I'm trying to enable encrypted boot in iMX6 ULL EVK. According to IMX6ULLRM and IMX6ULLSRM this should be possible. One of the steps to get encrypted boot work is generate a "dek blob"  inside the processor. In order to do that, there is a u-boot command named "dek_blob" that uses the CAAM . I couldn't get his command work, It fails at this point in a function named caam_page_alloc() which is always called with the same parameters: caam_page_alloc(1, 1), this means it fails regardless of how I use the dek_blob command. I also tried to use the CAAM Linux drivers unsuccessfully. Later I found in a couple of sites the CAAM is not available in iMX6ULL 
So my question is ¿How can I encapsulate a DEK and obtain a dek blob in the iMX6ULL?
Solved! Go to Solution.
Thanks you very much igorpadykov.
The Applications Processor Reference Manual for this device (IMX6ULLRM) says the encrypted boot is supported. I humbly suggest to amend it in order to avoid other engineers waste their time trying to make it work.
in theory it can be supported, but in practice NXP software implementation currently
supports only CAAM based options.