5bfc2d23bb
Refactor Kconfig dependency by moving the selection of Secure OS (TrustZone/TEE) features from the mainboard configuration to the specific SoC configuration layer. The selections for `ARM64_USE_SECURE_OS` and `ARM64_USE_SECURE_OS_PAYLOAD` are moved from `BOARD_GOOGLE_BLUEY_COMMON` to `SOC_QUALCOMM_HAMOA`. This ensures that the Secure OS requirements are correctly associated with the Hamoa chipset family itself, leading to better modularity and future compatibility for Hamoa-based platforms. Crucially, this change allows for precise control of the Secure OS (BL32 firmware) applicability. By selecting the feature only within `SOC_QUALCOMM_HAMOA`, we can ensure that platforms utilizing the "Purwa SoC" family (which currently does not have a ready/available SecureOS) automatically avoid the selection of these Kconfig options. The change is verified by ensuring the QTEE (SecureOS) feature is disabled for platforms using the Purwa SoC, specifically verified on the google/quenbi mainboard. BUG=b:459268465 TEST=Ensure disabling QTEE aka SecureOS feature for google/quenbi w/ Purwa SoC. AP firmware log shows the expected path taken when SecureOS is disabled: ``` WARNING: No QTEE entry point provided by BL2 boot loader, Booting device without QTEE initialization. ``` Change-Id: Ic82a29a4330cc6e5f99727fc40ec73b38cbbc72d Signed-off-by: Subrata Banik <subratabanik@google.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/90011 Reviewed-by: Kapil Porwal <kapilporwal@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> |
||
|---|---|---|
| .. | ||
| amd | ||
| cavium | ||
| example/min86 | ||
| ibm/power9 | ||
| intel | ||
| mediatek | ||
| nvidia | ||
| qualcomm | ||
| rockchip | ||
| samsung | ||
| sifive | ||
| ti | ||
| ucb/riscv | ||
| xilinx | ||