lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 29 Aug 2019 19:31:00 +0800
From:   Elon Zhang <zhangzj@...k-chips.com>
To:     Heiko Stuebner <heiko@...ech.de>
Cc:     mark.rutland@....com, robh+dt@...nel.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        devicetree@...r.kernel.org, linux-rockchip@...ts.infradead.org
Subject: Re: [PATCH v1 1/1] ARM: dts: rockchip: set crypto default disabled on
 rk3288

Hi Heiko,

On 8/27/2019 22:28, Heiko Stuebner wrote:
> Hi,
>
> Am Dienstag, 27. August 2019, 09:14:39 CEST schrieb Elon Zhang:
>> Not every board needs to enable crypto node, so the node should
>> be set default disabled in rk3288.dtsi and enabled in specific
>> board dts file.
> Can you give a bit more rationale here? There would need to be a very
> specific reason because of the following:
>
> The crypto module is not wired to some board-specific components,
> so its usability does not depend on the specific board at all.
> Instead every board can just use it out of the box and the devicetree
> is supposed to describe the hardware and is _not_ meant as a space
> for user configuration.

Right for almost all normal hardware modules but the crypto module was 
designed

for secure world. As a result,  the crypto module will become 
inaccessible for linux

kernel if secure world enable it.

We plan to enable the crypto module in secure world so we should set 
crypto module

default disabled in linux kernel.

>
> So in fact the status property should probably go away completely from
> the crypto node, as it's usable out of the box in all cases.
>
>
> Heiko
>
>
>
>> Signed-off-by: Elon Zhang <zhangzj@...k-chips.com>
>> ---
>>   arch/arm/boot/dts/rk3288.dtsi | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/arm/boot/dts/rk3288.dtsi b/arch/arm/boot/dts/rk3288.dtsi
>> index cc893e154fe5..d509aa24177c 100644
>> --- a/arch/arm/boot/dts/rk3288.dtsi
>> +++ b/arch/arm/boot/dts/rk3288.dtsi
>> @@ -984,7 +984,7 @@
>>   		clock-names = "aclk", "hclk", "sclk", "apb_pclk";
>>   		resets = <&cru SRST_CRYPTO>;
>>   		reset-names = "crypto-rst";
>> -		status = "okay";
>> +		status = "disabled";
>>   	};
>>   
>>   	iep_mmu: iommu@...00800 {
>>
>
>
>
>
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ