Re: [PATCH] arm64: dts: ti: k3-am62p-j722s: add rng node

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Michael Walle" <mwalle@kernel.org>
To: "Manorit Chawdhry" <m-chawdhry@ti.com>
Cc: "Kumar, Udit" <u-kumar1@ti.com>, "Nishanth Menon" <nm@ti.com>,
	"Vignesh Raghavendra" <vigneshr@ti.com>,
	"Tero Kristo" <kristo@kernel.org>,
	"Rob Herring" <robh@kernel.org>,
	"Krzysztof Kozlowski" <krzk+dt@kernel.org>,
	"Conor Dooley" <conor+dt@kernel.org>,
	<linux-arm-kernel@lists.infradead.org>,
	<devicetree@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] arm64: dts: ti: k3-am62p-j722s: add rng node
Date: Thu, 10 Apr 2025 13:26:44 +0200	[thread overview]
Message-ID: <D92X7T33NU3T.VSZM5K7U602S@kernel.org> (raw)
In-Reply-To: <20250409103303.dkrrvp7mdctx32pd@uda0497581-HP>

[-- Attachment #1: Type: text/plain, Size: 2532 bytes --]

Hi Manorit,

> > > > > > > > --- a/arch/arm64/boot/dts/ti/k3-am62p-j722s-common-main.dtsi
> > > > > > > > [..]
> > > > > > > For completeness , this is ok to add this node but
> > > > > > > should be kept disabled
> > > > > > Shouldn't it be "reserved" then, see [1].
> > > > > yes, should be reserved.
> > > > > 
> > > > > With marking status as reserved.
> > > > > 
> > > > > Please use Reviewed-by: Udit Kumar <u-kumar1@ti.com>
> > > > Thanks.
> > > > 
> > > > > > > similar to
> > > > > > > 
> > > > > > > https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/ti/k3-j7200-mcu-wakeup.dtsi#L662
> > > > > > j784s4, j721e and j721s2 have them enabled. What is the rule here?
> > > > > J784s4, j721e and j721s2 SOCs has two TRNG blocks,
> > > > > 
> > > > > example for j721e, one is used by kernel [0] and another by
> > > > > optee [1].
> > > > > 
> > > > > 
> > > > > > You also disable the hwrng in optee in your evm according to [2]:
> > > > > > CFG_WITH_SOFTWARE_PRNG=y
> > > > > We are planning to use this hardware block by secure firmware.
> > > > > 
> > > > > Therefore request not to use by optee as well
> > > > How will you be able to access the RNG from linux and u-boot? I'm
> > > > asking because I'll need it in u-boot for the lwip stack and the
> > > > HTTPS protocol.
> > > 
> > > For now,  If you need TRNG then I can suggest to use optee TRNG (ie
> > > build
> > > optee with HW TRNG).
> > 
> > I'll be using an uboot TRNG driver. But how will that work in
> > the future if the RNG is used by the secure firmware?
>
> Wondering if this would be of interest to you [0]. I think since this
> device only has one TRNG, there has to be a master around and we can
> mitigate that from OP-TEE as of now, incase anything changes in future
> then the communication channel between OP-TEE and the secure firmware
> can be established but currently it's still at work. I think the best
> way to go forward is to get the numbers from OP-TEE atm IMHO.

I saw the optee rng. But as of now, the instructions are to use a
software PRNG for optee. Thus, if someone compiles optee by
following the instructions, it's unlikely to work.

Would TI willing to agree to change the building docs and enable the
TRNG in optee and then work on moving the TRNG into the secure
firmware and build a channel between optee and that firmware? Right
now, the TRNG seems pretty useless as we cannot use it neither from
u-boot or linux (and being future proof).

-michael

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 297 bytes --]

next prev parent reply	other threads:[~2025-04-10 11:26 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-13 14:41 [PATCH] arm64: dts: ti: k3-am62p-j722s: add rng node Michael Walle
2025-03-28 16:12 ` Kumar, Udit
2025-03-31 10:58   ` Michael Walle
2025-03-31 17:12     ` Kumar, Udit
2025-04-01  6:20       ` Michael Walle
2025-04-01 10:02         ` Kumar, Udit
2025-04-01 11:09           ` Michael Walle
2025-04-09 10:33             ` Manorit Chawdhry
2025-04-10 11:26               ` Michael Walle [this message]
2025-04-10 13:20                 ` Kumar, Udit

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=D92X7T33NU3T.VSZM5K7U602S@kernel.org \
    --to=mwalle@kernel.org \
    --cc=conor+dt@kernel.org \
    --cc=devicetree@vger.kernel.org \
    --cc=kristo@kernel.org \
    --cc=krzk+dt@kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=m-chawdhry@ti.com \
    --cc=nm@ti.com \
    --cc=robh@kernel.org \
    --cc=u-kumar1@ti.com \
    --cc=vigneshr@ti.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox