arch: add ARCH_TRUSTZONE_DISABLED choice

We can decide whether use trustzone

After this patch, we can support the following mode:

                             ARCH_HAVE_TRUSTZONE   ARCH_TRUSTZONE_DISABLED  ARCH_TRUSTZONE_SECURE  ARCH_TRUSTZONE_NONSECURE

Without Security Extensions         n                       n                       n                         n
CHIP have NO trustzone

With Security Extensions            y                       y                       n                         n
Only one bin in sec mode

With Security Extensions            y                       n                       y                         n
TEE bin in sec mode

With Security Extensions            y                       n                       n                         y
REE bin in non-sec mode

Signed-off-by: ligd <liguiding1@xiaomi.com>
This commit is contained in:
ligd 2024-03-12 17:45:45 +08:00 committed by Masayuki Ishikawa
parent 9c0d2e1a3c
commit 327d0789e4
2 changed files with 12 additions and 3 deletions

View File

@ -573,14 +573,17 @@ config ARCH_HAVE_TRUSTZONE
choice
prompt "TrustZone Configuration"
default ARCH_TRUSTZONE_NONSECURE
default ARCH_TRUSTZONE_DISABLED
depends on ARCH_HAVE_TRUSTZONE
config ARCH_TRUSTZONE_DISABLED
bool "TrustZone disabled, all CPUs operate in secure state"
config ARCH_TRUSTZONE_SECURE
bool "All CPUs operate secure state"
bool "TrustZone enabled, all CPUs operate secure state"
config ARCH_TRUSTZONE_NONSECURE
bool "All CPUs operate non-secure state"
bool "TrustZone enabled, all CPUs operate non-secure state"
endchoice # TrustZone Configuration

View File

@ -35,6 +35,12 @@
#include "arm_internal.h"
#include "gic.h"
#if defined(CONFIG_ARCH_TRUSTZONE_SECURE) || defined(CONFIG_ARCH_TRUSTZONE_NONSECURE)
# if defined(CONFIG_ARCH_HIPRI_INTERRUPT)
# error "ARCH_HIPRI_INTERRUPT must configure with ARCH_TRUSTZONE_DISABLED or no trustzone"
# endif
#endif
#ifdef CONFIG_ARMV7A_HAVE_GICv2
/****************************************************************************