src/vendorcode/google/chromeos/vboot2/Kconfig - coreboot - Gitiles

 ## This file is part of the coreboot project.
 ##
 ## Copyright (C) 2014 The ChromiumOS Authors.  All rights reserved.
 ##
 ## This program is free software; you can redistribute it and/or modify
 ## it under the terms of the GNU General Public License as published by
 ## the Free Software Foundation; version 2 of the License.
 ##
 ## This program is distributed in the hope that it will be useful,
 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ## GNU General Public License for more details.
 ##
 ## You should have received a copy of the GNU General Public License
 ## along with this program; if not, write to the Free Software
 ## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
 ##

 config VBOOT2_VERIFY_FIRMWARE
 	bool "Firmware Verification with vboot2"
 	default n
 	depends on CHROMEOS && HAVE_HARD_RESET
 	help
 	  Enabling VBOOT2_VERIFY_FIRMWARE will use vboot2 to verify the romstage
 	  and boot loader.

 config VBOOT2_MOCK_SECDATA
 	bool "Mock secdata for firmware verification"
 	default n
 	depends on VBOOT2_VERIFY_FIRMWARE
 	help
 	  Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware
 	  verification to avoid access to a secdata storage (typically TPM).
 	  All operations for a secdata storage will be successful. This option
 	  can be used during development when a TPM is not present or broken.
 	  THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.

 config RETURN_FROM_VERSTAGE
 	bool "return from verstage"
 	default n
 	depends on VBOOT2_VERIFY_FIRMWARE
 	help
 	  If this is set, the verstage returns back to the bootblock instead of
 	  exits to the romstage so that the verstage space can be reused by the
 	  romstage. Useful if a ram space is too small to fit both the verstage
 	  and the romstage.

 config VBOOT_ROMSTAGE_INDEX
 	hex
 	default 2
 	depends on VBOOT2_VERIFY_FIRMWARE
 	help
 	  This is the index of the romstage component in the verified
 	  firmware block.

 config VBOOT_DISABLE_DEV_ON_RECOVERY
 	bool "Disable dev mode on recovery requests"
 	default n
 	depends on VBOOT2_VERIFY_FIRMWARE
 	help
 	  When this option is enabled, the Chrome OS device leaves the
 	  developer mode as soon as recovery request is detected. This is
 	  handy on embedded devices with limited input capabilities.
	## This file is part of the coreboot project.
	##
	## Copyright (C) 2014 The ChromiumOS Authors. All rights reserved.
	##
	## This program is free software; you can redistribute it and/or modify
	## it under the terms of the GNU General Public License as published by
	## the Free Software Foundation; version 2 of the License.
	##
	## This program is distributed in the hope that it will be useful,
	## but WITHOUT ANY WARRANTY; without even the implied warranty of
	## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	## GNU General Public License for more details.
	##
	## You should have received a copy of the GNU General Public License
	## along with this program; if not, write to the Free Software
	## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	##

	config VBOOT2_VERIFY_FIRMWARE
	bool "Firmware Verification with vboot2"
	default n
	depends on CHROMEOS && HAVE_HARD_RESET
	help
	Enabling VBOOT2_VERIFY_FIRMWARE will use vboot2 to verify the romstage
	and boot loader.

	config VBOOT2_MOCK_SECDATA
	bool "Mock secdata for firmware verification"
	default n
	depends on VBOOT2_VERIFY_FIRMWARE
	help
	Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware
	verification to avoid access to a secdata storage (typically TPM).
	All operations for a secdata storage will be successful. This option
	can be used during development when a TPM is not present or broken.
	THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.

	config RETURN_FROM_VERSTAGE
	bool "return from verstage"
	default n
	depends on VBOOT2_VERIFY_FIRMWARE
	help
	If this is set, the verstage returns back to the bootblock instead of
	exits to the romstage so that the verstage space can be reused by the
	romstage. Useful if a ram space is too small to fit both the verstage
	and the romstage.

	config VBOOT_ROMSTAGE_INDEX
	hex
	default 2
	depends on VBOOT2_VERIFY_FIRMWARE
	help
	This is the index of the romstage component in the verified
	firmware block.

	config VBOOT_DISABLE_DEV_ON_RECOVERY
	bool "Disable dev mode on recovery requests"
	default n
	depends on VBOOT2_VERIFY_FIRMWARE
	help
	When this option is enabled, the Chrome OS device leaves the
	developer mode as soon as recovery request is detected. This is
	handy on embedded devices with limited input capabilities.