Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp4314078ybl; Mon, 9 Dec 2019 08:48:13 -0800 (PST) X-Google-Smtp-Source: APXvYqysp0F8ycyitJLt0CIS0UVLhqPWyZy4scRaf+84q+0tljirbz1rMuyh/MUtUhSpE+6OuGug X-Received: by 2002:a9d:7:: with SMTP id 7mr20236960ota.26.1575910092988; Mon, 09 Dec 2019 08:48:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575910092; cv=none; d=google.com; s=arc-20160816; b=oC1R1rf5Q9FMIs3FFrv0Q/6MdvfZsQAsJ0NqJuiKAerOVAB9G2w1wAR52W7urv6Va5 RO2sfLOihS6qaWgCs8HTv9XIBc4PF4FqFG9vlmzquUPue2lQgBkafjX0w6AdT2ThVaWE p9Q3C3LlwL5pqODJmnNQ+HLl6aobJBZSSYdVtdm8Q7RTX+Qe6X+xskvDMYSh3BYFAKre mMkmXnKu8zeGySIQk+yeO7cjfSF7zcg5hyeuHiN0/llLZ1AWKi+mCfi62V+VBhgnQtIQ /7yu4cu10kuV0UqfQ/j5Wm9udLDKLvRdfw/UCawfcbBxD5nGmCKqWcwMVGziIkbd6ZmE cR0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=XHum4FDJDIcgTeOwvhbTJMdsl7kGHy76x1fPGptU0Ec=; b=vYrgBgOrzyS9pc97D202epr0mkOHa/miRaitQv4bU5yEQGAtYuVNePJaMw1bMKQEVZ OCdni6sMfzrEkPUmEO22Rr8mx5KT9/PJOhGjBwrdd4dwY+KOxSa+0OaxSymgzjGpzbXD tkp7F3XfiPuEOQKHANBkfIPa4LcTnN5u2T79/54aMbVGJFDg+16ohPn8Ns0XrOF32z5D K2PUM1VKdIVRiq+xyFLTpIDBAmecp9Y0YE8fK9MOwLfanWhbjUSdmHFJ82v6lWBl38Ie gdmI9yTiNhNnwbnjgbPi0umULwv/sBXfoMxucob1s4rK3vw/ersS7OxyusJshW3ZBWJt 19ng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=udziYz2d; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w16si181638oih.154.2019.12.09.08.48.00; Mon, 09 Dec 2019 08:48:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=udziYz2d; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726642AbfLIQr1 (ORCPT + 99 others); Mon, 9 Dec 2019 11:47:27 -0500 Received: from mail-io1-f65.google.com ([209.85.166.65]:39636 "EHLO mail-io1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726230AbfLIQr0 (ORCPT ); Mon, 9 Dec 2019 11:47:26 -0500 Received: by mail-io1-f65.google.com with SMTP id c16so15468735ioh.6; Mon, 09 Dec 2019 08:47:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=XHum4FDJDIcgTeOwvhbTJMdsl7kGHy76x1fPGptU0Ec=; b=udziYz2dZA3xvFqA3QmslCERX0mkXTBQnwhiY585MQJ/oxeg4n8eBFiLdH/jTCa9VF QMeKhP4j8Whn63LiUzZk2afaYl18gR8ZiV/okxSNcgW4FTki5hTkdPIVMkHS5g9eH9M4 zHhZs425J0FiJkW884QLhuPZrgc67h4LbuvWSNeMWR5+AZ7dlAVzXsZOQaLMbTbiIlKy iXX64YMFlMeM4nFli7q6FzA+0hH75n4/Fj2xusjLxbAVzrwTbNGX4punKE1HosatLHxd wngfe/KRWwgURMfP+qbt0/t/FaozZl/F9FCgTNtMcxictPVnzFGKaa2DngeaYwBGqcdT 04dA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XHum4FDJDIcgTeOwvhbTJMdsl7kGHy76x1fPGptU0Ec=; b=GWwUmQ3r6Uiza/CHpGybLGQz1Zv18i+Jy45kn+KnQhE2Q8J3mts1T8EYxrnsdHhLpS 51SUpcETvq+p2fYxfbJ4JeYWbvLqBoHQO5U64+qKFerFi+xqvotyCQAYVYEuWKPVu38M vOQGu6TO/PFrZm4GPICdXtMQs7shtw3RjBjAkry//Zj1FgMCcdb9cibX9XmG/0PVBnKn IDUBJSX1lILT5TQ6gChVzxQEfR/WyBvsMNvRqoSgoKRCcXsh71HptMGoPxXM+kiwNqJA JfLGXBk91C5WyhJlH9i+queLP7sHP3yVREjbMMhT8Aer3C8UjtB70dP/FV+jZOhnc1gd P7QA== X-Gm-Message-State: APjAAAWvAJrh0IVpZrOyufEEgnWWMaWl5YTDC8KoNXADwB9s3QNXdB03 4hLOxMo+B+KiIm0dZW+UUa6BECiwDOBIYDvj+hE= X-Received: by 2002:a02:13c2:: with SMTP id 185mr21935228jaz.0.1575910045615; Mon, 09 Dec 2019 08:47:25 -0800 (PST) MIME-Version: 1.0 References: <20191130225153.30111-1-aford173@gmail.com> <20191130225153.30111-2-aford173@gmail.com> In-Reply-To: From: Adam Ford Date: Mon, 9 Dec 2019 10:47:14 -0600 Message-ID: Subject: Re: [PATCH 2/2] arm64: dts: imx8mm: Add Crypto CAAM support To: Horia Geanta Cc: "linux-crypto@vger.kernel.org" , Rob Herring , Mark Rutland , Shawn Guo , Sascha Hauer , Pengutronix Kernel Team , Fabio Estevam , dl-linux-imx , Aymen Sghaier , Herbert Xu , "David S. Miller" , "devicetree@vger.kernel.org" , "linux-arm-kernel@lists.infradead.org" , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Dec 9, 2019 at 10:23 AM Horia Geanta wrote: > > On 12/1/2019 12:52 AM, Adam Ford wrote: > > The i.MX8M Mini supports the same crypto engine as what is in > > the i.MX8MQ, but it is not currently present in the device tree, > > because it may be resricted by security features. > > > What exactly are you referring to? I don't know this hardware very well, but on a different platform, we needed to make the crypto engines as disabled if they were being accessed through secure operations which made it unavailable to Linux without using some special barriers. I didn't have the special hardware on the other platform that required it that way, so I can't really explain it well. I know on those special cases, because some people were accessing these registers through other means, the devices had to be marked as 'disabled' so to avoid breaking something. Since I wasn't sure if this was left out of the i.MX8M Mini on purpose, I let this disabled just in case this hardware platform was also affected in a similar and people wanting to use it could mark it as 'okay' adam > > > This patch places in into the device tree and marks it as disabled, > > but anyone not restricting the CAAM with secure mode functions > > can mark it as enabled. > > > Even if - due to export control regulations - CAAM is "trimmed down", > it loses only the encryption capabilities (hashing etc. still working). > > Again, please clarify what you mean by "secure mode functions", > "security features" etc. > > Horia