net/ice/base: support external device secure programming

External topology devices (e.g. PHYs) connected to controller or to SoC might have a firmware engine within the device and the firmware is usually loaded from NVM connected to the topology device. In some cases, those firmware packages might need to be regularly updated in a secure way to prevent malicious user to burn malicious firmware into the topology device. In other cases, the topology device firmware might be burned independently, as burning the NVM attached to the device might cause the device to stop function but could be fixed without permanent damage. SoC topologies also enable mezzanine card, with an ID EEPROM within it. This ID EEPROM might need an update also. This patch provides these abilities. Signed-off-by: Amir Shay <shay.amir@intel.com> Signed-off-by: Qi Zhang <qi.z.zhang@intel.com> Acked-by: Qiming Yang <qiming.yang@intel.com>
2021-03-02 15:23:45 +08:00 · 2021-03-02 15:23:45 +08:00 · 5fe41b4dcb
commit 5fe41b4dcb
parent 6fca104a7a
1 changed files with 24 additions and 2 deletions
--- a/drivers/net/ice/base/ice_adminq_cmd.h
+++ b/drivers/net/ice/base/ice_adminq_cmd.h
@ -1506,11 +1506,12 @@ struct ice_aqc_get_link_status_data {
 #define ICE_AQ_LINK_TOPO_UNDRUTIL_MEDIA	BIT(6)
 #define ICE_AQ_LINK_TOPO_UNSUPP_MEDIA	BIT(7)
 	u8 link_cfg_err;
-#define ICE_AQ_LINK_CFG_ERR		BIT(0)
-#define ICE_AQ_LINK_ACT_PORT_OPT_INVAL	BIT(2)
+#define ICE_AQ_LINK_CFG_ERR			BIT(0)
+#define ICE_AQ_LINK_ACT_PORT_OPT_INVAL		BIT(2)
 #define ICE_AQ_LINK_FEAT_ID_OR_CONFIG_ID_INVAL	BIT(3)
 #define ICE_AQ_LINK_TOPO_CRITICAL_SDP_ERR	BIT(4)
 #define ICE_AQ_LINK_MODULE_POWER_UNSUPPORTED	BIT(5)
+#define ICE_AQ_LINK_EXTERNAL_PHY_LOAD_FAILURE	BIT(6)
 	u8 link_info;
 #define ICE_AQ_LINK_UP			BIT(0)	/* Link Status */
 #define ICE_AQ_LINK_FAULT		BIT(1)
@ -1716,6 +1717,25 @@ struct ice_aqc_sw_gpio {
 	u8 rsvd[12];
 };

+/* Program topology device NVM (direct, 0x06F2) */
+struct ice_aqc_program_topology_device_nvm {
+	u8 lport_num;
+	u8 lport_num_valid;
+	u8 node_type_ctx;
+	u8 index;
+	u8 rsvd[12];
+};
+
+/* Read topology device NVM (indirect, 0x06F3) */
+struct ice_aqc_read_topology_device_nvm {
+	u8 lport_num;
+	u8 lport_num_valid;
+	u8 node_type_ctx;
+	u8 index;
+	__le32 start_address;
+	u8 data_read[8];
+};
+
 /* NVM Read command (indirect 0x0701)
 * NVM Erase commands (direct 0x0702)
 * NVM Write commands (indirect 0x0703)
@ -3059,6 +3079,8 @@ enum ice_adminq_opc {
 	ice_aqc_opc_sff_eeprom				= 0x06EE,
 	ice_aqc_opc_sw_set_gpio				= 0x06EF,
 	ice_aqc_opc_sw_get_gpio				= 0x06F0,
+	ice_aqc_opc_program_topology_device_nvm		= 0x06F2,
+	ice_aqc_opc_read_topology_device_nvm		= 0x06F3,

 	/* NVM commands */
 	ice_aqc_opc_nvm_read				= 0x0701,