blob: 950917b446adfda9c852a3f7137c899bcdfce8b9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
.. _optee:
OP-TEE
======
Barebox is able to start the Open Portable Trusted Execution Environment
(OP-TEE) either before starting the linux kernel or during lowlevel board
initialization in the Pre Bootloader ``PBL``.
Before Linux start
------------------
Enable the `CONFIG_BOOTM_OPTEE` configuration variable and configure the
`CONFIG_OPTEE_SIZE` variable. This will reserve a memory area at the end
of memory for OP-TEE to run, usually Barebox would relocate itself there. To
load OP-TEE before the kernel is started, configure the global ``bootm.tee``
variable to point to a valid OPTEE v1 binary.
During the PBL
--------------
To start OP-TEE during the lowlevel initialization of your board in the ``PBL``,
enable the ``CONFIG_PBL_OPTEE`` configuration variable. your board should then
call the function ``start_optee_early(void* tee, void* fdt)`` with a valid tee
and FDT. Ensure that your OP-TEE is compiled with ``CFG_NS_ENTRY_ADDR`` unset,
otherwise OP-TEE will not correctly return to barebox after startup.
Since OP-TEE in the default configuration also modifies the device tree, don't
pass the barebox internal device tree, instead copy it into a different memory
location and pass it to OP-TEE afterwards.
The modified device tree can then be passed to the main barebox start function.
|
