board: ti: am654: Disable TRNG node for HS devices
authorAndrew F. Davis <afd@ti.com>
Tue, 17 Sep 2019 21:15:40 +0000 (17:15 -0400)
committerTom Rini <trini@konsulko.com>
Fri, 4 Oct 2019 16:21:23 +0000 (12:21 -0400)
On HS devices the access to TRNG is restricted on the non-secure
ARM side, disable the node in DT to prevent firewall violations.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
arch/arm/mach-k3/common.c
arch/arm/mach-k3/include/mach/sys_proto.h
board/ti/am65x/evm.c

index 3e36d90aceff0d9677b146c29ea5aaeb1c2f79a9..c16afc654fb455eb1975015c5bf9d92b18e251dd 100644 (file)
@@ -137,6 +137,26 @@ int fdt_fixup_msmc_ram(void *blob, char *parent_path, char *node_name)
 
        return 0;
 }
+
+int fdt_disable_node(void *blob, char *node_path)
+{
+       int offs;
+       int ret;
+
+       offs = fdt_path_offset(blob, node_path);
+       if (offs < 0) {
+               debug("Node %s not found.\n", node_path);
+               return 0;
+       }
+       ret = fdt_setprop_string(blob, offs, "status", "disabled");
+       if (ret < 0) {
+               printf("Could not add status property to node %s: %s\n",
+                      node_path, fdt_strerror(ret));
+               return ret;
+       }
+       return 0;
+}
+
 #endif
 
 #ifndef CONFIG_SYSRESET
index 45832b45a16651b61170e551a5ea1af93fad4dad..3c825aa3d1f979251146a6232a291f2e335f570b 100644 (file)
@@ -14,4 +14,6 @@ struct ti_sci_handle *get_ti_sci_handle(void);
 int fdt_fixup_msmc_ram(void *blob, char *parent_path, char *node_name);
 int do_board_detect(void);
 void release_resources_for_core_shutdown(void);
+int fdt_disable_node(void *blob, char *node_path);
+
 #endif
index e01adcd642fb68446b3ad6adeb7e1becd812f18c..ad333ad8839b33e9cb03ee0315b5cc1f435fb61f 100644 (file)
@@ -96,10 +96,21 @@ int ft_board_setup(void *blob, bd_t *bd)
        int ret;
 
        ret = fdt_fixup_msmc_ram(blob, "/interconnect@100000", "sram@70000000");
-       if (ret)
+       if (ret) {
                printf("%s: fixing up msmc ram failed %d\n", __func__, ret);
+               return ret;
+       }
 
-       return ret;
+#if defined(CONFIG_TI_SECURE_DEVICE)
+       /* Make HW RNG reserved for secure world use */
+       ret = fdt_disable_node(blob, "/interconnect@100000/trng@4e10000");
+       if (ret) {
+               printf("%s: disabling TRGN failed %d\n", __func__, ret);
+               return ret;
+       }
+#endif
+
+       return 0;
 }
 #endif