diff options
| author | Sascha Hauer <s.hauer@pengutronix.de> | 2019-05-22 10:05:17 +0200 |
|---|---|---|
| committer | Sascha Hauer <s.hauer@pengutronix.de> | 2019-06-07 08:42:05 +0200 |
| commit | e30340886fcbac1d2c03fbea4ee41ffa9464fb11 (patch) | |
| tree | d6aec9dde274cafbdce1c8beca4699c05fd17f98 /common/bootm.c | |
| parent | ab06d72a6ef8939831b8c0b1c412d9a11fc06889 (diff) | |
| download | barebox-e30340886fcbac1d2c03fbea4ee41ffa9464fb11.tar.gz barebox-e30340886fcbac1d2c03fbea4ee41ffa9464fb11.tar.xz | |
ARM: Initial OP-TEE support
This adds initial support for OP-TEE, see https://www.op-tee.org/
barebox starts in secure mode as usual. When booting a kernel
the bootm code also loads the optee_os binary. Instead of jumping
into the kernel barebox jumps into the optee_os binary and puts
the kernel execution address into the lr register. OP-TEE then
jumps into the kernel in nonsecure mode.
The optee_os binary is passed with the -t option to bootm or
with global.bootm.tee.
Optionally OP-TEE can be compiled into barebox using the builtin firmware
feature. Enable the Kconfig option and place or link your tee binary as
optee.bin into the firmware directory.
The amount of SDRAM which is kept free for OP-TEE is configurable.
This patch was tested on a i.MX6 Nitrogen6x board.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'common/bootm.c')
| -rw-r--r-- | common/bootm.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/common/bootm.c b/common/bootm.c index 36f6c41bbd..d7232f6afa 100644 --- a/common/bootm.c +++ b/common/bootm.c @@ -58,6 +58,7 @@ void bootm_data_init_defaults(struct bootm_data *data) data->initrd_address = UIMAGE_INVALID_ADDRESS; data->os_address = UIMAGE_SOME_ADDRESS; data->oftree_file = getenv_nonempty("global.bootm.oftree"); + data->tee_file = getenv_nonempty("global.bootm.tee"); data->os_file = getenv_nonempty("global.bootm.image"); getenv_ul("global.bootm.image.loadaddr", &data->os_address); getenv_ul("global.bootm.initrd.loadaddr", &data->initrd_address); @@ -553,6 +554,8 @@ int bootm_boot(struct bootm_data *bootm_data) bootm_image_name_and_part(bootm_data->os_file, &data->os_file, &data->os_part); bootm_image_name_and_part(bootm_data->oftree_file, &data->oftree_file, &data->oftree_part); bootm_image_name_and_part(bootm_data->initrd_file, &data->initrd_file, &data->initrd_part); + if (bootm_data->tee_file) + data->tee_file = xstrdup(bootm_data->tee_file); data->verbose = bootm_data->verbose; data->verify = bootm_data->verify; data->force = bootm_data->force; @@ -693,6 +696,7 @@ err_out: free(data->os_file); free(data->oftree_file); free(data->initrd_file); + free(data->tee_file); free(data); return ret; @@ -703,6 +707,7 @@ static int bootm_init(void) globalvar_add_simple("bootm.image", NULL); globalvar_add_simple("bootm.image.loadaddr", NULL); globalvar_add_simple("bootm.oftree", NULL); + globalvar_add_simple("bootm.tee", NULL); globalvar_add_simple_bool("bootm.appendroot", &bootm_appendroot); if (IS_ENABLED(CONFIG_BOOTM_INITRD)) { globalvar_add_simple("bootm.initrd", NULL); @@ -727,6 +732,7 @@ BAREBOX_MAGICVAR_NAMED(global_bootm_image_loadaddr, global.bootm.image.loadaddr, BAREBOX_MAGICVAR_NAMED(global_bootm_initrd, global.bootm.initrd, "bootm default initrd"); BAREBOX_MAGICVAR_NAMED(global_bootm_initrd_loadaddr, global.bootm.initrd.loadaddr, "bootm default initrd loadaddr"); BAREBOX_MAGICVAR_NAMED(global_bootm_oftree, global.bootm.oftree, "bootm default oftree"); +BAREBOX_MAGICVAR_NAMED(global_bootm_tee, global.bootm.tee, "bootm default tee image"); BAREBOX_MAGICVAR_NAMED(global_bootm_verify, global.bootm.verify, "bootm default verify level"); BAREBOX_MAGICVAR_NAMED(global_bootm_verbose, global.bootm.verbose, "bootm default verbosity level (0=quiet)"); BAREBOX_MAGICVAR_NAMED(global_bootm_appendroot, global.bootm.appendroot, "Add root= option to Kernel to mount rootfs from the device the Kernel comes from"); |