cmd: blob: Instantiate RNG before running CMD_BLOB

U-Boot can instantiate CAAM RNG if needed by crypto operations.
Call sec_init() prior running a blob operation to ensure
RNG is correctly instantiated.

Make sure CAAM clock is enabled and check if a job ring is
available for that operation.

Signed-off-by: Breno Lima <breno.lima@nxp.com>
Reviewed-by: Ye Li <ye.li@nxp.com>
Signed-off-by: Peng Fan <peng.fan@nxp.com>
This commit is contained in:
Breno Lima 2021-03-25 17:30:21 +08:00 committed by Stefano Babic
parent 4e682d555d
commit 81d5605a86
2 changed files with 17 additions and 0 deletions

View file

@ -9,6 +9,10 @@
#include <malloc.h> #include <malloc.h>
#include <asm/byteorder.h> #include <asm/byteorder.h>
#include <linux/compiler.h> #include <linux/compiler.h>
#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7)
#include <fsl_sec.h>
#include <asm/arch/clock.h>
#endif
/** /**
* blob_decap() - Decapsulate the data as a blob * blob_decap() - Decapsulate the data as a blob
@ -74,6 +78,16 @@ static int do_blob(struct cmd_tbl *cmdtp, int flag, int argc,
src_ptr = (uint8_t *)(uintptr_t)src_addr; src_ptr = (uint8_t *)(uintptr_t)src_addr;
dst_ptr = (uint8_t *)(uintptr_t)dst_addr; dst_ptr = (uint8_t *)(uintptr_t)dst_addr;
#if defined(CONFIG_ARCH_MX6) || defined(CONFIG_ARCH_MX7)
hab_caam_clock_enable(1);
u32 out_jr_size = sec_in32(CONFIG_SYS_FSL_JR0_ADDR +
FSL_CAAM_ORSR_JRa_OFFSET);
if (out_jr_size != FSL_CAAM_MAX_JR_SIZE)
sec_init();
#endif
if (enc) if (enc)
ret = blob_encap(km_ptr, src_ptr, dst_ptr, len); ret = blob_encap(km_ptr, src_ptr, dst_ptr, len);
else else

View file

@ -344,6 +344,9 @@ struct sg_entry {
#define FSL_CAAM_MP_PRVK_BYTES 32 #define FSL_CAAM_MP_PRVK_BYTES 32
#define FSL_CAAM_MP_MES_DGST_BYTES 32 #define FSL_CAAM_MP_MES_DGST_BYTES 32
#define FSL_CAAM_ORSR_JRa_OFFSET 0x102c
#define FSL_CAAM_MAX_JR_SIZE 4
/* blob_dek: /* blob_dek:
* Encapsulates the src in a secure blob and stores it dst * Encapsulates the src in a secure blob and stores it dst
* @src: reference to the plaintext * @src: reference to the plaintext