diff options
| author | Rouven Czerwinski <r.czerwinski@pengutronix.de> | 2020-01-28 06:38:20 +0100 |
|---|---|---|
| committer | Sascha Hauer <s.hauer@pengutronix.de> | 2020-01-30 06:22:28 +0100 |
| commit | 4b7c346be3b9ced3166a6290d8c2a5fac691d3f2 (patch) | |
| tree | c81ce1ca8d38cbfc9096c4bd7caf5be6b0304e08 /common/Kconfig | |
| parent | 7e73f9a3b89dcabb5737e2989ede1f7558dff9f1 (diff) | |
| download | barebox-4b7c346be3b9ced3166a6290d8c2a5fac691d3f2.tar.gz barebox-4b7c346be3b9ced3166a6290d8c2a5fac691d3f2.tar.xz | |
ARM: add optee early loading function
Add a OP-TEE early loading function which expects a pointer to a valid
tee binary and the device tree. OP-TEE will then be started and barebox
will continue to run in normal mode.
The function start_optee_early should be used in a boards lowlevel.c
file. Ensure that barebox has been relocated and a proper c environment
has been setup beforehand. Depending on the OP-TEE configuration, the
fdt will be modified. If the internal barebox device tree is passed,
OP-TEE will overwrite barebox PBL memory during this modification. Copy
the fdt to a save memory location beforehand to avoid a corruption of
barebox PBL memory.
This also moves the OP-TEE Kconfig symbols into a separate menu.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'common/Kconfig')
| -rw-r--r-- | common/Kconfig | 54 |
1 files changed, 33 insertions, 21 deletions
diff --git a/common/Kconfig b/common/Kconfig index f9ef9bd83b..9c7228aa22 100644 --- a/common/Kconfig +++ b/common/Kconfig @@ -643,27 +643,6 @@ config BOOTM_FORCE_SIGNED_IMAGES are refused to boot. Effectively this means only FIT images can be booted since they are the only supported image type that support signing. -config BOOTM_OPTEE - bool - prompt "support booting OP-TEE" - depends on BOOTM && ARM - help - OP-TEE is a trusted execution environment (TEE). With this option - enabled barebox supports starting optee_os as part of the bootm command. - Instead of the kernel bootm starts the optee_os binary which then starts - the kernel in nonsecure mode. Pass the optee_os binary with the -t option - or in the global.bootm.tee variable. - -config BOOTM_OPTEE_SIZE - hex - default 0x02000000 - prompt "OP-TEE Memory Size" - depends on BOOTM_OPTEE - help - Size to reserve in main memory for OP-TEE. - Can be smaller than the actual size used by OP-TEE, this is used to prevent - barebox from allocating memory in this area. - config BLSPEC depends on FLEXIBLE_BOOTARGS depends on !SHELL_NONE @@ -1000,6 +979,39 @@ config MACHINE_ID Note: if no hashable information is available no machine id will be passed to the kernel. +menu "OP-TEE loading" + +config OPTEE_SIZE + hex + default 0x02000000 + prompt "OP-TEE Memory Size" + depends on BOOTM_OPTEE || PBL_OPTEE + help + Size to reserve in main memory for OP-TEE. + Can be smaller than the actual size used by OP-TEE, this is used to prevent + barebox from allocating memory in this area. + +config BOOTM_OPTEE + bool + prompt "support booting OP-TEE" + depends on BOOTM && ARM + help + OP-TEE is a trusted execution environment (TEE). With this option + enabled barebox supports starting optee_os as part of the bootm command. + Instead of the kernel bootm starts the optee_os binary which then starts + the kernel in nonsecure mode. Pass the optee_os binary with the -t option + or in the global.bootm.tee variable. + +config PBL_OPTEE + bool "Enable OP-TEE early start" + depends on ARM + depends on !THUMB2_BAREBOX + help + Allows starting OP-TEE during lowlevel initialization of the PBL. + Requires explicit support in the boards lowlevel file. + +endmenu + endmenu menu "Debugging" |