mirror of
https://github.com/u-boot/u-boot.git
synced 2024-11-29 15:43:44 +08:00
eadf26f183
Adds a sandbox tee driver which emulates a generic TEE with the OP-TEE AVB TA. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> [trini: Fix printf warnings in ta_avb_invoke_func, slots is uint] Signed-off-by: Tom Rini <trini@konsulko.com>
36 lines
1.1 KiB
Plaintext
36 lines
1.1 KiB
Plaintext
# Generic Trusted Execution Environment Configuration
|
|
config TEE
|
|
bool "Trusted Execution Environment support"
|
|
depends on (ARM && (ARM64 || CPU_V7A)) || SANDBOX
|
|
select ARM_SMCCC if ARM
|
|
help
|
|
This implements a generic interface towards a Trusted Execution
|
|
Environment (TEE). A TEE is a trusted OS running in some secure
|
|
environment, for example, TrustZone on ARM cpus, or a separate
|
|
secure co-processor etc. See also:
|
|
https://en.wikipedia.org/wiki/Trusted_execution_environment
|
|
|
|
if TEE
|
|
|
|
menu "TEE drivers"
|
|
|
|
config SANDBOX_TEE
|
|
bool "Sandbox TEE emulator"
|
|
depends on SANDBOX
|
|
default y
|
|
help
|
|
This emulates a generic TEE needed for testing including the AVB
|
|
TA. The emulation provides all callbacks of a regular TEE and
|
|
supports session and shared memory management. The AVB TA is
|
|
emulated with rollback indexes and device lock-state, the state
|
|
of the TA is only kept in RAM and will be reset on each boot.
|
|
The emulation only supports one open session at a time.
|
|
Interaction from the U-Boot command line in possible via the
|
|
"avb" commands.
|
|
|
|
source "drivers/tee/optee/Kconfig"
|
|
|
|
endmenu
|
|
|
|
endif
|