[0/3] Add crypto nodes for J7200 and AM64x

Message ID	20210514210725.32720-1-s-anna@ti.com (mailing list archive)
Headers	show Return-Path: <SRS0=3VtK=KJ=lists.infradead.org=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9421D61352 From: Suman Anna <s-anna@ti.com> To: Nishanth Menon <nm@ti.com>, Tero Kristo <kristo@kernel.org> Subject: [PATCH 0/3] Add crypto nodes for J7200 and AM64x Date: Fri, 14 May 2021 16:07:21 -0500 Message-ID: <20210514210725.32720-1-s-anna@ti.com> MIME-Version: 1.0 Precedence: list Cc: devicetree@vger.kernel.org, Gowtham Tammana <g-tammana@ti.com>, Praneeth Bajjuri <praneeth@ti.com>, Vaibhav Gupta <v_gupta@ti.com>, linux-arm-kernel@lists.infradead.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org> Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org
Series	Add crypto nodes for J7200 and AM64x \| expand [0/3] Add crypto nodes for J7200 and AM64x [1/3] arm64: dts: ti: k3-j7200-mcu: Add the mcu sa2ul crypto node [2/3] arm64: dts: ti: k3-am64: Add SA2UL address space to Main CBASS ranges [3/3] arm64: dts: ti: k3-am64-main: Enable crypto accelerator

Message ID

20210514210725.32720-1-s-anna@ti.com (mailing list archive)

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9421D61352
From: Suman Anna <s-anna@ti.com>
To: Nishanth Menon <nm@ti.com>, Tero Kristo <kristo@kernel.org>
Subject: [PATCH 0/3] Add crypto nodes for J7200 and AM64x
Date: Fri, 14 May 2021 16:07:21 -0500
Message-ID: <20210514210725.32720-1-s-anna@ti.com>
MIME-Version: 1.0
Precedence: list
Cc: devicetree@vger.kernel.org, Gowtham Tammana <g-tammana@ti.com>,
 Praneeth Bajjuri <praneeth@ti.com>, Vaibhav Gupta <v_gupta@ti.com>,
 linux-arm-kernel@lists.infradead.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Series

Add crypto nodes for J7200 and AM64x | expand

Message

Suman Anna May 14, 2021, 9:07 p.m. UTC

Hi Nishanth,

The following series adds the crypto nodes including the underlying
rng nodes for J7200 and AM64x SoCs. Patches are on top of 5.13-rc1.

Note that AM64x supports only a limited number of algos compared to
the other K3 SoCs. The AM64x driver support accounting for this is
merged in v5.13-rc1. Also, the IP appears at the same address on
J7200 and AM64x but is in different domains.

I have verified the basic crypto self-tests, extra-tests and some
basic tcrypt tests on both J7200 EVM and AM64x EVM boards.

regards
Suman

Peter Ujfalusi (2):
  arm64: dts: ti: k3-j7200-mcu: Add the mcu sa2ul crypto node
  arm64: dts: ti: k3-am64-main: Enable crypto accelerator

Suman Anna (1):
  arm64: dts: ti: k3-am64: Add SA2UL address space to Main CBASS ranges

 arch/arm64/boot/dts/ti/k3-am64-main.dtsi      | 19 ++++++++++++++++++
 arch/arm64/boot/dts/ti/k3-am64.dtsi           |  1 +
 .../boot/dts/ti/k3-j7200-mcu-wakeup.dtsi      | 20 +++++++++++++++++++
 3 files changed, 40 insertions(+)

Comments

Nishanth Menon May 14, 2021, 10:11 p.m. UTC | #1

On 16:07-20210514, Suman Anna wrote:
> The following series adds the crypto nodes including the underlying
> rng nodes for J7200 and AM64x SoCs. Patches are on top of 5.13-rc1.
> 
> Note that AM64x supports only a limited number of algos compared to
> the other K3 SoCs. The AM64x driver support accounting for this is
> merged in v5.13-rc1. Also, the IP appears at the same address on
> J7200 and AM64x but is in different domains.
> 
> I have verified the basic crypto self-tests, extra-tests and some
> basic tcrypt tests on both J7200 EVM and AM64x EVM boards.
> 

Thanks..

While this is an appropriate description for a subset of hardware,
this maybe missing the pieces needed for certain "high security"
(HS-*) device variants. Public channels, shared data flows and lack of
full control on RNG (we can read RNG, but not seed it) come to mind
immediately and further, I am not completely sure I understand how
this plays well with DKEK with OPTEE.

I know that u-boot does have capability to disable some of these, but:
a) TF-A can definitely boot to linux kernel without the need for u-boot.
b) We still need to be able to leverage h/w acceleration support that
   the high security devices is already capable of.

As a result, I am not entirely sure what we can do with this series
without breaking existing "high-security" devices (which can boot mainline
linux today with TF-A).