korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 16:24:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
9064610348
linux/drivers/tee/optee/Kconfig
Sumit Garg 50709576d8 Documentation: Destage TEE subsystem documentation 
Add a separate documentation directory for TEE subsystem since it is a
standalone subsystem which already offers devices consumed by multiple
different subsystem drivers.

Split overall TEE subsystem documentation modularly where:
- The userspace API has been moved to Documentation/userspace-api/tee.rst.
- The driver API has been moved to Documentation/driver-api/tee.rst.
- The first module covers the overview of TEE subsystem.
- The further modules are dedicated to different TEE implementations like:
  - OP-TEE
  - AMD-TEE
  - and so on for future TEE implementation support.

Acked-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20231128072352.866859-1-sumit.garg@linaro.org
2023-12-08 15:45:10 -07:00

27 lines
1.0 KiB
Plaintext
Raw Blame History

# SPDX-License-Identifier: GPL-2.0-only
# OP-TEE Trusted Execution Environment Configuration
config OPTEE
tristate "OP-TEE"
depends on HAVE_ARM_SMCCC
depends on MMU
help
This implements the OP-TEE Trusted Execution Environment (TEE)
driver.
config OPTEE_INSECURE_LOAD_IMAGE
bool "Load OP-TEE image as firmware"
default n
depends on OPTEE && ARM64
help
This loads the BL32 image for OP-TEE as firmware when the driver is
probed. This returns -EPROBE_DEFER until the firmware is loadable from
the filesystem which is determined by checking the system_state until
it is in SYSTEM_RUNNING. This also requires enabling the corresponding
option in Trusted Firmware for Arm. The documentation there explains
the security threat associated with enabling this as well as
mitigations at the firmware and platform level.
https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html
Additional documentation on kernel security risks are at
Documentation/tee/op-tee.rst.
Reference in New Issue View Git Blame Copy Permalink