[PATCH 2/3] crypto/fsl: Introduce SPL_FSL_CAAM_RNG

Heinrich Schuchardt xypron.glpk at gmx.de
Fri Apr 26 21:31:25 CEST 2024 

On 4/26/24 19:34, Tim Harvey wrote:
> On Fri, Apr 26, 2024 at 7:45 AM Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>>
>> On 26.04.24 06:03, Marek Vasut wrote:
>>> On 4/26/24 2:16 AM, Tim Harvey wrote:
>>>
>>>>> diff --git a/drivers/crypto/fsl/Makefile b/drivers/crypto/fsl/Makefile
>>>>> index 7a2543e16cc..4fbce519a0b 100644
>>>>> --- a/drivers/crypto/fsl/Makefile
>>>>> +++ b/drivers/crypto/fsl/Makefile
>>>>> @@ -6,6 +6,6 @@ obj-y += sec.o
>>>>>    obj-$(CONFIG_FSL_CAAM) += jr.o fsl_hash.o jobdesc.o error.o
>>>>>    obj-$(CONFIG_CMD_BLOB)$(CONFIG_IMX_CAAM_DEK_ENCAP) += fsl_blob.o
>>>>>    obj-$(CONFIG_RSA_FREESCALE_EXP) += fsl_rsa.o
>>>>> -obj-$(CONFIG_FSL_CAAM_RNG) += rng.o
>>>>> +obj-$(CONFIG_$(SPL_TPL_)FSL_CAAM_RNG) += rng.o
>>>>>    obj-$(CONFIG_FSL_DCP_RNG) += dcp_rng.o
>>>>>    obj-$(CONFIG_FSL_MFGPROT) += fsl_mfgprot.o
>>>>> --
>>>>> 2.43.0
>>>>>
>>>>
>>>> Marek,
>>>
>>> Hi,
>>>
>>>> Thanks - this series does solve the issue I am seeing in the SPL when
>>>> enabling DM_RNG. Is this going to cause an issue for people who expect
>>>> it to be currently enabled and now have to manually enable it?
>>>
>>> That's a good question. If I do '$ git grep FSL_CAAM_RNG' , there seem
>>> to be no users, so I don't think we need to worry here, right ?
>>>
>>> With SPL_DM_RNG i.e. 1/3 I am a bit more concerned. But, looking at the
>>> users that enable DM_RNG, I am not seeing any obvious ones that would
>>> require SPL_DM_RNG too. What do you think ?
>>
>> Grepping for UCLASS_RNG should find usages.
>>
>> The only possible SPL usage seems to be in net/net_rand.h. Here a
>> fallback to the mac address as seed exists.
>>
>> Best regards
>>
>> Heinrich
>>
>
> Hi Heinrich,
>
> looks like its also used in lib/uuid.c by CONFIG_RANDOM_UUID and the
> few configs have CONFIG_RANDOM_UUID=y do not have DM_RNG=y so not an
> issue.
>
> srand_mac is used in:
> net/bootp.c which is CONFIG_CMD_BOOTP so not SPL
> net/dhcpv6.c which is CONIFG_CMD_DHCP6 so not in SPL
> net/net.c which is used by CONFIG_SPL_DM_ETH and the fallback you
> refer to but 'git grep DM_RNG=y configs/ | cut -d: -f1 | xargs grep
> SPL_DM_ETH' shows no results so I think this is ok right?
>
> but I also see lib/efi_loader/efi_rng.c where UCLASS_RNG used by
> efi_rng_protocol - I don't know anything about efi... is this going to
> be used by SPL?

UEFI is only relevant in main U-Boot. The EFI_RNG_PROTOCOL is used for
KASLR by Linux but you can boot without it.

Best regards

Heinrich

More information about the U-Boot mailing list