Re: [U-Boot] [PATCH] board: ti: am654: Disable TRNG node for HS devices
On Tue, Sep 17, 2019 at 05:15:40PM -0400, Andrew F. Davis wrote: > On HS devices the access to TRNG is restricted on the non-secure > ARM side, disable the node in DT to prevent firewall violations. > > Signed-off-by: Andrew F. Davis > Reviewed-by: Lokesh Vutla Applied to u-boot/master, thanks! -- Tom signature.asc Description: PGP signature ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH] board: ti: am654: Disable TRNG node for HS devices
On 18/09/19 2:45 AM, Andrew F. Davis wrote:
> On HS devices the access to TRNG is restricted on the non-secure
> ARM side, disable the node in DT to prevent firewall violations.
>
> Signed-off-by: Andrew F. Davis
Reviewed-by: Lokesh Vutla
Thanks and regards,
Lokesh
> ---
> arch/arm/mach-k3/common.c | 20
> arch/arm/mach-k3/include/mach/sys_proto.h | 2 ++
> board/ti/am65x/evm.c | 15 +--
> 3 files changed, 35 insertions(+), 2 deletions(-)
>
> diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
> index 3e36d90ace..c16afc654f 100644
> --- a/arch/arm/mach-k3/common.c
> +++ b/arch/arm/mach-k3/common.c
> @@ -137,6 +137,26 @@ int fdt_fixup_msmc_ram(void *blob, char *parent_path,
> char *node_name)
>
> return 0;
> }
> +
> +int fdt_disable_node(void *blob, char *node_path)
> +{
> + int offs;
> + int ret;
> +
> + offs = fdt_path_offset(blob, node_path);
> + if (offs < 0) {
> + debug("Node %s not found.\n", node_path);
> + return 0;
> + }
> + ret = fdt_setprop_string(blob, offs, "status", "disabled");
> + if (ret < 0) {
> + printf("Could not add status property to node %s: %s\n",
> +node_path, fdt_strerror(ret));
> + return ret;
> + }
> + return 0;
> +}
> +
> #endif
>
> #ifndef CONFIG_SYSRESET
> diff --git a/arch/arm/mach-k3/include/mach/sys_proto.h
> b/arch/arm/mach-k3/include/mach/sys_proto.h
> index 45832b45a1..3c825aa3d1 100644
> --- a/arch/arm/mach-k3/include/mach/sys_proto.h
> +++ b/arch/arm/mach-k3/include/mach/sys_proto.h
> @@ -14,4 +14,6 @@ struct ti_sci_handle *get_ti_sci_handle(void);
> int fdt_fixup_msmc_ram(void *blob, char *parent_path, char *node_name);
> int do_board_detect(void);
> void release_resources_for_core_shutdown(void);
> +int fdt_disable_node(void *blob, char *node_path);
> +
> #endif
> diff --git a/board/ti/am65x/evm.c b/board/ti/am65x/evm.c
> index e01adcd642..ad333ad883 100644
> --- a/board/ti/am65x/evm.c
> +++ b/board/ti/am65x/evm.c
> @@ -96,10 +96,21 @@ int ft_board_setup(void *blob, bd_t *bd)
> int ret;
>
> ret = fdt_fixup_msmc_ram(blob, "/interconnect@10", "sram@7000");
> - if (ret)
> + if (ret) {
> printf("%s: fixing up msmc ram failed %d\n", __func__, ret);
> + return ret;
> + }
>
> - return ret;
> +#if defined(CONFIG_TI_SECURE_DEVICE)
> + /* Make HW RNG reserved for secure world use */
> + ret = fdt_disable_node(blob, "/interconnect@10/trng@4e1");
> + if (ret) {
> + printf("%s: disabling TRGN failed %d\n", __func__, ret);
> + return ret;
> + }
> +#endif
> +
> + return 0;
> }
> #endif
>
>
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH] board: ti: am654: Disable TRNG node for HS devices
On HS devices the access to TRNG is restricted on the non-secure
ARM side, disable the node in DT to prevent firewall violations.
Signed-off-by: Andrew F. Davis
---
arch/arm/mach-k3/common.c | 20
arch/arm/mach-k3/include/mach/sys_proto.h | 2 ++
board/ti/am65x/evm.c | 15 +--
3 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
index 3e36d90ace..c16afc654f 100644
--- a/arch/arm/mach-k3/common.c
+++ b/arch/arm/mach-k3/common.c
@@ -137,6 +137,26 @@ int fdt_fixup_msmc_ram(void *blob, char *parent_path, char
*node_name)
return 0;
}
+
+int fdt_disable_node(void *blob, char *node_path)
+{
+ int offs;
+ int ret;
+
+ offs = fdt_path_offset(blob, node_path);
+ if (offs < 0) {
+ debug("Node %s not found.\n", node_path);
+ return 0;
+ }
+ ret = fdt_setprop_string(blob, offs, "status", "disabled");
+ if (ret < 0) {
+ printf("Could not add status property to node %s: %s\n",
+ node_path, fdt_strerror(ret));
+ return ret;
+ }
+ return 0;
+}
+
#endif
#ifndef CONFIG_SYSRESET
diff --git a/arch/arm/mach-k3/include/mach/sys_proto.h
b/arch/arm/mach-k3/include/mach/sys_proto.h
index 45832b45a1..3c825aa3d1 100644
--- a/arch/arm/mach-k3/include/mach/sys_proto.h
+++ b/arch/arm/mach-k3/include/mach/sys_proto.h
@@ -14,4 +14,6 @@ struct ti_sci_handle *get_ti_sci_handle(void);
int fdt_fixup_msmc_ram(void *blob, char *parent_path, char *node_name);
int do_board_detect(void);
void release_resources_for_core_shutdown(void);
+int fdt_disable_node(void *blob, char *node_path);
+
#endif
diff --git a/board/ti/am65x/evm.c b/board/ti/am65x/evm.c
index e01adcd642..ad333ad883 100644
--- a/board/ti/am65x/evm.c
+++ b/board/ti/am65x/evm.c
@@ -96,10 +96,21 @@ int ft_board_setup(void *blob, bd_t *bd)
int ret;
ret = fdt_fixup_msmc_ram(blob, "/interconnect@10", "sram@7000");
- if (ret)
+ if (ret) {
printf("%s: fixing up msmc ram failed %d\n", __func__, ret);
+ return ret;
+ }
- return ret;
+#if defined(CONFIG_TI_SECURE_DEVICE)
+ /* Make HW RNG reserved for secure world use */
+ ret = fdt_disable_node(blob, "/interconnect@10/trng@4e1");
+ if (ret) {
+ printf("%s: disabling TRGN failed %d\n", __func__, ret);
+ return ret;
+ }
+#endif
+
+ return 0;
}
#endif
--
2.17.1
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
