[U-Boot] [PATCH 1/1] Secure Boot: Set NPSWA_EN bit for SNVS state transition to happen in EL2.
For Layerscape chasis Gen 3 based platforms, during PPA execution exception level transition happens from EL3 to EL2. While in EL2 state SNVS state doesnot changes from secure to non secure state in case of ESBC failure.
So to enable the SNVS transition in EL2 state, NPSWA_EN bit has to be set when in EL3 state.
Signed-off-by: Udit Agarwal udit.agarwal@nxp.com --- drivers/crypto/fsl/jr.c | 7 +++++++ 1 file changed, 7 insertions(+)
diff --git a/drivers/crypto/fsl/jr.c b/drivers/crypto/fsl/jr.c index 1b88229..ccd2168 100644 --- a/drivers/crypto/fsl/jr.c +++ b/drivers/crypto/fsl/jr.c @@ -8,6 +8,7 @@
#include <common.h> #include <malloc.h> +#include <fsl_sec_mon.h> #include "fsl_sec.h" #include "jr.h" #include "jobdesc.h" @@ -574,6 +575,12 @@ int sec_init_idx(uint8_t sec_idx) uint32_t liodn_s; #endif
+#if defined(CONFIG_FSL_LSCH3) && defined(CONFIG_SYS_LS_PPA_ESBC_ADDR) +#define SEC_MON_HPCOMR (CONFIG_SYS_SEC_MON_ADDR + 0x04) +#define SEC_MON_HPCOMR_NPSWA_EN 0x80000000 + sec_mon_setbits32(SEC_MON_HPCOMR, SEC_MON_HPCOMR_NPSWA_EN); +#endif + if (!(sec_idx < CONFIG_SYS_FSL_MAX_NUM_OF_SEC)) { printf("SEC initialization failed\n"); return -1;
On 02/15/2017 04:23 AM, Udit Agarwal wrote:
For Layerscape chasis Gen 3 based platforms, during PPA execution exception level transition happens from EL3 to EL2. While in EL2 state SNVS state doesnot changes from secure to non secure state in case of ESBC failure.
So to enable the SNVS transition in EL2 state, NPSWA_EN bit has to be set when in EL3 state.
Wouldn't this be better implemented in PPA firmware?
York
participants (2)
-
Udit Agarwal -
york sun