From: Marco Felsch <m.felsch@pengutronix.de>
To: Sascha Hauer <s.hauer@pengutronix.de>,
BAREBOX <barebox@lists.infradead.org>
Cc: Marco Felsch <m.felsch@pengutronix.de>
Subject: [PATCH v2 11/15] security: optee: add optee_handoff_overlay helper
Date: Wed, 04 Feb 2026 21:01:27 +0100 [thread overview]
Message-ID: <20260204-v2025-09-0-topic-optee-of-handling-v2-11-da075e6818e0@pengutronix.de> (raw)
In-Reply-To: <20260204-v2025-09-0-topic-optee-of-handling-v2-0-da075e6818e0@pengutronix.de>
Add a helper to pass the OP-TEE provided overlay to barebox via the
handoff mechanism. This can be useful to generalize the reserved-memory
node handling since OP-TEE can provide this information via the overlay
if configured in OP-TEE.
While on it sort the include headers in alphabetical order.
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
---
include/tee/optee.h | 5 +++++
security/Kconfig | 9 +++++++++
security/optee.c | 15 ++++++++++++++-
3 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/include/tee/optee.h b/include/tee/optee.h
index 10e829c04f8832c4c04771800f1963e25f425482..7126e3c6e24bbf0f37aee7827dc3b4d9619d3bc3 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -37,6 +37,7 @@ int optee_verify_header (const struct optee_header *hdr);
void optee_set_membase(const struct optee_header *hdr);
int optee_get_membase(u64 *membase);
+void optee_handoff_overlay(void *ovl, unsigned int ovl_sz);
#else
@@ -49,6 +50,10 @@ static inline int optee_get_membase(u64 *membase)
return -ENOSYS;
}
+void optee_handoff_overlay(void *ovl, unsigned int ovl_sz)
+{
+}
+
#endif /* CONFIG_HAVE_OPTEE */
#ifdef __PBL__
diff --git a/security/Kconfig b/security/Kconfig
index 40d468ae07d2b1d4357542df88a0a92eeb3d365f..fec299cf21e459d6e9d4e13946dcfc247db4a822 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -117,6 +117,15 @@ config HAVE_OPTEE
bidirectional communication with OP-TEE is enabled via
CONFIG_OPTEE.
+config OPTEE_APPLY_OVERLAY
+ bool "Apply OP-TEE DTBO to barebox and kernel DT"
+ depends on HAVE_OPTEE
+ help
+ Apply the OP-TEE provided device-tree overlay to internal barebox DT
+ and the kernel DT if this option is enabled. This requires barebox
+ machine support and the board lowlevel code to pass the barebox
+ internal DT to OP-TEE while booting.
+
config OPTEE_SIZE
hex
default 0x02000000
diff --git a/security/optee.c b/security/optee.c
index 422bc1c90924ba8ab266b1aa8d06e52c819d2010..d2cda9d77b85947ff222390177666e75e54f9adb 100644
--- a/security/optee.c
+++ b/security/optee.c
@@ -2,10 +2,12 @@
#define pr_fmt(fmt) "optee: " fmt
-#include <tee/optee.h>
+#include <compressed-dtb.h>
#include <linux/printk.h>
#include <linux/errno.h>
#include <linux/limits.h>
+#include <pbl/handoff-data.h>
+#include <tee/optee.h>
static u64 optee_membase = U64_MAX;
@@ -60,3 +62,14 @@ void optee_set_membase(const struct optee_header *hdr)
optee_membase = (u64)hdr->init_load_addr_hi << 32;
optee_membase |= hdr->init_load_addr_lo;
}
+
+void optee_handoff_overlay(void *ovl, unsigned int ovl_sz)
+{
+ if (!IS_ENABLED(CONFIG_OPTEE_APPLY_OVERLAY))
+ return;
+
+ if (!blob_is_fdt(ovl))
+ return;
+
+ handoff_data_add(HANDOFF_DATA_TEE_DT_OVL, ovl, ovl_sz);
+}
--
2.47.3
next prev parent reply other threads:[~2026-02-04 20:02 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-04 20:01 [PATCH v2 00/15] Improve OP-TEE handling Marco Felsch
2026-02-04 20:01 ` [PATCH v2 01/15] ARM: i.MX8M: add support to pass DT via lowlevel __imx8m*_load_and_start_image_via_tfa() Marco Felsch
2026-02-06 9:04 ` Ahmad Fatoum
2026-02-04 20:01 ` [PATCH v2 02/15] ARM: i.MX8M: move BL32 setup into imx8m_tfa_start_bl31() Marco Felsch
2026-02-04 20:01 ` [PATCH v2 03/15] ARM: i.MX8M: imx8m_tfa_start_bl31() add support for bl33 and fdt Marco Felsch
2026-02-04 20:01 ` [PATCH v2 04/15] pbl: decomp: add pbl_dtbz_uncompress helper Marco Felsch
2026-02-04 20:01 ` [PATCH v2 05/15] pbl: fdt: add pbl_load_fdt helper Marco Felsch
2026-02-06 9:16 ` Ahmad Fatoum
2026-02-04 20:01 ` [PATCH v2 06/15] ARM: i.MX: scratch: add FDT support Marco Felsch
2026-02-06 9:40 ` Ahmad Fatoum
2026-02-06 10:02 ` Marco Felsch
2026-02-06 13:01 ` Ahmad Fatoum
2026-02-09 20:50 ` Marco Felsch
2026-02-09 20:59 ` Ahmad Fatoum
2026-02-10 9:35 ` Marco Felsch
2026-02-10 9:41 ` Ahmad Fatoum
2026-02-04 20:01 ` [PATCH v2 07/15] ARM: i.MX8M: esdctl: drop ddrc base from imx8m_ddrc_sdram_size Marco Felsch
2026-02-04 20:01 ` [PATCH v2 08/15] ARM: i.MX8M: esdctl: export imx8m_ddrc_sdram_size() Marco Felsch
2026-02-04 20:01 ` [PATCH v2 09/15] ARM: i.MX8M: add support to pass BL3x bl_params Marco Felsch
2026-02-05 17:02 ` Michael Tretter
2026-02-05 22:41 ` Marco Felsch
2026-02-06 10:20 ` Ahmad Fatoum
2026-02-06 13:46 ` Marco Felsch
2026-02-06 11:55 ` Ahmad Fatoum
2026-02-04 20:01 ` [PATCH v2 10/15] handoff-data: Add TEE_DT_OVL entry Marco Felsch
2026-02-06 11:56 ` Ahmad Fatoum
2026-02-04 20:01 ` Marco Felsch [this message]
2026-02-06 12:25 ` [PATCH v2 11/15] security: optee: add optee_handoff_overlay helper Ahmad Fatoum
2026-02-09 20:18 ` Marco Felsch
2026-02-04 20:01 ` [PATCH v2 12/15] security: optee: add helpers to register OF overlays Marco Felsch
2026-02-06 12:09 ` Ahmad Fatoum
2026-02-09 20:17 ` Marco Felsch
2026-02-04 20:01 ` [PATCH v2 13/15] ARM: i.MX8M: Pass optional OP-TEE overlay to barebox Marco Felsch
2026-02-06 12:04 ` Ahmad Fatoum
2026-02-04 20:01 ` [PATCH v2 14/15] of: base: register optional OP-TEE overlay Marco Felsch
2026-02-06 12:05 ` Ahmad Fatoum
2026-02-06 13:24 ` Marco Felsch
2026-02-04 20:01 ` [PATCH v2 15/15] handoff-data: add missing include Marco Felsch
2026-02-06 12:07 ` Ahmad Fatoum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260204-v2025-09-0-topic-optee-of-handling-v2-11-da075e6818e0@pengutronix.de \
--to=m.felsch@pengutronix.de \
--cc=barebox@lists.infradead.org \
--cc=s.hauer@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox