From: Tom Rini <trini@konsulko.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2 2/7] arm: mach-keystone: Implements FIT post-processing call for keystone SoCs
Date: Tue, 6 Sep 2016 09:34:49 -0400 [thread overview]
Message-ID: <20160906133449.GJ4990@bill-the-cat> (raw)
In-Reply-To: <1472706282-6772-3-git-send-email-madans@ti.com>
On Thu, Sep 01, 2016 at 01:04:37AM -0400, Madan Srinivas wrote:
> From: Vitaly Andrianov <vitalya@ti.com>
>
> This commit implements the board_fit_image_post_process() function for
> the keystone architecture. Unlike OMAP class devices, security
> functions in keystone are not handled in the ROM.
> The interface to the secure functions is TI proprietary and depending
> on the keystone platform, the security functions like encryption,
> decryption and authentication might even be offloaded to other secure
> processing elements in the SoC.
> The boot monitor acts as the gateway to these secure functions and the
> boot monitor for secure devices is available as part of the SECDEV
> package for KS2. For more details refer doc/README.ti-secure
>
> Signed-off-by: Vitaly Andrianov <vitalya@ti.com>
> Signed-off-by: Madan Srinivas <madans@ti.com>
>
> Cc: Lokesh Vutla <lokeshvutla@ti.com>
> Cc: Dan Murphy <dmurphy@ti.com>
First, what is done to ensure that the magic blob we're offloading to
isn't malicious? Second, this appears to be missing cache flushes
that're done in arch/arm/cpu/armv7/omap-common/sec-common.c and, well,
why can't we re-use the existing code? Given how rarely IP blocks are
written from scratch rather than being an evolution of a previous block
I can't imagine that we can't make the code there be re-used nor that we
don't need / couldn't use the flushing and alignment checks nor status
messages. Thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20160906/51e8e8f6/attachment.sig>
next prev parent reply other threads:[~2016-09-06 13:34 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <madans@ti.com>
2016-08-26 6:30 ` [U-Boot] [PATCH 0/7] Adds support for secure boot on Keystone SoCs (K2E) Madan Srinivas
2016-08-26 6:30 ` [U-Boot] [PATCH 1/7] include: image.h: Fixes build warning with CONFIG_FIT_IMAGE_POST_PROCESS Madan Srinivas
2016-08-29 14:52 ` Andrew F. Davis
2016-08-26 6:30 ` [U-Boot] [PATCH 2/7] arm: mach-keystone: Implements FIT post-processing call for keystone SoCs Madan Srinivas
2016-08-29 16:22 ` Dan Murphy
2016-08-30 9:03 ` Lokesh Vutla
2016-08-26 6:30 ` [U-Boot] [PATCH 3/7] arm: omap-common: Enable support for K2 HS devices in u-boot Madan Srinivas
2016-08-29 14:56 ` Andrew F. Davis
2016-08-29 17:02 ` Dan Murphy
2016-08-26 6:30 ` [U-Boot] [PATCH 4/7] arm: omap-common: Reuse secure image name between OMAP and keystone Madan Srinivas
2016-08-29 15:10 ` Andrew F. Davis
2016-08-26 6:30 ` [U-Boot] [PATCH 5/7] arm: mach-keystone: config.mk: Adds support for secure images on K2 Madan Srinivas
2016-08-29 15:21 ` Andrew F. Davis
2016-08-26 6:30 ` [U-Boot] [PATCH 6/7] doc: Updates info on using keystone secure devices from TI Madan Srinivas
2016-08-26 6:30 ` [U-Boot] [PATCH 7/7] configs: Adds a defconfig for K2E High Security EVM Madan Srinivas
2016-08-29 15:28 ` Andrew F. Davis
2016-09-01 5:04 ` [U-Boot] [PATCH v2 0/7] Adds support for secure boot on Keystone SoCs (K2E) Madan Srinivas
2016-09-01 5:04 ` [U-Boot] [PATCH v2 1/7] include: image.h: Fixes build warning with CONFIG_FIT_IMAGE_POST_PROCESS Madan Srinivas
2016-09-06 13:34 ` Tom Rini
2016-09-06 13:34 ` Tom Rini
2016-09-01 5:04 ` [U-Boot] [PATCH v2 2/7] arm: mach-keystone: Implements FIT post-processing call for keystone SoCs Madan Srinivas
2016-09-06 13:34 ` Tom Rini [this message]
2016-09-08 15:29 ` Srinivas, Madan
2016-09-01 5:04 ` [U-Boot] [PATCH v2 3/7] arm: omap-common: adds secure image name common to OMAP and keystone Madan Srinivas
2016-09-06 13:34 ` Tom Rini
2016-09-01 5:04 ` [U-Boot] [PATCH v2 4/7] arm: omap-common: Enable support for K2 HS devices in u-boot Madan Srinivas
2016-09-06 13:34 ` Tom Rini
2016-09-01 5:04 ` [U-Boot] [PATCH v2 5/7] arm: mach-keystone: config.mk: Adds support for secure images on K2 Madan Srinivas
2016-09-02 14:35 ` Andrew F. Davis
2016-09-01 5:04 ` [U-Boot] [PATCH v2 6/7] doc: Updates info on using keystone secure devices from TI Madan Srinivas
2016-09-06 13:34 ` Tom Rini
2016-09-01 5:04 ` [U-Boot] [PATCH v2 7/7] configs: Adds a defconfig for K2E High Security EVM Madan Srinivas
2016-09-02 4:25 ` [U-Boot] [PATCH v2 0/7] Adds support for secure boot on Keystone SoCs (K2E) Lokesh Vutla
2016-09-02 16:48 ` Srinivas, Madan
2016-09-03 16:56 ` Lokesh Vutla
2016-09-03 17:23 ` Nishanth Menon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160906133449.GJ4990@bill-the-cat \
--to=trini@konsulko.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox