Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp2478977ybl; Sat, 31 Aug 2019 16:13:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqyyDqSiR734AfaOExsg1x8Jdj+4kNsEZOHB6923nsuymfIEZCvyeychKEBxMP8PFhIzVm8O X-Received: by 2002:a17:90a:1a1a:: with SMTP id 26mr5961346pjk.118.1567293202782; Sat, 31 Aug 2019 16:13:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567293202; cv=none; d=google.com; s=arc-20160816; b=ZoaidCQvbFuP5FFbDBNyLQIfE9a6U3hWf/ZBWZMIyubpMl+6r8GLJ/QaGwVMdq6sdf GtRnAvUx0Wg93WiOFb+M/CjXWGgiuEkpHqo9iYMQzgWDmQn+VL3QHYpkQ2ax7SIGNQ6M FpWdGZGhn7d/ZJrH6ky/MwpqM5oIL9dLTpwJP7Vf68XlzmtorQ8+NLaO+00pnVXrYM+T bVMvunb1rzPAmsUjZuCTpQFyybvDmpRTwrY6pyQf8WQquY3TAJFpSxFtzLXWQ5J0gt5I iYyRdk0jdnpt23oRzb57p3MzzD/KVMmAJCVJgqyq0VAJorgmcH6Ypp7rAQ8YrNmo8RMk B8tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=n9vAvIvDg+5o7nNM8viR5mXvfUGXm/JZTZklZxaL58k=; b=o0JJeFVpLPABKUuf1hv49P3WFjKkfEfUzWWP4jTiLuYOfoTKnAIIOhUGpL2gqcripB DDDTbrAtVXk9OzJATnuTnx0vBWtR0WZXUlpuiZcWGbXydmfd+qMC9BXBjrN6LNUL3SsC 7gRdwGpD6Rmfy49K4ve3747UDBUOH7jOvKy59llCqVxCPSlrVFtZlhrHJ2lQDOyRodBh gb9EDONahg5G0R0lNSevb3re3HDb9SGfgL//dqP05rsqdLs+q7oXT7W+3J/Qp472/r29 VytmqVFbzV/NAT6o3e7DXK3flf7zNFWLtR7OwxcpgUCop8cVASwcMS7DbrfGzxrHThWR 6uLw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x3si8581329plb.313.2019.08.31.16.12.28; Sat, 31 Aug 2019 16:13:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727642AbfHaXE7 (ORCPT + 99 others); Sat, 31 Aug 2019 19:04:59 -0400 Received: from gloria.sntech.de ([185.11.138.130]:48908 "EHLO gloria.sntech.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726730AbfHaXE6 (ORCPT ); Sat, 31 Aug 2019 19:04:58 -0400 Received: from [88.128.80.160] (helo=phil.localnet) by gloria.sntech.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1i4CQJ-0002xc-OE; Sun, 01 Sep 2019 01:04:49 +0200 From: Heiko Stuebner To: Elon Zhang Cc: mark.rutland@arm.com, robh+dt@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, devicetree@vger.kernel.org, linux-rockchip@lists.infradead.org Subject: Re: [PATCH v1 1/1] ARM: dts: rockchip: set crypto default disabled on rk3288 Date: Sun, 01 Sep 2019 01:04:31 +0200 Message-ID: <3345609.Z0LLm6LDBC@phil> In-Reply-To: <3b9cbffa-291e-fc95-bce6-5b24f5fd860d@rock-chips.com> References: <20190827071439.14767-1-zhangzj@rock-chips.com> <4806912.UyKsYhR33o@phil> <3b9cbffa-291e-fc95-bce6-5b24f5fd860d@rock-chips.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Elon, Am Donnerstag, 29. August 2019, 13:31:00 CEST schrieb Elon Zhang: > On 8/27/2019 22:28, Heiko Stuebner wrote: > > Am Dienstag, 27. August 2019, 09:14:39 CEST schrieb Elon Zhang: > >> Not every board needs to enable crypto node, so the node should > >> be set default disabled in rk3288.dtsi and enabled in specific > >> board dts file. > > Can you give a bit more rationale here? There would need to be a very > > specific reason because of the following: > > > > The crypto module is not wired to some board-specific components, > > so its usability does not depend on the specific board at all. > > Instead every board can just use it out of the box and the devicetree > > is supposed to describe the hardware and is _not_ meant as a space > > for user configuration. > > Right for almost all normal hardware modules but the crypto module was > designed > > for secure world. As a result, the crypto module will become > inaccessible for linux kernel if secure world enable it. > > We plan to enable the crypto module in secure world so we should set > crypto module default disabled in linux kernel. ok ... I'm halfway convinced ;-) . The big thing I want to see is that secure setting in the actual firmware. Aka right now you probably have that in your Rockchip-specific ATF fork and I really want to see the relevant change for public uboot or ATF. I don't necessarily require it to be fully merged before taking this, but I really want to see the change either on a mailing list or atf gerrit instance [that makes the crypto engine secure only]. Rationale behind this is that we don't care very much about private stuff that the general ecosystem doesn't benefit from. Thanks Heiko > > So in fact the status property should probably go away completely from > > the crypto node, as it's usable out of the box in all cases. > > > > > > Heiko > > > > > > > >> Signed-off-by: Elon Zhang > >> --- > >> arch/arm/boot/dts/rk3288.dtsi | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/arch/arm/boot/dts/rk3288.dtsi b/arch/arm/boot/dts/rk3288.dtsi > >> index cc893e154fe5..d509aa24177c 100644 > >> --- a/arch/arm/boot/dts/rk3288.dtsi > >> +++ b/arch/arm/boot/dts/rk3288.dtsi > >> @@ -984,7 +984,7 @@ > >> clock-names = "aclk", "hclk", "sclk", "apb_pclk"; > >> resets = <&cru SRST_CRYPTO>; > >> reset-names = "crypto-rst"; > >> - status = "okay"; > >> + status = "disabled"; > >> }; > >> > >> iep_mmu: iommu@ff900800 { > >> > > > > > > > > > > > > > > >