On Mon, Dec 9, 2019 at 10:23 AM Horia Geanta <horia.geanta@xxxxxxx> wrote: > > On 12/1/2019 12:52 AM, Adam Ford wrote: > > The i.MX8M Mini supports the same crypto engine as what is in > > the i.MX8MQ, but it is not currently present in the device tree, > > because it may be resricted by security features. > > > What exactly are you referring to? I don't know this hardware very well, but on a different platform, we needed to make the crypto engines as disabled if they were being accessed through secure operations which made it unavailable to Linux without using some special barriers. I didn't have the special hardware on the other platform that required it that way, so I can't really explain it well. I know on those special cases, because some people were accessing these registers through other means, the devices had to be marked as 'disabled' so to avoid breaking something. Since I wasn't sure if this was left out of the i.MX8M Mini on purpose, I let this disabled just in case this hardware platform was also affected in a similar and people wanting to use it could mark it as 'okay' adam > > > This patch places in into the device tree and marks it as disabled, > > but anyone not restricting the CAAM with secure mode functions > > can mark it as enabled. > > > Even if - due to export control regulations - CAAM is "trimmed down", > it loses only the encryption capabilities (hashing etc. still working). > > Again, please clarify what you mean by "secure mode functions", > "security features" etc. > > Horia
