arch: add ARCH_TRUSTZONE_DISABLED choice

We can decide whether use trustzone After this patch, we can support the following mode: ARCH_HAVE_TRUSTZONE ARCH_TRUSTZONE_DISABLED ARCH_TRUSTZONE_SECURE ARCH_TRUSTZONE_NONSECURE Without Security Extensions n n n n CHIP have NO trustzone With Security Extensions y y n n Only one bin in sec mode With Security Extensions y n y n TEE bin in sec mode With Security Extensions y n n y REE bin in non-sec mode Signed-off-by: ligd <[email protected]>
GUIDINGLI · Mar 18, 2024 · e9c7cb4 · e9c7cb4
1 parent 42bcb0c
commit e9c7cb4
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/arch/Kconfig b/arch/Kconfig
@@ -573,14 +573,17 @@ config ARCH_HAVE_TRUSTZONE
 
 choice
 	prompt "TrustZone Configuration"
-	default ARCH_TRUSTZONE_NONSECURE
+	default ARCH_TRUSTZONE_DISABLED
 	depends on ARCH_HAVE_TRUSTZONE
 
+config ARCH_TRUSTZONE_DISABLED
+	bool "TrustZone disabled, all CPUs operate in secure state"
+
 config ARCH_TRUSTZONE_SECURE
-	bool "All CPUs operate secure state"
+	bool "TrustZone enabled, all CPUs operate secure state"
 
 config ARCH_TRUSTZONE_NONSECURE
-	bool "All CPUs operate non-secure state"
+	bool "TrustZone enabled, all CPUs operate non-secure state"
 
 endchoice # TrustZone Configuration
 

diff --git a/arch/arm/src/armv7-a/arm_gicv2.c b/arch/arm/src/armv7-a/arm_gicv2.c
@@ -35,6 +35,12 @@
 #include "arm_internal.h"
 #include "gic.h"
 
+#if defined(CONFIG_ARCH_TRUSTZONE_SECURE) || defined(CONFIG_ARCH_TRUSTZONE_NONSECURE)
+# if defined(CONFIG_ARCH_HIPRI_INTERRUPT)
+#  error "ARCH_HIPRI_INTERRUPT must configure with ARCH_TRUSTZONE_DISABLED or no trustzone"
+# endif
+#endif
+
 #ifdef CONFIG_ARMV7A_HAVE_GICv2
 
 /****************************************************************************