- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- CAAM RNG activation causes a kernel oops on iMx8MM
CAAM RNG activation causes a kernel oops on iMx8MM
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
CAAM RNG activation causes a kernel oops on iMx8MM
05-02-2025
08:30 AM
1,098 Views
MAbdulfattah
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello NXP,
We are running linux-imx 6.6.36 on our custom hardware. The kernel throws the following bug at boot up :
11.037497] caam algorithms registered in /proc/crypto
[ 11.043580] caam 30900000.crypto: caam pkc algorithms registered in /proc/crypto
[ 11.051276] caam 30900000.crypto: rng crypto API alg registered prng-caam
[ 11.058214] caam 30900000.crypto: registering rng-caam
[ 11.063516] caam_jr 30902000.jr: job ring error: irqstate: 00000103
[ 11.069865] ------------[ cut here ]------------
[ 11.074488] kernel BUG at /drivers/crypto/caam/jr.c:286!
[ 11.079803] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[ 11.086593] Modules linked in: caam_jr(+) caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_card secvio caam error snd_soc_fsl_sai snd_soc_fsl_utils imx_pcm_dma imx_sdma leds_gpio overlay snd_usb_audio snd_hwdep snd_usbmidi_lib snd_ump
When we disable the CAAM RNG (by un-setting CONFIG_CRYPTO_DEV_FSL_CAAM_RNG_API) the kernel boots up normally.
We are using the original imx8_v8_defconfig with no further modifications. We also made sure that JR1 security setting is the same as what is set at IMX-ATF by reading address :
0x30900018 and the value is 0x00000001
We are using imx scarthgap release https://github.com/nxp-imx/imx-manifest/blob/imx-linux-scarthgap/imx-6.6.36-2.1.0.xml
And no changes were made to imx ATF nor the crypto/CAAM related nodes in the imx8mm.dtsi header.
We also know that the CAAM registers are proprietary, so we can not even know which regs to check.
Any idea?
We are using imx scarthgap release https://github.com/nxp-imx/imx-manifest/blob/imx-linux-scarthgap/imx-6.6.36-2.1.0.xml
And no changes were made to imx ATF nor the crypto/CAAM related nodes in the imx8mm.dtsi header.
We also know that the CAAM registers are proprietary, so we can not even know which regs to check.
Any idea?
4 Replies
11-14-2025
09:00 AM
443 Views
marcocavallini
Contributor V
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same issue here using Yocto scarthgap release with i.MX8MM and we need CAAM functionality to be fully activated with no issues.
Any clue?
Starting kernel ...
[ 0.000000] Booting Linux on physical CPU 0x0000000000 [0x410fd034]
[ 0.000000] Linux version 6.6.52-lts-next-g4fb516caac5f-dirty (oe-user@oe-host) (aarch64-poky-linux-gcc (GCC) 13.3.0, GNU ld (GNU Binutils) 2.42.0.20240723) #1 SMP PREEMPT Fri Nov 14 12:43:43 UTC 2025
...
[ 7.977664] caam algorithms registered in /proc/crypto
[ 7.986745] caam 30900000.crypto: caam pkc algorithms registered in /proc/crypto
[ 8.008003] caam 30900000.crypto: rng crypto API alg registered prng-caam
[ OK ] Stopped 8.015193] caam 30900000.crypto: registering rng-caam
;39mVirtual Console Setup.
[ 8.023446] caam_jr 30902000.jr: job ring error: irqstate: 00000103
[ 8.032264] ------------[ cut here ]------------
[ 8.036884] kernel BUG at /drivers/crypto/caam/jr.c:286!
[ 8.042199] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[ 8.048990] Modules linked in: caam_jr(+) caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic at24 caam secvio error fuse
[ 8.065294] CPU: 0 PID: 211 Comm: systemd-random- Not tainted 6.6.52-lts-next-g4fb516caac5f-dirty #1
4 weeks ago
235 Views
marcocavallini
Contributor V
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The solution for this issue is documented in u-boot documentation file mx8m_secure_boot.txt
1.4.1 Avoiding Kernel crash in closed devices
----------------------------------------------
For devices prior to HAB v4.4.0, the HAB code locks the Job Ring and DECO
master ID registers in closed configuration. In case the user specific
application requires any changes in CAAM MID registers it's necessary to
add the "Unlock CAAM MID" command in CSF file.
The current NXP BSP implementation expects the CAAM registers to be unlocked
when configuring CAAM to operate in non-secure TrustZone world.
The Unlock command is already included by default in the signed HDMI and
DisplayPort firmwares. On i.MX8MM, i.MX8MN and i.MX8MP devices or in case the
HDMI or DisplayPort controllers are disabled in i.MX8M, users must ensure this
command is included in SPL CSF.
- Add Unlock MID command in csf_spl.txt:
[Unlock]
Engine = CAAM
Features = MID
05-08-2025
07:18 AM
1,044 Views
Bio_TICFSL
NXP TechSupport
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
A kernel oops in Linux is triggered when the kernel detects an internal error, such as an invalid memory access. It's a non-fatal error that can lead to an unstable system and potentially a kernel panic if not addressed.
05-08-2025
07:37 AM
1,041 Views
MAbdulfattah
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Bio_TICFSL ,
I know it is not a fatal error. However, we are using the manifest as provided by NXP and we expect the CAAM functionality to be fully activated with no issues. We want to use the TRNG of the CAAM.
Any idea what the issue might be?
