tee: add sandbox driver

[oweals/u-boot.git] / drivers / tee / Kconfig

diff --git a/drivers/tee/Kconfig b/drivers/tee/Kconfig
index 835c256e9239493ba66e8335a3313f5c8abbe8c0..5c0c89043faca7f0cb05f27bc18b4abd693d3073 100644 (file)
--- a/drivers/tee/Kconfig
+++ b/drivers/tee/Kconfig
@@ -1,8 +1,8 @@
 # Generic Trusted Execution Environment Configuration
 config TEE
        bool "Trusted Execution Environment support"
-       depends on ARM && (ARM64 || CPU_V7A)
-       select ARM_SMCCC
+       depends on (ARM && (ARM64 || CPU_V7A)) || SANDBOX
+       select ARM_SMCCC if ARM
        help
          This implements a generic interface towards a Trusted Execution
          Environment (TEE). A TEE is a trusted OS running in some secure
@@ -14,6 +14,20 @@ if TEE
 
 menu "TEE drivers"
 
+config SANDBOX_TEE
+       bool "Sandbox TEE emulator"
+       depends on SANDBOX
+       default y
+       help
+         This emulates a generic TEE needed for testing including the AVB
+         TA. The emulation provides all callbacks of a regular TEE and
+         supports session and shared memory management. The AVB TA is
+         emulated with rollback indexes and device lock-state, the state
+         of the TA is only kept in RAM and will be reset on each boot.
+         The emulation only supports one open session at a time.
+         Interaction from the U-Boot command line in possible via the
+         "avb" commands.
+
 source "drivers/tee/optee/Kconfig"
 
 endmenu