Skip to content

Commit

Permalink
config: add flag CFG_WARN_INSECURE
Browse files Browse the repository at this point in the history
OP-TEE is a reference implementation for developers and device
manufacturers, which implies that there always is a need to fill in
missing pieces that cannot be done generically. The chipmakers often
have additional security configurations those needs to be configured
according to the chipmakers security guidelines and security
specifications.

To reduce the likelihood of running a vanilla configured OP-TEE we
introduce the flag CFG_WARN_INSECURE that will give warning messages in
the boot saying that the OP-TEE runs a configuration that might be
insecure. The intention is that the device manufacturer making the end
products should change the flag to "n" after implementing stubbed
functionality in OP-TEE and configuring their device according to the
chipmakers security guidelines and security specifications.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
  • Loading branch information
jbech-linaro committed Nov 23, 2021
1 parent 58db16a commit f49f38d
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
4 changes: 4 additions & 0 deletions core/arch/arm/kernel/boot.c
Original file line number Diff line number Diff line change
Expand Up @@ -1253,6 +1253,10 @@ void __weak boot_init_primary_late(unsigned long fdt)
configure_console_from_dt();

IMSG("OP-TEE version: %s", core_v_str);
if (IS_ENABLED(CFG_WARN_INSECURE)) {
IMSG("WARNING: This OP-TEE configuration might be insecure!");
IMSG("WARNING: Please check https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html");
}
IMSG("Primary CPU initializing");
#ifdef CFG_CORE_ASLR
DMSG("Executing at offset %#lx with virtual load address %#"PRIxVA,
Expand Down
10 changes: 10 additions & 0 deletions mk/config.mk
Original file line number Diff line number Diff line change
Expand Up @@ -723,5 +723,15 @@ CFG_DRIVERS_CLK ?= n
CFG_DRIVERS_CLK_DT ?= $(call cfg-all-enabled,CFG_DRIVERS_CLK CFG_DT)
CFG_DRIVERS_CLK_FIXED ?= $(CFG_DRIVERS_CLK_DT)

# The purpose of this flag is to show a print when booting up the device that
# indicates whether the board runs a standard developer configuration or not.
# A developer configuration doesn't necessarily has to be secure. The intention
# is that the one making products based on OP-TEE should override this flag in
# plat-xxx/conf.mk for the platform they're basing their products on after
# they've finalized implementing stubbed functionality (see OP-TEE
# documentation/Porting guidelines) as well as vendor specific security
# configuration.
CFG_WARN_INSECURE ?= y

$(eval $(call cfg-depends-all,CFG_DRIVERS_CLK_DT,CFG_DRIVERS_CLK CFG_DT))
$(eval $(call cfg-depends-all,CFG_DRIVERS_CLK_FIXED,CFG_DRIVERS_CLK_DT))

0 comments on commit f49f38d

Please sign in to comment.