[PATCH 22/37] cmd: blob: Instantiate RNG before running CMD_BLOB
Peng Fan (OSS)
peng.fan at oss.nxp.com
Thu Mar 25 10:30:21 CET 2021
From: Breno Lima <breno.lima at nxp.com>
U-Boot can instantiate CAAM RNG if needed by crypto operations.
Call sec_init() prior running a blob operation to ensure
RNG is correctly instantiated.
Make sure CAAM clock is enabled and check if a job ring is
available for that operation.
Signed-off-by: Breno Lima <breno.lima at nxp.com>
Reviewed-by: Ye Li <ye.li at nxp.com>
Signed-off-by: Peng Fan <peng.fan at nxp.com>
---
cmd/blob.c | 14 ++++++++++++++
include/fsl_sec.h | 3 +++
2 files changed, 17 insertions(+)
diff --git a/cmd/blob.c b/cmd/blob.c
index c80e6977b4..359c8940fb 100644
--- a/cmd/blob.c
+++ b/cmd/blob.c
@@ -9,6 +9,10 @@
#include <malloc.h>
#include <asm/byteorder.h>
#include <linux/compiler.h>
+#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7)
+#include <fsl_sec.h>
+#include <asm/arch/clock.h>
+#endif
/**
* blob_decap() - Decapsulate the data as a blob
@@ -74,6 +78,16 @@ static int do_blob(struct cmd_tbl *cmdtp, int flag, int argc,
src_ptr = (uint8_t *)(uintptr_t)src_addr;
dst_ptr = (uint8_t *)(uintptr_t)dst_addr;
+#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7)
+
+ hab_caam_clock_enable(1);
+
+ u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR +
+ FSL_CAAM_ORSR_JRa_OFFSET);
+ if (out_jr_size != FSL_CAAM_MAX_JR_SIZE)
+ sec_init();
+#endif
+
if (enc)
ret = blob_encap(km_ptr, src_ptr, dst_ptr, len);
else
diff --git a/include/fsl_sec.h b/include/fsl_sec.h
index 40f1c5b10d..c661bd6ead 100644
--- a/include/fsl_sec.h
+++ b/include/fsl_sec.h
@@ -344,6 +344,9 @@ struct sg_entry {
#define FSL_CAAM_MP_PRVK_BYTES 32
#define FSL_CAAM_MP_MES_DGST_BYTES 32
+#define FSL_CAAM_ORSR_JRa_OFFSET 0x102c
+#define FSL_CAAM_MAX_JR_SIZE 4
+
/* blob_dek:
* Encapsulates the src in a secure blob and stores it dst
* @src: reference to the plaintext
--
2.25.1
More information about the U-Boot
mailing list