diff options
| author | Jerome Forissier <jerome.forissier@linaro.org> | 2016-05-11 13:28:14 +0200 |
|---|---|---|
| committer | Jerome Forissier <jerome.forissier@linaro.org> | 2016-08-16 18:02:48 +0200 |
| commit | 2ef14de19093188f4f4addd3bf8007309bf46ac3 (patch) | |
| tree | 0bbbcf94a7e762210a38c1534f6a1f876d047cf0 /core/tee/sub.mk | |
| parent | ad5d81d6f8e5ac0f9dd79203215e110eb0ab052f (diff) | |
secure storage: add SQL filesystem
This commit adds a new container type for trusted storage: SQL FS.
Data are stored in the non-secure world, just like the REE FS
(CFG_REE_FS). But, unlike REE FS which manipulates several files for
each secure object, this implementation needs only one container in a
SQLite database per secure object. We rely on the transaction-based
nature of the database to provide atomicity.
A storage identifier is added to the TA API: TEE_STORAGE_PRIVATE_SQL.
Trusted applications can use it to select this filesystem. The value
TEE_STORAGE_PRIVATE defined by GlobalPlatform will also select the
SQL FS if all other implementations are disabled.
This feature is enabled with CFG_SQL_FS=y. It depends on SQL support
in tee-supplicant [1].
[1] https://github.com/OP-TEE/optee_client/pull/50
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Diffstat (limited to 'core/tee/sub.mk')
| -rw-r--r-- | core/tee/sub.mk | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/core/tee/sub.mk b/core/tee/sub.mk index 1a20c15e..5053528d 100644 --- a/core/tee/sub.mk +++ b/core/tee/sub.mk @@ -30,6 +30,7 @@ srcs-y += tee_svc_cryp.c srcs-y += tee_svc_storage.c srcs-$(CFG_RPMB_FS) += tee_rpmb_fs.c srcs-$(CFG_REE_FS) += tee_ree_fs.c +srcs-$(CFG_SQL_FS) += tee_sql_fs.c srcs-y += tee_fs_key_manager.c srcs-y += tee_obj.c srcs-y += tee_pobj.c |