[PATCH 6/6] doc: uefi.rst: Add OP-TEE variable storage config options
Ilias Apalodimas
ilias.apalodimas at linaro.org
Wed May 6 21:12:46 CEST 2020
If OP-TEE is compiled with an EDK2 application running in secure world
it can process and store UEFI variables in an RPMB.
Add documentation for the config options enabling this
Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
---
doc/uefi/uefi.rst | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/doc/uefi/uefi.rst b/doc/uefi/uefi.rst
index 4fda00d68721..93b0faadd26e 100644
--- a/doc/uefi/uefi.rst
+++ b/doc/uefi/uefi.rst
@@ -188,6 +188,16 @@ on the sandbox
cd <U-Boot source directory>
pytest.py test/py/tests/test_efi_secboot/test_signed.py --bd sandbox
+Using OP-TEE for EFI variables
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If an RPMB and it's drivers is available in U-Boot, OP-TEE can be used for
+variable services.
+Enabling CONFIG_EFI_MM_COMM_TEE=y will dispatch the variables services to
+OP-TEE. OP-TEE needs to be compiled with a secure application (coming from EDK2)
+which will process variables in the Secure World and store them in the RPMB
+using the OP-TEE supplicant.
+
Executing the boot manager
~~~~~~~~~~~~~~~~~~~~~~~~~~
--
2.26.2
More information about the U-Boot
mailing list