mbox series

[v2,0/4] wifi: rtw89: fw: support firmware secure boot

Message ID 20240204012627.9647-1-pkshih@realtek.com (mailing list archive)
Headers show
Series wifi: rtw89: fw: support firmware secure boot | expand

Message

Ping-Ke Shih Feb. 4, 2024, 1:26 a.m. UTC
Firmware secure boot is to ensure firmware running on chip is the one
which is signed and released officially. Without this, it will be failed
to download firmware result from wrong security key data.

The main difference between secure and non-secure boot is content of
secure section, which is one type of many firmware sections, and is to
provide key data.

The basic steps for key data are:
 1. read cryptography method and key_index from efuse (patch 2/4)
 2. parse firmware file to select secure section by the information of
    step 1 (patch 3/4)
 3. download firmware with selected secure section and key data (patch 4/4)

v2:
 - use "%tx" to print out differences (subtraction) of two pointers
   in patch 3/4 (reported by kernel test robot)

Ping-Ke Shih (4):
  wifi: rtw89: fw: consider checksum length of security data
  wifi: rtw89: fw: read firmware secure information from efuse
  wifi: rtw89: fw: parse secure section from firmware file
  wifi: rtw89: fw: download firmware with key data for secure boot

 drivers/net/wireless/realtek/rtw89/core.h     |  15 +
 drivers/net/wireless/realtek/rtw89/efuse.h    |   1 +
 drivers/net/wireless/realtek/rtw89/efuse_be.c | 142 +++++++++
 drivers/net/wireless/realtek/rtw89/fw.c       | 296 ++++++++++++++++--
 drivers/net/wireless/realtek/rtw89/fw.h       |  47 ++-
 drivers/net/wireless/realtek/rtw89/pci.c      |   2 +
 drivers/net/wireless/realtek/rtw89/rtw8922a.c |   3 +
 7 files changed, 484 insertions(+), 22 deletions(-)