From: "Horia Geantă" <horia.geanta@nxp.com>
To: Michael Walle <michael@walle.cc>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Cc: Pankaj Gupta <pankaj.gupta@nxp.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S . Miller" <davem@davemloft.net>
Subject: Re: [PATCH] crypto: caam: disable pkc for non-E SoCs
Date: Wed, 22 Sep 2021 18:51:23 +0300 [thread overview]
Message-ID: <0b8ae053-698b-2c03-c729-c4c86ba79550@nxp.com> (raw)
In-Reply-To: <20210915220307.3079917-1-michael@walle.cc>
On 9/16/2021 1:03 AM, Michael Walle wrote:
> On newer CAAM versions, not all accelerators are disabled if the SoC is
> a non-E variant. While the driver checks most of the modules for
> availability, there is one - PKHA - which sticks out. On non-E variants
Currently there's no dedicated support for "partially disabled" non-E
(export-controlled) parts in Linux kernel caam driver(s).
Up until recently firmware (U-boot) was deleting the "crypto" DT node
for all non-E parts [1].
Modifying the f/w indeed triggers changes across the s/w stack.
Since you are modifying only the caam code handling PKHA, is it correct
to assume that everything else is working fine?
For example: is the number of AES accelerators (AESA_VERSION[AESA_NUM])
being reported as 0 on non-E parts?
> it is still reported as available, that is the number of instances is
> non-zero, but it has limited functionality. In particular it doesn't
> support encryption and decryption, but just signing and verifying. This
> is indicated by a bit in the PKHA_MISC field. Take this bit into account
> if we are checking for availablitly.
typo: ^ availability
>
> This will the following error:
> [ 8.167817] caam_jr 8020000.jr: 20000b0f: CCB: desc idx 11: : Invalid CHA selected.
>
> Tested on an NXP LS1028A (non-E) SoC.
Thanks.
Unfortunately I don't have a non-E part to test on.
Horia
[1] https://lore.kernel.org/u-boot/ff146322-e8c7-2418-ceb1-a3c0d4cee1a1@nxp.com
4eecc6f1a104 ("armv8: layerscape: don't remove crypto node if just partially disabled")
next prev parent reply other threads:[~2021-09-22 15:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-15 22:03 [PATCH] crypto: caam: disable pkc for non-E SoCs Michael Walle
2021-09-22 15:51 ` Horia Geantă [this message]
2021-09-22 17:55 ` Michael Walle
2021-09-23 14:26 ` Horia Geantă
2021-09-24 8:08 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0b8ae053-698b-2c03-c729-c4c86ba79550@nxp.com \
--to=horia.geanta@nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael@walle.cc \
--cc=pankaj.gupta@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.