Hi Jarkko, > On 07.03.2024, at 20:30, Jarkko Sakkinen <jar...@kernel.org> wrote:
[...] >> + >> +static int trusted_dcp_init(void) >> +{ >> + int ret; >> + >> + if (use_otp_key) >> + pr_info("Using DCP OTP key\n"); >> + >> + ret = test_for_zero_key(); >> + if (ret) { >> + pr_err("Test for zero'ed keys failed: %i\n", ret); > > I'm not sure whether this should err or warn. > > What sort of situations can cause the test the fail (e.g. > adversary/interposer, bad configuration etc.). This occurs when the hardware is not in "secure mode". I.e. it’s a bad configuration issue. Once the board is properly configured, this will never trigger again. Do you think a warning is better for this then? Thanks, - David