Allow to authenticate signed images with eFUSE keys even without RSA_EN eFUSE #173
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch loads the BKSV only once at initialisation. Signed-off-by: Jagadeesh Banisetti <[email protected]> Acked-for-series: Vishal Sagar <[email protected]>
This reverts commit 83e589bfc5d94fc555a1537d0897f8b18f812a8a. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
This reverts commit 238ab744c92904bee1b817536af43a58bd1918b9. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
Few of the #defines present in standalone/src/common/xstatus.h are missing in copy of xstatus.h present in common driver. As of now keeping both copies of xstatus.h in sync, in future xstatus.h would be removed from common driver, users are expected to use standalone/src/common/xstatus.h instead of common driver xstatus.h. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
As of now keeping both copies of xdebug.h in sync, in future xdebug.h would be removed from common driver, users are expected to use standalone/src/common/xdebug.h instead of common driver xdebug.h. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
Fixed warnings reported by doxygen tool. Also, incremented driver version to 2.11. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
Updated doxygen tags with latest driver version 2.11. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-for-series: Siva Durga Prasad Paladugu <[email protected]>
This patch adds support to get the base address of the device. Signed-off-by: Ronak Jain <[email protected]> Acked-by: Izhar Ameer Shaikh <[email protected]>
Add TESTAPP_GEN protection for global variables to fix the "multiple definition" compilation errors with latest toolchain on peripheral tests. Signed-off-by: Shravya Kumbham <[email protected]> Acked-by: Harini Katakam <[email protected]>
Change L2 interrupt enabling macro to 0x3F as BC 0 to 5 are used only for interrupt routing in SHIM. Signed-off-by: Wendy Liang <[email protected]> Acked-by: Tejus Siddagangaiah <[email protected]>
We can not identify specific lmb_bram_if_cntlr instance from existing canonicals. Updated tcl to export additional #define related to address parameters of lmb_bram_if_cntlr, to identify specific instance of lmb_bram_if_cntlr. Signed-off-by: Mubin Usman Sayyed <[email protected]> Acked-by: Siva Durga Prasad Paladugu <[email protected]>
… DDR present in design The patch adds provision to load bitstream from OCM even if DDR is present in design. Signed-off-by: Vikram Sreenivasa Batchali <[email protected]> Acked-by: Krishna Chaitanya Patakamuri <[email protected]>
Enabled caches to speed up VCU118 rxo app. Signed-off-by: nishantd <[email protected]> Acked-for-series: Kapil Usgaonkar<[email protected]>
…r VCU118. Enabled Cache to speed up VCU118 txo app. Bit[12] of 0x1A4(MISC0) set to send VSC every frame. Signed-off-by: nishantd <[email protected]> Acked-for-series: Kapil Usgaonkar<[email protected]>
Add valid_seg, half_valid_seg and line_num fields to the h/w descriptor and remove s_axilite registers for the same. Signed-off-by: Vivek Veenam <[email protected]> Acked-by: Sandip Kothari <[email protected]>
This patches resets the read mode which is set already after eFuse write. The XNvm_EfuseSetReadMode API expects a clean value before proceeding for comparision. Due to unset Readmode value the comparision check is failing. Signed-off-by: Kalyani Akula <[email protected]> Acked-by: Mohan Marutirao Dhanawade <[email protected]>
Before doing any FRL SCDC write, the Ready bit is checked. Currently this fails if in first attempt the ready bit is set and core is found busy with FRL SCDC transactions. Instead retry for fixed number of times (512) to check if FRL SCDC transactions can be done or not. Signed-off-by: Vishal Sagar <[email protected]> Acked-for-series: Anil Kumar Chimbeti <[email protected]>
The loop back case is failing because the sink version isn't being set to 1 when the SCDC registers are cleared. Fix this in XV_HdmiRx1_DdcScdcClear(). Signed-off-by: Vishal Sagar <[email protected]> Acked-for-series: Anil Kumar Chimbeti <[email protected]>
if resource tries to reserve and is unavailable print warning instead of error Signed-off-by: Alex Kiani <[email protected]> Acked-by: Wendy Liang <[email protected]>
…l definitions Some of video driver examples use direct definition macros which is wrong. So exmaples are modified to use canonical form of definitions in video driver example applications. Signed-off-by: Prasad Gutti <[email protected]> Acked-by: Sandip Kothari <[email protected]>
DPDMA subsystem initialization resets some link configurations, which overwrites configs set by DP training, so call InitDpDmaSubsystem() before the DP link training. This fixes black screen issue for monitors having link rate capacity max upto 2.7Gbps While at it, updated driver version(minor) to 1.4 for 2021.1 release. Signed-off-by: Rohit Visavalia <[email protected]> Acked-by:Varunkumar Allagadapa <[email protected]>
The existing API Xil_IsSpinLockEnabled is dereferencing to address zero when spinlock mechanism is not enabled. Though it may not result in crash and many of the test cases would still pass, this is incorrect implementation which is fixed in this patch. Signed-off-by: Anirudha Sarangi <[email protected]> Acked-by: Siva Durga Prasad Paladugu <[email protected]>
The XV_HdmiRx1_FrlDdcWriteField() returns only XST_FAILURE or XST_DEVICE_BUSY. Fix this to correctly return XST_SUCCESS. Signed-off-by: Vishal Sagar <[email protected]> Acked-by: Anil Kumar Chimbeti <[email protected]>
Fixed issue where driver was attempting to start ADC 3 for DFE variant (ADC 3 does not exist in this case). Some refactoring for XRFdc_GetTileLayout, XRFdc_RestartIPSM and XRFdc_WaitForState were also required to do this. Signed-off-by: Conall O'Griofa <conall.o'[email protected]> Acked-for-series: Anand Ashok Dumbre <[email protected]>
Fixed issue where ADC0 would not fully start if distributing a full rate clock from ADC 1 to ADC 0 and ADC 2/3. Signed-off-by: Conall O'Griofa <conall.o'[email protected]> Acked-for-series: Anand Ashok Dumbre <[email protected]>
Rename MAX/MIN to XRFDC_MAX/XRFDC_MIN to avoid any potential conflicts. Signed-off-by: Conall O'Griofa <conall.o'[email protected]> Acked-for-series: Anand Ashok Dumbre <[email protected]>
If running the IPSM from a state further along than "shutdown" then in certain cases the some extra dividers and delays must be set in order for calibration to run optimally. Also needed to flip bits in dynamicpllconfig. Signed-off-by: Conall O'Griofa <conall.o'[email protected]> Acked-for-series: Anand Ashok Dumbre <[email protected]>
getEvent did not return XAIE_OK on proper event return update so that if tile found, RC set to XAIE_OK Signed-off-by: Alex Kiani <[email protected]> Acked-by: Wendy Liang <[email protected]>
3GB DL output is not coming because bit 15 of payload and the VTC are incorrectly configured for 3G DL case because the video stream properties struct doesn't have a member to store the transport scan/type in the video common struct. The Transport Scan bit for 3GB DL should be interlaced. This patch modifies exclusively for 3GB DL. Even the reporting API is also currently fixed only for 3GB DL path. Once the video common library structure has member for transport type (interlaced / progressive), this patch would need modification. Signed-off-by: Jagadeesh Banisetti <[email protected]> Acked-by: Sandip Kothari <[email protected]>
Fixed doxygen warnings in xilfpga source code Signed-off-by: Nava kishore Manne <[email protected]> Acked-by: Siva Durga Prasad Paladugu <[email protected]>
This patch fixes MISRA C-2012 Rule 15.5 i.e. A function should have a single point of exit at the end. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 12.1, i.e. Missing explicit parentheses on sub-expression. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 5.9, i.e. Identifiers that define objects or functions with internal linkage should be unique. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 17.8, i.e. A function parameter should not be modified. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 9.1 i.e. the value of an object with automatic storage duration shall not be read before it has been set. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 12.3 i.e. the comma operator should not be used. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 4.6, i.e. typedefs that indicate size and signedness should be used in place of the basic numerical types. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes MISRA C-2012 Rule 4.6, i.e. typedefs that indicate size and signedness should be used in place of the basic numerical types. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This patch fixes advisory MISRA rule 8.13 i.e. a pointer should point to const-qualified type whenever possible. Signed-off-by: Ronak Jain <[email protected]> Acked-for-series: Rajan Vaja <[email protected]>
This commit updates device names to their proper name Signed-off-by: Nicole Baze <[email protected]> Acked-by: Jyotheeswar Reddy Mutthareddyvari <[email protected]>
Remove not needed text from PRACH doxygen documentation. Signed-off-by: Dragan Cvetic <[email protected]> Acked-by: Anish Kadamathikuttiyil Karthikeyan Pillai <[email protected]>
Update the ReadMesage and WriteMessage routines to calculate CRC for IPI buffer contents rather than user provided buffer. This is needed as the remote side will operate on IPI buffer and not on the user buffer. Also removed the check of Msglength with IPI buffer max length as user can provide data of any size and no need to force the user to provide IPI max length always. Signed-off-by: Shubhrajyoti Datta <[email protected]> Acked-by: Srinivas Goud <[email protected]>
updated changelog Signed-off-by: Meena Paleti <[email protected]> Acked-by : Siva Addepalli<[email protected]>
updated changelog Signed-off-by: Meena Paleti <[email protected]> Acked-by : Siva Addepalli<[email protected]>
Fix issue in that when querying for if a PGGS Node has been requested, the node being queried would be off by one. Fix this by adding 1 to the calculated ID for a PGGS Node. This is a fix because the lowest valid RegNum is 0U and the lowest possible PGGS Node ID is 4. As GGS_MAX is 3 an extra addition of 1 is required to construct the Node ID to be queried in a correct manner. Signed-off-by: Ben Levinsky <[email protected]> Acked-by: Ravi Patel <[email protected]>
updated changelog Signed-off-by: Meena Paleti <[email protected]> Acked-by : Siva Addepalli<[email protected]>
This patch fixes "warning: cast from pointer to integer of different size" for R5 processor by typecasting with UINTPTR instead of u64. Signed-off-by: Harsha <[email protected]> Acked-by: Kalyani Akula <[email protected]>
Fixed MISRA C-2012 Declarations and Definitions (Rule 8.4) below warning: misra_c_2012_rule_8_4_violation: Object definition does not have a visible prototype." Signed-off-by: Piyush Mehta <[email protected]> Acked-for-series: Srinivas Goud <[email protected]>
Fixed MISRA C-2012 Rule 10.6 below warning: "misra_c_2012_rule_10_6_violation: Assigning expression InstancePtr->Config.BaseAddress of width 32 to a target of width 64." Replaced u32 data type with UINTPTR. misra_c_2012_rule_10_6_violation: Assigning composite expression "(UsbEpNum << 1U) | Dir" of width 8 to a target of width 32. Assign proper type cast to match assignement requirement. Signed-off-by: Piyush Mehta <[email protected]> Acked-for-series: Srinivas Goud <[email protected]>
updated changelog Signed-off-by: Meena Paleti <[email protected]> Acked-by : Siva Addepalli<[email protected]>
Updated the changelog Signed-off-by: Meena Paleti <[email protected]> Acked-by : Siva Addepalli<[email protected]>
Microblaze CPU support is being added into the dhrystone application through this patch. For Microblaze Dhrystone to work, it is mandatory that the design has an Axi Timer. Signed-off-by: Anirudha Sarangi <[email protected]> Acked-by: Siva Durga Prasad Paladugu <[email protected]>
…r libraries Signed-off-by: Siva Addepalli <[email protected]>
In R&D testing phase developers may have a situation where the RSA eFUSE hashes are already burned but the RSA_EN (_Enforce_) eFUSE is not yet burned. To cover this use case, use non-zero AcOffset as the last criteria for checking Authentication Certificates. In the failure case, booting would fail with an error `XFSBL_ERROR_SPK_RSA_DECRYPT`. Signed-off-by: Eero Aaltonen <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While doing R&D testing with signed and encrypted images with Vitis 2020.2., I encountered essentially the same problem as
https://forums.xilinx.com/t5/ACAP-and-SoC-Boot-and/Authentication-of-secondary-images-XFSBL-ERROR-SPK-RSA-DECRYPT/td-p/859552
namely that I have programmed the PPK0 hash but have not yet enforced RSA authentication by blowing the
RSA_ENeFUSE. The authentication would initially fail due to the PPK hash not being read and being verified against all zeros values.In my opinion it would be more convenient for R&D testing to be able to test authenticated images in small steps. I modified the check to use a non-zero
AcOffsetas the very last criteria for authenticating the boot image to achieve this, as suggested in the AR.Tested on top of
2020.2. Commit content is the same, but should be re-tested.Commit
In R&D testing phase developers may have a situation where the RSA
eFUSE hashes are already burned but the RSA_EN (Enforce) eFUSE is not
yet burned. To cover this use case, use non-zero AcOffset as the last
criteria for checking Authentication Certificates.
In the failure case, booting would fail with an error
XFSBL_ERROR_SPK_RSA_DECRYPT.Signed-off-by: Eero Aaltonen [email protected]