Commit bc0c0c9a7f5f8f871abfc559eaaea6bdb115b116
Committed by
Ye Li
Ye Li
1 parent
4783d6d4bc
Exists in
smarc_8mq-imx_v2020.04_5.4.24_2.1.0
and in
3 other branches
MLK-20935-1 doc: imx: habv4: Add section to avoid crash when OP-TEE is enabled
Starting in L4.14.78 release, the OP-TEE CAAM driver does not set the JROWN_NS field in case LMID is locked. We need to include the Unlock MID command in CSF file otherwise device will fail to boot in HAB closed mode. Add section to avoid crash when OP-TEE is enabled. Reported-by: Frank Zhang <frank.zhang@nxp.com> Signed-off-by: Breno Lima <breno.lima@nxp.com> Reviewed-by: Ye Li <ye.li@nxp.com> (cherry picked from commit af03284ad38bd03ef1f0d4942842629db93d2c11) (cherry picked from commit 66f05532d587e50631eef066c4190936e0d33583)
Showing 1 changed file with 17 additions and 0 deletions Side-by-side Diff
doc/imx/habv4/guides/mx6_mx7_secure_boot.txt
| ... | ... | @@ -110,6 +110,23 @@ |
| 110 | 110 | |
| 111 | 111 | Block = 0x877ff400 0x00000000 0x0009ec00 "u-boot-dtb.imx" |
| 112 | 112 | |
| 113 | +1.3.1 Avoiding Kernel crash when OP-TEE is enabled | |
| 114 | +--------------------------------------------------- | |
| 115 | + | |
| 116 | +For devices prior to HAB v4.4.0, the HAB code locks the Job Ring and DECO | |
| 117 | +master ID registers in HAB closed configuration. In case the user specific | |
| 118 | +application requires any changes in CAAM MID registers it's necessary to | |
| 119 | +add the "Unlock CAAM MID" command in CSF file. | |
| 120 | + | |
| 121 | +The current NXP OP-TEE implementation expects the CAAM registers to be unlocked | |
| 122 | +when configuring CAAM to operate in non-secure TrustZone world. | |
| 123 | + | |
| 124 | +- Add Unlock MID command in CSF: | |
| 125 | + | |
| 126 | + [Unlock] | |
| 127 | + Engine = CAAM | |
| 128 | + Features = MID | |
| 129 | + | |
| 113 | 130 | 1.4 Signing the U-Boot binary |
| 114 | 131 | ------------------------------ |
| 115 | 132 |