Proxmox-Port/linux-loongson
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson synced 2025-08-30 21:52:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
loongarch-next
linux-loongson/drivers/tee/optee/Kconfig
Jens Wiklander edd3183c5c optee: add RPMB dependency 
Prevent build error when CONFIG_RPMB=m and CONFIG_OPTEE=y by adding a
dependency to CONFIG_RPMB for CONFIG_OPTEE so the RPMB subsystem always
is reachable if configured. This means that CONFIG_OPTEE automatically
becomes compiled as a module if CONFIG_RPMB is compiled as a module. If
CONFIG_RPMB isn't configured or is configured as built-in, CONFIG_OPTEE
will remain unchanged.

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202409021448.RSvcBPzt-lkp@intel.com/
Fixes: f0c8431568 ("optee: probe RPMB device using RPMB subsystem")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Link: https://lore.kernel.org/r/20240902151231.3705204-2-jens.wiklander@linaro.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
2024-09-03 14:34:45 +02:00

28 lines
1.0 KiB
Plaintext
Raw Permalink Blame History

# SPDX-License-Identifier: GPL-2.0-only
# OP-TEE Trusted Execution Environment Configuration
config OPTEE
tristate "OP-TEE"
depends on HAVE_ARM_SMCCC
depends on MMU
depends on RPMB || !RPMB
help
This implements the OP-TEE Trusted Execution Environment (TEE)
driver.
config OPTEE_INSECURE_LOAD_IMAGE
bool "Load OP-TEE image as firmware"
default n
depends on OPTEE && ARM64
help
This loads the BL32 image for OP-TEE as firmware when the driver is
probed. This returns -EPROBE_DEFER until the firmware is loadable from
the filesystem which is determined by checking the system_state until
it is in SYSTEM_RUNNING. This also requires enabling the corresponding
option in Trusted Firmware for Arm. The documentation there explains
the security threat associated with enabling this as well as
mitigations at the firmware and platform level.
https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html
Additional documentation on kernel security risks are at
Documentation/tee/op-tee.rst.
Reference in New Issue View Git Blame Copy Permalink