From: Breno Lima <[email protected]> U-Boot can instantiate CAAM RNG if needed by crypto operations. Call sec_init() prior running a blob operation to ensure RNG is correctly instantiated.
Make sure CAAM clock is enabled and check if a job ring is available for that operation. Signed-off-by: Breno Lima <[email protected]> Reviewed-by: Ye Li <[email protected]> Signed-off-by: Peng Fan <[email protected]> --- cmd/blob.c | 14 ++++++++++++++ include/fsl_sec.h | 3 +++ 2 files changed, 17 insertions(+) diff --git a/cmd/blob.c b/cmd/blob.c index c80e6977b4..359c8940fb 100644 --- a/cmd/blob.c +++ b/cmd/blob.c @@ -9,6 +9,10 @@ #include <malloc.h> #include <asm/byteorder.h> #include <linux/compiler.h> +#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7) +#include <fsl_sec.h> +#include <asm/arch/clock.h> +#endif /** * blob_decap() - Decapsulate the data as a blob @@ -74,6 +78,16 @@ static int do_blob(struct cmd_tbl *cmdtp, int flag, int argc, src_ptr = (uint8_t *)(uintptr_t)src_addr; dst_ptr = (uint8_t *)(uintptr_t)dst_addr; +#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7) + + hab_caam_clock_enable(1); + + u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR + + FSL_CAAM_ORSR_JRa_OFFSET); + if (out_jr_size != FSL_CAAM_MAX_JR_SIZE) + sec_init(); +#endif + if (enc) ret = blob_encap(km_ptr, src_ptr, dst_ptr, len); else diff --git a/include/fsl_sec.h b/include/fsl_sec.h index 40f1c5b10d..c661bd6ead 100644 --- a/include/fsl_sec.h +++ b/include/fsl_sec.h @@ -344,6 +344,9 @@ struct sg_entry { #define FSL_CAAM_MP_PRVK_BYTES 32 #define FSL_CAAM_MP_MES_DGST_BYTES 32 +#define FSL_CAAM_ORSR_JRa_OFFSET 0x102c +#define FSL_CAAM_MAX_JR_SIZE 4 + /* blob_dek: * Encapsulates the src in a secure blob and stores it dst * @src: reference to the plaintext -- 2.25.1
