From: Michael Tretter <[email protected]> RPMB emulation is enabled by default in the tee-supplicant. In a production system, the RPMB shall be backed by the eMMC.
Add an option to disable RPMB emulation. Signed-off-by: Michael Tretter <[email protected]> Signed-off-by: Sven Püschel <[email protected]> --- rules/optee-client.in | 7 +++++++ rules/optee-client.make | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/rules/optee-client.in b/rules/optee-client.in index cb1033cb0..b68e068d9 100644 --- a/rules/optee-client.in +++ b/rules/optee-client.in @@ -26,4 +26,11 @@ config OPTEE_CLIENT_SUPPLICANT_PLUGINS bool prompt "enable TEE supplicant plugins" +config OPTEE_CLIENT_SUPPLICANT_RPMB_EMULATION + bool + default y + prompt "enable TEE supplicant RPMB emulation" + help + Emulate the RPMB in the TEE supplicant instead of using the eMMC. + endif diff --git a/rules/optee-client.make b/rules/optee-client.make index c884000d6..1bbd1ce63 100644 --- a/rules/optee-client.make +++ b/rules/optee-client.make @@ -48,7 +48,7 @@ OPTEE_CLIENT_CONF_OPT := \ -DCFG_TEE_SUPP_LOG_LEVEL=1 \ -DCFG_TEE_SUPP_PLUGINS=$(call ptx/onoff, PTXCONF_OPTEE_CLIENT_SUPPLICANT_PLUGINS) \ -DCFG_WERROR=ON \ - -DRPMB_EMU=ON \ + -DRPMB_EMU=$(call ptx/onoff, PTXCONF_OPTEE_CLIENT_SUPPLICANT_RPMB_EMULATION) \ -DWITH_TEEACL=ON # ---------------------------------------------------------------------------- -- 2.47.3
