On Thu, Sep 01, 2016 at 01:04:37AM -0400, Madan Srinivas wrote:
From: Vitaly Andrianov vitalya@ti.com
This commit implements the board_fit_image_post_process() function for the keystone architecture. Unlike OMAP class devices, security functions in keystone are not handled in the ROM. The interface to the secure functions is TI proprietary and depending on the keystone platform, the security functions like encryption, decryption and authentication might even be offloaded to other secure processing elements in the SoC. The boot monitor acts as the gateway to these secure functions and the boot monitor for secure devices is available as part of the SECDEV package for KS2. For more details refer doc/README.ti-secure
Signed-off-by: Vitaly Andrianov vitalya@ti.com Signed-off-by: Madan Srinivas madans@ti.com
Cc: Lokesh Vutla lokeshvutla@ti.com Cc: Dan Murphy dmurphy@ti.com
First, what is done to ensure that the magic blob we're offloading to isn't malicious? Second, this appears to be missing cache flushes that're done in arch/arm/cpu/armv7/omap-common/sec-common.c and, well, why can't we re-use the existing code? Given how rarely IP blocks are written from scratch rather than being an evolution of a previous block I can't imagine that we can't make the code there be re-used nor that we don't need / couldn't use the flushing and alignment checks nor status messages. Thanks!