optee-os: Enable OP-TEE TRNG in AM62X

Enable TRNG in AM62X, as bugs related to TRNG has been fixed now.

Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
---
 meta-ti-bsp/recipes-security/optee/optee-os-ti.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


---
base-commit: d5e768e29b3f8091cbdedb702ff4185f73af4f3d
change-id: 20231106-enable-trng-e56f79d668e8

Best regards,

On 11/6/2023 5:25 AM, Kamlesh Gurudasani wrote:
> Enable TRNG in AM62X, as bugs related to TRNG has been fixed now.

Can you provide more details on what fixed TRNG ? Assuming its something 
specific inside OPTEE 4.0 version.


> 
> Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
> ---
>   meta-ti-bsp/recipes-security/optee/optee-os-ti.inc | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> index 91b66a36..d1c15cb2 100644
> --- a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> +++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> @@ -6,7 +6,7 @@ inherit ti-secdev
>   
>   EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') if d.getVar('OPTEE_K3_USART') else ''}"
>   
> -EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
> +EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1"
>   EXTRA_OEMAKE:append:am62pxx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"

How about doing the same for am62p ?


>   EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1"
>   
> 
> ---
> base-commit: d5e768e29b3f8091cbdedb702ff4185f73af4f3d
> change-id: 20231106-enable-trng-e56f79d668e8
> 
> Best regards,

"Bajjuri, Praneeth" <praneeth@ti.com> writes:

...
>> ---
>>   meta-ti-bsp/recipes-security/optee/optee-os-ti.inc | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>> 
>> diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>> index 91b66a36..d1c15cb2 100644
>> --- a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>> +++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>> @@ -6,7 +6,7 @@ inherit ti-secdev
>>   
>>   EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') if d.getVar('OPTEE_K3_USART') else ''}"
>>   
>> -EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
>> +EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1"
>>   EXTRA_OEMAKE:append:am62pxx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
>
> How about doing the same for am62p ?
@vibhore, Considering instabilities with AM62a, let me know if I should
enable it for AM62p. Will send v2 accordingly.

-Kamlesh

On 13:45-20231107, Kamlesh Gurudasani wrote:
Hi Kamlesh,

> "Bajjuri, Praneeth" <praneeth@ti.com> writes:
> 
> ...
> >> ---
> >>   meta-ti-bsp/recipes-security/optee/optee-os-ti.inc | 2 +-
> >>   1 file changed, 1 insertion(+), 1 deletion(-)
> >> 
> >> diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> >> index 91b66a36..d1c15cb2 100644
> >> --- a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> >> +++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
> >> @@ -6,7 +6,7 @@ inherit ti-secdev
> >>   
> >>   EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') if d.getVar('OPTEE_K3_USART') else ''}"
> >>   
> >> -EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
> >> +EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1"
> >>   EXTRA_OEMAKE:append:am62pxx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
> >
> > How about doing the same for am62p ?
> @vibhore, Considering instabilities with AM62a, let me know if I should
> enable it for AM62p. Will send v2 accordingly.

As discussed offline, the instabilities we are seeing on AM62a are only
after a Deep Sleep cycle. The system is stable unless LPM is tried.
Also, AM62p does not have Deep Sleep support. So, I do not have any
objections to having TRNG support enabled for AM62p.

Regards,
Vibhore

On 11/7/2023 3:52 AM, Vibhore Vardhan wrote:
> On 13:45-20231107, Kamlesh Gurudasani wrote:
> Hi Kamlesh,
> 
>> "Bajjuri, Praneeth" <praneeth@ti.com> writes:
>>
>> ...
>>>> ---
>>>>    meta-ti-bsp/recipes-security/optee/optee-os-ti.inc | 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>>>> index 91b66a36..d1c15cb2 100644
>>>> --- a/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>>>> +++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti.inc
>>>> @@ -6,7 +6,7 @@ inherit ti-secdev
>>>>    
>>>>    EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') if d.getVar('OPTEE_K3_USART') else ''}"
>>>>    
>>>> -EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
>>>> +EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1"
>>>>    EXTRA_OEMAKE:append:am62pxx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
>>>
>>> How about doing the same for am62p ?
>> @vibhore, Considering instabilities with AM62a, let me know if I should
>> enable it for AM62p. Will send v2 accordingly.


When you send the V2 series, can you base the commit off of the 
kirkstone-wip branch.  I have applied some changes to the file you are 
changing above (renamed it in this case) so your patch would not apply 
currently.  Thanks.




> As discussed offline, the instabilities we are seeing on AM62a are only
> after a Deep Sleep cycle. The system is stable unless LPM is tried.
> Also, AM62p does not have Deep Sleep support. So, I do not have any
> objections to having TRNG support enabled for AM62p.
> 
> Regards,
> Vibhore