93 lines
2.7 KiB
Plaintext
93 lines
2.7 KiB
Plaintext
config BR2_PACKAGE_OPTEE_CLIENT
|
|
bool "optee-client"
|
|
depends on BR2_TOOLCHAIN_HAS_THREADS
|
|
depends on BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_3 # MMC_IOC_MULTI_CMD
|
|
depends on BR2_USE_MMU # fork()
|
|
help
|
|
Enable the OP-TEE client package that brings non-secure
|
|
client application resources for OP-TEE support. OP-TEE
|
|
client is a component delivered by the OP-TEE project.
|
|
|
|
The client API library allows application to invoke trusted
|
|
applications hosted in the OP-TEE OS secure world. The
|
|
supplicant provides services hosted by the non-secure world
|
|
and invoked by the secure world.
|
|
|
|
https://github.com/OP-TEE/optee_client
|
|
|
|
if BR2_PACKAGE_OPTEE_CLIENT
|
|
|
|
choice
|
|
prompt "optee-client version"
|
|
default BR2_PACKAGE_OPTEE_CLIENT_LATEST
|
|
help
|
|
Select the version of optee-client you want to use
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_LATEST
|
|
bool "4.3.0"
|
|
help
|
|
Use the latest release tag from the optee-client official Git
|
|
repository.
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_TARBALL
|
|
bool "Custom tarball"
|
|
help
|
|
This option allows to specify a URL pointing to an
|
|
optee-client source tarball. This URL can use any protocol
|
|
recognized by Buildroot, like http://, ftp://, file://
|
|
or scp://.
|
|
|
|
When pointing to a local tarball using file://, you may want
|
|
to use a make variable like $(TOPDIR) to reference the root of
|
|
the Buildroot tree.
|
|
|
|
endchoice
|
|
|
|
if BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_TARBALL
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_TARBALL_LOCATION
|
|
string "URL of custom optee-client tarball"
|
|
|
|
endif
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_VERSION
|
|
string
|
|
default "4.3.0" if BR2_PACKAGE_OPTEE_CLIENT_LATEST
|
|
default "custom" if BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_TARBALL
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_TEE_FS_PATH
|
|
string "Path for normal world OS secure storage"
|
|
default "/data/tee"
|
|
help
|
|
Path to storage area for secure storage based on the
|
|
normal world OS providing the actual storage via
|
|
tee-supplicant.
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_RPMB_EMU
|
|
bool "Enable RPMB emulation"
|
|
default y
|
|
help
|
|
Enable RPMB device emulation in tee-supplicant.
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_SUPP_PLUGINS
|
|
bool "Enable TEE supplicant plugins"
|
|
default y
|
|
depends on !BR2_STATIC_LIBS # dlfcn.h
|
|
help
|
|
Enable TEE supplicant plugin support.
|
|
|
|
config BR2_PACKAGE_OPTEE_CLIENT_TEEACL
|
|
bool "Enable TEE Access Control List login"
|
|
select BR2_PACKAGE_UTIL_LINUX
|
|
select BR2_PACKAGE_UTIL_LINUX_LIBUUID
|
|
help
|
|
Enable TEE ACL login identification for OP-TEE service that
|
|
supports them as OP-TEE PKCS#11 services.
|
|
|
|
endif
|
|
|
|
comment "optee-client needs a toolchain w/ threads, headers >= 4.3"
|
|
depends on BR2_USE_MMU
|
|
depends on !BR2_TOOLCHAIN_HAS_THREADS || \
|
|
!BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_3
|