1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# SPDX-License-Identifier: GPL-2.0-only
#
# Trusty driver
#
menu "Trusty driver"
config TRUSTY
tristate "Trusty core driver"
depends on ARM || ARM64
help
Trusty is a secure OS that provides a Trusted Execution Environment
(TEE) for Android. Trusty runs on the same processor as Linux but is
isolated from the rest of the system by both hardware and software.
This option enables the core part of the Linux kernel driver for
Trusty. This doesn't do much by itself; you'll need to enable some of
the sub-modules too.
If you build this as a module, it will be called trusty-core.
if TRUSTY
config TRUSTY_IRQ
tristate "Trusty IRQ support"
default y
help
Enable forwarding of IRQs from Linux to Trusty. This module retrieves
from Trusty a list of IRQs that Trusty uses, and it registers handlers
for them which notify Trusty that the IRQ has been received.
If you build this as a module, it will be called trusty-irq.
Usually this is needed for Trusty to work, so say 'y' or 'm'.
config TRUSTY_LOG
tristate "Trusty log support"
default y
help
Print log messages generated by the secure OS to the Linux kernel log.
While this module is loaded, messages are retrieved and printed after
each call into Trusty, and also during Linux kernel panics.
If you build this as a module, it will be called trusty-log.
config TRUSTY_TEST
tristate "Trusty stdcall test"
default y
help
Allow running tests of the Trusty stdcall interface. Running these
tests is initiated by userspace writing to a sysfs file.
This depends on having a test sevice running on the Trusty side.
If you build this as a module, it will be called trusty-test.
config TRUSTY_VIRTIO
tristate "Trusty virtio support"
select VIRTIO
default y
help
Enable the Trusty virtio driver, which is responsible for management
and interaction with virtio devices exposed by Trusty. This driver
requests the virtio device descriptors from Trusty, then parses them
and adds the corresponding virtio devices.
If you build this as a module, it will be called trusty-virtio.
config TRUSTY_VIRTIO_IPC
tristate "Trusty Virtio IPC driver"
depends on TRUSTY_VIRTIO
default y
help
Enable support for communicating with Trusty services.
If you build this as a module, it will be called trusty-ipc.
config TRUSTY_DMA_BUF_FFA_TAG
bool "Availability of trusty_dma_buf_get_ffa_tag"
default n
help
Whether trusty_dma_buf_get_ffa_tag is provided on this platform.
Providing this function will allow the platform to select what tag
should be passed to the SPM when attempting to transfer the buffer
to secure world. The value passed here is implementation defined and
may depend on your SPM.
If set to N, a default implementation which returns 0 will be used.
config TRUSTY_DMA_BUF_SHARED_MEM_ID
bool "Availability of trusty_dma_buf_get_shared_mem_id"
default n
help
Whether trusty_dma_buf_get_shared_mem_id is provided on this platform.
Providing this function allows the platform to manage memory
transaction life cycle of DMA bufs independently of Trusty IPC driver.
The latter can query trusty_shared_mem_id_t value allocated for a
given DMA buf using trusty_dma_buf_get_shared_mem_id interface.
If set to N, a default implementation which does not allocate any IDs
will be used.
config TRUSTY_CRASH_IS_PANIC
bool "When trusty panics, then panic the kernel"
help
This option will treat Trusty panics as fatal. This is useful if
your system cannot recover from Trusty panic/halt and you require
the system to reboot to recover.
If N, it will contine to run the kernel, but trusty operations will
return errors.
endif # TRUSTY
endmenu
|