On 25/04/2019 04:24, Breno Matheus Lima wrote:
I couldn't get encrypted boot working in my first attempt, doing the
exact same procedure with commit 22191ac35344 ("drivers/crypto/fsl:
assign job-rings to non-TrustZone") reverted works fine.
Hi Breno,
I noticed another patch from you re: dek blob, does that address this
issue for you are is this still a live thing ?
If you are running in secure-world, and the BootROM dek blob stuff
validates job-ring ownership it _should_ be possible to flip the
ownership bits to what the BootROM expects and then back again.
If its not working, presumably its because we aren't flipping ownership
at the right time.
Maybe better to set permissions to secure-world while we are in u-boot
and then switch to normal world before we hand over to the next boot phase.
---
bod
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
