[U-Boot] [PATCH v2 2/2] warp7 : run sec_init for CAAM RNG
Auer, Lukas
lukas.auer at aisec.fraunhofer.de
Fri Jan 26 09:09:35 UTC 2018
On Fri, 2018-01-26 at 02:09 +0000, Bryan O'Donoghue wrote:
> This patch adds a sec_init call into board_init. Doing so in
> conjunction
> with the patch "drivers/crypto/fsl: assign job-rings to non-
> TrustZone"
> enables use of the CAAM in Linux when OPTEE/TrustZone is active.
>
> u-boot will initialise the RNG and assign ownership of the job-ring
> registers to a non-TrustZone context. Linux then simply has to detect
> or be
> told to skip RNG initialisation.
>
> This change is safe both for the OPTEE/TrustZone boot path and the
> regular
> non-OPTEE/TrustZone boot path.
>
> Signed-off-by: Bryan O'Donoghue <bryan.odonoghue at linaro.org>
> Cc: Fabio Estevam <fabio.estevam at nxp.com>
> Cc: Peng Fan <peng.fan at nxp.com>
> Cc: Marco Franchi <marco.franchi at nxp.com>
> Cc: Vanessa Maegima <vanessa.maegima at nxp.com>
> Cc: Stefano Babic <sbabic at denx.de>
> ---
> board/warp7/warp7.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
> index 337e76b..219ab6f 100644
> --- a/board/warp7/warp7.c
> +++ b/board/warp7/warp7.c
> @@ -16,6 +16,7 @@
> #include <asm/io.h>
> #include <common.h>
> #include <fsl_esdhc.h>
> +#include <fsl_sec.h>
> #include <i2c.h>
> #include <mmc.h>
> #include <asm/arch/crm_regs.h>
> @@ -225,6 +226,10 @@ int board_init(void)
> setup_i2c(0, CONFIG_SYS_I2C_SPEED, 0x7f,
> &i2c_pad_info1);
> #endif
>
> + #ifdef CONFIG_FSL_CAAM
> + sec_init();
> + #endif
> +
> return 0;
> }
>
> @@ -366,5 +371,4 @@ int g_dnl_bind_fixup(struct usb_device_descriptor
> *dev, const char *name)
>
> return 0;
> }
> -
> #endif /* ifdef CONFIG_USB_GADGET */
Hi Bryan,
this fails to apply for me on current HEAD. It seems like you have
additional modifications to wrap7.c in your tree (there is no
CONFIG_USB_GADGET on master).
Regarding the patch, would it make sense to put sec_init() somewhere
else, so that it does not have to be duplicated in the board file for
all platforms with CAAM?
Thanks,
Lukas
More information about the U-Boot
mailing list