Hello Gaurav, > -----Original Message----- > From: U-Boot <[email protected]> On Behalf Of Gaurav Jain > Sent: Wednesday, January 12, 2022 2:31 PM > To: [email protected] > Cc: Stefano Babic <[email protected]>; Fabio Estevam <[email protected]>; Peng > Fan > <[email protected]>; Simon Glass <[email protected]>; Michael Walle > <[email protected]>; Priyanka Jain <[email protected]>; Ye Li > <[email protected]>; > Horia Geanta <[email protected]>; Ji Luo <[email protected]>; Franck Lenormand > <[email protected]>; Silvano Di Ninno <[email protected]>; Sahil > malhotra <[email protected]>; Pankaj Gupta <[email protected]>; Varun > Sethi <[email protected]>; NXP i . MX U-Boot Team <[email protected]>; Shengzhou > Liu <[email protected]>; Mingkai Hu <[email protected]>; Rajesh Bhagat > <[email protected]>; Meenakshi Aggarwal <[email protected]>; > Wasim > Khan <[email protected]>; Alison Wang <[email protected]>; Pramod Kumar > <[email protected]>; Tang Yuantian <[email protected]>; Adrian Alonso > <[email protected]>; Vladimir Oltean <[email protected]>; Gaurav Jain > <[email protected]> > Subject: [PATCH v10 02/14] i.MX8M: crypto: updated device tree for supporting > DM > in SPL > > disabled use of JR0 in SPL and uboot, as JR0 is reserved > for secure boot.
I'd like to return the original question here, which was not completely clarified during previous reviews: where does the reservation restriction is coming from? BootROM does reserve the JR0 and JR1, which are later released by ATF. NXP downstream ATF keeps the JR0 reserved, but upstream ATF does release *all* JRs to NS World. If this reservation is taken like the patch proposes and U-Boot is built with upstream ATF - this would eventually lead to the situation where the HW configuration is not aligned with what DTB indicates. Please note, that recent OP-TEE release has also re-mapped the JR it uses from JR0 to JR2, which can also lead to usage of the JR which is already taken by OP-TEE. There is an ongoing PR in OP-TEE to disable JR nodes via DT overlay for Linux [1], but I'm not sure if the same applies to U-Boot as well. > > Signed-off-by: Gaurav Jain <[email protected]> > Reviewed-by: Ye Li <[email protected]> > --- > arch/arm/dts/imx8mm-evk-u-boot.dtsi | 19 ++++++++++++++++++- > arch/arm/dts/imx8mn-ddr4-evk-u-boot.dtsi | 19 ++++++++++++++++++- > arch/arm/dts/imx8mp-evk-u-boot.dtsi | 19 ++++++++++++++++++- > arch/arm/dts/imx8mq-evk-u-boot.dtsi | 4 ++++ > 4 files changed, 58 insertions(+), 3 deletions(-) > > diff --git a/arch/arm/dts/imx8mm-evk-u-boot.dtsi b/arch/arm/dts/imx8mm-evk-u- > boot.dtsi > index 6b459831e7..e5682ca165 100644 > --- a/arch/arm/dts/imx8mm-evk-u-boot.dtsi > +++ b/arch/arm/dts/imx8mm-evk-u-boot.dtsi > @@ -1,6 +1,6 @@ > // SPDX-License-Identifier: GPL-2.0+ > /* > - * Copyright 2019 NXP > + * Copyright 2019, 2021 NXP > */ > > #include "imx8mm-u-boot.dtsi" > @@ -68,6 +68,23 @@ > u-boot,dm-spl; > }; > > +&crypto { > + u-boot,dm-spl; > +}; > + > +&sec_jr0 { > + u-boot,dm-spl; > + status = "disabled"; > +}; > + > +&sec_jr1 { > + u-boot,dm-spl; > +}; > + > +&sec_jr2 { > + u-boot,dm-spl; > +}; > + > &usdhc1 { > u-boot,dm-spl; > }; > diff --git a/arch/arm/dts/imx8mn-ddr4-evk-u-boot.dtsi > b/arch/arm/dts/imx8mn-ddr4- > evk-u-boot.dtsi > index 1d3844437d..d8df863083 100644 > --- a/arch/arm/dts/imx8mn-ddr4-evk-u-boot.dtsi > +++ b/arch/arm/dts/imx8mn-ddr4-evk-u-boot.dtsi > @@ -1,6 +1,6 @@ > // SPDX-License-Identifier: GPL-2.0+ > /* > - * Copyright 2019 NXP > + * Copyright 2019, 2021 NXP > */ > > / { > @@ -104,6 +104,23 @@ > u-boot,dm-spl; > }; > > +&crypto { > + u-boot,dm-spl; > +}; > + > +&sec_jr0 { > + u-boot,dm-spl; > + status = "disabled"; > +}; > + > +&sec_jr1 { > + u-boot,dm-spl; > +}; > + > +&sec_jr2 { > + u-boot,dm-spl; > +}; > + > &usdhc1 { > u-boot,dm-spl; > }; > diff --git a/arch/arm/dts/imx8mp-evk-u-boot.dtsi b/arch/arm/dts/imx8mp-evk-u- > boot.dtsi > index ab849ebaac..f3f83ba303 100644 > --- a/arch/arm/dts/imx8mp-evk-u-boot.dtsi > +++ b/arch/arm/dts/imx8mp-evk-u-boot.dtsi > @@ -1,6 +1,6 @@ > // SPDX-License-Identifier: GPL-2.0+ > /* > - * Copyright 2019 NXP > + * Copyright 2019, 2021 NXP > */ > > #include "imx8mp-u-boot.dtsi" > @@ -67,6 +67,23 @@ > u-boot,dm-spl; > }; > > +&crypto { > + u-boot,dm-spl; > +}; > + > +&sec_jr0 { > + u-boot,dm-spl; > + status = "disabled"; > +}; > + > +&sec_jr1 { > + u-boot,dm-spl; > +}; > + > +&sec_jr2 { > + u-boot,dm-spl; > +}; > + > &i2c1 { > u-boot,dm-spl; > }; > diff --git a/arch/arm/dts/imx8mq-evk-u-boot.dtsi b/arch/arm/dts/imx8mq-evk-u- > boot.dtsi > index 6f9c81462e..8f1f942215 100644 > --- a/arch/arm/dts/imx8mq-evk-u-boot.dtsi > +++ b/arch/arm/dts/imx8mq-evk-u-boot.dtsi > @@ -10,3 +10,7 @@ > sd-uhs-sdr104; > sd-uhs-ddr50; > }; > + > +&sec_jr0 { > + status = "disabled"; > +}; > -- > 2.17.1 Link: [1]: https://github.com/OP-TEE/optee_os/pull/5143
