282 lines
7.1 KiB
Plaintext
282 lines
7.1 KiB
Plaintext
|
menuconfig TZDEV
|
||
|
bool "Samsung TZ Based Secure OS Support"
|
||
|
default n
|
||
|
depends on ARM || ARM64
|
||
|
help
|
||
|
Samsung TZ Based Secure OS interface driver.
|
||
|
|
||
|
if TZDEV
|
||
|
config TZDEV_SK_PFNS_64BIT
|
||
|
bool "Secure kernel works with 64-bit PFNs"
|
||
|
default n
|
||
|
help
|
||
|
Enables passing of PFNs into secure kernel as 64-bit values. Should
|
||
|
correspond to similar config in SK.
|
||
|
|
||
|
config TZDEV_USE_ARM_CALLING_CONVENTION
|
||
|
bool "Comply to ARM calling convention"
|
||
|
default y
|
||
|
help
|
||
|
Comply to ARM calling convention. New software architectures use
|
||
|
EL3 code comply to this convention compared to old architectures
|
||
|
when Secure kernel contains non-compatible commands handler.
|
||
|
|
||
|
config TZDEV_CMA
|
||
|
bool "Allocate TrustZone environment CMA region"
|
||
|
depends on (CMA || DMA_CMA) && !ARCH_MSM
|
||
|
default n
|
||
|
help
|
||
|
Use CMA region to allocate TrustZone environment memory.
|
||
|
|
||
|
config TZDEV_MEMRESSZ
|
||
|
hex "TrustZone environment memory reservation size"
|
||
|
depends on TZDEV_CMA
|
||
|
default 0x01000000
|
||
|
help
|
||
|
Provide reservation of memory for usage in secure world - allocation size.
|
||
|
|
||
|
config TZDEV_MEMRESSZPROT
|
||
|
hex "TrustZone environment memory reservation size - protected"
|
||
|
depends on TZDEV_CMA
|
||
|
help
|
||
|
Provide reservation of memory for usage in secure world - bootloader-protected size.
|
||
|
|
||
|
config TZDEV_MEMRESADDR
|
||
|
hex "TrustZone environment memory reservation address"
|
||
|
depends on TZDEV_CMA
|
||
|
help
|
||
|
Provide reservation of memory for usage in secure world - allocation address.
|
||
|
|
||
|
config TZDEV_IWI_EVENT
|
||
|
int "IWI_EVENT interrupt number"
|
||
|
default 280 if ARCH_MSM
|
||
|
default 125 if ARCH_EXYNOS3
|
||
|
default 113 if ARCH_EXYNOS4
|
||
|
default 501 if ARCH_EXYNOS5
|
||
|
default 446 if ARCH_EXYNOS7
|
||
|
|
||
|
config TZDEV_IWI_PANIC
|
||
|
int "IWI_PANIC interrupt number"
|
||
|
default 0 if ARCH_MSM
|
||
|
default 126 if ARCH_EXYNOS3
|
||
|
default 114 if ARCH_EXYNOS4
|
||
|
default 502 if ARCH_EXYNOS5
|
||
|
default 447 if ARCH_EXYNOS7
|
||
|
|
||
|
config TZDEV_SWD_PANIC_IS_CRITICAL
|
||
|
bool "Panic NWd if secure world panics"
|
||
|
default n
|
||
|
help
|
||
|
Enable support of NWd panic generation in tzdev when secure world panics.
|
||
|
|
||
|
config TZDEV_NWD_PANIC_ON_CLOSE
|
||
|
bool "Panic NWd if tzdev is closed"
|
||
|
default n
|
||
|
help
|
||
|
Panic system on crash/close of NWd components.
|
||
|
|
||
|
config TZLOG
|
||
|
bool "TZDEV LOGGER support"
|
||
|
default n
|
||
|
help
|
||
|
Enable support for Samsung Secure OS Logger.
|
||
|
|
||
|
config TZLOG_POLLING
|
||
|
bool "TZDEV LOGGER polling"
|
||
|
depends on TZLOG
|
||
|
default n
|
||
|
help
|
||
|
Enable periodic logs polling by TZDEV.
|
||
|
|
||
|
config TZLOG_POLLING_PERIOD
|
||
|
int "TZDEV LOGGER polling period (in ms)"
|
||
|
depends on TZLOG_POLLING
|
||
|
default 100
|
||
|
help
|
||
|
Define logs polling period in milliseconds. The resolution is 1/Hz ms
|
||
|
rounded down (e.g. for Hz = 100, value 117 would mean 110 ms period).
|
||
|
|
||
|
config TZLOG_PG_CNT
|
||
|
int "TZDEV LOGGER per-CPU buffer size (in pages)"
|
||
|
depends on TZLOG
|
||
|
default 1
|
||
|
help
|
||
|
Select TZDEV logger buffer size in pages per CPU.
|
||
|
|
||
|
config TZDEV_SK_MULTICORE
|
||
|
bool "TZDEV SK multicore"
|
||
|
default n
|
||
|
help
|
||
|
Define if secure kernel can work in multicore mode.
|
||
|
|
||
|
config ION_FD2PHYS
|
||
|
tristate "ION FD to physical address converter"
|
||
|
depends on ION && (ARCH_EXYNOS || ARCH_MSM || ARCH_WHALE || ARCH_MT6755 || ARCH_MT6735 || ARCH_RANCHU || MACH_MT6757)
|
||
|
default y
|
||
|
help
|
||
|
Provide a method for userspace to get physical address from ION buffer
|
||
|
descriptor.
|
||
|
|
||
|
config TZIRS
|
||
|
bool "Integrity reporting system"
|
||
|
default n
|
||
|
help
|
||
|
Enable Integrity reporintg system for Samsung Secure OS.
|
||
|
|
||
|
config TZTUI
|
||
|
bool "Trusted user interface"
|
||
|
default n
|
||
|
help
|
||
|
Enable Trusted user interface support for Samsung Secure OS.
|
||
|
|
||
|
config TZDEV_PAGE_MIGRATION
|
||
|
bool "Page migration"
|
||
|
depends on MIGRATION && CMA
|
||
|
default n
|
||
|
help
|
||
|
Enable Page migration functionality for CMA Migration.
|
||
|
|
||
|
config TZ_TRANSPORT
|
||
|
bool "Transport module"
|
||
|
depends on TZDEV
|
||
|
default n
|
||
|
help
|
||
|
Enable Transport module. It is used for transfering data from SK to NWd.
|
||
|
|
||
|
config TZ_TRANSPORT_PG_CNT
|
||
|
int "TZDEV transport module per-CPU buffer size (in pages)"
|
||
|
depends on TZ_TRANSPORT
|
||
|
default 1
|
||
|
help
|
||
|
Select TZDEV transport buffer size in pages per CPU.
|
||
|
|
||
|
config TZDEV_HOTPLUG
|
||
|
bool "Core hotplug"
|
||
|
depends on HOTPLUG_CPU
|
||
|
default n
|
||
|
help
|
||
|
Enable CPU Cores requested by Samsung Secure OS.
|
||
|
|
||
|
config TZDEV_BOOST
|
||
|
bool "TZ booster"
|
||
|
depends on ARCH_EXYNOS
|
||
|
default n
|
||
|
help
|
||
|
Switch high performance cluster to maximum frequency by NWd client
|
||
|
request.
|
||
|
|
||
|
config TZ_BOOT_LOG
|
||
|
bool "TZ boot stage log"
|
||
|
default n
|
||
|
help
|
||
|
Provide ability to print TZ boot stage logs.
|
||
|
|
||
|
config TZ_BOOT_LOG_PG_CNT
|
||
|
int "TZ boot stage log buffer size (in pages)"
|
||
|
depends on TZ_BOOT_LOG
|
||
|
default 1
|
||
|
help
|
||
|
Select TZ boot stage logger buffer size in pages.
|
||
|
|
||
|
config TZDEV_QC_CRYPTO_CLOCKS_MANAGEMENT
|
||
|
bool "TZDEV crypto clock management"
|
||
|
default n
|
||
|
help
|
||
|
Enable QC HW crypto clock management.
|
||
|
|
||
|
config TZDEV_QC_CRYPTO_CLOCKS_USR_MNG
|
||
|
bool "User crypto clock management"
|
||
|
depends on TZDEV_QC_CRYPTO_CLOCKS_MANAGEMENT
|
||
|
default n
|
||
|
help
|
||
|
Enable QC HW crypto clock management from User space. If disabled,
|
||
|
QC HW clock disable/enable is done in TZDEV.
|
||
|
|
||
|
config TZDEV_DEBUG
|
||
|
bool "Debug extensions"
|
||
|
default n
|
||
|
help
|
||
|
Debug extensions for samsung TZ Based Secure OS interface driver.
|
||
|
|
||
|
config TZ_NWFS
|
||
|
bool "Normal world file system interface driver"
|
||
|
default y
|
||
|
help
|
||
|
Normal world file system interface driver.
|
||
|
|
||
|
config TZDEV_DEPLOY_TZAR
|
||
|
bool "tzdev deploy startup.tzar"
|
||
|
default n
|
||
|
help
|
||
|
Deploy startup.tzar when tzdev init.
|
||
|
|
||
|
config TEEGRIS_VERSION
|
||
|
int "TEEGRIS(SecureOS) version"
|
||
|
default 2
|
||
|
help
|
||
|
TEEGRIS built with specific version of SDK
|
||
|
|
||
|
choice
|
||
|
prompt "Choose per-cpu kthread workers variant"
|
||
|
default TZDEV_KTHREADS_NOTIFIER
|
||
|
help
|
||
|
This option selects implementation to manage per-cpu kthreads.
|
||
|
|
||
|
config TZDEV_KTHREADS_NOTIFIER
|
||
|
bool "Use old-style cpu notifiers"
|
||
|
config TZDEV_KTHREADS_SMPBOOT
|
||
|
depends on TZDEV_SK_MULTICORE
|
||
|
bool "Use smpboot hotplug subsystem"
|
||
|
endchoice
|
||
|
|
||
|
if TZDEV_DEBUG
|
||
|
|
||
|
config TZ_TELEMETRY
|
||
|
bool "Telemetry module"
|
||
|
select TZ_TRANSPORT
|
||
|
default n
|
||
|
help
|
||
|
Enable Telemetry module. It is used for collecting runtime information
|
||
|
about Secure OS state.
|
||
|
|
||
|
config TZPROFILER
|
||
|
bool "TZDEV PROFILING support"
|
||
|
default n
|
||
|
help
|
||
|
Enable support for secure kernel and userspace profiling.
|
||
|
|
||
|
config TZPROFILER_BUF_PG_CNT
|
||
|
int "TZDEV PROFILER buffer size (in pages)"
|
||
|
depends on TZPROFILER
|
||
|
default 1
|
||
|
help
|
||
|
Select TZDEV profiler buffer size in pages. Profiler uses pool
|
||
|
of buffers. This is size of each buffer. Minimum size is a 1 page.
|
||
|
Select the sufficient size for profiling of the target.
|
||
|
|
||
|
config TZPROFILER_BUFS_CNT
|
||
|
int "TZDEV PROFILER buffers quantity"
|
||
|
depends on TZPROFILER
|
||
|
default 20
|
||
|
help
|
||
|
Select the sufficient pool size for profiling of the target.
|
||
|
Profiler uses two mechanisms for profiler data transferring.
|
||
|
1. Circular buffer.
|
||
|
2. Buffer replacing if according to the point 1 NWd had no time for
|
||
|
cleaning the previous buffer.
|
||
|
The profiler stops working if there are no free buffers in pool.
|
||
|
|
||
|
config TZ_PANIC_DUMP
|
||
|
bool "TZ panic dump module"
|
||
|
depends on TZDEV
|
||
|
default n
|
||
|
help
|
||
|
Enable panic dump module. This module allocates the buffer that will
|
||
|
receive SWd memory contents when secure kernel panic
|
||
|
occurs (if proper option is set in secure kernel config) and
|
||
|
provides interface for userspace to access said memory contents.
|
||
|
|
||
|
endif #TZDEV_DEBUG
|
||
|
|
||
|
endif #TZDEV
|