[MTK] How To Enable Microtrust TEE

文摘 Android MediaTek 2021-10-28 阅读:6838

[DESCRIPTION]

Android R: 

configurations for enable Microtrust TEE(豆荚TEEI)

[SOLUTION]

Android S + kernel-5.10

1.png

Android S/R/Q + kernel-4.14/4.19 

  • Preloader

Path: vendormediatekproprietarybootablebootloaderpreloadercustom${PROJECT}${PROJECT}.mk

Configuration:

MTK_TEE_SUPPORT = yes

TRUSTONIC_TEE_SUPPORT = no

MICROTRUST_TEE_SUPPORT = yes

MTK_GOOGLE_TRUSTY_SUPPORT = no

export MTK_TEE_SUPPORT TRUSTONIC_TEE_SUPPORT MICROTRUST_TEE_SUPPORT MTK_GOOGLE_TRUSTY_SUPPORT
  • Trustzone

Path: vendormediatekproprietarytrustzonecustombuildproject${PROJECT}.mk

Configuration:

MTK_ATF_SUPPORT=yes

MTK_TEE_SUPPORT=yes

MICROTRUST_TEE_SUPPORT=yes

ifeq ($(MTK_SEC_VIDEO_PATH_SUPPORT), yes)
MTK_TEE_DRAM_SIZE=0x3200000
else ifeq ($(MTK_CAM_SECURITY_SUPPORT), yes)
MTK_TEE_DRAM_SIZE=0x3200000
else
MTK_TEE_DRAM_SIZE=0x1600000
endif

Note:

MTK_TEE_DRAM_SIZE 值不固定,根据你当前开的feature option及TA/TDRV占用的heap size决定

  • Kernel @  ARMv8 A32/K32   (32 bit platform)

1,defconfig

Path:

${KERNEL_VER}\arch\arm\configs\${PROJECT}_debug_defconfig

${KERNEL_VER}\arch\arm\configs\${PROJECT}_defconfig

Configuration:

CONFIG_MICROTRUST_TEE_SUPPORT=y

CONFIG_MTK_TEE_GP_SUPPORT=y (if need SVP or SecureCamera) (removed after kernel-4.19)

2,DTS 

Path: ${KERNEL_VER}\arch\arm\boot\dts\mediatek\${CHIP}.dts (After kernel-4.14)

Configuration:

soter-shared-mem {
compatible = "microtrust,shared_mem";
no-map;
#if defined(CONFIG_MTK_SEC_VIDEO_PATH_SUPPORT) ||
defined(CONFIG_MTK_CAM_SECURITY_SUPPORT)
size = <0 0x800000>;
alignment = <0 0x1000000>;
#else
size = <0 0x200000>;
alignment = <0 0x200000>;
#endif
alloc-ranges = <0 0x40000000 0 0x50000000>;
};
  • Kernel @ ARMv8 A64/K64 (64 bit platform)

1,defconfig

Path:

${KERNEL_VER}\arch\arm64\configs\${PROJECT}_debug_defconfig

${KERNEL_VER}\arch\arm64\configs\${PROJECT}_defconfig

Configuration:

CONFIG_MICROTRUST_TEE_SUPPORT=y

CONFIG_MTK_TEE_GP_SUPPORT=y (if need SVP or SecureCamera)(removed after kernel-4.19)

2,DTS

Path: ${KERNEL_VER}\arch\arm64\boot\dts\mediatek\${CHIP}.dts (After kernel-4.14)

Configuration:

soter-shared-mem {
compatible = "microtrust,shared_mem";
no-map;
#if defined(CONFIG_MTK_SEC_VIDEO_PATH_SUPPORT) ||
defined(CONFIG_MTK_CAM_SECURITY_SUPPORT)
size = <0 0x800000>;
alignment = <0 0x1000000>;
#else
size = <0 0x200000>;
alignment = <0 0x200000>;
#endif
alloc-ranges = <0 0x40000000 0 0x50000000>;
};
  • ProjectConfig

Path: devicemediatekprojects${PROJECT}[ProjectConfig.mk](http://projectconfig.mk/)

Configuration:

MTK_ATF_SUPPORT = yes

MTK_TEE_SUPPORT = yes

MICROTRUST_TEE_SUPPORT = yes

MTK_PERSIST_PARTITION_SUPPORT = yes (if need attestation key of keymaster)

MTK_TEE_GP_SUPPORT=yes (if need SVP or SecureCamera)
返回

0条评论

作者

芯缘异码

更多Ta的文章

  • 147篇

    作者文章数量

  • 18条

    作者评论数量

相关推荐
[MTK] Android T Vendor Freeze
一招解决多人同时编译同一份Android代码
系统权限apk keystore 生成
[MTK] 开启Efuse的过程记录
[MTK] Android S 编译方法
热门文章
[MTK] MT8735 写WIFI MAC操作说明
MTK平台 通过adb shell 修改/显示 GPIO 状态 更新
android11.0(R) root MTK 6771 user版本打开root权限(adb root权限和 apk root权限)
[MTK] GPIO 自定义操作节点 驱动程序
[MTK] AP suspend异常debug及log分析
Pixiv日榜Top50
© 2024 芯缘异码. Powered by Typecho        
     sitemap 粤ICP备19161219号               粤公网安备 44030602004188号