configs/qemu_arm_vexpress_tz: Armv7-A emulation with TrustZone services
This change introduces a Qemu board for an Armv7-A target executing
with OP-TEE secure world services. The target Linux based normal world
embeds the standard minimal filesystem with OP-TEE non-secure components
embedded files from OP-TEE test, examples and benchmark packages.
qemu_arm_vexpress_tz_defconfig differs from qemu_arm_vexpress_defconfig.
Supporting both secure and non-secure worlds on the Arm target mandates
a secure world, here OP-TEE OS, and a bootloader to boot both worlds,
here TF-A (boot/arm-trusted-firmware). Here non-secure Linux kernel is
booted through U-boot
TF-A bootloader (BL1/BL2) => OP-TEE (BL32) => U-boot (BL33).
| Executes as secure | Secure | Execs as Non-secure
| Loads BL32/BL33 in RAM | Jumps to BL33 | Always booted after
| Jumps to BL32 once done | as Non-secure | secure world inits
Vexpress and vexpress-tz defconfigs also differs in that Qemu emulates
a Cortex-A9 in the former and a Cortex-A15 in the later. Cortex-A15
is the Armv7-A CPU used in upstream TF-A and OP-TEE OS packages hence
selected here.
Defconfig adds a fragment to the Linux kernel native configuration to
enable OP-TEE driver support.
Defconfig adds a fragment to the U-Boot native configuration set boot
command, enable semihosting and remove U-Boot persistent environment
storage support.
The defconfig also enables build of the Qemu emulator in case the
system installed Qemu does not yet support CPU TrustZone secure state.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Arnout, with the help of Peter: correct spelling mistakes in readme,
fix U-Boot version to 2019.01, download tarball of TF-A instead of git]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
projects / buildroot.git / commit