kumquat-buildroot/configs/qemu_arm_vexpress_tz_defconfig

59 lines
1.9 KiB
Plaintext
Raw Normal View History

configs/qemu_arm_vexpress_tz: Armv7-A emulation with TrustZone services This change introduces a Qemu board for an Armv7-A target executing with OP-TEE secure world services. The target Linux based normal world embeds the standard minimal filesystem with OP-TEE non-secure components embedded files from OP-TEE test, examples and benchmark packages. qemu_arm_vexpress_tz_defconfig differs from qemu_arm_vexpress_defconfig. Supporting both secure and non-secure worlds on the Arm target mandates a secure world, here OP-TEE OS, and a bootloader to boot both worlds, here TF-A (boot/arm-trusted-firmware). Here non-secure Linux kernel is booted through U-boot TF-A bootloader (BL1/BL2) => OP-TEE (BL32) => U-boot (BL33). | Executes as secure | Secure | Execs as Non-secure | Loads BL32/BL33 in RAM | Jumps to BL33 | Always booted after | Jumps to BL32 once done | as Non-secure | secure world inits Vexpress and vexpress-tz defconfigs also differs in that Qemu emulates a Cortex-A9 in the former and a Cortex-A15 in the later. Cortex-A15 is the Armv7-A CPU used in upstream TF-A and OP-TEE OS packages hence selected here. Defconfig adds a fragment to the Linux kernel native configuration to enable OP-TEE driver support. Defconfig adds a fragment to the U-Boot native configuration set boot command, enable semihosting and remove U-Boot persistent environment storage support. The defconfig also enables build of the Qemu emulator in case the system installed Qemu does not yet support CPU TrustZone secure state. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> [Arnout, with the help of Peter: correct spelling mistakes in readme, fix U-Boot version to 2019.01, download tarball of TF-A instead of git] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-22 10:58:16 +01:00
# Architecture
BR2_arm=y
BR2_cortex_a15=y
BR2_ARM_FPU_VFPV3D16=y
# System
BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
BR2_ROOTFS_POST_BUILD_SCRIPT="board/qemu/arm-vexpress-tz/post-build.sh"
# Filesystem
BR2_TARGET_ROOTFS_CPIO=y
BR2_TARGET_ROOTFS_CPIO_GZIP=y
# BR2_TARGET_ROOTFS_TAR is not set
# Linux 4.19 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_19=y
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.19.91"
configs/qemu_arm_vexpress_tz: Armv7-A emulation with TrustZone services This change introduces a Qemu board for an Armv7-A target executing with OP-TEE secure world services. The target Linux based normal world embeds the standard minimal filesystem with OP-TEE non-secure components embedded files from OP-TEE test, examples and benchmark packages. qemu_arm_vexpress_tz_defconfig differs from qemu_arm_vexpress_defconfig. Supporting both secure and non-secure worlds on the Arm target mandates a secure world, here OP-TEE OS, and a bootloader to boot both worlds, here TF-A (boot/arm-trusted-firmware). Here non-secure Linux kernel is booted through U-boot TF-A bootloader (BL1/BL2) => OP-TEE (BL32) => U-boot (BL33). | Executes as secure | Secure | Execs as Non-secure | Loads BL32/BL33 in RAM | Jumps to BL33 | Always booted after | Jumps to BL32 once done | as Non-secure | secure world inits Vexpress and vexpress-tz defconfigs also differs in that Qemu emulates a Cortex-A9 in the former and a Cortex-A15 in the later. Cortex-A15 is the Armv7-A CPU used in upstream TF-A and OP-TEE OS packages hence selected here. Defconfig adds a fragment to the Linux kernel native configuration to enable OP-TEE driver support. Defconfig adds a fragment to the U-Boot native configuration set boot command, enable semihosting and remove U-Boot persistent environment storage support. The defconfig also enables build of the Qemu emulator in case the system installed Qemu does not yet support CPU TrustZone secure state. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> [Arnout, with the help of Peter: correct spelling mistakes in readme, fix U-Boot version to 2019.01, download tarball of TF-A instead of git] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-22 10:58:16 +01:00
BR2_LINUX_KERNEL_DEFCONFIG="vexpress"
BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="board/qemu/arm-vexpress-tz/linux.fragment"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="vexpress-v2p-ca15_a7"
# TF-A for booting OP-TEE secure and uboot/linux non secure
BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION_VALUE="v2.0"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="qemu"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_BL32_OPTEE=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES="BL32_RAM_LOCATION=tdram"
# OP-TEE components
BR2_TARGET_OPTEE_OS=y
BR2_TARGET_OPTEE_OS_PLATFORM="vexpress-qemu_virt"
BR2_PACKAGE_OPTEE_BENCHMARK=y
BR2_PACKAGE_OPTEE_EXAMPLES=y
BR2_PACKAGE_OPTEE_TEST=y
# OP-TEE components needs host-python3 interpreter and its modules
BR2_PACKAGE_HOST_PYTHON3=y
# Select python3 on the target to make sure Buildroot builds host-python using
# python3 and builds all host-python modules for python3.
BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
BR2_PACKAGE_PYTHON3=y
configs/qemu_arm_vexpress_tz: Armv7-A emulation with TrustZone services This change introduces a Qemu board for an Armv7-A target executing with OP-TEE secure world services. The target Linux based normal world embeds the standard minimal filesystem with OP-TEE non-secure components embedded files from OP-TEE test, examples and benchmark packages. qemu_arm_vexpress_tz_defconfig differs from qemu_arm_vexpress_defconfig. Supporting both secure and non-secure worlds on the Arm target mandates a secure world, here OP-TEE OS, and a bootloader to boot both worlds, here TF-A (boot/arm-trusted-firmware). Here non-secure Linux kernel is booted through U-boot TF-A bootloader (BL1/BL2) => OP-TEE (BL32) => U-boot (BL33). | Executes as secure | Secure | Execs as Non-secure | Loads BL32/BL33 in RAM | Jumps to BL33 | Always booted after | Jumps to BL32 once done | as Non-secure | secure world inits Vexpress and vexpress-tz defconfigs also differs in that Qemu emulates a Cortex-A9 in the former and a Cortex-A15 in the later. Cortex-A15 is the Armv7-A CPU used in upstream TF-A and OP-TEE OS packages hence selected here. Defconfig adds a fragment to the Linux kernel native configuration to enable OP-TEE driver support. Defconfig adds a fragment to the U-Boot native configuration set boot command, enable semihosting and remove U-Boot persistent environment storage support. The defconfig also enables build of the Qemu emulator in case the system installed Qemu does not yet support CPU TrustZone secure state. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> [Arnout, with the help of Peter: correct spelling mistakes in readme, fix U-Boot version to 2019.01, download tarball of TF-A instead of git] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-03-22 10:58:16 +01:00
# U-boot for booting the dear Linux kernel
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2019.01"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="qemu_arm"
BR2_TARGET_UBOOT_CONFIG_FRAGMENT_FILES="board/qemu/arm-vexpress-tz/u-boot.config"
# host-qemu for gitlab testing
BR2_PACKAGE_HOST_QEMU=y
BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE=y