SDM will get the
+configuration data from that location and perform the FPGA configuration.
+
+To meet the whole system security needs and support virtual machine requesting
+communication with SDM, only the secure world of software (EL3, Exception
+Layer 3) can interface with SDM. All software entities running on other
+exception layers must channel through the EL3 software whenever it needs
+service from SDM.
+
+Intel Stratix10 service layer driver, running at privileged exception level
+(EL1, Exception Layer 1), interfaces with the service providers and provides
+the services for FPGA configuration, QSPI, Crypto and warm reset. Service layer
+driver also manages secure monitor call (SMC) to communicate with secure 
monitor
+code running in EL3.
+
+Required properties:
+---
+The svc node has the following mandatory properties, must be located under
+the firmware node.
+
+- compatible: "intel,stratix10-svc"
+- method: smc or hvc
+smc - Secure Monitor Call
+hvc - Hypervisor Call
+- memory-region:
+   phandle to the reserved memory node. See
+   Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
+   for details
+
+Example:
+---
+
+   reserved-memory {
+#address-cells = <2>;
+#size-cells = <2>;
+ranges;
+
+service_reserved: svcbuffer@0 {
+compatible = "shared-dma-pool";
+reg = <0x0 0x0 0x0 0x100>;
+alignment = <0x1000>;
+no-map;
+};
+};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
-- 
2.7.4



[PATCHv3 0/7] Add Intel Stratix10 FPGA manager and service layer

2018-03-27 Thread richard . gong
From: Richard Gong 

This is the 3rd submission of Intel service layer patches. Intel Stratix10
FPGA manager, which is 1st service layer client, is included in this submission.

Service layer patches have been reviewed internally by Alan Tull and other
colleagues at Intel.

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the hardware
which does the FPGA configuration, QSPI, Crypto and warm reset.

In order to configure the FPGA from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA 
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever it
needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Later the Intel Stratix10 service layer driver will be extended to provide
services for QSPI, Crypto and warm reset.

v2: add patches for FPGA manager, FPGA manager binding, dts and defconfig
remove intel-service subdirectory and intel-service.h, move intel-smc.h
and intel-service.c to driver/misc subdirectory
remove global variables
change service layer driver be 'default n'
correct SPDX markers
add timeout for do..while() loop
add kernel-doc for the functions and structs, correct multiline comments
replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
other corrections/changes from Intel internal code reviews
v3: change all exported functions with "intel_svc_" as the prefix
Increase timeout values for claiming back submitted buffer(s)
Rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload
Add pr_err() to provide the error return value
change to put fpga_mgr node under firmware/svc node
change to FPGA manager to align the update of service client APIs, and the
update of fpga_mgr device node
Other corrections/changes

Alan Tull (3):
  dt-bindings: fpga: add Stratix10 SoC FPGA manager binding
  arm64: dts: stratix10: add fpga manager and region
  fpga: add intel stratix10 soc fpga manager driver

Richard Gong (4):
  dt-bindings, firmware: add Intel Stratix10 service layer binding
  arm64: dts: stratix10: add service driver binding to base dtsi
  driver, misc: add Intel Stratix10 service layer driver
  defconfig: enable fpga and service layer

 .../bindings/firmware/intel,stratix10-svc.txt  |  57 ++
 .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt |  17 +
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi  |  34 +
 arch/arm64/configs/defconfig   |   5 +
 drivers/fpga/Kconfig   |   6 +
 drivers/fpga/Makefile  |   1 +
 drivers/fpga/stratix10-soc.c   | 534 
 drivers/misc/Kconfig   |  12 +
 drivers/misc/Makefile  |   1 +
 drivers/misc/intel-service.c   | 962 +
 drivers/misc/intel-smc.h   | 205 +
 include/linux/intel-service-client.h   | 188 
 12 files changed, 2022 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
 create mode 100644 drivers/fpga/stratix10-soc.c
 create mode 100644 drivers/misc/intel-service.c
 create mode 100644 drivers/misc/intel-smc.h
 create mode 100644 include/linux/intel-service-client.h

-- 
2.7.4



[PATCHv3 2/7] arm64: dts: stratix10: add service driver binding to base dtsi

2018-03-27 Thread richard . gong
From: Richard Gong 

Add Intel Stratix10 service layer to the device tree

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Change to put service layer driver node under the firmware node
Change compatible to "intel, stratix10-svc"
v3: No change
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 22 ++
 1 file changed, 22 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 5a6a699..4395e76 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -24,6 +24,20 @@
#address-cells = <2>;
#size-cells = <2>;
 
+   reserved-memory {
+   #address-cells = <2>;
+   #size-cells = <2>;
+   ranges;
+
+   service_reserved: svcbuffer@0 {
+   compatible = "shared-dma-pool";
+   reg = <0x0 0x0 0x0 0x100>;
+   alignment = <0x1000>;
+   no-map;
+   };
+   };
+
+
cpus {
#address-cells = <1>;
#size-cells = <0>;
@@ -433,5 +447,13 @@
resets = <&rst WATCHDOG3_RESET>;
status = "disabled";
};
+
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+   };
+   };
};
 };
-- 
2.7.4



[PATCHv3 3/7] driver, misc: add Intel Stratix10 service layer driver

2018-03-27 Thread richard . gong
From: Richard Gong 

Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, Crypto and warm reset.

In order to configure the FPGA from HPS, there needs to be a way for HPS to
notify SDM the location and size of the configuration data. Then SDM will
get the configuration data from that location and perform the FPGA
configuration.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration. Running at privileged exception level (EL1, Exception
Level 1), Intel Stratix10 service layer driver interfaces with the service
provider at EL1 (Intel Stratix10 FPGA Manager) and manages secure monitor
call (SMC) to communicate with secure monitor software at secure monitor
exception level (EL3).

Header file intel-service-client.h defines the interface between service
providers (FPGA manager is one of them) and service layer.

Header file intel-smc.h defines the secure monitor call (SMC)
message protocols used for service layer driver in normal world
(EL1) to communicate with secure monitor SW in secure monitor exception
level 3 (EL3). This file is shared with secure firmware (FW) which is
out of kernel tree.

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: Remove intel-service subdirectory and intel-service.h, move
intel-smc.h and intel-service.c to driver/misc subdirectory
Correct SPDX markers
Change service layer driver be 'default n'
Remove global variables
Add timeout for do..while() loop
Add kernel-doc for the functions and structs, correct multiline comments
Replace kfifo_in/kfifo_out with kfifo_in_spinlocked/kfifo_out_spinlocked
rename struct intel_svc_data (at client header) to intel_svc_client_msg
rename struct intel_svc_private_mem to intel_svc_data
Other corrections/changes from Intel internal code reviews
v3: Change all exported functions with "intel_svc_" as the prefix
Increase timeout values for claiming back submitted buffer(s)
Rename struct intel_command_reconfig_payload to
struct intel_svc_command_reconfig_payload
Add pr_err() to provide the error return value
Other corrections/changes
---
 drivers/misc/Kconfig |  12 +
 drivers/misc/Makefile|   1 +
 drivers/misc/intel-service.c | 962 +++
 drivers/misc/intel-smc.h | 205 
 include/linux/intel-service-client.h | 188 +++
 5 files changed, 1368 insertions(+)
 create mode 100644 drivers/misc/intel-service.c
 create mode 100644 drivers/misc/intel-smc.h
 create mode 100644 include/linux/intel-service-client.h

diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 03605f8..ec225fa7 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig
@@ -139,6 +139,18 @@ config INTEL_MID_PTI
  an Intel Atom (non-netbook) mobile device containing a MIPI
  P1149.7 standard implementation.
 
+config INTEL_SERVICE
+   tristate "Intel Service Layer"
+   depends on HAVE_ARM_SMCCC
+   default n
+   help
+Intel service layer runs at privileged exception level, interfaces with
+the service providers (FPGA manager is one of them) and manages secure
+monitor call to communicate with secure monitor software at secure 
monitor
+exception level.
+
+Say Y here if you want Intel service layer support.
+
 config SGI_IOC4
tristate "SGI IOC4 Base IO support"
depends on PCI
diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile
index c3c8624..3857fc2 100644
--- a/drivers/misc/Makefile
+++ b/drivers/misc/Makefile
@@ -8,6 +8,7 @@ obj-$(CONFIG_AD525X_DPOT)   += ad525x_dpot.o
 obj-$(CONFIG_AD525X_DPOT_I2C)  += ad525x_dpot-i2c.o
 obj-$(CONFIG_AD525X_DPOT_SPI)  += ad525x_dpot-spi.o
 obj-$(CONFIG_INTEL_MID_PTI)+= pti.o
+obj-$(CONFIG_INTEL_SERVICE) += intel-service.o
 obj-$(CONFIG_ATMEL_SSC)+= atmel-ssc.o
 obj-$(CONFIG_ATMEL_TCLIB)  += atmel_tclib.o
 obj-$(CONFIG_DUMMY_IRQ)+= dummy-irq.o
diff --git a/drivers/misc/intel-service.c b/drivers/misc/intel-service.c
new file mode 100644
index 000..8cf6f9b
--- /dev/null
+++ b/drivers/misc/intel-service.c
@@ -0,0 +1,962 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2017-2018, Intel Corporation
+ */
+
+/*
+ *  Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
+ *  processor system (HPS) and Secure Device Manager (SDM). SDM is the
+ *  hardware which does the FPGA configuration, QS

[PATCHv3 7/7] defconfig: enable fpga and service layer

2018-03-27 Thread richard . gong
From: Richard Gong 

Enable fpga framework, Stratix 10 SoC FPGA manager, and Intel Service Layer

Signed-off-by: Richard Gong 
Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
v3: no change
---
 arch/arm64/configs/defconfig | 5 +
 1 file changed, 5 insertions(+)

diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 634b373..44b226b 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -169,6 +169,7 @@ CONFIG_BLK_DEV_LOOP=y
 CONFIG_BLK_DEV_NBD=m
 CONFIG_VIRTIO_BLK=y
 CONFIG_BLK_DEV_NVME=m
+CONFIG_INTEL_SERVICE=y
 CONFIG_SRAM=y
 CONFIG_EEPROM_AT25=m
 # CONFIG_SCSI_PROC_FS is not set
@@ -559,6 +560,10 @@ CONFIG_PHY_ROCKCHIP_INNO_USB2=y
 CONFIG_PHY_ROCKCHIP_EMMC=y
 CONFIG_PHY_ROCKCHIP_PCIE=m
 CONFIG_PHY_XGENE=y
+CONFIG_FPGA=y
+CONFIG_FPGA_REGION=y
+CONFIG_FPGA_MGR_STRATIX10_SOC=y
+CONFIG_FPGA_BRIDGE=y
 CONFIG_PHY_TEGRA_XUSB=y
 CONFIG_QCOM_L2_PMU=y
 CONFIG_QCOM_L3_PMU=y
-- 
2.7.4



[PATCHv3 6/7] fpga: add intel stratix10 soc fpga manager driver

2018-03-27 Thread richard . gong
From: Alan Tull 

Add driver for reconfiguring Intel Stratix10 SoC FPGA devices.
This driver communicates through the Intel Service Driver which
does communication with privileged hardware (that does the
FPGA programming) through a secure mailbox.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
v3: change to align to the update of service client APIs, and the
update of fpga_mgr device node
---
 drivers/fpga/Kconfig |   6 +
 drivers/fpga/Makefile|   1 +
 drivers/fpga/stratix10-soc.c | 534 +++
 3 files changed, 541 insertions(+)
 create mode 100644 drivers/fpga/stratix10-soc.c

diff --git a/drivers/fpga/Kconfig b/drivers/fpga/Kconfig
index f47ef84..cbcbced 100644
--- a/drivers/fpga/Kconfig
+++ b/drivers/fpga/Kconfig
@@ -57,6 +57,12 @@ config FPGA_MGR_ZYNQ_FPGA
help
  FPGA manager driver support for Xilinx Zynq FPGAs.
 
+config FPGA_MGR_STRATIX10_SOC
+   tristate "Intel Stratix10 SoC FPGA Manager"
+   depends on (ARCH_STRATIX10 && INTEL_SERVICE)
+   help
+ FPGA manager driver support for the Intel Stratix10 SoC.
+
 config FPGA_MGR_XILINX_SPI
tristate "Xilinx Configuration over Slave Serial (SPI)"
depends on SPI
diff --git a/drivers/fpga/Makefile b/drivers/fpga/Makefile
index 3cb276a..6eef670 100644
--- a/drivers/fpga/Makefile
+++ b/drivers/fpga/Makefile
@@ -12,6 +12,7 @@ obj-$(CONFIG_FPGA_MGR_ALTERA_PS_SPI)  += altera-ps-spi.o
 obj-$(CONFIG_FPGA_MGR_ICE40_SPI)   += ice40-spi.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA) += socfpga.o
 obj-$(CONFIG_FPGA_MGR_SOCFPGA_A10) += socfpga-a10.o
+obj-$(CONFIG_FPGA_MGR_STRATIX10_SOC)   += stratix10-soc.o
 obj-$(CONFIG_FPGA_MGR_TS73XX)  += ts73xx-fpga.o
 obj-$(CONFIG_FPGA_MGR_XILINX_SPI)  += xilinx-spi.o
 obj-$(CONFIG_FPGA_MGR_ZYNQ_FPGA)   += zynq-fpga.o
diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
new file mode 100644
index 000..e8fb67e
--- /dev/null
+++ b/drivers/fpga/stratix10-soc.c
@@ -0,0 +1,534 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * FPGA Manager Driver for Intel Stratix10 SoC
+ *
+ *  Copyright (C) 2018 Intel Corporation
+ */
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+/*
+ * FPGA programming requires a higher level of privilege (EL3), per the SoC
+ * design.
+ */
+#define NUM_SVC_BUFS   4
+#define SVC_BUF_SIZE   SZ_512K
+
+/* Indicates buffer is in use if set */
+#define SVC_BUF_LOCK   0
+
+/**
+ * struct s10_svc_buf
+ * @buf: virtual address of buf provided by service layer
+ * @lock: locked if buffer is in use
+ */
+struct s10_svc_buf {
+   char *buf;
+   unsigned long lock;
+};
+
+struct s10_priv {
+   struct intel_svc_chan *chan;
+   struct intel_svc_client client;
+   struct completion status_return_completion;
+   struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
+   unsigned long status;
+};
+
+static int s10_svc_send_msg(struct s10_priv *priv,
+   enum intel_svc_command_code command,
+   void *payload, u32 payload_length)
+{
+   struct intel_svc_chan *chan = priv->chan;
+   struct intel_svc_client_msg msg;
+   int ret;
+
+   pr_debug("%s cmd=%d payload=%p legnth=%d\n",
+__func__, command, payload, payload_length);
+
+   msg.command = command;
+   msg.payload = payload;
+   msg.payload_length = payload_length;
+
+   ret = intel_svc_send(chan, &msg);
+   pr_debug("intel_svc_send returned status %d\n", ret);
+
+   return ret;
+}
+
+/**
+ * s10_free_buffers
+ * Free buffers allocated from the service layer's pool that are not in use.
+ * @mgr: fpga manager struct
+ * Free all buffers that are not in use.
+ * Return true when all buffers are freed.
+ */
+static bool s10_free_buffers(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++) {
+   if (!priv->svc_bufs[i].buf) {
+   num_free++;
+   continue;
+   }
+
+   if (!test_and_set_bit_lock(SVC_BUF_LOCK,
+  &priv->svc_bufs[i].lock)) {
+   intel_svc_free_memory(priv->chan,
+ priv->svc_bufs[i].buf);
+   priv->svc_bufs[i].buf = NULL;
+   num_free++;
+   }
+   }
+
+   return num_free == NUM_SVC_BUFS;
+}
+
+/**
+ * s10_free_buffer_count
+ * Count how many buffers are not in use.
+ * @mgr: fpga manager struct
+ * Return # of buffers that are not in use.
+ */
+static uint s10_free_buffer_count(struct fpga_manager *mgr)
+{
+   struct s10_priv *priv = mgr->priv;
+   uint num_free = 0;
+   uint i;
+
+   for (i = 0; i < NUM_SVC_BUFS; i++)
+   if (!priv->svc_bufs[i].buf)
+   num_free++;
+
+ 

[PATCHv3 4/7] dt-bindings: fpga: add Stratix10 SoC FPGA manager binding

2018-03-27 Thread richard . gong
From: Alan Tull 

Add a Device Tree binding for the Intel Stratix10 SoC FPGA manager.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
v3: change to put fpga_mgr node under firmware/svc node
---
 .../bindings/fpga/intel-stratix10-soc-fpga-mgr.txt  | 17 +
 1 file changed, 17 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt

diff --git 
a/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt 
b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
new file mode 100644
index 000..be7cd96
--- /dev/null
+++ b/Documentation/devicetree/bindings/fpga/intel-stratix10-soc-fpga-mgr.txt
@@ -0,0 +1,17 @@
+Intel Stratix10 SoC FPGA Manager
+
+Required properties:
+The fpga_mgr node has the following mandatory property, must be located under
+firmware/svc node.
+
+- compatible : should contain "intel,stratix10-soc-fpga-mgr"
+
+Example:
+
+   firmware {
+   svc {
+   fpga_mgr: fpga-mgr@0 {
+   compatible = "intel,stratix10-soc-fpga-mgr";
+   };
+   };
+   };
-- 
2.7.4



[PATCHv3 5/7] arm64: dts: stratix10: add fpga manager and region

2018-03-27 Thread richard . gong
From: Alan Tull 

Add the Stratix10 FPGA manager and a FPGA region to the
device tree.

Signed-off-by: Alan Tull 
---
v2: this patch is added in patch set version 2
v3: change to put fpga_mgr node under firmware/svc node
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 12 
 1 file changed, 12 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 4395e76..8c8f66c 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -107,6 +107,14 @@
interrupt-parent = <&intc>;
ranges = <0 0 0 0x>;
 
+   base_fpga_region {
+   #address-cells = <0x1>;
+   #size-cells = <0x1>;
+
+   compatible = "fpga-region";
+   fpga-mgr = <&fpga_mgr>;
+   };
+
clkmgr: clock-controller@ffd1 {
compatible = "intel,stratix10-clkmgr";
reg = <0xffd1 0x1000>;
@@ -453,6 +461,10 @@
compatible = "intel,stratix10-svc";
method = "smc";
memory-region = <&service_reserved>;
+
+   fpga_mgr: fpga-mgr@0 {
+   compatible = 
"intel,stratix10-soc-fpga-mgr";
+   };
};
};
};
-- 
2.7.4



[PATCHv2] arm64: defconfig: enable fpga and service layer

2019-02-04 Thread richard . gong
From: Richard Gong 

Enable FPGA framework, Intel Stratix10 SoC FPGA manager, Stratix10
service layer, and Altera Freeze Bridge drivers.

Intel Stratix10 service layer driver was added with commit 7ca5ce896524
("firmware: add Intel Stratix10 service layer driver").

Intel Stratix10 service layer provides kernel APIs for drivers to request
access to the secure features. Such features include FPGA programming,
remote status update, and read and write secure registers.

While clients of the service layer can be built as modules, the service
layer itself has to be configured as built-in.  The service layer is
dependent on ARCH_STRATIX10.

Enabling Altera Freeze Bridge depends on commit 38cd7ad5bd25
("fpga: altera_freeze_bridge: remove restriction to socfpga").

Signed-off-by: Richard Gong 
---
v2: add to enable FPGA framework, Intel Stratix10 SoC FPGA manager and
Altera freeze bridge drivers.
---
 arch/arm64/configs/defconfig | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 931429d9..96c52f4 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -733,6 +733,13 @@ CONFIG_QCOM_QFPROM=y
 CONFIG_ROCKCHIP_EFUSE=y
 CONFIG_UNIPHIER_EFUSE=y
 CONFIG_MESON_EFUSE=m
+CONFIG_INTEL_STRATIX10_SERVICE=y
+CONFIG_FPGA=m
+CONFIG_FPGA_MGR_STRATIX10_SOC=m
+CONFIG_FPGA_BRIDGE=m
+CONFIG_ALTERA_FREEZE_BRIDGE=m
+CONFIG_FPGA_REGION=m
+CONFIG_OF_FPGA_REGION=m
 CONFIG_TEE=y
 CONFIG_OPTEE=y
 CONFIG_EXT2_FS=y
-- 
2.7.4



[PATCHv1] fpga: mgr: add FPGA configuration log

2019-04-02 Thread richard . gong
From: Richard Gong 

Add a log for user to know FPGA configuration is successful

Signed-off-by: Richard Gong 
---
 drivers/fpga/fpga-mgr.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index c386681..559e046 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -151,6 +151,7 @@ static int fpga_mgr_write_complete(struct fpga_manager *mgr,
}
mgr->state = FPGA_MGR_STATE_OPERATING;
 
+   dev_info(&mgr->dev, "Successfully programming FPGA\n");
return 0;
 }
 
-- 
2.7.4



Re: [PATCHv1] fpga: mgr: add FPGA configuration log

2019-04-03 Thread Richard Gong

Hi Moritz,


On 4/3/19 9:20 AM, Moritz Fischer wrote:

Hi Richard,

On Tue, Apr 02, 2019 at 05:25:43PM -0500, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add a log for user to know FPGA configuration is successful

Signed-off-by: Richard Gong 
---
  drivers/fpga/fpga-mgr.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/drivers/fpga/fpga-mgr.c b/drivers/fpga/fpga-mgr.c
index c386681..559e046 100644
--- a/drivers/fpga/fpga-mgr.c
+++ b/drivers/fpga/fpga-mgr.c
@@ -151,6 +151,7 @@ static int fpga_mgr_write_complete(struct fpga_manager *mgr,
}
mgr->state = FPGA_MGR_STATE_OPERATING;
  
+	dev_info(&mgr->dev, "Successfully programming FPGA\n");


That info is available in FPGA manager's sysfs status entry, if at all
I'd make this a dev_dbg().

 From my end I don't see how we need this really.


We got requests from the field and they want to see a log to get know if 
FPGA configuration is successfully completed. They don't want use any 
additional command to get status.


This log is useful for the user who performs FPGA configuration.

I think we need use dev_info, since dev_dbg is not enabled by fault for 
most build.




Thanks,
Moritz



[PATCHv1 2/6] dt-bindings, firmware: add Intel Stratix10 remote system update binding

2019-04-09 Thread richard . gong
From: Richard Gong 

Add a device tree binding for the Intel Stratix10 remote system
update (RSU) driver

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 .../bindings/firmware/intel,stratix10-rsu.txt  | 31 ++
 1 file changed, 31 insertions(+)
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt

diff --git a/Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt 
b/Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt
new file mode 100644
index 000..b6250eb
--- /dev/null
+++ b/Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt
@@ -0,0 +1,31 @@
+Intel Remote System Update Driver for Stratix10 SoC
+
+The Intel Remote System Update (RSU) driver exposes interfaces
+accessed through the Intel Service Layer to user space via sysfs
+interface. The RSU interfaces report and control some of the optional
+RSU features on Intel Stratix 10 SoC.
+
+The RSU feature provides a way for customers to update the boot
+configuration of a Intel Stratix 10 SoC device with significantly reduced
+risk of corrupting the bitstream storage and bricking the system.
+
+Required properties:
+---
+The rsu node has the following mandatory properties, must be located under
+the firmware/svc node.
+
+- compatible: "intel,stratix10-rsu"
+
+Example:
+---
+   firmware {
+   svc {
+   compatible = "intel,stratix10-svc";
+   method = "smc";
+   memory-region = <&service_reserved>;
+
+   rsu: rsu {
+   compatible = "intel,stratix10-rsu";
+   };
+   };
+   };
-- 
2.7.4



[PATCHv1 0/6] add Intel Stratix10 remote system update driver

2019-04-09 Thread richard . gong
From: Richard Gong 

This is the 1st submission of Intel Stratix10 remote system update (RSU)
driver, which includes 6 patches below:
patch #1 - extend Intel Stratix10 service layer to support RSU
   notify feature.
patch #2 - add Intel Stratix10 remote system update binding
patch #3 - add Intel Stratix10 remote system update to the device
   tree
patch #4 - add Intel Stratix10 remote system update driver
patch #5 - RSU document sysfs interface
patch #6 - add maintainer for Intel Stratix10 firmware drivers

Intel Stratix10 remote system update driver patches have been reviewed by
Alan Tull and other colleagues at Intel.

The Intel Stratix10 Remote System Update (RSU) driver exposes interfaces
access through the Intel Stratix10 Service Layer to user space via sysfs
interface. The RSU interfaces report and control some of the optional RSU
features on Intel Stratix 10 SoC.

The RSU feature provides a way for customers to update the boot
configuration of a Intel Stratix 10 SoC device with significantly reduced
risk of corrupting the bitstream storage and bricking the system.

Richard Gong (6):
  firmware: stratix10-svc: add to support RSU notify
  dt-bindings, firmware: add Intel Stratix10 remote system update
binding
  arm64: dts: stratix10: add remote system update
  firmware: add Intel Stratix10 remote system update driver
  firmware: rsu: document sysfs interface
  MAINTAINERS: add maintainer for Intel Stratix10 FW drivers

 .../testing/sysfs-devices-platform-stratix10-rsu   |  78 
 .../bindings/firmware/intel,stratix10-rsu.txt  |  31 ++
 MAINTAINERS|  10 +
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi  |   4 +
 drivers/firmware/Kconfig   |  18 +
 drivers/firmware/Makefile  |   1 +
 drivers/firmware/stratix10-rsu.c   | 428 +
 drivers/firmware/stratix10-svc.c   |  43 ++-
 include/linux/firmware/intel/stratix10-smc.h   |  17 +
 .../linux/firmware/intel/stratix10-svc-client.h|   6 +-
 10 files changed, 622 insertions(+), 14 deletions(-)
 create mode 100644 
Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
 create mode 100644 
Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt
 create mode 100644 drivers/firmware/stratix10-rsu.c

-- 
2.7.4



[PATCHv1 1/6] firmware: stratix10-svc: add to support RSU notify

2019-04-09 Thread richard . gong
From: Richard Gong 

Extend Intel Stratix10 service layer to support RSU notify feature.

RSU is used to provide our customers with protection against loading bad
bitstream onto their devices when those devices are booting from flash

RSU notify provides users with an API to notify the firmware of the
state of hard processor system.

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 drivers/firmware/stratix10-svc.c   | 43 +++---
 include/linux/firmware/intel/stratix10-smc.h   | 17 +
 .../linux/firmware/intel/stratix10-svc-client.h|  6 ++-
 3 files changed, 52 insertions(+), 14 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 6e65148..1426900 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -295,7 +295,12 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
case COMMAND_RECONFIG_STATUS:
cb_data->status = BIT(SVC_STATUS_RECONFIG_COMPLETED);
break;
+   case COMMAND_RSU_STATUS:
+   cb_data->kaddr1 = &res;
+   cb_data->status = BIT(SVC_STATUS_RSU_OK);
+   break;
case COMMAND_RSU_UPDATE:
+   case COMMAND_RSU_NOTIFY:
cb_data->status = BIT(SVC_STATUS_RSU_OK);
break;
default:
@@ -386,6 +391,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = pdata->arg[0];
a2 = 0;
break;
+   case COMMAND_RSU_NOTIFY:
+   a0 = INTEL_SIP_SMC_RSU_NOTIFY;
+   a1 = pdata->arg[0];
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -402,19 +412,6 @@ static int svc_normal_to_secure_thread(void *data)
 (unsigned int)res.a1, (unsigned int)res.a2);
pr_debug(" res.a3=0x%016x\n", (unsigned int)res.a3);
 
-   if (pdata->command == COMMAND_RSU_STATUS) {
-   if (res.a0 == INTEL_SIP_SMC_RSU_ERROR)
-   cbdata->status = BIT(SVC_STATUS_RSU_ERROR);
-   else
-   cbdata->status = BIT(SVC_STATUS_RSU_OK);
-
-   cbdata->kaddr1 = &res;
-   cbdata->kaddr2 = NULL;
-   cbdata->kaddr3 = NULL;
-   pdata->chan->scl->receive_cb(pdata->chan->scl, cbdata);
-   continue;
-   }
-
switch (res.a0) {
case INTEL_SIP_SMC_STATUS_OK:
svc_thread_recv_status_ok(pdata, cbdata, res);
@@ -438,7 +435,27 @@ static int svc_normal_to_secure_thread(void *data)
pr_debug("%s: STATUS_REJECTED\n", __func__);
break;
case INTEL_SIP_SMC_FPGA_CONFIG_STATUS_ERROR:
+   case INTEL_SIP_SMC_RSU_ERROR:
pr_err("%s: STATUS_ERROR\n", __func__);
+   switch (pdata->command) {
+   /* for FPGA mgr */
+   case COMMAND_RECONFIG_DATA_CLAIM:
+   case COMMAND_RECONFIG:
+   case COMMAND_RECONFIG_DATA_SUBMIT:
+   case COMMAND_RECONFIG_STATUS:
+   cbdata->status =
+   BIT(SVC_STATUS_RECONFIG_ERROR);
+   break;
+
+   /* for RSU */
+   case COMMAND_RSU_STATUS:
+   case COMMAND_RSU_UPDATE:
+   case COMMAND_RSU_NOTIFY:
+   cbdata->status =
+   BIT(SVC_STATUS_RSU_ERROR);
+   break;
+   }
+
cbdata->status = BIT(SVC_STATUS_RECONFIG_ERROR);
cbdata->kaddr1 = NULL;
cbdata->kaddr2 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index 01684d9..372f275 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -329,3 +329,20 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
 
 #endif
+
+/*
+ * Request INTEL_SIP_SMC_RSU_NOTIFY
+ *
+ * Sync call used by service driver at EL1 to report HPS sw state is RSU_NOTIFY
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_RSU_NOTIFY
+ * a1 32bit value representing HPS software status
+ * a2-7 not used
+ *
+ * Retur

[PATCHv1 3/6] arm64: dts: stratix10: add remote system update

2019-04-09 Thread richard . gong
From: Richard Gong 

Add Intel Stratix10 remote system update to the device tree

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 4 
 1 file changed, 4 insertions(+)

diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi 
b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
index 7c649f6..79ae522 100644
--- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
+++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi
@@ -596,6 +596,10 @@
fpga_mgr: fpga-mgr {
compatible = 
"intel,stratix10-soc-fpga-mgr";
};
+
+   rsu: rsu {
+   compatible = "intel,stratix10-rsu";
+   };
};
};
};
-- 
2.7.4



[PATCHv1 4/6] firmware: add Intel Stratix10 remote system update driver

2019-04-09 Thread richard . gong
From: Richard Gong 

The Intel Remote System Update (RSU) driver exposes interfaces access
through the Intel Service Layer to user space via sysfs interface.
The RSU interfaces report and control some of the optional RSU features
on Intel Stratix 10 SoC.

The RSU feature provides a way for customers to update the boot
configuration of a Intel Stratix 10 SoC device with significantly reduced
risk of corrupting the bitstream storage and bricking the system.

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 drivers/firmware/Kconfig |  18 ++
 drivers/firmware/Makefile|   1 +
 drivers/firmware/stratix10-rsu.c | 428 +++
 3 files changed, 447 insertions(+)
 create mode 100644 drivers/firmware/stratix10-rsu.c

diff --git a/drivers/firmware/Kconfig b/drivers/firmware/Kconfig
index cac16c4..9e61d2f 100644
--- a/drivers/firmware/Kconfig
+++ b/drivers/firmware/Kconfig
@@ -228,6 +228,24 @@ config INTEL_STRATIX10_SERVICE
 
  Say Y here if you want Stratix10 service layer support.
 
+config INTEL_STRATIX10_RSU
+tristate "Intel Stratix10 Remote System Update"
+depends on INTEL_STRATIX10_SERVICE
+help
+  The Intel Remote System Update (RSU) driver exposes interfaces
+  access through the Intel Service Layer to user space via Sysfs
+  device attribute nodes. The RSU interfaces report/control some of
+  the optional RSU features of the Stratix 10 SoC FPGA.
+
+  The RSU feature provides a way for customers to update the boot
+  configuration of a Stratix 10 SoC device with significantly reduced
+  risk of corrupting the bitstream storage and bricking the system.
+
+  Enable RSU support if you are using an Intel SoC FPGA with the RSU
+  feature enabled and you want Linux user space control.
+
+  Say Y here if you want Intel RSU support.
+
 config QCOM_SCM
bool
depends on ARM || ARM64
diff --git a/drivers/firmware/Makefile b/drivers/firmware/Makefile
index 80feb63..41b6fa3 100644
--- a/drivers/firmware/Makefile
+++ b/drivers/firmware/Makefile
@@ -13,6 +13,7 @@ obj-$(CONFIG_EDD) += edd.o
 obj-$(CONFIG_EFI_PCDP) += pcdp.o
 obj-$(CONFIG_DMIID)+= dmi-id.o
 obj-$(CONFIG_INTEL_STRATIX10_SERVICE) += stratix10-svc.o
+obj-$(CONFIG_INTEL_STRATIX10_RSU) += stratix10-rsu.o
 obj-$(CONFIG_ISCSI_IBFT_FIND)  += iscsi_ibft_find.o
 obj-$(CONFIG_ISCSI_IBFT)   += iscsi_ibft.o
 obj-$(CONFIG_FIRMWARE_MEMMAP)  += memmap.o
diff --git a/drivers/firmware/stratix10-rsu.c b/drivers/firmware/stratix10-rsu.c
new file mode 100644
index 000..bf410f86
--- /dev/null
+++ b/drivers/firmware/stratix10-rsu.c
@@ -0,0 +1,428 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2018-2019, Intel Corporation
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RSU_VERSION_MASK   GENMASK_ULL(31, 0)
+#define RSU_STATE_MASK GENMASK_ULL(63, 32)
+#define RSU_ERROR_DETAIL_MASK  GENMASK_ULL(31, 0)
+#define RSU_ERROR_LOCATION_MASKGENMASK_ULL(63, 32)
+
+#define RSU_REQUEST_TIMEOUT(msecs_to_jiffies(SVC_RSU_REQUEST_TIMEOUT_MS))
+
+/**
+ * struct stratix10_rsu_priv - rsu data structure
+ * @chan: pointer to the allocated service channel
+ * @client: active service client
+ * @completion: state for callback completion
+ * @status.current_image: address of image currently running in flash
+ * @status.fail_image: address of failed image in flash
+ * @status.version: the version number of RSU firmware
+ * @status.state: the state of RSU system
+ * @status.error_details: error code
+ * @status.error_location: the error offset inside the image that failed
+ */
+struct stratix10_rsu_priv {
+   struct stratix10_svc_chan *chan;
+   struct stratix10_svc_client client;
+   struct completion completion;
+   struct mutex lock;
+   struct {
+   unsigned long current_image;
+   unsigned long fail_image;
+   unsigned int version;
+   unsigned int state;
+   unsigned int error_details;
+   unsigned int error_location;
+   } status;
+};
+
+/**
+ * rsu_status_callback() - Status callback from Intel service layer
+ * @client: pointer to service client
+ * @data: pointer to callback data structure
+ *
+ * Callback from Intel service layer for RSU status request. Status is
+ * only updated after a system reboot, so a get updated status call is
+ * made during driver probe.
+ */
+static void rsu_status_callback(struct stratix10_svc_client *client,
+   struct stratix10_svc_cb_data *data)
+{
+   struct stratix10_rsu_priv *priv = client->priv;
+   struct arm_smccc_res *res = (struct arm_smccc_res *)data->kaddr1;
+
+   if (data->status == BIT(SVC_STATUS_RSU_OK)) {
+

[PATCHv1 6/6] MAINTAINERS: add maintainer for Intel Stratix10 FW drivers

2019-04-09 Thread richard . gong
From: Richard Gong 

Add myself as maintainer for the newly created Intel Stratix10
firmware drivers.

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 MAINTAINERS | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 4cf3cbf..d7054f5 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -8039,6 +8039,16 @@ S:   Supported
 F: drivers/infiniband/hw/i40iw/
 F: include/uapi/rdma/i40iw-abi.h
 
+INTEL STRATIX10 FIRMWARE DRIVERS
+M: Richard Gong 
+L: linux-kernel@vger.kernel.org
+S: Maintained
+F: drivers/firmware/stratix10*
+F: include/linux/firmware/intel/
+F: Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
+F: Documentation/devicetree/bindings/firmware/intel,stratix10-rsu.txt
+F: Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt
+
 INTEL TELEMETRY DRIVER
 M: Rajneesh Bhardwaj 
 M: "David E. Box" 
-- 
2.7.4



[PATCHv1 5/6] firmware: rsu: document sysfs interface

2019-04-09 Thread richard . gong
From: Richard Gong 

Describe Intel Stratix10 Remote System Update (RSU) device attributes

Signed-off-by: Richard Gong 
Reviewed-by: Alan Tull 
---
 .../testing/sysfs-devices-platform-stratix10-rsu   | 78 ++
 1 file changed, 78 insertions(+)
 create mode 100644 
Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu

diff --git a/Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu 
b/Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
new file mode 100644
index 000..cb461ee
--- /dev/null
+++ b/Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
@@ -0,0 +1,78 @@
+   Intel Stratix10 Remote System Update (RSU) device attributes
+
+What:  
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/current_image
+Date:  April 2019
+KernelVersion: 5.2
+Contact:   Richard Gong 
+Description:
+   (RO) the address of image currently running in flash.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/fail_image
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (RO) the address of failed image in flash.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/state
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (RO) the state of RSU system.
+   The state field has two parts: major error code in upper 16 
bits and minor error code
+   in lower 16 bits.
+   1. Major error code
+   0xF001 -- bitstream error
+   0xF002 -- hardware access failure
+   0xF003 -- bitstream corruption
+   0xF004 -- internal error
+   0xF005 -- device error
+   0xF006 -- HPS watchdog timeout
+   0xF007 -- internal unknown error
+   2: Minor error code
+   Currently used only when major error is 0xF006 (HPS 
watchdog timeout), in which
+   case the minor error code is the value reported by HPS to 
firmware through the RSU notify
+   command before the watchdog timeout occurs.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/version
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (RO) the version number of RSU firmware.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/error_location
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (RO) the error offset inside the image that failed.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/error_details
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (RO) error code.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/reboot_image
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (WO) the address of image to be loaded on next reboot command.
+
+What:   
/sys/devices/platform/soc:firmware:svc/soc:firmware:svc:rsu/notify
+Date:   April 2019
+KernelVersion:  5.2
+Contact:Richard Gong 
+Description:
+   (WO) inform firmware that the current software state as a 16-bit
+   numerical value below:
+   0 -- the first stage bootloader didn't run or didn't reach the
+point of launching second stage bootloader
+   1 -- failed in second bootloader or didn't get to the point of
+launching the operating system
+   2 -- both first and second stage bootloader ran and the 
operating
+system launch was attempted.
-- 
2.7.4



[PATCHv3] firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0

2021-02-23 Thread richard . gong
From: Richard Gong 

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.

Cc:  # 5.9+
Fixes: 36847f9e3e56 ("firmware: stratix10-svc: correct reconfig flag and 
timeout values")
Signed-off-by: Richard Gong 
---
v3: correct the missing item in the Fixes subject line
v2: add tag Cc:  # 5.9+
add 'Fixes: ... ' line in the comment
---
 include/linux/firmware/intel/stratix10-svc-client.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index a93d859..f843c6a 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -56,7 +56,7 @@
  * COMMAND_RECONFIG_FLAG_PARTIAL:
  * Set to FPGA configuration type (full or partial).
  */
-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
 
 /**
  * Timeout settings for service clients:
-- 
2.7.4



Re: [PATCHv4 5/6] dt-bindings: fpga: add authenticate-fpga-config property

2021-02-02 Thread Richard Gong



Hi Moritz,

On 2/1/21 10:27 PM, Moritz Fischer wrote:

On Mon, Feb 01, 2021 at 09:21:58AM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication,
which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v4: explain authenticate-fpga-config flag further
v3: no change
v2: put authenticate-fpga-config above partial-fpga-config
 update commit messages
---
  Documentation/devicetree/bindings/fpga/fpga-region.txt | 4 
  1 file changed, 4 insertions(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..e2740b6 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -182,6 +182,10 @@ Optional properties:
This property is optional if the FPGA Manager handles the bridges.
  If the fpga-region is  the child of a fpga-bridge, the list should not
  contain the parent bridge.
+- authenticate-fpga-config : boolean, set if do bitstream authentication only.
+   flag authenticate-fpga-config is used to first check the integrity of
+   the bitstream. If the authentication is passed, the user can perform
+   other operations.

 From the other commits it looks like it *also* writes to QSPI? If so
please document that.

If not, feel free to ignore :)

Maybe I would highlight two things:
a) If you add 'authenticate-fpga-config' you are not allowed to add new
nodes
b) If you add 'authenticate-fpga-config' you are not alllowed to add
other operations


How about the descriptions below?

- authenticate-fpga-config : boolean, set if do bitstream authentication 
only.
If 'authenticate-fpga-config' is added then adding a new node or another 
operation is not allowed.
Flag authenticate-fpga-config is used to check the integrity of the 
bitstream.
Except for the actual configuration of the device, the authentication 
works in the same way as FPGA configuration. If the authentication 
passes, other operations such as full or partial reconfiguration can be 
performed. When the bitstream into QSPI flash memory at device is 
programmed, it is expected that there will be no issue when starting the 
device.



  - partial-fpga-config : boolean, set if partial reconfiguration is to be done,
otherwise full reconfiguration is done.
  - external-fpga-config : boolean, set if the FPGA has already been configured
--
2.7.4


Thanks,
Moritz


Regards,
Richard


[PATCHv4 2/6] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-02-01 Thread richard . gong
From: Richard Gong 

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.

Signed-off-by: Richard Gong 
---
v4: no change
v3: new added, changes for getting firmware version
---
 drivers/firmware/stratix10-svc.c| 12 ++--
 include/linux/firmware/intel/stratix10-smc.h| 21 +++--
 include/linux/firmware/intel/stratix10-svc-client.h |  4 
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..1443bbd 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -306,6 +306,7 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
break;
case COMMAND_RSU_RETRY:
case COMMAND_RSU_MAX_RETRY:
+   case COMMAND_FIRMWARE_VERSION:
cb_data->status = BIT(SVC_STATUS_OK);
cb_data->kaddr1 = &res.a1;
break;
@@ -422,6 +423,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = 0;
a2 = 0;
break;
+   case COMMAND_FIRMWARE_VERSION:
+   a0 = INTEL_SIP_SMC_FIRMWARE_VERSION;
+   a1 = 0;
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -487,11 +493,13 @@ static int svc_normal_to_secure_thread(void *data)
 
/*
 * be compatible with older version firmware which
-* doesn't support RSU notify or retry
+* doesn't support RSU notify, retry or bitstream
+* authentication.
 */
if ((pdata->command == COMMAND_RSU_RETRY) ||
(pdata->command == COMMAND_RSU_MAX_RETRY) ||
-   (pdata->command == COMMAND_RSU_NOTIFY)) {
+   (pdata->command == COMMAND_RSU_NOTIFY) ||
+   (pdata->command == COMMAND_FIRMWARE_VERSION)) {
cbdata->status =
BIT(SVC_STATUS_NO_SUPPORT);
cbdata->kaddr1 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index c3e5ab0..505fcca 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -321,8 +321,6 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_ECC_DBE \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
 
-#endif
-
 /**
  * Request INTEL_SIP_SMC_RSU_NOTIFY
  *
@@ -404,3 +402,22 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY 18
 #define INTEL_SIP_SMC_RSU_MAX_RETRY \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY)
+
+/**
+ * Request INTEL_SIP_SMC_FIRMWARE_VERSION
+ *
+ * Sync call used to query the version of running firmware
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FIRMWARE_VERSION
+ * a1-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1 running firmware version
+ */
+#define INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION 31
+#define INTEL_SIP_SMC_FIRMWARE_VERSION \
+   INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION)
+
+#endif
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index fa9581d..193a2cf 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -109,6 +109,9 @@ struct stratix10_svc_chan;
  *
  * @COMMAND_RSU_DCMF_VERSION: query firmware for the DCMF version, return 
status
  * is SVC_STATUS_OK or SVC_STATUS_ERROR
+ *
+ * @COMMAND_FIRMWARE_VERSION: query running firmware version, return status
+ * is SVC_STATUS_OK or SVC_STATUS_ERROR
  */
 enum stratix10_svc_command_code {
COMMAND_NOOP = 0,
@@ -122,6 +125,7 @@ enum stratix10_svc_command_code {
COMMAND_RSU_RETRY,
COMMAND_RSU_MAX_RETRY,
COMMAND_RSU_DCMF_VERSION,
+   COMMAND_FIRMWARE_VERSION,
 };
 
 /**
-- 
2.7.4



[PATCHv4 4/6] fpga: of-fpga-region: add authenticate-fpga-config property

2021-02-01 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property to support FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v4: add additional checks to make sure *only* authenticate
v3: no change
v2: changed in alphabetical order
---
 drivers/fpga/of-fpga-region.c | 24 +---
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309..5074479 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -218,15 +218,25 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 
info->overlay = overlay;
 
-   /* Read FPGA region properties from the overlay */
-   if (of_property_read_bool(overlay, "partial-fpga-config"))
-   info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
+   /*
+* Read FPGA region properties from the overlay.
+*
+* First check the integrity of the bitstream. If the
+* authentication is passed, the user can perform other
+* operations.
+*/
+   if (of_property_read_bool(overlay, "authenticate-fpga-config")) {
+   info->flags |= FPGA_MGR_BITSTREAM_AUTHENTICATE;
+   } else {
+   if (of_property_read_bool(overlay, "partial-fpga-config"))
+   info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
 
-   if (of_property_read_bool(overlay, "external-fpga-config"))
-   info->flags |= FPGA_MGR_EXTERNAL_CONFIG;
+   if (of_property_read_bool(overlay, "external-fpga-config"))
+   info->flags |= FPGA_MGR_EXTERNAL_CONFIG;
 
-   if (of_property_read_bool(overlay, "encrypted-fpga-config"))
-   info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
+   if (of_property_read_bool(overlay, "encrypted-fpga-config"))
+   info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
+   }
 
if (!of_property_read_string(overlay, "firmware-name",
 &firmware_name)) {
-- 
2.7.4



[PATCHv4 5/6] dt-bindings: fpga: add authenticate-fpga-config property

2021-02-01 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication,
which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v4: explain authenticate-fpga-config flag further
v3: no change
v2: put authenticate-fpga-config above partial-fpga-config
update commit messages
---
 Documentation/devicetree/bindings/fpga/fpga-region.txt | 4 
 1 file changed, 4 insertions(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..e2740b6 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -182,6 +182,10 @@ Optional properties:
This property is optional if the FPGA Manager handles the bridges.
 If the fpga-region is  the child of a fpga-bridge, the list should not
 contain the parent bridge.
+- authenticate-fpga-config : boolean, set if do bitstream authentication only.
+   flag authenticate-fpga-config is used to first check the integrity of
+   the bitstream. If the authentication is passed, the user can perform
+   other operations.
 - partial-fpga-config : boolean, set if partial reconfiguration is to be done,
otherwise full reconfiguration is done.
 - external-fpga-config : boolean, set if the FPGA has already been configured
-- 
2.7.4



[PATCHv4 1/6] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2021-02-01 Thread richard . gong
From: Richard Gong 

Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream
authentication feature. Authenticating a bitstream is to make sure a signed
bitstream has the valid signatures.

Except for the actual configuration of the device, the bitstream
authentication works the same way as FPGA configuration does. If the
authentication passes, the signed bitstream will be programmed into QSPI
flash memory and will be expected to boot without issues.

Signed-off-by: Richard Gong 
---
v4: remove change at COMMAND_RECONFIG_FLAG_PARTIAL flag & add that to a
separate commit 27ad5309c247b6bde8a098e17e9bd9b1576b7f71.
v3: no change
v2: new added
---
 include/linux/firmware/intel/stratix10-svc-client.h | 5 +
 1 file changed, 5 insertions(+)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index f843c6a..fa9581d 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -55,8 +55,13 @@
  *
  * COMMAND_RECONFIG_FLAG_PARTIAL:
  * Set to FPGA configuration type (full or partial).
+ *
+ * COMMAND_AUTHENTICATE_BITSTREAM:
+ * Set for bitstream authentication, which makes sure a signed bitstream
+ * has valid signatures before committing it to device.
  */
 #define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1
 
 /**
  * Timeout settings for service clients:
-- 
2.7.4



[PATCHv4 6/6] fpga: stratix10-soc: extend driver for bitstream authentication

2021-02-01 Thread richard . gong
From: Richard Gong 

Extend FPGA manager driver to support FPGA bitstream authentication on
Intel SocFPGA platforms.

Signed-off-by: Richard Gong 
---
v4: s/FPGA_MGR_BITSTREM_AUTHENTICATION/FPGA_MGR_BITSTREAM_AUTHENTICATE
v3: add handle to retriev the firmware version to keep driver
back compatible
v2: use flag defined in stratix10-svc driver
---
 drivers/fpga/stratix10-soc.c | 62 +++-
 1 file changed, 56 insertions(+), 6 deletions(-)

diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
index 657a70c..9ab7afd 100644
--- a/drivers/fpga/stratix10-soc.c
+++ b/drivers/fpga/stratix10-soc.c
@@ -24,6 +24,10 @@
 #define S10_BUFFER_TIMEOUT (msecs_to_jiffies(SVC_RECONFIG_BUFFER_TIMEOUT_MS))
 #define S10_RECONFIG_TIMEOUT 
(msecs_to_jiffies(SVC_RECONFIG_REQUEST_TIMEOUT_MS))
 
+#define INVALID_FIRMWARE_VERSION   0x
+typedef void (*s10_callback)(struct stratix10_svc_client *client,
+struct stratix10_svc_cb_data *data);
+
 /*
  * struct s10_svc_buf
  * buf:  virtual address of buf provided by service layer
@@ -40,11 +44,13 @@ struct s10_priv {
struct completion status_return_completion;
struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
unsigned long status;
+   unsigned int fw_version;
 };
 
 static int s10_svc_send_msg(struct s10_priv *priv,
enum stratix10_svc_command_code command,
-   void *payload, u32 payload_length)
+   void *payload, u32 payload_length,
+   s10_callback callback)
 {
struct stratix10_svc_chan *chan = priv->chan;
struct device *dev = priv->client.dev;
@@ -57,6 +63,7 @@ static int s10_svc_send_msg(struct s10_priv *priv,
msg.command = command;
msg.payload = payload;
msg.payload_length = payload_length;
+   priv->client.receive_cb = callback;
 
ret = stratix10_svc_send(chan, &msg);
dev_dbg(dev, "stratix10_svc_send returned status %d\n", ret);
@@ -134,6 +141,29 @@ static void s10_unlock_bufs(struct s10_priv *priv, void 
*kaddr)
 }
 
 /*
+ * s10_fw_version_callback - callback for the version of running firmware
+ * @client: service layer client struct
+ * @data: message from service layer
+ */
+static void s10_fw_version_callback(struct stratix10_svc_client *client,
+   struct stratix10_svc_cb_data *data)
+{
+   struct s10_priv *priv = client->priv;
+   unsigned int *version = (unsigned int *)data->kaddr1;
+
+   if (data->status == BIT(SVC_STATUS_OK))
+   priv->fw_version = *version;
+   else if (data->status == BIT(SVC_STATUS_NO_SUPPORT))
+   dev_warn(client->dev,
+"FW doesn't support bitstream authentication\n");
+   else
+   dev_err(client->dev, "Failed to get FW version %lu\n",
+   BIT(data->status));
+
+   complete(&priv->status_return_completion);
+}
+
+/*
  * s10_receive_callback - callback for service layer to use to provide client
  * (this driver) messages received through the mailbox.
  * client: service layer client struct
@@ -186,13 +216,22 @@ static int s10_ops_write_init(struct fpga_manager *mgr,
if (info->flags & FPGA_MGR_PARTIAL_RECONFIG) {
dev_dbg(dev, "Requesting partial reconfiguration.\n");
ctype.flags |= BIT(COMMAND_RECONFIG_FLAG_PARTIAL);
+   } else if (info->flags & FPGA_MGR_BITSTREAM_AUTHENTICATE) {
+   if (priv->fw_version == INVALID_FIRMWARE_VERSION) {
+   dev_err(dev, "FW doesn't support\n");
+   return -EINVAL;
+   }
+
+   dev_dbg(dev, "Requesting bitstream authentication.\n");
+   ctype.flags |= BIT(COMMAND_AUTHENTICATE_BITSTREAM);
} else {
dev_dbg(dev, "Requesting full reconfiguration.\n");
}
 
reinit_completion(&priv->status_return_completion);
ret = s10_svc_send_msg(priv, COMMAND_RECONFIG,
-  &ctype, sizeof(ctype));
+  &ctype, sizeof(ctype),
+  s10_receive_callback);
if (ret < 0)
goto init_done;
 
@@ -259,7 +298,7 @@ static int s10_send_buf(struct fpga_manager *mgr, const 
char *buf, size_t count)
svc_buf = priv->svc_bufs[i].buf;
memcpy(svc_buf, buf, xfer_sz);
ret = s10_svc_send_msg(priv, COMMAND_RECONFIG_DATA_SUBMIT,
-  svc_buf, xfer_sz);
+  svc_buf, xfer_sz, s10_receive_callback);
if (ret < 0) {
dev_err(dev,
"Error while sending data to service layer (%d)", ret);

[PATCHv4 3/6] fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag

2021-02-01 Thread richard . gong
From: Richard Gong 

Add FPGA_MGR_BITSTREAM_AUTHENTICATE flag for FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Except for the actual configuration of the device, the authentication works
the same way as FPGA configuration does. If the authentication passes, the
bitstream will be programmed into QSPI flash and will be expected to boot
without issues.

Signed-off-by: Richard Gong 
---
v4: s/FPGA_MGR_BITSTREM_AUTHENTICATION/FPGA_MGR_BITSTREAM_AUTHENTICATE
v3: no change
v2: align all FPGA_MGR_* flags
update the commit messages
---
 include/linux/fpga/fpga-mgr.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030..a81b3a7 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ *
+ * %FPGA_MGR_BITSTREAM_AUTHENTICATE: do FPGA bitstream authentication only
  */
 #define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_BITSTREAM_AUTHENTICATEBIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
-- 
2.7.4



[PATCHv4 0/6] Extend Intel service layer, FPGA manager and region

2021-02-01 Thread richard . gong
From: Richard Gong 

This is 4th submission of Intel service layer and FPGA patches.

This submission includes additional changes for Intel service layer driver
to get the firmware version running at FPGA SoC device. Then FPGA manager
driver, one of Intel service layer driver's client, can decide whether to
handle the newly added bitstream authentication function based on the
retrieved firmware version. So that we can maintain FPGA manager driver
the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the
firmware will authenticate the bitstream but not program the bitstream to
device. If the authentication passes, the bitstream will be programmed into
QSPI flash and will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the
bitstream authentication feature.

Richard Gong (6):
  firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
  firmware: stratix10-svc: extend SVC driver to get the firmware version
  fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
  fpga: of-fpga-region: add authenticate-fpga-config property
  dt-bindings: fpga: add authenticate-fpga-config property
  fpga: stratix10-soc: extend driver for bitstream authentication

 .../devicetree/bindings/fpga/fpga-region.txt   |  4 ++
 drivers/firmware/stratix10-svc.c   | 12 -
 drivers/fpga/of-fpga-region.c  | 24 ++---
 drivers/fpga/stratix10-soc.c   | 62 +++---
 include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
 .../linux/firmware/intel/stratix10-svc-client.h|  9 
 include/linux/fpga/fpga-mgr.h  |  3 ++
 7 files changed, 118 insertions(+), 17 deletions(-)

-- 
2.7.4



[PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-02-09 Thread richard . gong
From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which
includes the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver
to get the firmware version running at FPGA SoC device. Then FPGA manager
driver, one of Intel service layer driver's client, can decide whether to
handle the newly added bitstream authentication function based on the
retrieved firmware version. So that we can maintain FPGA manager driver
the back compatible.

Bitstream authentication makes sure a signed bitstream has valid
signatures.

The customer sends the bitstream via FPGA framework and overlay, the
firmware will authenticate the bitstream but not program the bitstream to
device. If the authentication passes, the bitstream will be programmed into
QSPI flash and will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the
bitstream authentication feature. 

Richard Gong (7):
  firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
  firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
  firmware: stratix10-svc: extend SVC driver to get the firmware version
  fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
  fpga: of-fpga-region: add authenticate-fpga-config property
  dt-bindings: fpga: add authenticate-fpga-config property
  fpga: stratix10-soc: extend driver for bitstream authentication

 .../devicetree/bindings/fpga/fpga-region.txt   | 10 
 drivers/firmware/stratix10-svc.c   | 12 -
 drivers/fpga/of-fpga-region.c  | 24 ++---
 drivers/fpga/stratix10-soc.c   | 62 +++---
 include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
 .../linux/firmware/intel/stratix10-svc-client.h| 11 +++-
 include/linux/fpga/fpga-mgr.h  |  3 ++
 7 files changed, 125 insertions(+), 18 deletions(-)

-- 
2.7.4



[PATCHv5 6/7] dt-bindings: fpga: add authenticate-fpga-config property

2021-02-09 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication,
which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v5: rewrite the description to highlight two things with
authenticate-fpga-config flag
v4: explain authenticate-fpga-config flag further
v3: no change
v2: put authenticate-fpga-config above partial-fpga-config
update commit messages
---
 Documentation/devicetree/bindings/fpga/fpga-region.txt | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..dca0e37 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -182,6 +182,16 @@ Optional properties:
This property is optional if the FPGA Manager handles the bridges.
 If the fpga-region is  the child of a fpga-bridge, the list should not
 contain the parent bridge.
+- authenticate-fpga-config : boolean, set if do bitstream authentication only.
+   If 'authenticate-fpga-config' is added then adding a new node or another
+   operation is not allowed.
+   Flag authenticate-fpga-config is used to check the integrity of the
+   bitstream.
+   Except for the actual configuration of the device, the authentication
+   works in the same way as FPGA configuration. If the authentication 
passes,
+   other operations such as full or partial reconfiguration can be 
performed.
+   When the bitstream into QSPI flash memory at device is programmed, it is
+   expected that there will be no issue when starting the device.
 - partial-fpga-config : boolean, set if partial reconfiguration is to be done,
otherwise full reconfiguration is done.
 - external-fpga-config : boolean, set if the FPGA has already been configured
-- 
2.7.4



[PATCHv5 1/7] firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0

2021-02-09 Thread richard . gong
From: Richard Gong 

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.

Fixes: 36847f9e3e56 ("firmware: stratix10-svc: correct reconfig flag and 
timeout values")
Signed-off-by: Richard Gong 
---
v5: new add, add the missing standalone patch
---
 include/linux/firmware/intel/stratix10-svc-client.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index a93d859..f843c6a 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -56,7 +56,7 @@
  * COMMAND_RECONFIG_FLAG_PARTIAL:
  * Set to FPGA configuration type (full or partial).
  */
-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
 
 /**
  * Timeout settings for service clients:
-- 
2.7.4



[PATCHv5 2/7] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2021-02-09 Thread richard . gong
From: Richard Gong 

Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream
authentication feature. Authenticating a bitstream is to make sure a signed
bitstream has the valid signatures.

Except for the actual configuration of the device, the bitstream
authentication works the same way as FPGA configuration does. If the
authentication passes, the signed bitstream will be programmed into QSPI
flash memory and will be expected to boot without issues.

Signed-off-by: Richard Gong 
---
v5: no change
v4: remove change at COMMAND_RECONFIG_FLAG_PARTIAL flag & add that to a
separate commit 27ad5309c247b6bde8a098e17e9bd9b1576b7f71.
v3: no change
v2: new added
---
 include/linux/firmware/intel/stratix10-svc-client.h | 5 +
 1 file changed, 5 insertions(+)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index f843c6a..fa9581d 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -55,8 +55,13 @@
  *
  * COMMAND_RECONFIG_FLAG_PARTIAL:
  * Set to FPGA configuration type (full or partial).
+ *
+ * COMMAND_AUTHENTICATE_BITSTREAM:
+ * Set for bitstream authentication, which makes sure a signed bitstream
+ * has valid signatures before committing it to device.
  */
 #define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1
 
 /**
  * Timeout settings for service clients:
-- 
2.7.4



[PATCHv5 3/7] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-02-09 Thread richard . gong
From: Richard Gong 

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.

Signed-off-by: Richard Gong 
---
v5: no change
v4: no change
v3: new added, changes for getting firmware version
---
 drivers/firmware/stratix10-svc.c| 12 ++--
 include/linux/firmware/intel/stratix10-smc.h| 21 +++--
 include/linux/firmware/intel/stratix10-svc-client.h |  4 
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..1443bbd 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -306,6 +306,7 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
break;
case COMMAND_RSU_RETRY:
case COMMAND_RSU_MAX_RETRY:
+   case COMMAND_FIRMWARE_VERSION:
cb_data->status = BIT(SVC_STATUS_OK);
cb_data->kaddr1 = &res.a1;
break;
@@ -422,6 +423,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = 0;
a2 = 0;
break;
+   case COMMAND_FIRMWARE_VERSION:
+   a0 = INTEL_SIP_SMC_FIRMWARE_VERSION;
+   a1 = 0;
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -487,11 +493,13 @@ static int svc_normal_to_secure_thread(void *data)
 
/*
 * be compatible with older version firmware which
-* doesn't support RSU notify or retry
+* doesn't support RSU notify, retry or bitstream
+* authentication.
 */
if ((pdata->command == COMMAND_RSU_RETRY) ||
(pdata->command == COMMAND_RSU_MAX_RETRY) ||
-   (pdata->command == COMMAND_RSU_NOTIFY)) {
+   (pdata->command == COMMAND_RSU_NOTIFY) ||
+   (pdata->command == COMMAND_FIRMWARE_VERSION)) {
cbdata->status =
BIT(SVC_STATUS_NO_SUPPORT);
cbdata->kaddr1 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index c3e5ab0..505fcca 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -321,8 +321,6 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_ECC_DBE \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
 
-#endif
-
 /**
  * Request INTEL_SIP_SMC_RSU_NOTIFY
  *
@@ -404,3 +402,22 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY 18
 #define INTEL_SIP_SMC_RSU_MAX_RETRY \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY)
+
+/**
+ * Request INTEL_SIP_SMC_FIRMWARE_VERSION
+ *
+ * Sync call used to query the version of running firmware
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FIRMWARE_VERSION
+ * a1-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1 running firmware version
+ */
+#define INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION 31
+#define INTEL_SIP_SMC_FIRMWARE_VERSION \
+   INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION)
+
+#endif
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index fa9581d..193a2cf 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -109,6 +109,9 @@ struct stratix10_svc_chan;
  *
  * @COMMAND_RSU_DCMF_VERSION: query firmware for the DCMF version, return 
status
  * is SVC_STATUS_OK or SVC_STATUS_ERROR
+ *
+ * @COMMAND_FIRMWARE_VERSION: query running firmware version, return status
+ * is SVC_STATUS_OK or SVC_STATUS_ERROR
  */
 enum stratix10_svc_command_code {
COMMAND_NOOP = 0,
@@ -122,6 +125,7 @@ enum stratix10_svc_command_code {
COMMAND_RSU_RETRY,
COMMAND_RSU_MAX_RETRY,
COMMAND_RSU_DCMF_VERSION,
+   COMMAND_FIRMWARE_VERSION,
 };
 
 /**
-- 
2.7.4



[PATCHv5 7/7] fpga: stratix10-soc: extend driver for bitstream authentication

2021-02-09 Thread richard . gong
From: Richard Gong 

Extend FPGA manager driver to support FPGA bitstream authentication on
Intel SocFPGA platforms.

Signed-off-by: Richard Gong 
---
v5: no change
v4: s/FPGA_MGR_BITSTREM_AUTHENTICATION/FPGA_MGR_BITSTREAM_AUTHENTICATE
v3: add handle to retriev the firmware version to keep driver
back compatible
v2: use flag defined in stratix10-svc driver
---
 drivers/fpga/stratix10-soc.c | 62 +++-
 1 file changed, 56 insertions(+), 6 deletions(-)

diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
index 657a70c..9ab7afd 100644
--- a/drivers/fpga/stratix10-soc.c
+++ b/drivers/fpga/stratix10-soc.c
@@ -24,6 +24,10 @@
 #define S10_BUFFER_TIMEOUT (msecs_to_jiffies(SVC_RECONFIG_BUFFER_TIMEOUT_MS))
 #define S10_RECONFIG_TIMEOUT 
(msecs_to_jiffies(SVC_RECONFIG_REQUEST_TIMEOUT_MS))
 
+#define INVALID_FIRMWARE_VERSION   0x
+typedef void (*s10_callback)(struct stratix10_svc_client *client,
+struct stratix10_svc_cb_data *data);
+
 /*
  * struct s10_svc_buf
  * buf:  virtual address of buf provided by service layer
@@ -40,11 +44,13 @@ struct s10_priv {
struct completion status_return_completion;
struct s10_svc_buf svc_bufs[NUM_SVC_BUFS];
unsigned long status;
+   unsigned int fw_version;
 };
 
 static int s10_svc_send_msg(struct s10_priv *priv,
enum stratix10_svc_command_code command,
-   void *payload, u32 payload_length)
+   void *payload, u32 payload_length,
+   s10_callback callback)
 {
struct stratix10_svc_chan *chan = priv->chan;
struct device *dev = priv->client.dev;
@@ -57,6 +63,7 @@ static int s10_svc_send_msg(struct s10_priv *priv,
msg.command = command;
msg.payload = payload;
msg.payload_length = payload_length;
+   priv->client.receive_cb = callback;
 
ret = stratix10_svc_send(chan, &msg);
dev_dbg(dev, "stratix10_svc_send returned status %d\n", ret);
@@ -134,6 +141,29 @@ static void s10_unlock_bufs(struct s10_priv *priv, void 
*kaddr)
 }
 
 /*
+ * s10_fw_version_callback - callback for the version of running firmware
+ * @client: service layer client struct
+ * @data: message from service layer
+ */
+static void s10_fw_version_callback(struct stratix10_svc_client *client,
+   struct stratix10_svc_cb_data *data)
+{
+   struct s10_priv *priv = client->priv;
+   unsigned int *version = (unsigned int *)data->kaddr1;
+
+   if (data->status == BIT(SVC_STATUS_OK))
+   priv->fw_version = *version;
+   else if (data->status == BIT(SVC_STATUS_NO_SUPPORT))
+   dev_warn(client->dev,
+"FW doesn't support bitstream authentication\n");
+   else
+   dev_err(client->dev, "Failed to get FW version %lu\n",
+   BIT(data->status));
+
+   complete(&priv->status_return_completion);
+}
+
+/*
  * s10_receive_callback - callback for service layer to use to provide client
  * (this driver) messages received through the mailbox.
  * client: service layer client struct
@@ -186,13 +216,22 @@ static int s10_ops_write_init(struct fpga_manager *mgr,
if (info->flags & FPGA_MGR_PARTIAL_RECONFIG) {
dev_dbg(dev, "Requesting partial reconfiguration.\n");
ctype.flags |= BIT(COMMAND_RECONFIG_FLAG_PARTIAL);
+   } else if (info->flags & FPGA_MGR_BITSTREAM_AUTHENTICATE) {
+   if (priv->fw_version == INVALID_FIRMWARE_VERSION) {
+   dev_err(dev, "FW doesn't support\n");
+   return -EINVAL;
+   }
+
+   dev_dbg(dev, "Requesting bitstream authentication.\n");
+   ctype.flags |= BIT(COMMAND_AUTHENTICATE_BITSTREAM);
} else {
dev_dbg(dev, "Requesting full reconfiguration.\n");
}
 
reinit_completion(&priv->status_return_completion);
ret = s10_svc_send_msg(priv, COMMAND_RECONFIG,
-  &ctype, sizeof(ctype));
+  &ctype, sizeof(ctype),
+  s10_receive_callback);
if (ret < 0)
goto init_done;
 
@@ -259,7 +298,7 @@ static int s10_send_buf(struct fpga_manager *mgr, const 
char *buf, size_t count)
svc_buf = priv->svc_bufs[i].buf;
memcpy(svc_buf, buf, xfer_sz);
ret = s10_svc_send_msg(priv, COMMAND_RECONFIG_DATA_SUBMIT,
-  svc_buf, xfer_sz);
+  svc_buf, xfer_sz, s10_receive_callback);
if (ret < 0) {
dev_err(dev,
"Error while sending data to service layer (%d)", ret);

[PATCHv5 4/7] fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag

2021-02-09 Thread richard . gong
From: Richard Gong 

Add FPGA_MGR_BITSTREAM_AUTHENTICATE flag for FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Except for the actual configuration of the device, the authentication works
the same way as FPGA configuration does. If the authentication passes, the
bitstream will be programmed into QSPI flash and will be expected to boot
without issues.

Signed-off-by: Richard Gong 
---
v5: no change
v4: s/FPGA_MGR_BITSTREM_AUTHENTICATION/FPGA_MGR_BITSTREAM_AUTHENTICATE
v3: no change
v2: align all FPGA_MGR_* flags
update the commit messages
---
 include/linux/fpga/fpga-mgr.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030..a81b3a7 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ *
+ * %FPGA_MGR_BITSTREAM_AUTHENTICATE: do FPGA bitstream authentication only
  */
 #define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
 #define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
 #define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
 #define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
 #define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_BITSTREAM_AUTHENTICATEBIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
-- 
2.7.4



[PATCHv5 5/7] fpga: of-fpga-region: add authenticate-fpga-config property

2021-02-09 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property to support FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v5: no change
v4: add additional checks to make sure *only* authenticate
v3: no change
v2: changed in alphabetical order
---
 drivers/fpga/of-fpga-region.c | 24 +---
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309..5074479 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -218,15 +218,25 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
 
info->overlay = overlay;
 
-   /* Read FPGA region properties from the overlay */
-   if (of_property_read_bool(overlay, "partial-fpga-config"))
-   info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
+   /*
+* Read FPGA region properties from the overlay.
+*
+* First check the integrity of the bitstream. If the
+* authentication is passed, the user can perform other
+* operations.
+*/
+   if (of_property_read_bool(overlay, "authenticate-fpga-config")) {
+   info->flags |= FPGA_MGR_BITSTREAM_AUTHENTICATE;
+   } else {
+   if (of_property_read_bool(overlay, "partial-fpga-config"))
+   info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
 
-   if (of_property_read_bool(overlay, "external-fpga-config"))
-   info->flags |= FPGA_MGR_EXTERNAL_CONFIG;
+   if (of_property_read_bool(overlay, "external-fpga-config"))
+   info->flags |= FPGA_MGR_EXTERNAL_CONFIG;
 
-   if (of_property_read_bool(overlay, "encrypted-fpga-config"))
-   info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
+   if (of_property_read_bool(overlay, "encrypted-fpga-config"))
+   info->flags |= FPGA_MGR_ENCRYPTED_BITSTREAM;
+   }
 
if (!of_property_read_string(overlay, "firmware-name",
 &firmware_name)) {
-- 
2.7.4



Re: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-02-25 Thread Richard Gong
The first patch of the version 5 patch set is a fix for the mainline, I 
submitted a separate patch for a fix at the stable.


Regards,
Richard


On 2/25/21 7:28 AM, Tom Rix wrote:

The first patch is a fix that is targeted for stable.

Tom

On 2/25/21 5:07 AM, Gong, Richard wrote:

Hi Moritz,

Sorry for asking.

When you have chance, can you help review the version 5 patchset submitted on 
02/09/21?

Regards,
Richard

-Original Message-
From: richard.g...@linux.intel.com 
Sent: Tuesday, February 9, 2021 4:20 PM
To: m...@kernel.org; t...@redhat.com; gre...@linuxfoundation.org; 
linux-f...@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Gong, Richard 
Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which includes 
the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver to 
get the firmware version running at FPGA SoC device. Then FPGA manager driver, 
one of Intel service layer driver's client, can decide whether to handle the 
newly added bitstream authentication function based on the retrieved firmware 
version. So that we can maintain FPGA manager driver the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the firmware 
will authenticate the bitstream but not program the bitstream to device. If the 
authentication passes, the bitstream will be programmed into QSPI flash and 
will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the 
bitstream authentication feature.

Richard Gong (7):
   firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
   firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
   firmware: stratix10-svc: extend SVC driver to get the firmware version
   fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
   fpga: of-fpga-region: add authenticate-fpga-config property
   dt-bindings: fpga: add authenticate-fpga-config property
   fpga: stratix10-soc: extend driver for bitstream authentication

  .../devicetree/bindings/fpga/fpga-region.txt   | 10 
  drivers/firmware/stratix10-svc.c   | 12 -
  drivers/fpga/of-fpga-region.c  | 24 ++---
  drivers/fpga/stratix10-soc.c   | 62 +++---
  include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
  .../linux/firmware/intel/stratix10-svc-client.h| 11 +++-
  include/linux/fpga/fpga-mgr.h  |  3 ++
  7 files changed, 125 insertions(+), 18 deletions(-)

--
2.7.4





Re: [PATCHv2] fpga: stratix10-soc: remove the pre-set reconfiguration condition

2020-06-01 Thread Richard Gong

Hi Moritz,


On 5/31/20 2:49 PM, Moritz Fischer wrote:

On Fri, May 29, 2020 at 08:15:15AM -0500, Richard Gong wrote:

Hi Moritz,

Sorry for asking.

When you get chance, can you review my version 2 patch submitted on
05/15/20?

Regards,
Richard

On 5/15/20 9:35 AM, richard.g...@linux.intel.com wrote:

From: Richard Gong 

The reconfiguration mode is pre-set by driver as the full reconfiguration.
As a result, user have to change code and recompile the drivers if he or
she wants to perform a partial reconfiguration. Removing the pre-set
reconfiguration condition so that user can select full or partial
reconfiguration via overlay device tree without recompiling the drivers.


Can you help me understand? See comment below, I'm not sure how this
change changes the behavior.


Flag COMMAND_RECONFIG_FLAG_PARTIAL is defined in Intel service layer 
driver (include/linux/firmware/intel/stratix10-svc-client.h) and the 
default value is zero. It is obvious that COMMAND_RECONFIG_FLAG_PARTIAL 
should be set to 1 to support partial reconfiguration.


Please discard this FPGA patch, I will submit a patch on Intel service 
layer driver.


Regards,
Richard



Also add an error message if the configuration request is failure.

Signed-off-by: Richard Gong 
---
v2: define and use constant values
---
   drivers/fpga/stratix10-soc.c | 9 +++--
   1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
index 44b7c56..4d52a80 100644
--- a/drivers/fpga/stratix10-soc.c
+++ b/drivers/fpga/stratix10-soc.c
@@ -14,9 +14,13 @@
   /*
* FPGA programming requires a higher level of privilege (EL3), per the SoC
* design.
+ * SoC firmware supports full and partial reconfiguration.

Consider:
"The SoC firmware supports full and partial reconfiguration."

*/
   #define NUM_SVC_BUFS 4
   #define SVC_BUF_SIZE SZ_512K
+#define FULL_RECONFIG_FLAG 0
+#define PARTIAL_RECONFIG_FLAG  1
+
   /* Indicates buffer is in use if set */
   #define SVC_BUF_LOCK 0
@@ -182,12 +186,12 @@ static int s10_ops_write_init(struct fpga_manager *mgr,
uint i;
int ret;
-   ctype.flags = 0;
if (info->flags & FPGA_MGR_PARTIAL_RECONFIG) {
dev_dbg(dev, "Requesting partial reconfiguration.\n");
-   ctype.flags |= BIT(COMMAND_RECONFIG_FLAG_PARTIAL);
+   ctype.flags = PARTIAL_RECONFIG_FLAG;
} else {
dev_dbg(dev, "Requesting full reconfiguration.\n");
+   ctype.flags = FULL_RECONFIG_FLAG;
}

Am I missing something here: Doesn't this do the same as before?

Before:
If info->flags & FPGA_MGR_PARTIAL_RECONFIG -> ctype.flags = 0 |
BIT(COMMAND_RECONFIG_FLAG_PARTIAL) -> 1
and ctype->flags = FULL_RECONFIG -> 0 else.

Now:
If info->flags & FPGA_MGR_PARTIAL_RECONFIG -> ctype.flags = PARTIAL_RECONFIG_FLAG 
-> 1
ctype->flags = FULL_REECONFIG_FLAG -> 0 else.

Am I missing something here? If I don't set the flag for partial
reconfig I'd end up with full reconfiguration in both cases?
If I do set the flag, I get partial reconfiguration in both cases?


reinit_completion(&priv->status_return_completion);
@@ -210,6 +214,7 @@ static int s10_ops_write_init(struct fpga_manager *mgr,
ret = 0;
if (!test_and_clear_bit(SVC_STATUS_OK, &priv->status)) {
+   dev_err(dev, "RECONFIG_REQUEST failed\n");
ret = -ETIMEDOUT;
goto init_done;
}



Thanks,
Moritz



[PATCHv1 0/2] add Intel SoCFPGA crypto service driver

2020-08-11 Thread richard . gong
From: Richard Gong 

I followed the process to register or request a valid IOCTL number/letter,
but I got the delivery failure status notification.

Cypto service driver and service layer driver patches have been reviewed
internally by colleagues at Intel.

Intel SoCFPGA is composed of a 64 bit quad-core ARM Cortex A53 hard
processor system (HPS) and Secure Device Manager (SDM). SDM is the
hardware which does the FPGA configuration, QSPI, remote system update,
crypto and warm reset.

To meet the whole system security needs and support virtual machine
requesting communication with SDM, only the secure world of software (EL3,
Exception Level 3) can interface with SDM. All software entities running
on other exception levels must channel through the EL3 software whenever
it needs service from SDM.

Intel Stratix10 service layer driver is added to provide the service for
FPGA configuration, Remote System Update and FPGA crypto service (FCS).
Running at privileged exception level (EL1, Exception Level 1), Intel
Stratix10 service layer driver interfaces with the service clients at EL1
and manages secure monitor call (SMC) to communicate with secure monitor
software at secure monitor exception level (EL3).

The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encryption standard (AES) encryption and decryption services.

To perform supporting crypto features on Intel SoCFPGA platforms, Linux
user-space application interacts with FPGA crypto service (FCS) driver via
structures defined in include/uapi/linux/intel_fcs-ioctl.h.

The application allocates spaces for IOCTL structure to hold the contents
or points to the data that FCS driver needs, uses IOCTL calls to passes
data to kernel FCS driver for processing at low level firmware and get
processed data or status back form the low level firmware via FCS driver.

The user-space application named as fcs_client is at
https://github.com/altera-opensource/fcs_apps/tree/fcs_client.

Richard Gong (2):
  firmware: stratix10-svc: extend svc to support new crypto features
  crypto: add Intel SoCFPGA crypto service driver

 drivers/crypto/Kconfig |  11 +
 drivers/crypto/Makefile|   1 +
 drivers/crypto/intel_fcs.c | 709 +
 drivers/firmware/stratix10-svc.c   | 178 +-
 include/linux/firmware/intel/stratix10-smc.h   | 147 -
 .../linux/firmware/intel/stratix10-svc-client.h|  42 ++
 include/uapi/linux/intel_fcs-ioctl.h   | 222 +++
 7 files changed, 1291 insertions(+), 19 deletions(-)
 create mode 100644 drivers/crypto/intel_fcs.c
 create mode 100644 include/uapi/linux/intel_fcs-ioctl.h

-- 
2.7.4



[PATCHv1 1/2] firmware: stratix10-svc: extend svc to support new crypto features

2020-08-11 Thread richard . gong
From: Richard Gong 

Extend Intel service layer driver to support new crypto services on
Intel SoCFPGA platforms.

The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encrtption standard (AES) encryption and decryption services.

Signed-off-by: Richard Gong 
---
 drivers/firmware/stratix10-svc.c   | 178 +++--
 include/linux/firmware/intel/stratix10-smc.h   | 147 -
 .../linux/firmware/intel/stratix10-svc-client.h|  42 +
 3 files changed, 348 insertions(+), 19 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..994d0a1 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -34,12 +34,13 @@
  * timeout is set to 30 seconds (30 * 1000) at Intel Stratix10 SoC.
  */
 #define SVC_NUM_DATA_IN_FIFO   32
-#define SVC_NUM_CHANNEL2
+#define SVC_NUM_CHANNEL3
 #define FPGA_CONFIG_DATA_CLAIM_TIMEOUT_MS  200
 #define FPGA_CONFIG_STATUS_TIMEOUT_SEC 30
 
 /* stratix10 service layer clients */
 #define STRATIX10_RSU  "stratix10-rsu"
+#define INTEL_FCS  "intel-fcs"
 
 typedef void (svc_invoke_fn)(unsigned long, unsigned long, unsigned long,
 unsigned long, unsigned long, unsigned long,
@@ -53,6 +54,7 @@ struct stratix10_svc_chan;
  */
 struct stratix10_svc {
struct platform_device *stratix10_svc_rsu;
+   struct platform_device *intel_svc_fcs;
 };
 
 /**
@@ -97,8 +99,10 @@ struct stratix10_svc_data_mem {
 /**
  * struct stratix10_svc_data - service data structure
  * @chan: service channel
- * @paddr: playload physical address
- * @size: playload size
+ * @paddr: physical address of to be processed payload
+ * @size: to be processed playload size
+ * @paddr_output: physical address of the processed payload
+ * @size_output: the processed payload size
  * @command: service command requested by client
  * @flag: configuration type (full or partial)
  * @arg: args to be passed via registers and not physically mapped buffers
@@ -109,6 +113,8 @@ struct stratix10_svc_data {
struct stratix10_svc_chan *chan;
phys_addr_t paddr;
size_t size;
+   phys_addr_t paddr_output;
+   size_t size_output;
u32 command;
u32 flag;
u64 arg[3];
@@ -246,32 +252,54 @@ static void svc_thread_cmd_config_status(struct 
stratix10_svc_controller *ctrl,
 {
struct arm_smccc_res res;
int count_in_sec;
+   unsigned long a0, a1, a2;
 
cb_data->kaddr1 = NULL;
cb_data->kaddr2 = NULL;
cb_data->kaddr3 = NULL;
cb_data->status = BIT(SVC_STATUS_ERROR);
 
-   pr_debug("%s: polling config status\n", __func__);
+   pr_debug("%s: polling completed status\n", __func__);
+
+   a0 = INTEL_SIP_SMC_FPGA_CONFIG_ISDONE;
+   a1 = (unsigned long)p_data->paddr;
+   a2 = (unsigned long)p_data->size;
+
+   if (p_data->command == COMMAND_POLL_SERVICE_STATUS)
+   a0 = INTEL_SIP_SMC_SERVICE_COMPLETED;
 
count_in_sec = FPGA_CONFIG_STATUS_TIMEOUT_SEC;
while (count_in_sec) {
-   ctrl->invoke_fn(INTEL_SIP_SMC_FPGA_CONFIG_ISDONE,
-   0, 0, 0, 0, 0, 0, 0, &res);
+   ctrl->invoke_fn(a0, a1, a2, 0, 0, 0, 0, 0, &res);
if ((res.a0 == INTEL_SIP_SMC_STATUS_OK) ||
-   (res.a0 == INTEL_SIP_SMC_STATUS_ERROR))
+   (res.a0 == INTEL_SIP_SMC_STATUS_ERROR) ||
+   (res.a0 == INTEL_SIP_SMC_STATUS_REJECTED))
break;
 
/*
-* configuration is still in progress, wait one second then
+* request is still in progress, wait one second then
 * poll again
 */
msleep(1000);
count_in_sec--;
-   }
+   };
 
-   if (res.a0 == INTEL_SIP_SMC_STATUS_OK && count_in_sec)
+   if (!count_in_sec) {
+   pr_err("%s: poll status timeout\n", __func__);
+   cb_data->status = BIT(SVC_STATUS_BUSY);
+   } else if (res.a0 == INTEL_SIP_SMC_STATUS_OK) {
cb_data->status = BIT(SVC_STATUS_COMPLETED);
+   cb_data->kaddr2 = (res.a2) ?
+ svc_pa_to_va(res.a2) : NULL;
+   cb_data->kaddr3 = (res.a3) ? &res.a3 : NULL;
+   } else {
+   pr_err("%s: poll status error\n", __func__);
+   cb_data->kaddr1 = &res.a1;
+   cb_data->kaddr2 = (res.a2) ?
+ svc_pa_to_va(res.a2) : NULL;
+   cb_data->kaddr3 = (

[PATCHv1 2/2] crypto: add Intel SoCFPGA crypto service driver

2020-08-11 Thread richard . gong
From: Richard Gong 

Add Intel FPGA crypto service (FCS) driver to support new crypto services
on Intel SoCFPGA platforms.

The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encrtption standard (AES) encryption and decryption services.

To perform supporting crypto features on Intel SoCFPGA platforms, Linux
user-space application interacts with FPGA crypto service (FCS) driver via
structures defined in include/uapi/linux/intel_fcs-ioctl.h.

The application allocates spaces for IOCTL structure to hold the contents
or points to the data that FCS driver needs, uses IOCTL calls to passes
data to kernel FCS driver for processing at low level firmware and get
processed data or status back form the low level firmware via FCS driver.

The user-space application named as fcs_client is at
https://github.com/altera-opensource/fcs_apps/tree/fcs_client.

Signed-off-by: Richard Gong 
---
 drivers/crypto/Kconfig   |  11 +
 drivers/crypto/Makefile  |   1 +
 drivers/crypto/intel_fcs.c   | 709 +++
 include/uapi/linux/intel_fcs-ioctl.h | 222 +++
 4 files changed, 943 insertions(+)
 create mode 100644 drivers/crypto/intel_fcs.c
 create mode 100644 include/uapi/linux/intel_fcs-ioctl.h

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index aa3a4ed..3e4f36f 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -306,6 +306,17 @@ config CRYPTO_DEV_TALITOS2
  Say 'Y' here to use the Freescale Security Engine (SEC)
  version 2 and following as found on MPC83xx, MPC85xx, etc ...
 
+config CRYPTO_DEV_INTEL_FCS
+   tristate "Intel FPGA Crypto Service support"
+   depends on INTEL_STRATIX10_SERVICE
+   help
+Support crypto services on Intel SoCFPGA platforms. The crypto
+services include security certificate, image boot validation,
+security key cancellation, get provision data, random number
+generation and secure data object storage services.
+
+Say Y here if you want Intel FCS support
+
 config CRYPTO_DEV_IXP4XX
tristate "Driver for IXP4xx crypto hardware acceleration"
depends on ARCH_IXP4XX && IXP4XX_QMGR && IXP4XX_NPE
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index 53fc115..4c485c5 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -17,6 +17,7 @@ obj-$(CONFIG_CRYPTO_DEV_FSL_CAAM_COMMON) += caam/
 obj-$(CONFIG_CRYPTO_DEV_GEODE) += geode-aes.o
 obj-$(CONFIG_CRYPTO_DEV_HIFN_795X) += hifn_795x.o
 obj-$(CONFIG_CRYPTO_DEV_IMGTEC_HASH) += img-hash.o
+obj-$(CONFIG_CRYPTO_DEV_INTEL_FCS) += intel_fcs.o
 obj-$(CONFIG_CRYPTO_DEV_IXP4XX) += ixp4xx_crypto.o
 obj-$(CONFIG_CRYPTO_DEV_MARVELL) += marvell/
 obj-$(CONFIG_CRYPTO_DEV_MEDIATEK) += mediatek/
diff --git a/drivers/crypto/intel_fcs.c b/drivers/crypto/intel_fcs.c
new file mode 100644
index ..2362b28
--- /dev/null
+++ b/drivers/crypto/intel_fcs.c
@@ -0,0 +1,709 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) 2020, Intel Corporation
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+#define RANDOM_NUMBER_SIZE 32
+#define FILE_NAME_SIZE 32
+#define PS_BUF_SIZE64
+#define INVALID_STATUS 0xff
+
+#define MIN_SDOS_BUF_SZ16
+#define MAX_SDOS_BUF_SZ32768
+
+#define FCS_REQUEST_TIMEOUT (msecs_to_jiffies(SVC_FCS_REQUEST_TIMEOUT_MS))
+#define FCS_COMPLETED_TIMEOUT (msecs_to_jiffies(SVC_COMPLETED_TIMEOUT_MS))
+
+typedef void (*fcs_callback)(struct stratix10_svc_client *client,
+struct stratix10_svc_cb_data *data);
+
+struct intel_fcs_priv {
+   struct stratix10_svc_chan *chan;
+   struct stratix10_svc_client client;
+   struct completion completion;
+   struct mutex lock;
+   struct miscdevice miscdev;
+   unsigned int status;
+   void *kbuf;
+   unsigned int size;
+};
+
+static void fcs_data_callback(struct stratix10_svc_client *client,
+ struct stratix10_svc_cb_data *data)
+{
+   struct intel_fcs_priv *priv = client->priv;
+
+   if ((data->status == BIT(SVC_STATUS_OK)) ||
+   (data->status == BIT(SVC_STATUS_COMPLETED))) {
+   priv->status = 0;
+   priv->kbuf = data->kaddr2;
+   priv->size = *((unsigned int *)data->kaddr3);
+   } else if (data->status == BIT(SVC_STATUS_ERROR)) {
+   priv->status = *((unsigned int *)data->kaddr1);
+   dev_err(client->dev, "error, mbox_error=0x%x\n", priv->status);
+   priv->kbuf = data->kaddr2;
+   priv

Re: [PATCHv1 2/2] crypto: add Intel SoCFPGA crypto service driver

2020-08-12 Thread Richard Gong



I will move them to drivers/misc.

Regards,
Richard

On 8/11/20 7:34 PM, Herbert Xu wrote:

On Tue, Aug 11, 2020 at 08:56:22AM -0500, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add Intel FPGA crypto service (FCS) driver to support new crypto services
on Intel SoCFPGA platforms.

The crypto services include security certificate, image boot validation,
security key cancellation, get provision data, random number generation,
advance encrtption standard (AES) encryption and decryption services.

To perform supporting crypto features on Intel SoCFPGA platforms, Linux
user-space application interacts with FPGA crypto service (FCS) driver via
structures defined in include/uapi/linux/intel_fcs-ioctl.h.

The application allocates spaces for IOCTL structure to hold the contents
or points to the data that FCS driver needs, uses IOCTL calls to passes
data to kernel FCS driver for processing at low level firmware and get
processed data or status back form the low level firmware via FCS driver.

The user-space application named as fcs_client is at
https://github.com/altera-opensource/fcs_apps/tree/fcs_client.

Signed-off-by: Richard Gong 


Nack.  This driver has nothing to do with the Crypto API.



Re: [PATCH] firmware: stratix10-svc: build only on 64-bit ARM

2021-03-24 Thread Richard Gong




On 3/21/21 1:46 PM, Krzysztof Kozlowski wrote:

The Stratix10 service layer and RCU drivers are useful only on
Stratix10, so on ARMv8.  Compile testing the RCU driver on 32-bit ARM
fails:

   drivers/firmware/stratix10-rsu.c: In function 'rsu_status_callback':
   include/linux/compiler_types.h:320:38: error: call to 
'__compiletime_assert_179'
 declared with attribute error: FIELD_GET: type of reg too small for mask
 _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
   ...
   drivers/firmware/stratix10-rsu.c:96:26: note: in expansion of macro 
'FIELD_GET'
 priv->status.version = FIELD_GET(RSU_VERSION_MASK,

Signed-off-by: Krzysztof Kozlowski 
Reported-by: kernel test robot 

---

Fix for commit in:
https://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux.git
---
  drivers/firmware/Kconfig | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/firmware/Kconfig b/drivers/firmware/Kconfig
index 6a4e882e448d..08bd4d01fb04 100644
--- a/drivers/firmware/Kconfig
+++ b/drivers/firmware/Kconfig
@@ -206,7 +206,7 @@ config FW_CFG_SYSFS_CMDLINE
  
  config INTEL_STRATIX10_SERVICE

tristate "Intel Stratix10 Service Layer"
-   depends on ARCH_INTEL_SOCFPGA && HAVE_ARM_SMCCC
+   depends on ARCH_INTEL_SOCFPGA && ARM64 && HAVE_ARM_SMCCC
default n
help
  Intel Stratix10 service layer runs at privileged exception level,


Acked-by: Richard Gong 

Regards,
Richard


Re: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-03-19 Thread Richard Gong



Hi Moritz,

Thanks for approving the 1st patch of my version 5 patchest, which 
submitted on 02/09/21.


Can you help review the remaining 6 patches from the same version 5 
patchset? I need your ACKs to move forward, or please let me know if 
additional work is need.


Many thanks for your time again!

Regards,
Richard


On 2/25/21 7:07 AM, Gong, Richard wrote:

Hi Moritz,

Sorry for asking.

When you have chance, can you help review the version 5 patchset submitted on 
02/09/21?

Regards,
Richard

-Original Message-
From: richard.g...@linux.intel.com 
Sent: Tuesday, February 9, 2021 4:20 PM
To: m...@kernel.org; t...@redhat.com; gre...@linuxfoundation.org; 
linux-f...@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Gong, Richard 
Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which includes 
the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver to 
get the firmware version running at FPGA SoC device. Then FPGA manager driver, 
one of Intel service layer driver's client, can decide whether to handle the 
newly added bitstream authentication function based on the retrieved firmware 
version. So that we can maintain FPGA manager driver the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the firmware 
will authenticate the bitstream but not program the bitstream to device. If the 
authentication passes, the bitstream will be programmed into QSPI flash and 
will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the 
bitstream authentication feature.

Richard Gong (7):
   firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
   firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
   firmware: stratix10-svc: extend SVC driver to get the firmware version
   fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
   fpga: of-fpga-region: add authenticate-fpga-config property
   dt-bindings: fpga: add authenticate-fpga-config property
   fpga: stratix10-soc: extend driver for bitstream authentication

  .../devicetree/bindings/fpga/fpga-region.txt   | 10 
  drivers/firmware/stratix10-svc.c   | 12 -
  drivers/fpga/of-fpga-region.c  | 24 ++---
  drivers/fpga/stratix10-soc.c   | 62 +++---
  include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
  .../linux/firmware/intel/stratix10-svc-client.h| 11 +++-
  include/linux/fpga/fpga-mgr.h  |  3 ++
  7 files changed, 125 insertions(+), 18 deletions(-)

--
2.7.4



[PATCH] A patch for Intel service layer driver

2021-03-30 Thread richard . gong
From: Richard Gong 

Hi Greg,

Please take this stratix10-svc patch, which has been reviewed on the
mailing list and applied cleanly on current linux-next and
char-misc-testing.

Thanks,
Richard 

Richard Gong (1):
  firmware: stratix10-svc: extend SVC driver to get the firmware version

 drivers/firmware/stratix10-svc.c| 12 ++--
 include/linux/firmware/intel/stratix10-smc.h| 21 +++--
 include/linux/firmware/intel/stratix10-svc-client.h |  4 
 3 files changed, 33 insertions(+), 4 deletions(-)

-- 
2.7.4



[PATCH] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-03-30 Thread richard . gong
From: Richard Gong 

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.

Signed-off-by: Richard Gong 
Acked-by: Moritz Fischr 
---
 drivers/firmware/stratix10-svc.c| 12 ++--
 include/linux/firmware/intel/stratix10-smc.h| 21 +++--
 include/linux/firmware/intel/stratix10-svc-client.h |  4 
 3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..1443bbd 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -306,6 +306,7 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
break;
case COMMAND_RSU_RETRY:
case COMMAND_RSU_MAX_RETRY:
+   case COMMAND_FIRMWARE_VERSION:
cb_data->status = BIT(SVC_STATUS_OK);
cb_data->kaddr1 = &res.a1;
break;
@@ -422,6 +423,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = 0;
a2 = 0;
break;
+   case COMMAND_FIRMWARE_VERSION:
+   a0 = INTEL_SIP_SMC_FIRMWARE_VERSION;
+   a1 = 0;
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -487,11 +493,13 @@ static int svc_normal_to_secure_thread(void *data)
 
/*
 * be compatible with older version firmware which
-* doesn't support RSU notify or retry
+* doesn't support RSU notify, retry or bitstream
+* authentication.
 */
if ((pdata->command == COMMAND_RSU_RETRY) ||
(pdata->command == COMMAND_RSU_MAX_RETRY) ||
-   (pdata->command == COMMAND_RSU_NOTIFY)) {
+   (pdata->command == COMMAND_RSU_NOTIFY) ||
+   (pdata->command == COMMAND_FIRMWARE_VERSION)) {
cbdata->status =
BIT(SVC_STATUS_NO_SUPPORT);
cbdata->kaddr1 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index c3e5ab0..505fcca 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -321,8 +321,6 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_ECC_DBE \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
 
-#endif
-
 /**
  * Request INTEL_SIP_SMC_RSU_NOTIFY
  *
@@ -404,3 +402,22 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
 #define INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY 18
 #define INTEL_SIP_SMC_RSU_MAX_RETRY \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY)
+
+/**
+ * Request INTEL_SIP_SMC_FIRMWARE_VERSION
+ *
+ * Sync call used to query the version of running firmware
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FIRMWARE_VERSION
+ * a1-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1 running firmware version
+ */
+#define INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION 31
+#define INTEL_SIP_SMC_FIRMWARE_VERSION \
+   INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION)
+
+#endif
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index 19781b0f..18c1841 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -104,6 +104,9 @@ struct stratix10_svc_chan;
  *
  * @COMMAND_RSU_DCMF_VERSION: query firmware for the DCMF version, return 
status
  * is SVC_STATUS_OK or SVC_STATUS_ERROR
+ *
+ * @COMMAND_FIRMWARE_VERSION: query running firmware version, return status
+ * is SVC_STATUS_OK or SVC_STATUS_ERROR
  */
 enum stratix10_svc_command_code {
COMMAND_NOOP = 0,
@@ -117,6 +120,7 @@ enum stratix10_svc_command_code {
COMMAND_RSU_RETRY,
COMMAND_RSU_MAX_RETRY,
COMMAND_RSU_DCMF_VERSION,
+   COMMAND_FIRMWARE_VERSION,
 };
 
 /**
-- 
2.7.4



Re: [PATCH] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-03-30 Thread Richard Gong



Hi David,

On 3/30/21 9:19 AM, David Laight wrote:

From: richard.g...@linux.intel.com

Sent: 30 March 2021 15:33

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.


Using the version number to detect features is just plain wrong.

You should use something like a bitmap of supported features.


Firmware, which runs at EL3, returns the version to Intel service layer 
driver in a 64-bit value at the register. Intel service layer driver 
runs at EL1.


Regards,
Richard



David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, 
UK
Registration No: 1397386 (Wales)



Re: [PATCH] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-03-30 Thread Richard Gong



Hi Moritz,

On 3/30/21 11:15 AM, Moritz Fischer wrote:

Hi Richard,

On Tue, Mar 30, 2021 at 09:33:05AM -0500, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.

Signed-off-by: Richard Gong 
Acked-by: Moritz Fischr 
---
  drivers/firmware/stratix10-svc.c| 12 ++--
  include/linux/firmware/intel/stratix10-smc.h| 21 +++--
  include/linux/firmware/intel/stratix10-svc-client.h |  4 
  3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..1443bbd 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -306,6 +306,7 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
break;
case COMMAND_RSU_RETRY:
case COMMAND_RSU_MAX_RETRY:
+   case COMMAND_FIRMWARE_VERSION:
cb_data->status = BIT(SVC_STATUS_OK);
cb_data->kaddr1 = &res.a1;
break;
@@ -422,6 +423,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = 0;
a2 = 0;
break;
+   case COMMAND_FIRMWARE_VERSION:
+   a0 = INTEL_SIP_SMC_FIRMWARE_VERSION;
+   a1 = 0;
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -487,11 +493,13 @@ static int svc_normal_to_secure_thread(void *data)
  
  			/*

 * be compatible with older version firmware which
-* doesn't support RSU notify or retry
+* doesn't support RSU notify, retry or bitstream
+* authentication.
 */
if ((pdata->command == COMMAND_RSU_RETRY) ||
(pdata->command == COMMAND_RSU_MAX_RETRY) ||
-   (pdata->command == COMMAND_RSU_NOTIFY)) {
+   (pdata->command == COMMAND_RSU_NOTIFY) ||
+   (pdata->command == COMMAND_FIRMWARE_VERSION)) {
cbdata->status =
BIT(SVC_STATUS_NO_SUPPORT);
cbdata->kaddr1 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index c3e5ab0..505fcca 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -321,8 +321,6 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
  #define INTEL_SIP_SMC_ECC_DBE \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
  
-#endif

-
  /**
   * Request INTEL_SIP_SMC_RSU_NOTIFY
   *
@@ -404,3 +402,22 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
  #define INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY 18
  #define INTEL_SIP_SMC_RSU_MAX_RETRY \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY)
+
+/**
+ * Request INTEL_SIP_SMC_FIRMWARE_VERSION
+ *
+ * Sync call used to query the version of running firmware
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FIRMWARE_VERSION
+ * a1-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1 running firmware version
+ */
+#define INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION 31
+#define INTEL_SIP_SMC_FIRMWARE_VERSION \
+   INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION)
+
+#endif
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index 19781b0f..18c1841 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -104,6 +104,9 @@ struct stratix10_svc_chan;
   *
   * @COMMAND_RSU_DCMF_VERSION: query firmware for the DCMF version, return 
status
   * is SVC_STATUS_OK or SVC_STATUS_ERROR
+ *
+ * @COMMAND_FIRMWARE_VERSION: query running firmware version, return status
+ * is SVC_STATUS_OK or SVC_STATUS_ERROR
   */
  enum stratix10_svc_command_code {
COMMAND_NOOP = 0,
@@ -117,6 +120,7 @@ enum stratix10_svc_command_code {
COMMAND_RSU_RETRY,
COMMAND_RSU_MAX_RETRY,
COMMAND_RSU_DCMF_VERSION,
+   COMMAND_FIRMWARE_VERSION,
  };
  
  /**

--
2.7.4



Let's hold off on this patch until we have sorted the rest of this patch
series out. As it stands it doesn't have a in-tree user.
OK,


Regards,
Richard


Thanks,
Moritz



Re: FW: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-03-21 Thread Richard Gong



Hi Tom,




On 3/19/21 4:22 PM, Richard Gong wrote:


Hi Moritz,

Thanks for approving the 1st patch of my version 5 patchest, which submitted on 
02/09/21.


This change

e23bd83368af ("firmware: stratix10-svc: fix kernel-doc markups")


This patch e23bd83368af is not from my version 5 patch set.


Makes a lot of formatting changes in the same files as this patchset, including 
the first patch.

It would be good to try applying this patchset to char-misc-next and resubmit 
if there are conflicts.



Can you help review the remaining 6 patches from the same version 5 patchset? I 
need your ACKs to move forward, or please let me know if additional work is 
need.


These changes look good to me.

I was looking at the patchset again seeing if the firmware/ parts could be 
split out.


No, we can't split out the firmware parts.


Even though stratix10 is a fpga, from the MAINTAINERS file it is not clear to 
me if linux-fpga owns them and they come in on Moritz's branch.  I think this 
change is needed to the MAINTAINERS file to make that clearer.

diff --git a/MAINTAINERS b/MAINTAINERS
index aa84121c5611..1f68e9ff76de 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9193,7 +9193,8 @@ F:    tools/power/x86/intel-speed-select/
  
  INTEL STRATIX10 FIRMWARE DRIVERS

  M:    Richard Gong 
-L:    linux-kernel@vger.kernel.org
+R:    Tom Rix 
+L:    linux-f...@vger.kernel.org
  S:    Maintained
  F:    Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
  F:    Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt

I also added myself as a reviewer because I want to help out.

Tom



Regards,
Richard





Many thanks for your time again!

Regards,
Richard


On 2/25/21 7:07 AM, Gong, Richard wrote:

Hi Moritz,

Sorry for asking.

When you have chance, can you help review the version 5 patchset submitted on 
02/09/21?

Regards,
Richard

-Original Message-
From: richard.g...@linux.intel.com 
Sent: Tuesday, February 9, 2021 4:20 PM
To: m...@kernel.org; t...@redhat.com; gre...@linuxfoundation.org; 
linux-f...@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Gong, Richard 
Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which includes 
the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver to 
get the firmware version running at FPGA SoC device. Then FPGA manager driver, 
one of Intel service layer driver's client, can decide whether to handle the 
newly added bitstream authentication function based on the retrieved firmware 
version. So that we can maintain FPGA manager driver the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the firmware 
will authenticate the bitstream but not program the bitstream to device. If the 
authentication passes, the bitstream will be programmed into QSPI flash and 
will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the 
bitstream authentication feature.

Richard Gong (7):
    firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
    firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
    firmware: stratix10-svc: extend SVC driver to get the firmware version
    fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
    fpga: of-fpga-region: add authenticate-fpga-config property
    dt-bindings: fpga: add authenticate-fpga-config property
    fpga: stratix10-soc: extend driver for bitstream authentication

   .../devicetree/bindings/fpga/fpga-region.txt   | 10 
   drivers/firmware/stratix10-svc.c   | 12 -
   drivers/fpga/of-fpga-region.c  | 24 ++---
   drivers/fpga/stratix10-soc.c   | 62 
+++---
   include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
   .../linux/firmware/intel/stratix10-svc-client.h    | 11 +++-
   include/linux/fpga/fpga-mgr.h  |  3 ++
   7 files changed, 125 insertions(+), 18 deletions(-)

--
2.7.4







Re: [PATCH] firmware: stratix10-svc: build only on 64-bit ARM

2021-03-22 Thread Richard Gong




On 3/22/21 3:26 AM, Krzysztof Kozlowski wrote:


On 21/03/2021 22:09, Arnd Bergmann wrote:

On Sun, Mar 21, 2021 at 7:46 PM Krzysztof Kozlowski
 wrote:


The Stratix10 service layer and RCU drivers are useful only on
Stratix10, so on ARMv8.  Compile testing the RCU driver on 32-bit ARM
fails:

   drivers/firmware/stratix10-rsu.c: In function 'rsu_status_callback':
   include/linux/compiler_types.h:320:38: error: call to 
'__compiletime_assert_179'
 declared with attribute error: FIELD_GET: type of reg too small for mask
 _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
   ...
   drivers/firmware/stratix10-rsu.c:96:26: note: in expansion of macro 
'FIELD_GET'
 priv->status.version = FIELD_GET(RSU_VERSION_MASK,

Signed-off-by: Krzysztof Kozlowski 
Reported-by: kernel test robot 


While I agree that one shouldn't run 32-bit kernels on this, we should also try
to write drivers portably, and in theory any SoC that can run a 64-bit
Arm kernel
should also be able to run a 32-bit kernel if you include the same drivers.

It seems that the problem here is in the smccc definition

struct arm_smccc_res {
 unsigned long a0;
 unsigned long a1;
 unsigned long a2;
 unsigned long a3;
};

so the result of

#define RSU_VERSION_MASKGENMASK_ULL(63, 32)
   priv->status.version = FIELD_GET(RSU_VERSION_MASK, res->a2);

tries to access bits that are just not returned by the firmware here,
which indicates that it probably won't work in this case.

What I'm not entirely sure about is whether this is a problem in
the Intel firmware implementation requiring the smccc caller to
run in a 64-bit context, or if it's a mistake in the way the driver
extracts the information if the firmware can actually pass it down
correctly.


The SMC has two calling conventions - SMC32/HVC32 and SMC64/HVC64. The
Stratix 10 driver uses the 64-bit calling convention (see
INTEL_SIP_SMC_FAST_CALL_VAL in
include/linux/firmware/intel/stratix10-smc.h), so it should not run in
aarch32 (regardless of type of hardware).

I think that my patch limiting the support to 64-bit makes sense.



The stratix10 service layer and RSU driver are only used in Intel 64-bit 
SoCFPGA platforms.



Best regards,
Krzysztof



Re: [PATCH] firmware: stratix10-svc: build only on 64-bit ARM

2021-03-22 Thread Richard Gong




On 3/22/21 7:41 AM, Krzysztof Kozlowski wrote:

On 22/03/2021 13:58, Richard Gong wrote:



On 3/22/21 3:26 AM, Krzysztof Kozlowski wrote:


On 21/03/2021 22:09, Arnd Bergmann wrote:

On Sun, Mar 21, 2021 at 7:46 PM Krzysztof Kozlowski
 wrote:


The Stratix10 service layer and RCU drivers are useful only on
Stratix10, so on ARMv8.  Compile testing the RCU driver on 32-bit ARM
fails:

drivers/firmware/stratix10-rsu.c: In function 'rsu_status_callback':
include/linux/compiler_types.h:320:38: error: call to 
'__compiletime_assert_179'
  declared with attribute error: FIELD_GET: type of reg too small for mask
  _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
...
drivers/firmware/stratix10-rsu.c:96:26: note: in expansion of macro 
'FIELD_GET'
  priv->status.version = FIELD_GET(RSU_VERSION_MASK,

Signed-off-by: Krzysztof Kozlowski 
Reported-by: kernel test robot 


While I agree that one shouldn't run 32-bit kernels on this, we should also try
to write drivers portably, and in theory any SoC that can run a 64-bit
Arm kernel
should also be able to run a 32-bit kernel if you include the same drivers.

It seems that the problem here is in the smccc definition

struct arm_smccc_res {
  unsigned long a0;
  unsigned long a1;
  unsigned long a2;
  unsigned long a3;
};

so the result of

#define RSU_VERSION_MASKGENMASK_ULL(63, 32)
priv->status.version = FIELD_GET(RSU_VERSION_MASK, res->a2);

tries to access bits that are just not returned by the firmware here,
which indicates that it probably won't work in this case.

What I'm not entirely sure about is whether this is a problem in
the Intel firmware implementation requiring the smccc caller to
run in a 64-bit context, or if it's a mistake in the way the driver
extracts the information if the firmware can actually pass it down
correctly.


The SMC has two calling conventions - SMC32/HVC32 and SMC64/HVC64. The
Stratix 10 driver uses the 64-bit calling convention (see
INTEL_SIP_SMC_FAST_CALL_VAL in
include/linux/firmware/intel/stratix10-smc.h), so it should not run in
aarch32 (regardless of type of hardware).

I think that my patch limiting the support to 64-bit makes sense.



The stratix10 service layer and RSU driver are only used in Intel 64-bit
SoCFPGA platforms.


This we know, however the questions were:
1. Why the driver cannot be made portable? Why it cannot be developed in
a way it allows building on different platforms?


The drivers was originally developed for Intel Stratix10 SoCFPGA 
platform, which is ARM 64-bit architecture. The same drivers can be used 
for other Intel ARM 64-bit SoCFPGA platforms (Agilex, eASIC N5X as 
example), which have the same SDM architecture as Stratix10 has.


SDM = Secure Device Manager

So far Intel 32-bit SoCFPGA platform doesn't support SDM architecture.


2. Does the actual firmware support 32-bit SMC convention call?


No.



Best regards,
Krzysztof



Regards,
Richard


Re: FW: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-03-22 Thread Richard Gong





Hi Tom,

On 3/22/21 8:53 AM, Tom Rix wrote:


On 3/21/21 2:05 PM, Richard Gong wrote:


Hi Tom >>



On 3/19/21 4:22 PM, Richard Gong wrote:


Hi Moritz,

Thanks for approving the 1st patch of my version 5 patchest, which submitted on 
02/09/21.


This change

e23bd83368af ("firmware: stratix10-svc: fix kernel-doc markups")


This patch e23bd83368af is not from my version 5 patch set.


Correct.

But since it is already in char-misc-next, your version 5 patchset will 
conflict with it.

I could not apply this patchset to my unoffical fpga-testing.

I am suggesting you do a test application of your patchset against 
char-misc-next.

And if you find there are issues, rebase your patchset.



I tried to apply my patchset to the top of char-misc-next, but I didn't 
see any conflicts.


c7582d1 fpga: stratix10-soc: extend driver for bitstream authentication
2c9ecd3 dt-bindings: fpga: add authenticate-fpga-config property
6244115 fpga: of-fpga-region: add authenticate-fpga-config property
da274c9 fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
9f93cad firmware: stratix10-svc: extend SVC driver to get the firmware 
version

eda6b51 firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
91aff09 firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
83be46e Merge v5.12-rc3 into char-misc-next

Regards,
Richard



Makes a lot of formatting changes in the same files as this patchset, including 
the first patch.

It would be good to try applying this patchset to char-misc-next and resubmit 
if there are conflicts.



Can you help review the remaining 6 patches from the same version 5 patchset? I 
need your ACKs to move forward, or please let me know if additional work is 
need.


These changes look good to me.

I was looking at the patchset again seeing if the firmware/ parts could be 
split out.


No, we can't split out the firmware parts.


ok

Tom



Even though stratix10 is a fpga, from the MAINTAINERS file it is not clear to 
me if linux-fpga owns them and they come in on Moritz's branch.  I think this 
change is needed to the MAINTAINERS file to make that clearer.

diff --git a/MAINTAINERS b/MAINTAINERS
index aa84121c5611..1f68e9ff76de 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9193,7 +9193,8 @@ F:    tools/power/x86/intel-speed-select/
     INTEL STRATIX10 FIRMWARE DRIVERS
   M:    Richard Gong 
-L:    linux-kernel@vger.kernel.org
+R:    Tom Rix 
+L:    linux-f...@vger.kernel.org
   S:    Maintained
   F:    Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu
   F:    Documentation/devicetree/bindings/firmware/intel,stratix10-svc.txt

I also added myself as a reviewer because I want to help out.

Tom



Regards,
Richard





Many thanks for your time again!

Regards,
Richard


On 2/25/21 7:07 AM, Gong, Richard wrote:

Hi Moritz,

Sorry for asking.

When you have chance, can you help review the version 5 patchset submitted on 
02/09/21?

Regards,
Richard

-Original Message-
From: richard.g...@linux.intel.com 
Sent: Tuesday, February 9, 2021 4:20 PM
To: m...@kernel.org; t...@redhat.com; gre...@linuxfoundation.org; 
linux-f...@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Gong, Richard 
Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which includes 
the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver to 
get the firmware version running at FPGA SoC device. Then FPGA manager driver, 
one of Intel service layer driver's client, can decide whether to handle the 
newly added bitstream authentication function based on the retrieved firmware 
version. So that we can maintain FPGA manager driver the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the firmware 
will authenticate the bitstream but not program the bitstream to device. If the 
authentication passes, the bitstream will be programmed into QSPI flash and 
will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the 
bitstream authentication feature.

Richard Gong (7):
     firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
     firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
     firmware: stratix10-svc: extend SVC driver to get the firmware version
     fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
     fpga: of-fpga-region: add authenticate-fpga-config property
     dt-bindings: fpga: add authenticate-fpga-config property
     fpga: stratix10-soc: extend driver for bitstream authentication

    .../devicetree/bindings/fpga/fpga-region.txt   | 10 
    drivers/firmware/stratix10-svc.c   | 12 -
    drivers/fpga/of-fpga-region.c 

Re: [PATCH] MAINTAINERS: add self as reviewer to INTEL STRATIX10 FIRMWARE DRIVERS

2021-03-29 Thread Richard Gong

Hi Tom,

On 3/27/21 10:19 AM, t...@redhat.com wrote:

From: Tom Rix 

The Intel stratix 10 is a fpga.  I review fpga's. So I want to help
in this related subsystem.



Intel Stratix10 service layer driver is not a FPGA.

Intel FPGA SoC is composed of ARM Cortex hard processor system (HPS) and 
Secure Device Manager (SDM). SDM is the hardware which does FPGA 
configuration, remote system update (RSU), crypto service (FCS), warm 
reset and other features.


To meet the whole system security needs and support virtual machine 
requesting communication with SDM, only the secure world of software 
(EL3) can interfaces with SDM. All software entities running on the 
other exception level must channel through the EL3 software whenever it 
needs service from SDM.


Intel Stratix 10 service layer driver, added into Opensource kernel 
mainlines since version 5.0, interfaces with the service provides at EL1 
(FPGA manager, RSU and FPGA crypto service drivers as today) and 
managers secure monitor call (SMC) to communicate with the secure 
monitor software at the secure world (EL3).


Regards,
Richard


Signed-off-by: Tom Rix 
---
  MAINTAINERS | 1 +
  1 file changed, 1 insertion(+)

diff --git a/MAINTAINERS b/MAINTAINERS
index 67b104202602..00828de0a7bc 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9266,6 +9266,7 @@ F:tools/power/x86/intel-speed-select/
  
  INTEL STRATIX10 FIRMWARE DRIVERS

  M:Richard Gong 
+R: Tom RixL:   linux-kernel@vger.kernel.org
  S:Maintained
  F:Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu



Re: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

2021-04-12 Thread Richard Gong



Hi Moritz,

On 3/28/21 12:20 PM, Moritz Fischer wrote:

Tom,

On Sun, Mar 28, 2021 at 08:40:24AM -0700, Tom Rix wrote:


On 3/27/21 11:09 AM, Moritz Fischer wrote:

Hi Richard, Russ,

On Thu, Feb 25, 2021 at 01:07:14PM +, Gong, Richard wrote:

Hi Moritz,

Sorry for asking.

When you have chance, can you help review the version 5 patchset submitted on 
02/09/21?

Regards,
Richard

-Original Message-
From: richard.g...@linux.intel.com 
Sent: Tuesday, February 9, 2021 4:20 PM
To: m...@kernel.org; t...@redhat.com; gre...@linuxfoundation.org; 
linux-f...@vger.kernel.org; linux-kernel@vger.kernel.org
Cc: Gong, Richard 
Subject: [PATCHv5 0/7] Extend Intel service layer, FPGA manager and region

From: Richard Gong 

This is 5th submission of Intel service layer and FPGA patches, which includes 
the missing standalone patch in the 4th submission.

This submission includes additional changes for Intel service layer driver to 
get the firmware version running at FPGA SoC device. Then FPGA manager driver, 
one of Intel service layer driver's client, can decide whether to handle the 
newly added bitstream authentication function based on the retrieved firmware 
version. So that we can maintain FPGA manager driver the back compatible.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the firmware 
will authenticate the bitstream but not program the bitstream to device. If the 
authentication passes, the bitstream will be programmed into QSPI flash and 
will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the 
bitstream authentication feature.

Richard Gong (7):
   firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL to 0
   firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
   firmware: stratix10-svc: extend SVC driver to get the firmware version
   fpga: fpga-mgr: add FPGA_MGR_BITSTREAM_AUTHENTICATE flag
   fpga: of-fpga-region: add authenticate-fpga-config property
   dt-bindings: fpga: add authenticate-fpga-config property
   fpga: stratix10-soc: extend driver for bitstream authentication

  .../devicetree/bindings/fpga/fpga-region.txt   | 10 
  drivers/firmware/stratix10-svc.c   | 12 -
  drivers/fpga/of-fpga-region.c  | 24 ++---
  drivers/fpga/stratix10-soc.c   | 62 +++---
  include/linux/firmware/intel/stratix10-smc.h   | 21 +++-
  .../linux/firmware/intel/stratix10-svc-client.h| 11 +++-
  include/linux/fpga/fpga-mgr.h  |  3 ++
  7 files changed, 125 insertions(+), 18 deletions(-)

--
2.7.4


Apologies for the epic delay in getting back to this, I took another
look at this patchset and Russ' patchset.

TL;DR I'm not really a fan of using device-tree overlays for this (and
again, apologies, I should've voiced this earlier ...).

Anyways, let's find a common API for this and Russ' work, they're trying
to achieve the same / similar thing, they should use the same API.

I'd like to re-invetigate the possiblity to extend FPGA Manager with
'secure update' ops that work for both these use-cases (and I susspect
hte XRT patchset will follow with a similar requirement, right after).


The xrt patchset makes heavy use of device trees.

What is the general guidance for device tree usage ?


I'm not generally against using device tree, it has its place. To
describe hardware (and hardware *changes* with overlays) :)

What I don't like about this particular implementation w.r.t device-tree
usage is that it uses DT overlays as a mechanism to program the flash --
in place of having an API to do so.

One could add device-nodes during the DT overlay application, while the
FPGA doesn't actually get programmed with a new runtime image -- meaning
live DT and actual hardware state diverged -- worst case it'd crash.

So when roughly at the same time (from the same company even) we have two
patchsets that do similar things with radically different APIs I think
we should pause, and reflect on whether we can come up with something
that works for both :)



I discussed with Russ and studies his patches, came to realize that the 
work we had to accomplish was not same or similar. What I want to 
achieve is to verify the identity of the bitstream, which is like doing 
a "dry-run" to FPGA configuration.


Performing FPGA configuration (full or partial) through the device tree 
overlay is a method widely used by our customers.


Russ's approach utilizes a different user API which is a set of sysfs files.

If we depart from device tree overlay, then the end-user must utilize 2 
different mechanism or APIs (device tree overlay is used for 
full/partial configuration, and sysfs is used for bitstream 
authentication). Similarly low-level FPGA manager driver 

Re: [PATCHv1 3/4] dt-bindings: fpga: add authenticate-fpga-config property

2020-11-17 Thread Richard Gong




On 11/16/20 8:24 PM, Xu Yilun wrote:

On Mon, Nov 16, 2020 at 08:14:52AM -0600, Richard Gong wrote:


Hi Yilun,

On 11/15/20 8:47 PM, Xu Yilun wrote:

On Sun, Nov 15, 2020 at 11:21:06AM -0800, Moritz Fischer wrote:

Hi Richard,

On Thu, Nov 12, 2020 at 12:06:42PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication.

Signed-off-by: Richard Gong 
---
  Documentation/devicetree/bindings/fpga/fpga-region.txt | 1 +
  1 file changed, 1 insertion(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..7a512bc 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -187,6 +187,7 @@ Optional properties:
  - external-fpga-config : boolean, set if the FPGA has already been configured
prior to OS boot up.
  - encrypted-fpga-config : boolean, set if the bitstream is encrypted
+- authenticate-fpga-config : boolean, set if do bitstream authentication

It is unclear to me from the description whether this entails
authentication + reconfiguration or just authentication.

If the latter is the case this should probably be described as such.


If it is just authentication, do we still need to disable bridges in
fpga_region_program_fpga?



Yes.

Except for the actual configuration of the device, the authentication
feature is the same as FPGA configuration.


FPGA Bridges gate bus signals between a host and FPGA. So the FPGA
region could not be accessed by host when doing configuration. But for
this authentication, we are just writing the flash, we don't actually
touch the FPGA soft logic. The host should still be able to operate on
the old logic before reboot, is it?

Yes, it's feasible in theory but doesn't make much sense in practice. I 
prefer to keep fpga_region_program_fpga() unchanged.


Regards,
Richard


Thanks,
Yilun



Regards,
Richard


I'm wondering if the FPGA functionalities could still be working when
the authenticating is ongoing, or when the authenticating is failed.






Thanks,
Yilun




  - region-unfreeze-timeout-us : The maximum time in microseconds to wait for
bridges to successfully become enabled after the region has been
programmed.
--
2.7.4



Thanks


Re: [PATCHv1 3/4] dt-bindings: fpga: add authenticate-fpga-config property

2020-11-18 Thread Richard Gong




On 11/17/20 11:47 PM, Xu Yilun wrote:

On Tue, Nov 17, 2020 at 09:39:55AM -0600, Richard Gong wrote:



On 11/16/20 8:24 PM, Xu Yilun wrote:

On Mon, Nov 16, 2020 at 08:14:52AM -0600, Richard Gong wrote:


Hi Yilun,

On 11/15/20 8:47 PM, Xu Yilun wrote:

On Sun, Nov 15, 2020 at 11:21:06AM -0800, Moritz Fischer wrote:

Hi Richard,

On Thu, Nov 12, 2020 at 12:06:42PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication.

Signed-off-by: Richard Gong 
---
  Documentation/devicetree/bindings/fpga/fpga-region.txt | 1 +
  1 file changed, 1 insertion(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..7a512bc 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -187,6 +187,7 @@ Optional properties:
  - external-fpga-config : boolean, set if the FPGA has already been configured
prior to OS boot up.
  - encrypted-fpga-config : boolean, set if the bitstream is encrypted
+- authenticate-fpga-config : boolean, set if do bitstream authentication

It is unclear to me from the description whether this entails
authentication + reconfiguration or just authentication.

If the latter is the case this should probably be described as such.


If it is just authentication, do we still need to disable bridges in
fpga_region_program_fpga?



Yes.

Except for the actual configuration of the device, the authentication
feature is the same as FPGA configuration.


FPGA Bridges gate bus signals between a host and FPGA. So the FPGA
region could not be accessed by host when doing configuration. But for
this authentication, we are just writing the flash, we don't actually
touch the FPGA soft logic. The host should still be able to operate on
the old logic before reboot, is it?


Yes, it's feasible in theory but doesn't make much sense in practice. I
prefer to keep fpga_region_program_fpga() unchanged.


I'm thinking of the case of inband reprograming, that the QSPI flash
controller itself is embedded in FPGA soft logic, then maybe host still
need to access FPGA on authentication.


We can decide whether we should update fpga_region_program_fpga() 
function when you update for inband reprogramming case.


Regards,
Richard


Thanks,
Yilun




I'm wondering if the FPGA functionalities could still be working when
the authenticating is ongoing, or when the authenticating is failed.






Thanks,
Yilun




  - region-unfreeze-timeout-us : The maximum time in microseconds to wait for
bridges to successfully become enabled after the region has been
programmed.
--
2.7.4



Thanks


[PATCHv2 2/5] fpga: fpga-mgr: add FPGA_MGR_BITSTREM_AUTHENTICATION flag

2020-11-18 Thread richard . gong
From: Richard Gong 

Add FPGA_MGR_BITSTREM_AUTHENTICATION flag for FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Except for the actual configuration of the device, the authentication works
the same way as FPGA configuration does. If the authentication passes, the
bitstream will be programmed into QSPI flash and will be expected to boot
without issues.

Signed-off-by: Richard Gong 
---
v2: align all FPGA_MGR_* flags
update the commit messages
---
 include/linux/fpga/fpga-mgr.h | 13 -
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030..4fb3400 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
  * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
  *
  * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ *
+ * %FPGA_MGR_BITSTREM_AUTHENTICATION: do FPGA bitstream authentication only
  */
-#define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
-#define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
-#define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
-#define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
-#define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
+#define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
+#define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
+#define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
+#define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_BITSTREM_AUTHENTICATION   BIT(5)
 
 /**
  * struct fpga_image_info - information specific to a FPGA image
-- 
2.7.4



[PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2020-11-18 Thread richard . gong
From: Richard Gong 

Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream
authentication feature. Authenticating a bistream is to make sure a signed
bitstream has the valid signatures.

Except for the actual configuration of the device, the bitstream
authentication works the same way as FPGA configuration does. If the
authentication passes, the signed bitstream will be programmed into QSPI
flash memory and will be expected to boot without issues.

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.

Signed-off-by: Richard Gong 
---
v2: new added
---
 include/linux/firmware/intel/stratix10-svc-client.h | 11 ---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index a93d859..85463c8 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -51,12 +51,17 @@
 #define SVC_STATUS_NO_SUPPORT  6
 
 /**
- * Flag bit for COMMAND_RECONFIG
+ * Flag bit for COMMAND_RECONFIG, in bit number
  *
  * COMMAND_RECONFIG_FLAG_PARTIAL:
- * Set to FPGA configuration type (full or partial).
+ * Set for partial FPGA configuration.
+ *
+ * COMMAND_AUTHENTICATE_BITSTREAM:
+ * Set for bitstream authentication, which makes sure a signed bitstream
+ * has valid signatures before committing it to QSPI flash memory.
  */
-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1
 
 /**
  * Timeout settings for service clients:
-- 
2.7.4



[PATCHv2 3/5] fpga: of-fpga-region: add authenticate-fpga-config property

2020-11-18 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property to support FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v2: changed in alphabetical order
---
 drivers/fpga/of-fpga-region.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309..3840883 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -219,6 +219,9 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
info->overlay = overlay;
 
/* Read FPGA region properties from the overlay */
+   if (of_property_read_bool(overlay, "authenticate-fpga-config"))
+   info->flags |= FPGA_MGR_BITSTREM_AUTHENTICATION;
+
if (of_property_read_bool(overlay, "partial-fpga-config"))
info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
 
-- 
2.7.4



[PATCHv2 4/5] dt-bindings: fpga: add authenticate-fpga-config property

2020-11-18 Thread richard . gong
From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication,
which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v2: put authenticate-fpga-config above partial-fpga-config
update commit messages
---
 Documentation/devicetree/bindings/fpga/fpga-region.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..d0d3234 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -182,6 +182,7 @@ Optional properties:
This property is optional if the FPGA Manager handles the bridges.
 If the fpga-region is  the child of a fpga-bridge, the list should not
 contain the parent bridge.
+- authenticate-fpga-config : boolean, set if do bitstream authentication only.
 - partial-fpga-config : boolean, set if partial reconfiguration is to be done,
otherwise full reconfiguration is done.
 - external-fpga-config : boolean, set if the FPGA has already been configured
-- 
2.7.4



[PATCHv2 5/5] fpga: stratix10-soc: extend driver for bitstream authentication

2020-11-18 Thread richard . gong
From: Richard Gong 

Extend FPGA manager driver to support FPGA bitstream authentication on
Intel SocFPGA platforms.

Signed-off-by: Richard Gong 
---
v2: use flag defined in stratix10-svc driver
---
 drivers/fpga/stratix10-soc.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/fpga/stratix10-soc.c b/drivers/fpga/stratix10-soc.c
index 657a70c..b77067e 100644
--- a/drivers/fpga/stratix10-soc.c
+++ b/drivers/fpga/stratix10-soc.c
@@ -186,6 +186,9 @@ static int s10_ops_write_init(struct fpga_manager *mgr,
if (info->flags & FPGA_MGR_PARTIAL_RECONFIG) {
dev_dbg(dev, "Requesting partial reconfiguration.\n");
ctype.flags |= BIT(COMMAND_RECONFIG_FLAG_PARTIAL);
+   } else if (info->flags & FPGA_MGR_BITSTREM_AUTHENTICATION) {
+   dev_dbg(dev, "Requesting bitstream authentication.\n");
+   ctype.flags |= BIT(COMMAND_AUTHENTICATE_BITSTREAM);
} else {
dev_dbg(dev, "Requesting full reconfiguration.\n");
}
-- 
2.7.4



[PATCHv2 0/5] Extend Intel service layer, FPGA manager and region

2020-11-18 Thread richard . gong
From: Richard Gong 

This is 2nd submission of Intel service layer and FPGA patches.

The customer wants to verify that a FPGA bitstream can be started properly
before saving the bitstream to the QSPI flash memory.

Bitstream authentication makes sure a signed bitstream has valid signatures.

The customer sends the bitstream via FPGA framework and overlay, the
firmware will authenticate the bitstream but not program the bitstream to
device. If the authentication passes, the bitstream will be programmed into
QSPI flash and will be expected to boot without issues.

Extend Intel service layer, FPGA manager and region drivers to support the
bitstream authentication feature.

Richard Gong (5):
  firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag
  fpga: fpga-mgr: add FPGA_MGR_BITSTREM_AUTHENTICATION flag
  fpga: of-fpga-region: add authenticate-fpga-config property
  dt-bindings: fpga: add authenticate-fpga-config property
  fpga: stratix10-soc: entend driver for bitstream authentication

 Documentation/devicetree/bindings/fpga/fpga-region.txt |  1 +
 drivers/fpga/of-fpga-region.c  |  3 +++
 drivers/fpga/stratix10-soc.c   |  3 +++
 include/linux/firmware/intel/stratix10-svc-client.h| 11 ---
 include/linux/fpga/fpga-mgr.h  | 13 -
 5 files changed, 23 insertions(+), 8 deletions(-)

-- 
2.7.4



Re: [PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2020-11-18 Thread Richard Gong



Hi Moritz,

On 11/18/20 9:30 AM, Moritz Fischer wrote:

On Wed, Nov 18, 2020 at 08:29:09AM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream
authentication feature. Authenticating a bistream is to make sure a signed
bitstream has the valid signatures.

Except for the actual configuration of the device, the bitstream
authentication works the same way as FPGA configuration does. If the
authentication passes, the signed bitstream will be programmed into QSPI
flash memory and will be expected to boot without issues.

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.


Should this be down with the v2: ?


I think the commit message should describe all the changes made in the 
patch, is it?




Signed-off-by: Richard Gong 
---
v2: new added
---
  include/linux/firmware/intel/stratix10-svc-client.h | 11 ---
  1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index a93d859..85463c8 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -51,12 +51,17 @@
  #define SVC_STATUS_NO_SUPPORT 6
  
  /**

- * Flag bit for COMMAND_RECONFIG
+ * Flag bit for COMMAND_RECONFIG, in bit number
   *
   * COMMAND_RECONFIG_FLAG_PARTIAL:
- * Set to FPGA configuration type (full or partial).
+ * Set for partial FPGA configuration.
+ *
+ * COMMAND_AUTHENTICATE_BITSTREAM:
+ * Set for bitstream authentication, which makes sure a signed bitstream
+ * has valid signatures before committing it to QSPI flash memory.
   */
-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1


Can you explain how this commit by itself doesn't break things?

Before this change firmware expected BIT(0) to be set for partial
reconfiguration, now BIT(0) suddenly means authentication? How doest his
work? :)
 > Was there a firmware version change? Did this never work before?

If this is version depenedent for firmware, then this might need a
different compatible string / id / some form of probing?

Entirely possible that I'm missing something, but it doesn't *seem*
right.
  


It did work before.

Before this change, firmware only checks if the received flag value is 
zero. If the value is zero, it preforms full reconfiguration. Otherwise 
it does partial reconfiguration.


To support bitstream authentication feature, firmware is updated to 
check the received flag value as below:

0   --- full reconfiguration
BIT(0)  --- partial reconfiguration
BIT(1)  --- bitstream authentication

Therefore I have updated the command flag setting at Intel service layer 
driver to align with firmware.


Regards,
Richard


  /**
   * Timeout settings for service clients:
--
2.7.4



Cheers,
Moritz



Re: [PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2020-11-30 Thread Richard Gong



Hi Moritz,

Sorry for late reply, I was out last week.

On 11/21/20 7:10 PM, Moritz Fischer wrote:

Richard,

On Wed, Nov 18, 2020 at 12:16:09PM -0600, Richard Gong wrote:


-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1


Can you explain how this commit by itself doesn't break things?

Before this change firmware expected BIT(0) to be set for partial
reconfiguration, now BIT(0) suddenly means authentication? How doest his
work? :)
  > Was there a firmware version change? Did this never work before?

If this is version depenedent for firmware, then this might need a
different compatible string / id / some form of probing?

Entirely possible that I'm missing something, but it doesn't *seem*
right.


It did work before.

Before this change, firmware only checks if the received flag value is zero.
If the value is zero, it preforms full reconfiguration. Otherwise it does
partial reconfiguration.

To support bitstream authentication feature, firmware is updated to check
the received flag value as below:
0   --- full reconfiguration
BIT(0)  --- partial reconfiguration
BIT(1)  --- bitstream authentication


So there are two different versions of firmware involved that behave
differently?

Old firmware:
- ctype.flags  = 0x0 -> Full reconfig
- ctype.flags != 0 -> Partial reconfig

New firmware:
- ctype.flags = 0x0 -> Full reconfig
- ctype.flags = 0x1 -> Partial reconfig
- ctype.flags = 0x2 -> Authenticate

Old software:
- Send 0x0 for Full
- Send 0x1 for Partial

New software:
- Send 0x0 for Full
- Send 0x1 for Partial
- Send 0x2 for Auth

If I send request for authentication BIT(1) (new software) to old
firmware it'd try and attempt a partial reconfiguration with the data I
send? Is that safe?



Yes, it is possible and it is not safe. But we will inform our customers 
they should update to the latest firmware (SDM firmware and ATF) if they 
want to have authentication feature.


We are migrating boot loader boot flow to the new ATF boot flow, which 
is SDM firmware -> SPL -> ATF -> U-boot proper -> Linux. The new 
authentication feature is supported only in the new ATF boot flow. ATF 
communicates with SDM firmware via mailbox, and SDM firmware performs 
the actual full/partial reconfiguration and bitstream authentication. 
ATF sets up EL3 environment and initializes PSCI services.


The old boot flow is SDM firmware -> SPL -> U-boot proper -> Linux, 
which SPL/U-boot handles PSCI services and communicates with SDM 
firmware via mailbox. SDM firmware performs the actual full/partial 
reconfiguration.


ATF = Arm Trust Firmware, SDM = Secure Device Manager


Is there a way for software to figure out the firmware version and do
the right thing?


It is not feasible for kernel driver to get the firmware version per 
current designs and implementations. I don't think there is other way 
around this.





Therefore I have updated the command flag setting at Intel service layer
driver to align with firmware.

Regards,
Richard


   /**
* Timeout settings for service clients:
--
2.7.4



Cheers,
Moritz



Thanks,
Moritz


Regards,
Richard


Re: [PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2020-12-01 Thread Richard Gong



Hi Moritz,

On 11/30/20 10:31 PM, Moritz Fischer wrote:

Hi Richard,

On Mon, Nov 30, 2020 at 12:55:44PM -0600, Richard Gong wrote:


Hi Moritz,

Sorry for late reply, I was out last week.


No worries, usually I'm late with replies ;-)


On 11/21/20 7:10 PM, Moritz Fischer wrote:

Richard,

On Wed, Nov 18, 2020 at 12:16:09PM -0600, Richard Gong wrote:


-#define COMMAND_RECONFIG_FLAG_PARTIAL  1
+#define COMMAND_RECONFIG_FLAG_PARTIAL  0
+#define COMMAND_AUTHENTICATE_BITSTREAM 1


Can you explain how this commit by itself doesn't break things?

Before this change firmware expected BIT(0) to be set for partial
reconfiguration, now BIT(0) suddenly means authentication? How doest his
work? :)
   > Was there a firmware version change? Did this never work before?

If this is version depenedent for firmware, then this might need a
different compatible string / id / some form of probing?

Entirely possible that I'm missing something, but it doesn't *seem*
right.


It did work before.

Before this change, firmware only checks if the received flag value is zero.
If the value is zero, it preforms full reconfiguration. Otherwise it does
partial reconfiguration.

To support bitstream authentication feature, firmware is updated to check
the received flag value as below:
0   --- full reconfiguration
BIT(0)  --- partial reconfiguration
BIT(1)  --- bitstream authentication


So there are two different versions of firmware involved that behave
differently?

Old firmware:
- ctype.flags  = 0x0 -> Full reconfig
- ctype.flags != 0 -> Partial reconfig

New firmware:
- ctype.flags = 0x0 -> Full reconfig
- ctype.flags = 0x1 -> Partial reconfig
- ctype.flags = 0x2 -> Authenticate

Old software:
- Send 0x0 for Full
- Send 0x1 for Partial

New software:
- Send 0x0 for Full
- Send 0x1 for Partial
- Send 0x2 for Auth

If I send request for authentication BIT(1) (new software) to old
firmware it'd try and attempt a partial reconfiguration with the data I
send? Is that safe?



Yes, it is possible and it is not safe. But we will inform our customers
they should update to the latest firmware (SDM firmware and ATF) if they
want to have authentication feature.

We are migrating boot loader boot flow to the new ATF boot flow, which is
SDM firmware -> SPL -> ATF -> U-boot proper -> Linux. The new authentication
feature is supported only in the new ATF boot flow. ATF communicates with
SDM firmware via mailbox, and SDM firmware performs the actual full/partial
reconfiguration and bitstream authentication. ATF sets up EL3 environment
and initializes PSCI services.


Can U-Boot determine whether it's the new or old flow? Can you set a
different compatible value in your device-tree, to disambiguate
behaviors?



The boot flow is determined by defconfig during compilation, which means 
each boot flow will have its own defconfig.


SDM firmware loads SPL into OCRAM, then SPL will load the apporiate ATF 
or U-boot into the DRAM according to the setting of CONFIG_SPL_ATF. If 
CONFIG_SPL_ATF=y, SPL loads ATF and then jumps to ATF. ATF setups EL3 
environment and initialize the PSCI services.


CONFIG_SPL_ATF is not set for the old boot flow.


The old boot flow is SDM firmware -> SPL -> U-boot proper -> Linux, which
SPL/U-boot handles PSCI services and communicates with SDM firmware via
mailbox. SDM firmware performs the actual full/partial reconfiguration.

ATF = Arm Trust Firmware, SDM = Secure Device Manager


Is there a way for software to figure out the firmware version and do
the right thing?


It is not feasible for kernel driver to get the firmware version per current
designs and implementations. I don't think there is other way around this.




Therefore I have updated the command flag setting at Intel service layer
driver to align with firmware.

Regards,
Richard


/**
 * Timeout settings for service clients:
--
2.7.4



Cheers,
Moritz



Thanks,
Moritz


Regards,
Richard


Thanks,
Moritz


Regards,
Richard


Re: [PATCHv2 1/5] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2020-12-01 Thread Richard Gong

Hi Moritz,

On 12/1/20 1:19 PM, Moritz Fischer wrote:

Hi Richard,

On Tue, Dec 01, 2020 at 01:30:16PM -0600, Richard Gong wrote:


Can U-Boot determine whether it's the new or old flow? Can you set a
different compatible value in your device-tree, to disambiguate
behaviors?



The boot flow is determined by defconfig during compilation, which means
each boot flow will have its own defconfig.

SDM firmware loads SPL into OCRAM, then SPL will load the apporiate ATF or
U-boot into the DRAM according to the setting of CONFIG_SPL_ATF. If
CONFIG_SPL_ATF=y, SPL loads ATF and then jumps to ATF. ATF setups EL3
environment and initialize the PSCI services.

CONFIG_SPL_ATF is not set for the old boot flow.


So you know at (U-Boot) build time? Can you just pass a different DT to
the kernel in that case?



Yes, we have decided the boot flow at build time. Starting from the next 
release, our U-boot will use the ATF boot flow.


Per my limited knowledge in U-boot, I don't think we can follow your 
suggestion. Or it will take a lot of efforts to achieve.


I think that back compatibility is your main concern, correct? the issue 
does exist with the old boot flow and old firmware, whenever the 
customers try to use authentication. Unfortunately we can't update 
U-boot or firmware that has been released.


The authentication feature is supported only at the ATF boot flow, 
updated kernel and firmware. We will have a well-documented document to 
inform our customers that if they want to have authentication feature, 
they need to upgrade the latest U-boot, kernel and firmware.


We always encourage our customers to take the latest U-boot, kernel and 
firmware releases in their developments.



- Moritz



Regards,
Richard


Re: [PATCHv3 1/6] firmware: stratix10-svc: add COMMAND_AUTHENTICATE_BITSTREAM flag

2021-01-26 Thread Richard Gong

Hi Tom,

On 1/25/21 4:56 PM, Tom Rix wrote:


On 1/25/21 12:56 PM, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add COMMAND_AUTHENTICATE_BITSTREAM command flag for new added bitstream
authentication feature. Authenticating a bitstream is to make sure a signed
bitstream has the valid signatures.

Except for the actual configuration of the device, the bitstream
authentication works the same way as FPGA configuration does. If the
authentication passes, the signed bitstream will be programmed into QSPI
flash memory and will be expected to boot without issues.

Clean up COMMAND_RECONFIG_FLAG_PARTIAL flag by resetting it to 0, which
aligns with the firmware settings.

Signed-off-by: Richard Gong 
---
v3: no change
v2: new added
---
  include/linux/firmware/intel/stratix10-svc-client.h | 11 ---
  1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index ebc2956..7ada1f2 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -51,12 +51,17 @@
  #define SVC_STATUS_NO_SUPPORT 6
  
  /*


This patch fails to apply, i believe the conflict is because in mainline this 
is '/**' not '/*'

Please check or point me at the branch/tag you are using.



I am using next-20210125 tag.


I am using char-misc-next.

Tom

Tom


Regards,
Richard


Re: [PATCHv3 2/6] firmware: stratix10-svc: extend SVC driver to get the firmware version

2021-01-26 Thread Richard Gong

Hi Moritz,

Thanks for your reviews!

On 1/25/21 11:01 PM, Moritz Fischer wrote:

Hi Richard,

On Mon, Jan 25, 2021 at 02:56:24PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Extend Intel service layer driver to get the firmware version running at
FPGA device. Therefore FPGA manager driver, one of Intel service layer
driver's client, can decide whether to handle the newly added bitstream
authentication function based on the retrieved firmware version.

Signed-off-by: Richard Gong 
---
v3: new added, changes for getting firmware version

Thanks for doing that.

---
  drivers/firmware/stratix10-svc.c| 12 ++--
  include/linux/firmware/intel/stratix10-smc.h| 21 +++--
  include/linux/firmware/intel/stratix10-svc-client.h |  4 
  3 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/drivers/firmware/stratix10-svc.c b/drivers/firmware/stratix10-svc.c
index 3aa489d..1443bbd 100644
--- a/drivers/firmware/stratix10-svc.c
+++ b/drivers/firmware/stratix10-svc.c
@@ -306,6 +306,7 @@ static void svc_thread_recv_status_ok(struct 
stratix10_svc_data *p_data,
break;
case COMMAND_RSU_RETRY:
case COMMAND_RSU_MAX_RETRY:
+   case COMMAND_FIRMWARE_VERSION:
cb_data->status = BIT(SVC_STATUS_OK);
cb_data->kaddr1 = &res.a1;
break;
@@ -422,6 +423,11 @@ static int svc_normal_to_secure_thread(void *data)
a1 = 0;
a2 = 0;
break;
+   case COMMAND_FIRMWARE_VERSION:
+   a0 = INTEL_SIP_SMC_FIRMWARE_VERSION;
+   a1 = 0;
+   a2 = 0;
+   break;
default:
pr_warn("it shouldn't happen\n");
break;
@@ -487,11 +493,13 @@ static int svc_normal_to_secure_thread(void *data)
  
  			/*

 * be compatible with older version firmware which
-* doesn't support RSU notify or retry
+* doesn't support RSU notify, retry or bitstream
+* authentication.
 */
if ((pdata->command == COMMAND_RSU_RETRY) ||
(pdata->command == COMMAND_RSU_MAX_RETRY) ||
-   (pdata->command == COMMAND_RSU_NOTIFY)) {
+   (pdata->command == COMMAND_RSU_NOTIFY) ||
+   (pdata->command == COMMAND_FIRMWARE_VERSION)) {
cbdata->status =
BIT(SVC_STATUS_NO_SUPPORT);
cbdata->kaddr1 = NULL;
diff --git a/include/linux/firmware/intel/stratix10-smc.h 
b/include/linux/firmware/intel/stratix10-smc.h
index c3e5ab0..505fcca 100644
--- a/include/linux/firmware/intel/stratix10-smc.h
+++ b/include/linux/firmware/intel/stratix10-smc.h
@@ -321,8 +321,6 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
  #define INTEL_SIP_SMC_ECC_DBE \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_ECC_DBE)
  
-#endif

-
  /**
   * Request INTEL_SIP_SMC_RSU_NOTIFY
   *
@@ -404,3 +402,22 @@ 
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FPGA_CONFIG_COMPLETED_WRITE)
  #define INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY 18
  #define INTEL_SIP_SMC_RSU_MAX_RETRY \
INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_RSU_MAX_RETRY)
+
+/**
+ * Request INTEL_SIP_SMC_FIRMWARE_VERSION
+ *
+ * Sync call used to query the version of running firmware
+ *
+ * Call register usage:
+ * a0 INTEL_SIP_SMC_FIRMWARE_VERSION
+ * a1-a7 not used
+ *
+ * Return status:
+ * a0 INTEL_SIP_SMC_STATUS_OK or INTEL_SIP_SMC_STATUS_ERROR
+ * a1 running firmware version
+ */
+#define INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION 31
+#define INTEL_SIP_SMC_FIRMWARE_VERSION \
+   INTEL_SIP_SMC_FAST_CALL_VAL(INTEL_SIP_SMC_FUNCID_FIRMWARE_VERSION)
+
+#endif
diff --git a/include/linux/firmware/intel/stratix10-svc-client.h 
b/include/linux/firmware/intel/stratix10-svc-client.h
index 7ada1f2..15e5477 100644
--- a/include/linux/firmware/intel/stratix10-svc-client.h
+++ b/include/linux/firmware/intel/stratix10-svc-client.h
@@ -109,6 +109,9 @@ struct stratix10_svc_chan;
   *
   * @COMMAND_RSU_DCMF_VERSION: query firmware for the DCMF version, return 
status
   * is SVC_STATUS_OK or SVC_STATUS_ERROR

Is DCMF explaines somewhere? Maybe I missed it.


Documentation/ABI/testing/sysfs-devices-platform-stratix10-rsu.

RSU (Remote System Update) allows user to reliably update the QSPI 
configuration bitstream of an Intel Stratix10 SoC device.


When the user enables RSU function on the device, he/she need to use the 
Intel Quartus tools to build RSU flash image. The flash content should 
include DCMF and other components to make it have RSU function.

Re: [PATCHv3 3/6] fpga: fpga-mgr: add FPGA_MGR_BITSTREM_AUTHENTICATION flag

2021-01-26 Thread Richard Gong



Hi Moritz,

On 1/25/21 11:04 PM, Moritz Fischer wrote:

On Mon, Jan 25, 2021 at 02:56:25PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add FPGA_MGR_BITSTREM_AUTHENTICATION flag for FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Except for the actual configuration of the device, the authentication works
the same way as FPGA configuration does. If the authentication passes, the
bitstream will be programmed into QSPI flash and will be expected to boot
without issues.

Signed-off-by: Richard Gong 
---
v3: no change
v2: align all FPGA_MGR_* flags
 update the commit messages
---
  include/linux/fpga/fpga-mgr.h | 13 -
  1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/include/linux/fpga/fpga-mgr.h b/include/linux/fpga/fpga-mgr.h
index 2bc3030..4fb3400 100644
--- a/include/linux/fpga/fpga-mgr.h
+++ b/include/linux/fpga/fpga-mgr.h
@@ -67,12 +67,15 @@ enum fpga_mgr_states {
   * %FPGA_MGR_BITSTREAM_LSB_FIRST: SPI bitstream bit order is LSB first
   *
   * %FPGA_MGR_COMPRESSED_BITSTREAM: FPGA bitstream is compressed
+ *
+ * %FPGA_MGR_BITSTREM_AUTHENTICATION: do FPGA bitstream authentication only
   */
-#define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
-#define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
-#define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
-#define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
-#define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_PARTIAL_RECONFIG  BIT(0)
+#define FPGA_MGR_EXTERNAL_CONFIG   BIT(1)
+#define FPGA_MGR_ENCRYPTED_BITSTREAM   BIT(2)
+#define FPGA_MGR_BITSTREAM_LSB_FIRST   BIT(3)
+#define FPGA_MGR_COMPRESSED_BITSTREAM  BIT(4)
+#define FPGA_MGR_BITSTREM_AUTHENTICATION   BIT(5)

Consider FPGA_MGR_BITSTREAM_AUTHENTICATE (and fix typo)


Thanks, I will correct that in next submission.

  
  /**

   * struct fpga_image_info - information specific to a FPGA image
--
2.7.4



Thanks,
Moritz


Regards,
Richard


Re: [PATCHv3 5/6] dt-bindings: fpga: add authenticate-fpga-config property

2021-01-26 Thread Richard Gong




On 1/25/21 11:05 PM, Moritz Fischer wrote:

On Mon, Jan 25, 2021 at 02:56:27PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add authenticate-fpga-config property for FPGA bitstream authentication,
which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v3: no change
v2: put authenticate-fpga-config above partial-fpga-config
 update commit messages
---
  Documentation/devicetree/bindings/fpga/fpga-region.txt | 1 +
  1 file changed, 1 insertion(+)

diff --git a/Documentation/devicetree/bindings/fpga/fpga-region.txt 
b/Documentation/devicetree/bindings/fpga/fpga-region.txt
index e811cf8..d0d3234 100644
--- a/Documentation/devicetree/bindings/fpga/fpga-region.txt
+++ b/Documentation/devicetree/bindings/fpga/fpga-region.txt
@@ -182,6 +182,7 @@ Optional properties:
This property is optional if the FPGA Manager handles the bridges.
  If the fpga-region is  the child of a fpga-bridge, the list should not
  contain the parent bridge.
+- authenticate-fpga-config : boolean, set if do bitstream authentication only.

I don't understand. Can I do authenticate-fpga-config AND
partial-fpga-config?


Yes, but not simultaneously.

Flag authenticate-fpga-config is used to first check the integrity of 
the bitstream. If the authentication passes, the user can perform a full 
or partial configuration to actually configure the bistream to device.



  - partial-fpga-config : boolean, set if partial reconfiguration is to be done,
otherwise full reconfiguration is done.
  - external-fpga-config : boolean, set if the FPGA has already been configured
--
2.7.4


Please clarify,

Moritz


Regards,
Richard


Re: [PATCHv3 4/6] fpga: of-fpga-region: add authenticate-fpga-config property

2021-01-26 Thread Richard Gong



Hi Moritz,

On 1/25/21 11:10 PM, Moritz Fischer wrote:

On Mon, Jan 25, 2021 at 02:56:26PM -0600, richard.g...@linux.intel.com wrote:

From: Richard Gong 

Add authenticate-fpga-config property to support FPGA bitstream
authentication, which makes sure a signed bitstream has valid signatures.

Signed-off-by: Richard Gong 
---
v3: no change
v2: changed in alphabetical order
---
  drivers/fpga/of-fpga-region.c | 3 +++
  1 file changed, 3 insertions(+)

diff --git a/drivers/fpga/of-fpga-region.c b/drivers/fpga/of-fpga-region.c
index e405309..3840883 100644
--- a/drivers/fpga/of-fpga-region.c
+++ b/drivers/fpga/of-fpga-region.c
@@ -219,6 +219,9 @@ static struct fpga_image_info *of_fpga_region_parse_ov(
info->overlay = overlay;
  
  	/* Read FPGA region properties from the overlay */

+   if (of_property_read_bool(overlay, "authenticate-fpga-config"))
+   info->flags |= FPGA_MGR_BITSTREM_AUTHENTICATION;
+

Should you check here that no new nodes are being added as you *only*
authenticate?


Sure, I will add additional checks in next submission.




if (of_property_read_bool(overlay, "partial-fpga-config"))
info->flags |= FPGA_MGR_PARTIAL_RECONFIG;
  
--

2.7.4



Thanks,
Moritz


Regards,
Richard


  1   2   3   >