| # SPDX-License-Identifier: GPL-2.0-only |
| # |
| # Trusty driver |
| # |
| |
| menu "Trusty driver" |
| |
| config TRUSTY |
| tristate "Trusty core driver" |
| depends on ARM || ARM64 |
| help |
| Trusty is a secure OS that provides a Trusted Execution Environment |
| (TEE) for Android. Trusty runs on the same processor as Linux but is |
| isolated from the rest of the system by both hardware and software. |
| |
| This option enables the core part of the Linux kernel driver for |
| Trusty. This doesn't do much by itself; you'll need to enable some of |
| the sub-modules too. |
| |
| If you build this as a module, it will be called trusty-core. |
| |
| if TRUSTY |
| |
| config TRUSTY_IRQ |
| bool "Trusty IRQ support" |
| default y |
| help |
| Enable forwarding of IRQs from Linux to Trusty. This driver retrieves |
| from Trusty a list of IRQs that Trusty uses, and it registers handlers |
| for them which notify Trusty that the IRQ has been received. |
| |
| If you build the trusty core driver as a module, this will be part of the |
| trusty-core module. |
| |
| Usually this is needed for Trusty to work, so say 'y'. |
| |
| config TRUSTY_LOG |
| tristate "Trusty log support" |
| default y |
| help |
| Print log messages generated by the secure OS to the Linux kernel log. |
| |
| While this module is loaded, messages are retrieved and printed after |
| each call into Trusty, and also during Linux kernel panics. |
| |
| If you build this as a module, it will be called trusty-log. |
| |
| config TRUSTY_TEST |
| tristate "Trusty stdcall test" |
| default y |
| help |
| Allow running tests of the Trusty stdcall interface. Running these |
| tests is initiated by userspace writing to a sysfs file. |
| |
| This depends on having a test sevice running on the Trusty side. |
| |
| If you build this as a module, it will be called trusty-test. |
| |
| config TRUSTY_VIRTIO |
| tristate "Trusty virtio support" |
| select VIRTIO |
| default y |
| help |
| Enable the Trusty virtio driver, which is responsible for management |
| and interaction with virtio devices exposed by Trusty. This driver |
| requests the virtio device descriptors from Trusty, then parses them |
| and adds the corresponding virtio devices. |
| |
| If you build this as a module, it will be called trusty-virtio. |
| |
| config TRUSTY_VIRTIO_IPC |
| tristate "Trusty Virtio IPC driver" |
| depends on TRUSTY_VIRTIO |
| default y |
| help |
| Enable support for communicating with Trusty services. |
| |
| If you build this as a module, it will be called trusty-ipc. |
| |
| config TRUSTY_DMA_BUF_FFA_TAG |
| bool "Availability of trusty_dma_buf_get_ffa_tag" |
| default n |
| help |
| Whether trusty_dma_buf_get_ffa_tag is provided on this platform. |
| Providing this function will allow the platform to select what tag |
| should be passed to the SPM when attempting to transfer the buffer |
| to secure world. The value passed here is implementation defined and |
| may depend on your SPM. |
| |
| If set to N, a default implementation which returns 0 will be used. |
| |
| config TRUSTY_DMA_BUF_SHARED_MEM_ID |
| bool "Availability of trusty_dma_buf_get_shared_mem_id" |
| default n |
| help |
| Whether trusty_dma_buf_get_shared_mem_id is provided on this platform. |
| Providing this function allows the platform to manage memory |
| transaction life cycle of DMA bufs independently of Trusty IPC driver. |
| The latter can query trusty_shared_mem_id_t value allocated for a |
| given DMA buf using trusty_dma_buf_get_shared_mem_id interface. |
| |
| If set to N, a default implementation which does not allocate any IDs |
| will be used. |
| |
| config TRUSTY_CRASH_IS_PANIC |
| bool "When trusty panics, then panic the kernel" |
| help |
| This option will treat Trusty panics as fatal. This is useful if |
| your system cannot recover from Trusty panic/halt and you require |
| the system to reboot to recover. |
| |
| If N, it will contine to run the kernel, but trusty operations will |
| return errors. |
| |
| endif # TRUSTY |
| |
| endmenu |
