f3040daab8
Adds an SMC call that will pass an OP-TEE binary image to EL3 and instruct it to load it as the BL32 payload. This works in conjunction with a feature added to Trusted Firmware for ARMv8 and above architectures that supports this. The main purpose of this change is to facilitate updating the OP-TEE component on devices via a rootfs change rather than having to do a firmware update. Further details are linked to in the Kconfig file. Signed-off-by: Jeffrey Kardatzke <jkardatzke@chromium.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
1.0 KiB
SPDX-License-Identifier: GPL-2.0-only
OP-TEE Trusted Execution Environment Configuration
config OPTEE tristate "OP-TEE" depends on HAVE_ARM_SMCCC depends on MMU help This implements the OP-TEE Trusted Execution Environment (TEE) driver.
config OPTEE_INSECURE_LOAD_IMAGE bool "Load OP-TEE image as firmware" default n depends on OPTEE && ARM64 help This loads the BL32 image for OP-TEE as firmware when the driver is probed. This returns -EPROBE_DEFER until the firmware is loadable from the filesystem which is determined by checking the system_state until it is in SYSTEM_RUNNING. This also requires enabling the corresponding option in Trusted Firmware for Arm. The documentation there explains the security threat associated with enabling this as well as mitigations at the firmware and platform level. https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html
Additional documentation on kernel security risks are at
Documentation/staging/tee.rst.