On Fri, 2018-01-26 at 12:24 +0000, Bryan O'Donoghue wrote: > This patch adds a sec_init call into arch_misc_init(). Doing so in > conjunction with the patch "drivers/crypto/fsl: assign job-rings to > non-TrustZone" enables use of the CAAM in Linux when OPTEE/TrustZone > is > active. > > u-boot will initialise the RNG and assign ownership of the job-ring > registers to a non-TrustZone context. With recent changes by Lukas > Auer to > fully initialize the RNG in sec_init() this means that u-boot will > hand-off > the CAAM in a state that Linux then can use the CAAM without touching > the > reserved DECO registers. > > This change is safe both for the OPTEE/TrustZone boot path and the > regular > non-OPTEE/TrustZone boot path. > > Signed-off-by: Bryan O'Donoghue <bryan.odonog...@linaro.org> > Cc: Fabio Estevam <fabio.este...@nxp.com> > Cc: Peng Fan <peng....@nxp.com> > Cc: Marco Franchi <marco.fran...@nxp.com> > Cc: Vanessa Maegima <vanessa.maeg...@nxp.com> > Cc: Stefano Babic <sba...@denx.de> > Cc: Lukas Auer <lukas.a...@aisec.fraunhofer.de> > --- > arch/arm/mach-imx/mx7/soc.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach- > imx/mx7/soc.c > index d160e80..9023540 100644 > --- a/arch/arm/mach-imx/mx7/soc.c > +++ b/arch/arm/mach-imx/mx7/soc.c > @@ -262,6 +262,10 @@ int arch_misc_init(void) > env_set("soc", "imx7s"); > #endif > > +#ifdef CONFIG_FSL_CAAM > + sec_init(); > +#endif > + > return 0; > } > #endif
I get an implicit declaration warning for sec_init() with this patch due to a missing include for fsl_sec.h. Other than that CAAM works on my imx7d board in non-secure mode (the driver probes successfully and I can use it with openssl speed). Tested-by: Lukas Auer <lukas.a...@aisec.fraunhofer.de> _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot