On 30/04/2019 02:28, Bryan O'Donoghue wrote:
On 25/04/2019 04:24, Breno Matheus Lima wrote:
I couldn't get encrypted boot working in my first attempt, doing the
exact same procedure with commit 22191ac35344 ("drivers/crypto/fsl:
assign job-rings to non-TrustZone") reverted works fine.
Hi Breno,
I noticed another patch from you re: dek blob, does that address this
issue for you are is this still a live thing ?
If you are running in secure-world, and the BootROM dek blob stuff
validates job-ring ownership it _should_ be possible to flip the
ownership bits to what the BootROM expects and then back again.
If its not working, presumably its because we aren't flipping ownership
at the right time.
It occurred to me after I went to bed.
The right thing to do is leave the BootROM settings up until we hand-off
and then set the required post-boot settings.
Something I reckon can be ~easily done in some sort of architectural
handover preparation function.
I'll spin that patchset.
---
bod
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
