fpga: m10bmc-sec: create max10 bmc secure update
Create a sub-driver for the FPGA Card BMC in order to support secure updates. This patch creates the Max10 BMC Secure Update driver and provides sysfs files for displaying the root entry hashes (REH) for the FPGA static region (SR), the FPGA Partial Reconfiguration (PR) region, and the card BMC. The Intel MAX10 BMC Root of Trust (RoT) requires that all BMC Nios firmware and FPGA images are authenticated using ECDSA before loading and executing on the card. Code Signing Keys (CSK) are used to sign images. CSKs are signed by a root key. The root entry hash is created from the root public key. The RoT provides authentication by storing an REH bitstream to a write-once location. Image signatures are verified against the hash. Reviewed-by: NTom Rix <trix@redhat.com> Tested-by: NTianfei Zhang <tianfei.zhang@intel.com> Signed-off-by: NRuss Weight <russell.h.weight@intel.com> Link: https://lore.kernel.org/r/20220606160038.846236-3-russell.h.weight@intel.comSigned-off-by: NXu Yilun <yilun.xu@intel.com>
Showing
想要评论请 注册 或 登录