[PATCH 06/11] stm32mp1: dynamically detect op-tee presence
Patrice CHOTARD
patrice.chotard at st.com
Tue Apr 14 11:31:40 CEST 2020
Hi
On 3/18/20 9:22 AM, Patrick Delaunay wrote:
> Activate OP-TEE driver for trusted and optee defconfig.
>
> This driver allows detection of TEE presence for boot from flash;
> CONFIG_STM32MP1_OPTEE is also removed.
>
> Signed-off-by: Patrick Delaunay <patrick.delaunay at st.com>
> ---
>
> arch/arm/mach-stm32mp/Kconfig | 10 ----------
> arch/arm/mach-stm32mp/fdt.c | 4 +++-
> board/dhelectronics/dh_stm32mp1/board.c | 4 +---
> board/st/common/stm32mp_mtdparts.c | 6 ++++--
> board/st/stm32mp1/stm32mp1.c | 4 +---
> configs/stm32mp15_optee_defconfig | 4 +++-
> configs/stm32mp15_trusted_defconfig | 3 +++
> 7 files changed, 15 insertions(+), 20 deletions(-)
>
> diff --git a/arch/arm/mach-stm32mp/Kconfig b/arch/arm/mach-stm32mp/Kconfig
> index 96153693a7..1a5545b98d 100644
> --- a/arch/arm/mach-stm32mp/Kconfig
> +++ b/arch/arm/mach-stm32mp/Kconfig
> @@ -93,16 +93,6 @@ config STM32MP1_TRUSTED
> BootRom => TF-A.stm32 (clock & DDR) => U-Boot.stm32
> TF-A monitor provides proprietary SMC to manage secure devices
>
> -config STM32MP1_OPTEE
> - bool "Support trusted boot with TF-A and OP-TEE"
> - depends on STM32MP1_TRUSTED
> - default n
> - help
> - Say Y here to enable boot with TF-A and OP-TEE
> - Trusted boot chain is :
> - BootRom => TF-A.stm32 (clock & DDR) => OP-TEE => U-Boot.stm32
> - OP-TEE monitor provides ST SMC to access to secure resources
> -
> config SYS_TEXT_BASE
> default 0xC0100000
>
> diff --git a/arch/arm/mach-stm32mp/fdt.c b/arch/arm/mach-stm32mp/fdt.c
> index ae82270e42..21b5f09728 100644
> --- a/arch/arm/mach-stm32mp/fdt.c
> +++ b/arch/arm/mach-stm32mp/fdt.c
> @@ -5,6 +5,7 @@
>
> #include <common.h>
> #include <fdt_support.h>
> +#include <tee.h>
> #include <asm/arch/sys_proto.h>
> #include <dt-bindings/pinctrl/stm32-pinfunc.h>
> #include <linux/io.h>
> @@ -322,7 +323,8 @@ int ft_system_setup(void *blob, bd_t *bd)
> "st,package", pkg, false);
> }
>
> - if (!CONFIG_IS_ENABLED(STM32MP1_OPTEE))
> + if (!CONFIG_IS_ENABLED(OPTEE) ||
> + !tee_find_device(NULL, NULL, NULL, NULL))
> stm32_fdt_disable_optee(blob);
>
> return ret;
> diff --git a/board/dhelectronics/dh_stm32mp1/board.c b/board/dhelectronics/dh_stm32mp1/board.c
> index bd6540a2aa..ea51b92282 100644
> --- a/board/dhelectronics/dh_stm32mp1/board.c
> +++ b/board/dhelectronics/dh_stm32mp1/board.c
> @@ -117,9 +117,7 @@ int checkboard(void)
> const char *fdt_compat;
> int fdt_compat_len;
>
> - if (IS_ENABLED(CONFIG_STM32MP1_OPTEE))
> - mode = "trusted with OP-TEE";
> - else if (IS_ENABLED(CONFIG_STM32MP1_TRUSTED))
> + if (IS_ENABLED(CONFIG_STM32MP1_TRUSTED))
> mode = "trusted";
> else
> mode = "basic";
> diff --git a/board/st/common/stm32mp_mtdparts.c b/board/st/common/stm32mp_mtdparts.c
> index d4c0a7db9f..2b6413be16 100644
> --- a/board/st/common/stm32mp_mtdparts.c
> +++ b/board/st/common/stm32mp_mtdparts.c
> @@ -9,6 +9,7 @@
> #include <env_internal.h>
> #include <mtd.h>
> #include <mtd_node.h>
> +#include <tee.h>
>
> #define MTDPARTS_LEN 256
> #define MTDIDS_LEN 128
> @@ -49,7 +50,7 @@ static void board_get_mtdparts(const char *dev,
> strncat(mtdparts, ",", MTDPARTS_LEN);
> }
>
> - if (CONFIG_IS_ENABLED(STM32MP1_OPTEE) && tee) {
> + if (tee) {
> strncat(mtdparts, tee, MTDPARTS_LEN);
> strncat(mtdparts, ",", MTDPARTS_LEN);
> }
> @@ -72,7 +73,8 @@ void board_mtdparts_default(const char **mtdids, const char **mtdparts)
> return;
> }
>
> - if (CONFIG_IS_ENABLED(STM32MP1_OPTEE))
> + if (CONFIG_IS_ENABLED(OPTEE) &&
> + tee_find_device(NULL, NULL, NULL, NULL))
> tee = true;
>
> memset(parts, 0, sizeof(parts));
> diff --git a/board/st/stm32mp1/stm32mp1.c b/board/st/stm32mp1/stm32mp1.c
> index 2ab3b5cc9a..14c56a0f24 100644
> --- a/board/st/stm32mp1/stm32mp1.c
> +++ b/board/st/stm32mp1/stm32mp1.c
> @@ -87,9 +87,7 @@ int checkboard(void)
> const char *fdt_compat;
> int fdt_compat_len;
>
> - if (IS_ENABLED(CONFIG_STM32MP1_OPTEE))
> - mode = "trusted with OP-TEE";
> - else if (IS_ENABLED(CONFIG_STM32MP1_TRUSTED))
> + if (CONFIG_IS_ENABLED(STM32MP1_TRUSTED))
> mode = "trusted";
> else
> mode = "basic";
> diff --git a/configs/stm32mp15_optee_defconfig b/configs/stm32mp15_optee_defconfig
> index 317cd55862..f0d524d344 100644
> --- a/configs/stm32mp15_optee_defconfig
> +++ b/configs/stm32mp15_optee_defconfig
> @@ -4,7 +4,6 @@ CONFIG_SYS_MALLOC_F_LEN=0x3000
> CONFIG_ENV_SECT_SIZE=0x40000
> CONFIG_ENV_OFFSET=0x280000
> CONFIG_TARGET_ST_STM32MP15x=y
> -CONFIG_STM32MP1_OPTEE=y
> CONFIG_ENV_OFFSET_REDUND=0x2C0000
> CONFIG_DISTRO_DEFAULTS=y
> CONFIG_FIT=y
> @@ -111,6 +110,9 @@ CONFIG_SPI=y
> CONFIG_DM_SPI=y
> CONFIG_STM32_QSPI=y
> CONFIG_STM32_SPI=y
> +CONFIG_TEE=y
> +CONFIG_OPTEE=y
> +# CONFIG_OPTEE_TA_AVB is not set
> CONFIG_USB=y
> CONFIG_DM_USB=y
> CONFIG_DM_USB_GADGET=y
> diff --git a/configs/stm32mp15_trusted_defconfig b/configs/stm32mp15_trusted_defconfig
> index 73cbe6c7d6..f0d524d344 100644
> --- a/configs/stm32mp15_trusted_defconfig
> +++ b/configs/stm32mp15_trusted_defconfig
> @@ -110,6 +110,9 @@ CONFIG_SPI=y
> CONFIG_DM_SPI=y
> CONFIG_STM32_QSPI=y
> CONFIG_STM32_SPI=y
> +CONFIG_TEE=y
> +CONFIG_OPTEE=y
> +# CONFIG_OPTEE_TA_AVB is not set
> CONFIG_USB=y
> CONFIG_DM_USB=y
> CONFIG_DM_USB_GADGET=y
Reviewed-by: Patrice Chotard <patrice.chotard at st.com>
Patrice
More information about the U-Boot
mailing list