19ff4a311SJens Wiklander# Generic Trusted Execution Environment Configuration 29ff4a311SJens Wiklanderconfig TEE 39ff4a311SJens Wiklander bool "Trusted Execution Environment support" 4*eadf26f1SJens Wiklander depends on (ARM && (ARM64 || CPU_V7A)) || SANDBOX 5*eadf26f1SJens Wiklander select ARM_SMCCC if ARM 69ff4a311SJens Wiklander help 79ff4a311SJens Wiklander This implements a generic interface towards a Trusted Execution 89ff4a311SJens Wiklander Environment (TEE). A TEE is a trusted OS running in some secure 99ff4a311SJens Wiklander environment, for example, TrustZone on ARM cpus, or a separate 109ff4a311SJens Wiklander secure co-processor etc. See also: 119ff4a311SJens Wiklander https://en.wikipedia.org/wiki/Trusted_execution_environment 12d4bd3d25SJens Wiklander 13d4bd3d25SJens Wiklanderif TEE 14d4bd3d25SJens Wiklander 15d4bd3d25SJens Wiklandermenu "TEE drivers" 16d4bd3d25SJens Wiklander 17*eadf26f1SJens Wiklanderconfig SANDBOX_TEE 18*eadf26f1SJens Wiklander bool "Sandbox TEE emulator" 19*eadf26f1SJens Wiklander depends on SANDBOX 20*eadf26f1SJens Wiklander default y 21*eadf26f1SJens Wiklander help 22*eadf26f1SJens Wiklander This emulates a generic TEE needed for testing including the AVB 23*eadf26f1SJens Wiklander TA. The emulation provides all callbacks of a regular TEE and 24*eadf26f1SJens Wiklander supports session and shared memory management. The AVB TA is 25*eadf26f1SJens Wiklander emulated with rollback indexes and device lock-state, the state 26*eadf26f1SJens Wiklander of the TA is only kept in RAM and will be reset on each boot. 27*eadf26f1SJens Wiklander The emulation only supports one open session at a time. 28*eadf26f1SJens Wiklander Interaction from the U-Boot command line in possible via the 29*eadf26f1SJens Wiklander "avb" commands. 30*eadf26f1SJens Wiklander 31d4bd3d25SJens Wiklandersource "drivers/tee/optee/Kconfig" 32d4bd3d25SJens Wiklander 33d4bd3d25SJens Wiklanderendmenu 34d4bd3d25SJens Wiklander 35d4bd3d25SJens Wiklanderendif 36