From: Marco Felsch <m.felsch@pengutronix.de>
To: Peng Fan <peng.fan@nxp.com>
Cc: Frieder Schrempf <frieder.schrempf@kontron.de>,
Pankaj Gupta <pankaj.gupta@nxp.com>,
Jonathan Corbet <corbet@lwn.net>, Rob Herring <robh@kernel.org>,
Krzysztof Kozlowski <krzk+dt@kernel.org>,
Conor Dooley <conor+dt@kernel.org>,
Shawn Guo <shawnguo@kernel.org>,
Sascha Hauer <s.hauer@pengutronix.de>,
Pengutronix Kernel Team <kernel@pengutronix.de>,
Fabio Estevam <festevam@gmail.com>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
"imx@lists.linux.dev" <imx@lists.linux.dev>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
Frank Li <frank.li@nxp.com>
Subject: Re: [PATCH v18 0/7] firmware: imx: driver for NXP secure-enclave
Date: Thu, 21 Aug 2025 12:05:08 +0200 [thread overview]
Message-ID: <20250821100508.sh35kuosczdhadpa@pengutronix.de> (raw)
In-Reply-To: <PAXPR04MB845980CB4C7EDB091495DC058832A@PAXPR04MB8459.eurprd04.prod.outlook.com>
Hi Peng,
On 25-08-21, Peng Fan wrote:
> Hi Marco,
>
> > Subject: Re: [PATCH v18 0/7] firmware: imx: driver for NXP secure-
> > enclave
> >
> > > Shawn mentioned for the v17, he wanted to test this [1]. Marco had
> > > some concerns on the general approach [2]. How can we move on?
> > >
> > > FWIW I have tested the v15 of this series with the ELE OTP driver [3]
> > > on
> > > i.MX93 and we use this currently in our downstream kernel.
> >
> > From my pov, this series causes more confusions till the ELE FW fix is
> > available because you need to be really careful during the integration
> > in case of a verified-boot setup which are the most common setups
> > these days.
> >
> > Not sure why NXP doesn't just add the OP-TEE support for the required
> > features e.g. eFuses, watchdog, HWRNG. The whole Linux part is mostly
> > in place.
>
> You mean let OP-TEE handle eFuses, watchdog, HWRNG, then linux
> relies on OP-TEE to use the features?
Exactly, due to the FW issue only one MU can be used. OP-TEE could use
the secure MU and Linux uses the features via OP-TEE because these
features are not very timing critical and some features are _only_
available through OP-TEE, e.g. writing eFuses after the device was
locked-down.
Regards,
Marco
>
> Thanks,
> Peng.
>
> >
> > Regards,
> > Marco
> >
> > >
> > > [1]
> > >
> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> > patc
> > > hwork.kernel.org%2Fproject%2Flinux-
> > mm%2Fpatch%2F20250424111632.103637-
> > > 1-
> > lorenzo.stoakes%40oracle.com%2F%2326356782&data=05%7C02%7C
> > peng.fan%4
> > >
> > 0nxp.com%7C1ac2ac137e8a41d871c508dde098450d%7C686ea1d3bc
> > 2b4c6fa92cd99c
> > >
> > 5c301635%7C0%7C0%7C638913666802700666%7CUnknown%7CTW
> > FpbGZsb3d8eyJFbXB0
> > >
> > eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiT
> > WFpbCIsIl
> > >
> > dUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=%2FSC9WU4CoKtPrVuhjL
> > uLC7trQhAcbEkaCu
> > > xohN%2FIuM0%3D&reserved=0
> > > [2]
> > >
> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> > patc
> > > hwork.kernel.org%2Fproject%2Flinux-arm-
> > kernel%2Fpatch%2F20250619-imx-s
> > > e-if-v18-3-
> > c98391ba446d%40nxp.com%2F%2326443037&data=05%7C02%7Cpe
> > ng.fa
> > >
> > n%40nxp.com%7C1ac2ac137e8a41d871c508dde098450d%7C686ea1
> > d3bc2b4c6fa92cd
> > >
> > 99c5c301635%7C0%7C0%7C638913666802714776%7CUnknown%7C
> > TWFpbGZsb3d8eyJFb
> > >
> > XB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOI
> > joiTWFpbCI
> > >
> > sIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=B%2BUZWN6OjkEu27C
> > By1%2FFKte9Uw9NQ
> > > DA%2Be9EdPZhtAUk%3D&reserved=0
> > > [3]
> > >
> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2F
> > patc
> > > hwork.kernel.org%2Fproject%2Flinux-arm-
> > kernel%2Fpatch%2F20250416142715
> > > .1042363-2-
> > frieder%40fris.de%2F&data=05%7C02%7Cpeng.fan%40nxp.com%7C1a
> > >
> > c2ac137e8a41d871c508dde098450d%7C686ea1d3bc2b4c6fa92cd99c
> > 5c301635%7C0%
> > >
> > 7C0%7C638913666802731697%7CUnknown%7CTWFpbGZsb3d8eyJFb
> > XB0eU1hcGkiOnRyd
> > >
> > WUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoy
> > fQ%3D%3
> > >
> > D%7C0%7C%7C%7C&sdata=RilSInf5N%2FfrF04qOubqT2yNjC%2FwAhy
> > Oe6GIEfwtIGs%3
> > > D&reserved=0
> > >
>
>
next prev parent reply other threads:[~2025-08-21 10:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-19 17:20 [PATCH v18 0/7] firmware: imx: driver for NXP secure-enclave Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 1/7] Documentation/firmware: add imx/se to other_interfaces Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 2/7] dt-bindings: arm: fsl: add imx-se-fw binding doc Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 3/7] firmware: imx: add driver for NXP EdgeLock Enclave Pankaj Gupta
2025-06-25 10:55 ` Marco Felsch
2025-06-27 7:11 ` [EXT] " Pankaj Gupta
2025-06-27 8:46 ` Marco Felsch
2025-06-30 10:32 ` Frieder Schrempf
2025-06-30 12:17 ` Marco Felsch
2025-07-01 10:44 ` Frieder Schrempf
2025-07-09 10:18 ` Pankaj Gupta
2025-07-14 9:41 ` Marco Felsch
2025-08-06 12:19 ` Pankaj Gupta
2025-08-06 13:27 ` Marco Felsch
2025-08-21 11:59 ` Pankaj Gupta
2025-08-21 13:21 ` Marco Felsch
[not found] ` <DU2PR04MB859982BC71F6CB8182EA1F5F9539A@DU2PR04MB8599.eurprd04.prod.outlook.com>
2025-08-29 11:33 ` Varun Sethi
2025-09-03 9:18 ` Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 4/7] firmware: imx: device context dedicated to priv Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 5/7] firmware: drivers: imx: adds miscdev Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 6/7] arm64: dts: imx8ulp: add secure enclave node Pankaj Gupta
2025-06-19 17:20 ` [PATCH v18 7/7] arm64: dts: imx8ulp-evk: add reserved memory property Pankaj Gupta
2025-06-25 10:34 ` [PATCH v18 0/7] firmware: imx: driver for NXP secure-enclave Marco Felsch
2025-08-20 13:49 ` Frieder Schrempf
2025-08-21 9:50 ` Marco Felsch
2025-08-21 9:59 ` Peng Fan
2025-08-21 10:05 ` Marco Felsch [this message]
2025-08-21 12:02 ` [EXT] " Pankaj Gupta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250821100508.sh35kuosczdhadpa@pengutronix.de \
--to=m.felsch@pengutronix.de \
--cc=conor+dt@kernel.org \
--cc=corbet@lwn.net \
--cc=devicetree@vger.kernel.org \
--cc=festevam@gmail.com \
--cc=frank.li@nxp.com \
--cc=frieder.schrempf@kontron.de \
--cc=imx@lists.linux.dev \
--cc=kernel@pengutronix.de \
--cc=krzk+dt@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pankaj.gupta@nxp.com \
--cc=peng.fan@nxp.com \
--cc=robh@kernel.org \
--cc=s.hauer@pengutronix.de \
--cc=shawnguo@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).