On 26/01/2018 17:27, Bryan O'Donoghue wrote:
This patch adds a sec_init call into arch_misc_init(). Doing so in conjunction with the patch "drivers/crypto/fsl: assign job-rings to non-TrustZone" enables use of the CAAM in Linux when OPTEE/TrustZone is active.
u-boot will initialise the RNG and assign ownership of the job-ring registers to a non-TrustZone context. With recent changes by Lukas Auer to fully initialize the RNG in sec_init() this means that u-boot will hand-off the CAAM in a state that Linux then can use the CAAM without touching the reserved DECO registers.
This change is safe both for the OPTEE/TrustZone boot path and the regular non-OPTEE/TrustZone boot path.
Signed-off-by: Bryan O'Donoghue bryan.odonoghue@linaro.org Cc: Fabio Estevam fabio.estevam@nxp.com Cc: Peng Fan peng.fan@nxp.com Cc: Marco Franchi marco.franchi@nxp.com Cc: Vanessa Maegima vanessa.maegima@nxp.com Cc: Stefano Babic sbabic@denx.de Cc: Lukas Auer lukas.auer@aisec.fraunhofer.de
arch/arm/mach-imx/mx7/soc.c | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/arch/arm/mach-imx/mx7/soc.c b/arch/arm/mach-imx/mx7/soc.c index d160e80..d444046 100644 --- a/arch/arm/mach-imx/mx7/soc.c +++ b/arch/arm/mach-imx/mx7/soc.c @@ -17,6 +17,7 @@ #include <asm/arch/crm_regs.h> #include <dm.h> #include <imx_thermal.h> +#include <fsl_sec.h>
#if defined(CONFIG_IMX_THERMAL) static const struct imx_thermal_plat imx7_thermal_plat = { @@ -262,6 +263,10 @@ int arch_misc_init(void) env_set("soc", "imx7s"); #endif
+#ifdef CONFIG_FSL_CAAM
- sec_init();
+#endif
- return 0;
} #endif
Applied to u-boot-imx, thanks !
Best regards, Stefano Babic