core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Sig

core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration co

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration compatibility.

Disabling CFG_PREALLOC_RPC_CACHE can be useful when CFG_WITH_PAGER=y
and the pager page pool is somewhat small as RPC cache shm consumes
several kByte of unpaged memory.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: enable system PTA upon user TA support

Ensure CFG_SYSTEM_PTA is disabled when CFG_WITH_USER_TA is disabled since
system PTA is designed to provide user TA extended system features.
Without thi

core: enable system PTA upon user TA support

Ensure CFG_SYSTEM_PTA is disabled when CFG_WITH_USER_TA is disabled since
system PTA is designed to provide user TA extended system features.
Without this change, building with CFG_SYSTEM_PTA=y and CFG_WITH_USER_TA=n
may fails for error trace like:

core/pta/system.c:227: undefined reference to `ldelf_dlopen'
core/pta/system.c:260: undefined reference to `ldelf_dlsym'

Also fix reference to the GPD TEE Internal Core API in CFG_SYSTEM_PTA
description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt: add option to generate DTB overlay at boot

When using a memory persistent across reboots for external dtb overlay
(DRAM for instance) OP-TEE will reuse the existing dtb overlay if
CFG_EXTE

core: dt: add option to generate DTB overlay at boot

When using a memory persistent across reboots for external dtb overlay
(DRAM for instance) OP-TEE will reuse the existing dtb overlay if
CFG_EXTERNAL_DTB_OVERLAY is used. This will result in a big overlay
with duplicated nodes. In order to allow having a fresh DTB overlay
at boot, add CFG_GENERATE_DTB_OVERLAY to generate the DTB overlay at
OP-TEE boot time.
Both CFG_GENERATE_DTB_OVERLAY and CFG_EXTERNAL_DTB_OVERLAY will now
consider using the dtb address provided in r2 as well as CFG_DT_ADDR
to create the overlay if not existing.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mk: fix test on gprof and shared libs configuration for TAs

Change test for when both CFG_TA_GPROF_SUPPORT and CFG_ULIBS_SHARED
are enabled to be more strict on switches expected value. This change

mk: fix test on gprof and shared libs configuration for TAs

Change test for when both CFG_TA_GPROF_SUPPORT and CFG_ULIBS_SHARED
are enabled to be more strict on switches expected value. This change
better handles cases where, for examples, CFG_GENERATE_DTB_OVERLAY
is not defined and is malformed CFG_EXTERNAL_DTB_OVERLAY=yy. In such
case we expect both switch to be disabled and build should not fail
with error message:
"CFG_EXTERNAL_DTB_OVERLAY and CFG_GENERATE_DTB_OVERLAY are exclusive"

Reported-by: Clement Leger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: improve version string shown at boot time when not using Git

When OP-TEE is built outside of a Git repository, the implementation
version is shown as "Unknown" at boot time. For example:

I/T

core: improve version string shown at boot time when not using Git

When OP-TEE is built outside of a Git repository, the implementation
version is shown as "Unknown" at boot time. For example:

I/TC: OP-TEE version: Unknown (gcc version 10.2.1 ...

Improve this a bit by appending the major/minor revision of OP-TEE,
which is hardcoded in mk/config.mk and thus always available.

The above example becomes:

I/TC: OP-TEE version: Unknown_3.14 (gcc version 10.2.1 ...

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: move default config to ta sub.mk

Move PKCS#11 TA default configuration settings from mk/config.mk
to ta/pkcs11/sub.mk.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Revi

ta: pkcs11: move default config to ta sub.mk

Move PKCS#11 TA default configuration settings from mk/config.mk
to ta/pkcs11/sub.mk.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

Build: Fix CFG_EMBEDDED_TS dependency

Set CFG_EMBEDDED_TS when CFG_EARLY_TA or CFG_SECURE_PARTITION
is set even when no early_ta's or SPs are added to the system.

Fixes the following error:

$ mak

Build: Fix CFG_EMBEDDED_TS dependency

Set CFG_EMBEDDED_TS when CFG_EARLY_TA or CFG_SECURE_PARTITION
is set even when no early_ta's or SPs are added to the system.

Fixes the following error:

$ make -s CFG_EARLY_TA=y
arm-linux-gnueabihf-ld.bfd: out/arm-plat-vexpress/core/kernel/early_ta.o: in function `early_ta_open':
/home/.../optee_os/core/kernel/early_ta.c:32: undefined reference to `emb_ts_open'
arm-linux-gnueabihf-ld.bfd: out/arm-plat-vexpress/core/kernel/early_ta.o:(.scattered_array_ta_stores_1_2+0x8): undefined reference to `emb_ts_get_size'
arm-linux-gnueabihf-ld.bfd: out/arm-plat-vexpress/core/kernel/early_ta.o:(.scattered_array_ta_stores_1_2+0xc): undefined reference to `emb_ts_get_tag'
arm-linux-gnueabihf-ld.bfd: out/arm-plat-vexpress/core/kernel/early_ta.o:(.scattered_array_ta_stores_1_2+0x10): undefined reference to `emb_ts_read'
arm-linux-gnueabihf-ld.bfd: out/arm-plat-vexpress/core/kernel/early_ta.o:(.scattered_array_ta_stores_1_2+0x14): undefined reference to `emb_ts_close'
make: *** [core/arch/arm/kernel/link.mk:45: out/arm-plat-vexpress/core/all_objs.o] Error 1

Github issue:
https://github.com/OP-TEE/optee_os/issues/4729#issuecomment-893308216

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

Update revision for release tag 3.14.0-rc1

Signed-off-by: Jerome Forissier <jerome@forissier.org>

core: REE FS: introduce CFG_REE_FS_ALLOW_RESET

New boolean configuration switch CFG_REE_FS_ALLOW_RESET that, when
enabled, will make OP-TEE OS to allow REE FS content to be reset in
the Linux filesy

core: REE FS: introduce CFG_REE_FS_ALLOW_RESET

New boolean configuration switch CFG_REE_FS_ALLOW_RESET that, when
enabled, will make OP-TEE OS to allow REE FS content to be reset in
the Linux filesystem even when RPMB FS is enabled and already stores a
REE FS rollback protection hash. This switch is intended to test purpose
where REE FS can be wiped because the device flash memory was programmed
with brand new build artifacts.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: pta: add generic RNG pseudo TA

Platforms that include hardware-based RNGs and implement
hw_get_random_byte() may benefit from already implemented bus framework
and rng driver [1].
For this rea

core: pta: add generic RNG pseudo TA

Platforms that include hardware-based RNGs and implement
hw_get_random_byte() may benefit from already implemented bus framework
and rng driver [1].
For this reason the interface of rng.pta implemented for Developerbox
platform is re-used. Interface is generic and corresponds to in-kernel
optee-rng driver.

Pseudo TA interface is specifically used so that credible entropy is
available to REE early at boot, even before user-space is fully up.

[1] https://lwn.net/Articles/777260/

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

config: add description for CFG_RPMB_* config switches

Add a short description for some CFG_RPMB_* configuration switches
not described anywhere.

Signed-off-by: Etienne Carriere <etienne.carriere@l

config: add description for CFG_RPMB_* config switches

Add a short description for some CFG_RPMB_* configuration switches
not described anywhere.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Update CHANGELOG.md for 3.13.0

Update CHANGELOG for 3.13.0 and collect Tested-by tags.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6d

Update CHANGELOG.md for 3.13.0

Update CHANGELOG for 3.13.0 and collect Tested-by tags.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6qpsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qxpmek)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-ev1/dk2 gp pkcs11)
Tested-by: Igor Opaniuk <igor.opaniuk@foundries.io> (Poplar)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (imx-mx8mqevk)
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey GP PKCS#11)
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960 GP PKCS#11)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU GP PKCS#11)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8 GP PKCS#11)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3B)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (ZynqMP)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (ccimx6ulsbcpro barebox upstream kernel)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx6qsabrelite barebox upstream kernel)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (RCAR M3)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (RCAR M3/virtualization)

show more ...

core: pta: scmi: new interface to REE SCMI agent

Adds a PTA interface to REE SCMI agents to get SCMI message communication
channel for processing in OP-TEE SCMI server.

Currently implement supports

core: pta: scmi: new interface to REE SCMI agent

Adds a PTA interface to REE SCMI agents to get SCMI message communication
channel for processing in OP-TEE SCMI server.

Currently implement supports for a SCMI server built with
CFG_SCMI_MSG_SMT=y. The implementation is made so that an alternate
SCMI server implementation can added.

Client gets SCMI channel capabilities with PTA_SCMI_CMD_CAPABILITIES.
Client gets a handle for an SCMI channel with command
PTA_SCMI_CMD_GET_CHANNEL_HANDLE.
Client pushes SCMI messages with command PTA_SCMI_CMD_PROCESS_SMT_CHANNEL
or PTA_SCMI_CMD_PROCESS_SMT_CHANNEL_MESSAGE.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mk: core: ta: make early TA compress optional

Define CFG_EARLY_TA_COMPRESS configuration switch to
allow platform to disable early TAs compression at build time.
Disabling the compression drasticall

mk: core: ta: make early TA compress optional

Define CFG_EARLY_TA_COMPRESS configuration switch to
allow platform to disable early TAs compression at build time.
Disabling the compression drastically reduces the amount of the
core heap required in the embedded part.

Enable the configuration by default for backward compatibility.

Suggested-by: Arnaud Pouliquen <arnaud.pouliquen@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: introduce CFG_CORE_PAGE_TAG_AND_IV

Introduces CFG_CORE_PAGE_TAG_AND_IV which defaults to enabled if TA
paging is enabled. Can be used to disable tag and IV paging for paged
read-write pages.

core: introduce CFG_CORE_PAGE_TAG_AND_IV

Introduces CFG_CORE_PAGE_TAG_AND_IV which defaults to enabled if TA
paging is enabled. Can be used to disable tag and IV paging for paged
read-write pages.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: scmi-msg: define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk

Define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk next to the other
CFG_SCMI_MSG_* configuration switches.

Signed-off-by: Etie

drivers: scmi-msg: define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk

Define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk next to the other
CFG_SCMI_MSG_* configuration switches.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

ta: pkcs11: Make it possible to disable support for C_DigestKey()

By default C_DigestKey() functions as specified in specifciation.

To disable the functionality:
CFG_PKCS11_TA_ALLOW_DIGEST_KEY = n

ta: pkcs11: Make it possible to disable support for C_DigestKey()

By default C_DigestKey() functions as specified in specifciation.

To disable the functionality:
CFG_PKCS11_TA_ALLOW_DIGEST_KEY = n

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

Update CHANGELOG for 3.12.0

Update CHANGELOG for 3.12.0 and collect Tested-by tags.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabrea

Update CHANGELOG for 3.12.0

Update CHANGELOG for 3.12.0 and collect Tested-by tags.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6qpsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qxpmek)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1)
Tested-by: Igor Opaniuk <igor.opaniuk@gmail.com> (Poplar)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome@forissier.org> ((HiKey GP) # issue 4324)
Tested-by: Jerome Forissier <jerome@forissier.org> ((HiKey960 GP) # issue 4324)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3B)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3B-NFS)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (ZynqMP)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx-ccimx6ulsbcpro)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx-mx6qsabrelite)
Tested-by: Sumit Garg <sumit.garg@linaro.org> (Developerbox)
Tested-by: Victor Chong <victor.chong@linaro.org> (HiKey960 AOSP P)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (Rcar H3)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (Rcar H3/virtualization)

show more ...

ta: pkcs11: Add TEE Identity based authentication support

In C_InitToken() if PIN is NULL_PTR then it will activate TEE Identity
based authentication support for token.

Once activated:

- When ever

ta: pkcs11: Add TEE Identity based authentication support

In C_InitToken() if PIN is NULL_PTR then it will activate TEE Identity
based authentication support for token.

Once activated:

- When ever PIN is required client's TEE Identity will be used for
authentication
- PIN failure counters are disabled
- If new PIN is given as input it is in form of PIN ACL string
- It can be disabled with C_InitToken with non-zero PIN

Internally protected authentication path will be used for mode
determination.

Acked-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutil

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutils.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce CFG_ENABLE_EMBEDDED_TESTS

Introduces CFG_ENABLE_EMBEDDED_TESTS disabled by default. This flag
is used to control the default value of all other embedded tests.

This changes the defa

core: introduce CFG_ENABLE_EMBEDDED_TESTS

Introduces CFG_ENABLE_EMBEDDED_TESTS disabled by default. This flag
is used to control the default value of all other embedded tests.

This changes the default value of CFG_TEE_CORE_EMBED_INTERNAL_TESTS to
'n' since CFG_ENABLE_EMBEDDED_TESTS defaults to 'n'.

A Shippable target is updated with CFG_ENABLE_EMBEDDED_TESTS=y to have
these tests compiled in some configuration.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: Add support to import external TA signing public key

Build process requires that private key is present when signing TAs.

In order to support external HSM based re-signing of the TAs, add sup

core: Add support to import external TA signing public key

Build process requires that private key is present when signing TAs.

In order to support external HSM based re-signing of the TAs, add support
to import different TA signing public key into TEE OS binary by
introducing TA_PUBLIC_KEY.

By default TA_PUBLIC_KEY gets the value of TA_SIGN_KEY.

Re-signing of the TA's works by first signing TA during the build with
private key readily available during the build process (TA_SIGN_KEY).
Private key can in example be bundled key in keys/default_ta.pem.

Build will generate TA binary with signature embedded matching provided
private key.

This TA binary will be sent for HSM re-signing process where digest will
be calculated from the binary to get digest which will be signed with
private key protected by HSM. New signature will replaced the old
signature in the TA binary.

This re-signed TA will need to be deployed into the device for execution.

In order for OP-TEE OS to load the TA it needs to have the matching public
key from the HSM. Public key needs to be available during the build
process (TA_PUBLIC_KEY).

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

core: build: se050 driver

Core work to support building the platform independent se050 crypto
driver.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@fori

core: build: se050 driver

Core work to support building the platform independent se050 crypto
driver.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: add secure partitions store

SPs need to be started as part of the initialisation process of the
OP-TEE kernel. The secure partition store uses the embedded_ts store to
load SPs

Signed-off-by:

core: add secure partitions store

SPs need to be started as part of the initialisation process of the
OP-TEE kernel. The secure partition store uses the embedded_ts store to
load SPs

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...