Gitiles
Code Review Sign In
review.coreboot.org / coreboot / 0648267c1a77d3f3f41547ede3a19a832842cf6e / . / src / vendorcode / eltan / security / verified_boot / Kconfig
blob: 50638db5c22497bdde63523996ca6db11676cea5 [file] [log] [blame]
Patrick Georgic49d7a32020-05-08 22:50:46 +0200[diff] [blame]1## SPDX-License-Identifier: GPL-2.0-only
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]2
3menu "Verified Boot (verified_boot)"
4
5config VENDORCODE_ELTAN_VBOOT
6 bool "Enable Verified Boot"
7 depends on !VBOOT
8 default n
Wim Vervoorn82100472020-01-27 15:47:44 +0100[diff] [blame]9 select VBOOT_LIB
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]10
Frans Hendriksc2483822020-11-19 08:54:28 +0100[diff] [blame]11if VENDORCODE_ELTAN_VBOOT
12
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]13config VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
14 bool "Enable Signed Manifest"
15 depends on VENDORCODE_ELTAN_VBOOT
16 default n
17
18config VENDORCODE_ELTAN_VBOOT_USE_SHA512
19 bool "SHA512 hashes"
20 depends on VENDORCODE_ELTAN_VBOOT
21 default n
22 help
23 Use SHA512 for the vboot operations, this applies to the digest in
24 the manifest and the manifest digest.
25
26config VENDORCODE_ELTAN_OEM_MANIFEST_LOC
27 hex "Manifest Location"
28 default 0xFFFFF840
29
30config VENDORCODE_ELTAN_VBOOT_MANIFEST
31 string "Verified boot manifest file"
Patrick Georgib8fba862020-06-17 21:06:53 +0200[diff] [blame]32 default "mainboard/\$(MAINBOARD_DIR)/manifest.h"
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]33
34config VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS
35 int "Manifest Items"
Frans Hendriks06482672023-04-25 11:43:29 +0200[diff] [blame^]36 default 13 if INCLUDE_CONFIG_FILE
Wim Vervoorn3e9061e2019-10-31 10:28:28 +0100[diff] [blame]37 default 12
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]38
39config VENDORCODE_ELTAN_OEM_MANIFEST_ITEM_SIZE
40 int
41 default 64 if VENDORCODE_ELTAN_VBOOT_USE_SHA512
42 default 32
43
44config VENDORCODE_ELTAN_VBOOT_KEY_LOCATION
45 hex "Verified boot Key Location"
46 depends on VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
47 default 0xFFFFF500
48
Wim Vervoornac4896f2019-10-30 15:55:21 +0100[diff] [blame]49config VENDORCODE_ELTAN_VBOOT_KEY_FILE
50 string "Verified boot Key File"
51 depends on VENDORCODE_ELTAN_VBOOT_SIGNED_MANIFEST
Wim Vervoorn82100472020-01-27 15:47:44 +0100[diff] [blame]52 default "3rdparty/eltan/verified_boot/Keys/key.vbpubk"
Wim Vervoornac4896f2019-10-30 15:55:21 +0100[diff] [blame]53
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]54config VENDORCODE_ELTAN_VBOOT_KEY_SIZE
55 int
Wim Vervoorn82100472020-01-27 15:47:44 +0100[diff] [blame]56 default 552
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]57
Frans Hendriksc2483822020-11-19 08:54:28 +0100[diff] [blame]58endif # VENDORCODE_ELTAN_VBOOT
Frans Hendriks72b3c3c2019-07-26 07:59:05 +0200[diff] [blame]59endmenu # Verified Boot (verified_boot)