From df3f95ee1fedcda83e30cd16d79d40e123730032 Mon Sep 17 00:00:00 2001
From: Bowen Wang <wangbowen6@xiaomi.com>
Date: Tue, 7 Nov 2023 17:06:00 +0800
Subject: [PATCH] armv7a/qemu: add QEMU_TRUSTZONE config and default n

Add ARCH_CHIP_QEMU_TRUSTZONE to enable/disable the TrustZone
support beacause qemu also support enable/disable Arm Security
Extensions: https://qemu-project.gitlab.io/qemu/system/arm/virt.html
when launch.

Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
---
 arch/arm/src/goldfish/Kconfig | 12 +++++++++++-
 arch/arm/src/qemu/Kconfig     | 13 ++++++++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/arch/arm/src/goldfish/Kconfig b/arch/arm/src/goldfish/Kconfig
index 9526d26a59..4c92b8f901 100644
--- a/arch/arm/src/goldfish/Kconfig
+++ b/arch/arm/src/goldfish/Kconfig
@@ -17,7 +17,6 @@ config ARCH_CHIP_GOLDFISH_CORTEXA7
 	select ARCH_HAVE_ADDRENV
 	select ARCH_HAVE_LOWVECTORS
 	select ARCH_HAVE_MULTICPU
-	select ARCH_HAVE_TRUSTZONE
 	select ARCH_NEED_ADDRENV_MAPPING
 	select ARMV7A_HAVE_GICv2
 	select ARMV7A_HAVE_GTM
@@ -27,4 +26,15 @@ endchoice # Goldfish Chip Selection
 
 endmenu # "Goldfish Virt Chip Selection"
 
+config ARCH_CHIP_GOLDFISH_TRUSTZONE
+	bool "Enable Arm Security Extensions (TrustZone)"
+	select ARCH_HAVE_TRUSTZONE
+	default n
+	---help---
+		Doc: https://qemu-project.gitlab.io/qemu/system/arm/virt.html
+		shows that set secure=on/of can emulating a guest CPU which
+		implements the Arm Security Extensions (TrustZone).
+		The default is off. And this config can enable/disable
+		TrustZone in qemu chip.
+
 endif # ARCH_CHIP_GOLDFISH_ARM
diff --git a/arch/arm/src/qemu/Kconfig b/arch/arm/src/qemu/Kconfig
index 017bfadd49..4eadae871b 100644
--- a/arch/arm/src/qemu/Kconfig
+++ b/arch/arm/src/qemu/Kconfig
@@ -17,7 +17,6 @@ config ARCH_CHIP_QEMU_CORTEXA7
 	select ARCH_HAVE_ADDRENV
 	select ARCH_HAVE_LOWVECTORS
 	select ARCH_HAVE_MULTICPU
-	select ARCH_HAVE_TRUSTZONE
 	select ARCH_NEED_ADDRENV_MAPPING
 	select ARMV7A_HAVE_GICv2
 	select ARMV7A_HAVE_GTM
@@ -27,4 +26,16 @@ endchoice # Qemu Chip Selection
 
 endmenu # "Qemu Virt Chip Selection"
 
+config ARCH_CHIP_QEMU_TRUSTZONE
+	bool "Enable Arm Security Extensions (TrustZone)"
+	select ARCH_HAVE_TRUSTZONE
+	default n
+	---help---
+		Doc: https://qemu-project.gitlab.io/qemu/system/arm/virt.html
+		shows that set secure=on/of can emulating a guest CPU which
+		implements the Arm Security Extensions (TrustZone).
+		The default is off. And this config can enable/disable
+		TrustZone in qemu chip.
+
+
 endif # ARCH_CHIP_QEMU_ARM