-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plat-versal: add support for the Versal Net variant #6738
base: master
Are you sure you want to change the base?
Conversation
Versal Net is a new SoC flavor based on the Versal architecture. This commit introduces it in versal platform code. Signed-off-by: Jeremie Corbier <[email protected]>
Make it more generic and still provide a default IPI channel to the PMC for the other drivers. Signed-off-by: Jeremie Corbier <[email protected]>
PLM HWRNG driver cannot provide more than 32 bytes of entropy at a time. Split bigger requests into 32 bytes chunks. Signed-off-by: Jeremie Corbier <[email protected]>
The Versal Net variant comes with a dedicated PKI engine. This driver makes use of the engine for ECDSA P-256, P-384, and P-521 sign, verify and key generation operations. Signed-off-by: Jeremie Corbier <[email protected]>
The original HUK driver generated the HUK using SHA-256. This commit replaces this mechanism with the more robust HKDF-SHA256. Signed-off-by: Jeremie Corbier <[email protected]>
Add simple PTA allowing to dynamically load data in the Versal PL. Signed-off-by: Jeremie Corbier <[email protected]>
- update crypto API IDs - update calls to the KAT subsystem Signed-off-by: Jeremie Corbier <[email protected]>
The XilNvm API has heavily changed between Versal and Versal Net. This commit adds support for the Net variant. Signed-off-by: Jeremie Corbier <[email protected]>
XilSecure has been updated to pack the public exponent right after the modulus rather than at a fixed 512 bytes (RSA 4096 key size) offset. See commit below for more details: Xilinx/embeddedsw@c2dd2eb Signed-off-by: Jeremie Corbier <[email protected]>
thanks @jcorbier I need to ask that the changes to support the more recent AMD/Xilinx tools maintain backwards compatibility. We should be able to query the ABI at runtime - maybe even propose whatever is needed to AMD/Xilinx https://github.com/Xilinx/embeddedsw . I'd like to understand as well the level of testing that has been done with this software (just the output of xtest, to check if you encountered any regressions (ie this is the changelog for 4.1.0 #6574 (comment) ). Thirdly is there anything that you also plan on posting to https://github.com/OP-TEE/optee_docs ? |
Thanks @ldts for your feedback.
Noted. Let me see how best we can implement that.
I don't have access to the logs right now but the current state is the same as for Versal in 4.1.0.
Yes, a working version is available here https://github.com/ProvenRun/optee_docs/tree/versal_net_port Same thing for build and manifest repositories. |
we should split the drivers (rng/nvm) into a different files (versal_net_rng, versal_net_nvm?) |
Agreed, the initial thinking for the current implementation was to avoid as much code duplication as possible between versal and versal_net but in the end it makes things much more complicated than needed. |
Hi @jcorbier any updates on this PR? |
Hi @nathan-menhorn, still working out the details of what needs to be done to properly split versal/versal-net code, including the TRNG update. I'll try and push an update to this PR by end of this week. |
@etienne-lms could you hold your comments until the patchset is updated please? There are a couple of functional changes that need addressing first
So I suggest we wait for that before we go into details (ie default configs, coding standards and so on) as some files will change quite a bit |
Split NVM code into two seperate drivers, one for Versal, one for Versal Net, since both variants have very different NVM PLM code. Signed-off-by: Jeremie Corbier <[email protected]>
Indeed, I'll be pusing fixup commits in the coming hours/days. |
- Do not enable RPMB configs on Versal - Do not modify Versal IPI ID - Do not enable FPGA PTA on Versal Signed-off-by: Jeremie Corbier <[email protected]>
- s!invokeCommandEntryPoint!invoke_command! - Return TEE_ERROR_NOT_SUPPORTED rather than BAD_PARAMS in case an invalid command ID is used - Re-order includes as requested Signed-off-by: Jeremie Corbier <[email protected]>
- Add timeout in case the remote processor is unresponsive - versal_mbox_free explicitely sets the pointer to NULL Signed-off-by: Jeremie Corbier <[email protected]>
#define VERSAL_PM_MAJOR 0 | ||
#define VERSAL_PM_MINOR 1 | ||
#define VERSAL_PM_MAJOR 1 | ||
#define VERSAL_PM_MINOR 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Deserves a specific commit IMHO.
No need for all the different error labels. Signed-off-by: Jeremie Corbier <[email protected]>
Hi @jcorbier what's the current status of this PR? Thanks. |
Hi @jcorbier any updates on this PR? Are patches to address all the comments in the PR still estimated to come by the end of the month? Thanks. |
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Hi @jcorbier what's the status of this PR? Last we discussed updates were supposed to be pushed a few weeks ago? Thanks. |
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
… PLM Signed-off-by: Jeremie Corbier <[email protected]>
- Make the check stricter ; major and minor versions should match - Fix supported Versal PM version (1.0 rather than 0.1) Signed-off-by: Jeremie Corbier <[email protected]>
There were cases whe the ephemeral key needed to perform ECDSA signatures was not properly free'd in case an error happened during the process. Signed-off-by: Jeremie Corbier <[email protected]>
@jcorbier do you plan on folding the commits as per the initial patch-set for further review? I can then have a a better look - last time I checked I found a simple regression (easy to fix). Also I was testing the Xen hypervisor with the tip of OP-TEE on the vck190 evaluation kit and I found it to be broken. I was wondering if this is a configuration (optee+xen on Versal) that you have tested? I believe probably nobody has yet (@nathan-menhorn ?) |
Hi @ldts no testing has been performed on Xen+optee yet as there haven't been any customers requests. |
@jcorbier @ldts @etienne-lms just keeping this PR alive. We should be expecting some input from @jcorbier soon. |
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
Yes, there a couple more things I want to fix then I'll force push a clean patchset to clean up the current fixup commits mess. |
Signed-off-by: Jeremie Corbier <[email protected]>
Signed-off-by: Jeremie Corbier <[email protected]>
core/drivers/versal_net_nvm.c
Outdated
@@ -994,8 +1010,16 @@ TEE_Result versal_efuse_write_revoke_ppk(enum versal_nvm_ppk_type type) | |||
return versal_efuse_write_misc(&misc_ctrl); | |||
} | |||
|
|||
/* | |||
* versal_efuse_write_revoke_id expects an efuse identifier between | |||
* 1 and 256. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jcorbier 0 to 255
core/drivers/versal_net_nvm.c
Outdated
TEE_Result versal_efuse_write_revoke_id(uint32_t id) | ||
{ | ||
if ((id < VERSAL_NET_REVOKE_EFUSE_MIN) || |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jcorbier check should be between 0 and 255.
I'm not sure why the AMD software was implemented this way as this is very confusing and it doesn't match the OFFCHIP_REVOKE function, which expects values from 1 - 256, but this function expects values from 0 to 255
See the error handling of
https://github.com/Xilinx/embeddedsw/blob/master/lib/sw_services/xilnvm/src/versal_net/server/xnvm_efuse.c#L615C21-L617
compared to
https://github.com/Xilinx/embeddedsw/blob/master/lib/sw_services/xilnvm/src/versal_net/server/xnvm_efuse.c#L701-L703
@@ -1012,12 +1014,12 @@ TEE_Result versal_efuse_write_revoke_ppk(enum versal_nvm_ppk_type type) | |||
|
|||
/* | |||
* versal_efuse_write_revoke_id expects an efuse identifier between | |||
* 1 and 256. | |||
* 1 and 256. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
0 - 255
if (id < VERSAL_NET_REVOKE_EFUSE_MIN || | ||
id > VERSAL_NET_REVOKE_EFUSE_MAX) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jcorbier checks needs to be between 0 and 255 for this function.
This series upgrades the AMD/Xilinx port with the following: