On Tuesday 10 September 2019 15:37:32 Sebastian Reichel wrote: > Hi, > > On Tue, Sep 10, 2019 at 08:56:49AM -0500, Adam Ford wrote: > > On Thu, Sep 5, 2019 at 6:04 PM Tony Lindgren <tony@xxxxxxxxxxx> wrote: > > > Oh and this needs to default to status = "disabled" for > > > HS devices like n900 as it needs to use the omap3-rom-rng. > > > > I don't know enough about the HS version of the OMAP3, but what's the > > main difference between omap3-rom-rng and this one? > > The OMAP HS chips have the bus firewall configured to block direct > access to some cryptography related devices. The kernel will crash > with a bus error, if you try to read/write the registers for > protected devices. And if you try to read it more times, SOC would be rebooted for security reasons. > The omap3-rom-rng avoids this by communicating > with the security middleware component instead of directly accessing > the RNG hardware. And that component is loaded by signed bootloader into "secure" area not accessible by "non-secure" work (like kernel) and communication is done via arm smc instruction. -- Pali Rohár pali.rohar@xxxxxxxxx
