efi_loader: Implement EFI variable handling via OP-TEE In OP-TEE we can run EDK2's StandAloneMM on a secure partition. StandAloneMM is responsible for the UEFI variable support. In combination with OP-TEE and it's U-Boot supplicant, variables are authenticated/validated in secure world and stored on an RPMB partition. So let's add a new config option in U-Boot implementing the necessary calls to OP-TEE for the variable management. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Pipat Methavanitpong <pipat1010@gmail.com> Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

commit: f042e47e8fb433a7a1f8a25d997ba0fe74e2db53 [log] [tgz]
author: Ilias Apalodimas <ilias.apalodimas@linaro.org> Sun May 17 22:25:44 2020 +0300
committer: Heinrich Schuchardt <xypron.glpk@gmx.de> Sun May 17 21:59:53 2020 +0200
tree: 9772c55dc5d60b5997b689d6ad112b7f5a62bf28
parent: 23a397d2e2fb136e9b352b6aa0627262314e44a2 [diff] [blame]
diff --git a/lib/efi_loader/Makefile b/lib/efi_loader/Makefile
index 84d61df..57c7e66 100644
--- a/lib/efi_loader/Makefile
+++ b/lib/efi_loader/Makefile

@@ -35,7 +35,11 @@
 obj-y += efi_runtime.o
 obj-y += efi_setup.o
 obj-$(CONFIG_EFI_UNICODE_COLLATION_PROTOCOL2) += efi_unicode_collation.o
+ifeq ($(CONFIG_EFI_MM_COMM_TEE),y)
+obj-y += efi_variable_tee.o
+else
 obj-y += efi_variable.o
+endif
 obj-y += efi_watchdog.o
 obj-$(CONFIG_LCD) += efi_gop.o
 obj-$(CONFIG_DM_VIDEO) += efi_gop.o
commit	f042e47e8fb433a7a1f8a25d997ba0fe74e2db53	[log] [tgz]
author	Ilias Apalodimas <ilias.apalodimas@linaro.org>	Sun May 17 22:25:44 2020 +0300
committer	Heinrich Schuchardt <xypron.glpk@gmx.de>	Sun May 17 21:59:53 2020 +0200
tree	9772c55dc5d60b5997b689d6ad112b7f5a62bf28
parent	23a397d2e2fb136e9b352b6aa0627262314e44a2 [diff] [blame]