| # Generic Trusted Execution Environment Configuration |
| bool "Trusted Execution Environment support" |
| depends on (ARM && (ARM64 || CPU_V7A)) || SANDBOX |
| This implements a generic interface towards a Trusted Execution |
| Environment (TEE). A TEE is a trusted OS running in some secure |
| environment, for example, TrustZone on ARM cpus, or a separate |
| secure co-processor etc. See also: |
| https://en.wikipedia.org/wiki/Trusted_execution_environment |
| bool "Sandbox TEE emulator" |
| This emulates a generic TEE needed for testing including the AVB |
| TA. The emulation provides all callbacks of a regular TEE and |
| supports session and shared memory management. The AVB TA is |
| emulated with rollback indexes and device lock-state, the state |
| of the TA is only kept in RAM and will be reset on each boot. |
| The emulation only supports one open session at a time. |
| Interaction from the U-Boot command line in possible via the |
| source "drivers/tee/optee/Kconfig" |
| source "drivers/tee/broadcom/Kconfig" |