From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-alma10-1.taild15c8.ts.net [100.103.45.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E12DE3CF952 for ; Mon, 6 Jul 2026 12:33:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=100.103.45.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783341208; cv=none; b=jTthhChRZWwPLzoDSukWlBu8L4WCgPuEmXjF2YMWd57ij8H84fZOnp/T/0GL2UC8O9mhOwq/A+5JAAUCIeNzHrVcdlyckROvzn82FL+z2mtAbOE1ShoW2JhlzLMg9oFSxq4eNjm37tEf0y34p3gk5nAtoIrkSPqphUwL14KpMNQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783341208; c=relaxed/simple; bh=nscqNtUCoSqAeB7Wm/RAQSLaSz+tleB3PSrG1p6hps4=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=u0kbstkgE272e1qQ43TaIkfmghB/NOMG+nk6CrtwYZ8+yz8JTHlncmXi5XQGFmVo2sHtqiIHdVYrG6d5RfoqvAqESlbJasTY/SdQOwv91rT0jkJmW605ahKLLaBjRM/Z6ltiBm6F1IoJkjQdMGfN/u1Bh5Tg+kNSynBGiYbHwcQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=RTBTjlJV; arc=none smtp.client-ip=100.103.45.18 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="RTBTjlJV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1A8B31F00A3A; Mon, 6 Jul 2026 12:33:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1783341206; bh=rrwTCAEqQCoWBp/7k3/5M/7tcEdjAnBca1aqiuKMvYI=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=RTBTjlJVjikozyRvvfkeu2qMFh3a97SzF0vOVNrzMXg+uxEcxK1jTBsWYsAWV8GbZ j5PcgXgbxuziGHsvNfpB6uPkou+XLFyAd6g+eFNjLzOE9OXZVfvMaqmx96PRDesGyD 5uefmC4w8MzvlPSpgOHOoqM5LRczayUisQWacCMD0bKYcNwl7ovz53FuU6atIrqKWx pVn/F2l+nQMw/0qqMYCdOvGdZc4xAI0+Yrm42hJ5CU9p/TlD5SK/BqUnyh/vmPSV1D MT1R5XcI7FFv6qCY3+IVOoTnsdoe/OklOCr0/6VSda/pqqwAz+CgCA8WqUWCt2d7Ed aES1QO+DRM3WA== Message-ID: Date: Mon, 6 Jul 2026 07:33:25 -0500 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 0/2] Add Altera SoCFPGA Crypto Service (FCS) driver Content-Language: en-US To: hang.suan.wang@altera.com, linux-kernel@vger.kernel.org, "Michael S . Tsirkin" , Huacai Chen , Florian Fainelli , Chen-Yu Tsai Cc: muhammad.nazim.amirul.nazle.asmade@altera.com, tze.yee.ng@altera.com, chee.nouk.phoon@altera.com, genevieve.chan@altera.com References: From: Dinh Nguyen In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 7/1/26 02:39, hang.suan.wang@altera.com wrote: > From: Hang Suan Wang > > This series adds support for the Altera SoCFPGA Crypto Service (FCS), the > runtime cryptographic interface provided by the Secure Device Manager > (SDM). The SDM is the hardware security controller in Altera SoCFPGA > devices. It acts as the root-of-trust device and controls access to > built-in cryptographic hardware such as AES, SHA, a true random number > generator, and Intel PUF. The SDM is responsible for security-critical > functions including secure boot, FPGA bitstream authentication and optional > decryption, remote system update, and runtime crypto services. On the HPS > side, software reaches the SDM through a mailbox interface exposed in Linux > via the stratix10-svc layer, which uses Arm Trusted Firmware SIP SMC calls > underneath. > > The FPGA Crypto Service (FCS) is the runtime crypto interface provided by > the SDM. It covers services such as random number generation, AES > operations, HMAC/SHA, key management, attestation, and related security > functions. > > This series implements one FCS feature: the Secure Data Object Service > (SDOS), which protects sensitive data at rest. With SDOS the SDM encrypts > and decrypts data using a key derived from a device-unique root key that > never leaves the secure boundary, plus an SDM-generated IV. The host never > handles raw key material or IVs: it supplies plaintext and receives an > authenticated ciphertext object (and vice versa for decryption). A primary > use case is black key provisioning, where operational keys are installed in > protected form without ever being exposed in cleartext. > > The driver reaches the SDM through the existing stratix10-svc mailbox using > the Arm Trusted Firmware SIP SMC transport. Data buffers are allocated from > the service-layer memory pool, which provides physically-contiguous memory > whose physical address is handed to the SDM. > > The series is organized as follows: > - Patch 1 (prerequisite) extends the stratix10-svc service layer with the > FCS command codes and matching SIP SMC function IDs, adds the Agilex 5 > (intel,agilex5-svc) match, and registers a "stratix10-fcs" platform > device that an FCS client driver binds to. > > - Patch 2 adds the FCS firmware driver implementing SDOS encrypt/decrypt > and the crypto-session lifecycle, exposed via sysfs. It relies on the > command codes and the device from patch 1, so patch 1 must be applied > first. > > Testing: > - Built for arm64 (defconfig + CONFIG_ALTERA_SOCFPGA_FCS=m). > There are a few sashiko comments on this. Can you verify that they are applicable? https://sashiko.dev/#/patchset/cover.1782888532.git.hang.suan.wang%40altera.com Thanks, Dinh