Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 1 | ## SPDX-License-Identifier: GPL-2.0-only |
| 2 | |
| 3 | config SBOM |
| 4 | bool "Include SBOM data for coreboot" |
| 5 | default n |
| 6 | help |
| 7 | Select this option if you want to include a |
| 8 | coswid (Concise Software Identification Tag) of coreboot itself |
| 9 | into the SBOM (Software Bill of Materials) File in your build |
| 10 | |
| 11 | if SBOM |
| 12 | |
| 13 | config SBOM_COMPILER |
| 14 | bool "Include compiler metadata in SBOM" |
| 15 | default n |
| 16 | help |
| 17 | Select this option if you want to include a |
| 18 | coswid (Concise Software Identification Tag) of the compiler |
| 19 | used to compile coreboot into the SBOM (Software Bill of Materials) |
| 20 | File in your build |
| 21 | Note: if the system toolchain is used to build coreboot |
| 22 | one should check the final SBOM file for the expected results |
| 23 | |
Maximilian Brune | e6cd4d2 | 2023-01-21 20:31:05 +0100 | [diff] [blame] | 24 | config SBOM_COMPILER_PATH |
| 25 | string "Path to SBOM file for the compiler" |
| 26 | depends on SBOM_COMPILER |
| 27 | default "build/sbom/compiler-gcc.json" if COMPILER_GCC |
| 28 | default "build/sbom/compiler-clang.json" if COMPILER_LLVM_CLANG |
| 29 | default "build/sbom/compiler-generic.json" if ANY_TOOLCHAIN |
| 30 | help |
| 31 | The path of the SBOM file describing the Software included in the build |
| 32 | File can be a .json, .xml, .cbor, .uswid, or .pc |
| 33 | |
Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 34 | config SBOM_PAYLOAD |
| 35 | bool "Include payload metadata in SBOM" |
| 36 | default n |
| 37 | help |
| 38 | Select this option if you want to include a |
| 39 | coswid (Concise Software Identification Tag) of the payload into |
| 40 | the SBOM (Software Bill of Materials) File in your build |
| 41 | |
| 42 | config SBOM_PAYLOAD_GENERATE |
| 43 | bool "Auto-generate generic SBOM info for payload" |
Elias Souza | 718a7ae | 2023-02-16 21:04:09 -0300 | [diff] [blame] | 44 | depends on SBOM_PAYLOAD && (PAYLOAD_BOOTBOOT || PAYLOAD_DEPTHCHARGE || PAYLOAD_FILO || PAYLOAD_GRUB2 || PAYLOAD_LINUXBOOT || PAYLOAD_SEABIOS || PAYLOAD_SKIBOOT || PAYLOAD_UBOOT) |
Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 45 | default y |
| 46 | help |
| 47 | Select this option if you want coreboot to generate and include |
| 48 | the coswid (Concise Software Identification Tag) instead of supplying |
| 49 | it manually. Be aware that this option is only meant to be a |
| 50 | transition and suppliers of Software should always prefer to include |
| 51 | their own Software descriptions, since ours may be incomplete or |
| 52 | straight up wrong. |
| 53 | |
| 54 | config SBOM_PAYLOAD_PATH |
Maximilian Brune | e6cd4d2 | 2023-01-21 20:31:05 +0100 | [diff] [blame] | 55 | string "Path to SBOM file for the payload" |
Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 56 | depends on SBOM_PAYLOAD && !SBOM_PAYLOAD_GENERATE |
| 57 | help |
Maximilian Brune | e6cd4d2 | 2023-01-21 20:31:05 +0100 | [diff] [blame] | 58 | The path of the SBOM file describing the Software included in the build |
| 59 | File can be a .json, .xml, .cbor, .uswid, or .pc |
Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 60 | |
| 61 | config SBOM_ME |
| 62 | bool "Include ME metadata in SBOM" |
| 63 | depends on HAVE_ME_BIN |
| 64 | default n |
| 65 | help |
| 66 | Select this option if you want to include a |
| 67 | coswid (Concise Software Identification Tag) of the |
| 68 | ME firmware into the SBOM (Software Bill of Materials) |
| 69 | File in your build |
| 70 | |
| 71 | config SBOM_ME_GENERATE |
| 72 | bool "Auto-generate generic SBOM info for ME firmware" |
| 73 | depends on SBOM_ME |
| 74 | default y |
| 75 | help |
| 76 | Select this option if you want coreboot to generate and include |
| 77 | the coswid (Concise Software Identification Tag) instead of |
| 78 | supplying it manually. Be aware that this option is only meant |
| 79 | to be a transition and suppliers of Software should always prefer |
| 80 | to include their own Software descriptions, since ours may be |
| 81 | incomplete or straight up wrong. |
| 82 | |
| 83 | config SBOM_ME_PATH |
| 84 | string "Path to sbom.json for the ME firmware" |
| 85 | depends on SBOM_ME && !SBOM_ME_GENERATE |
| 86 | help |
Maximilian Brune | e6cd4d2 | 2023-01-21 20:31:05 +0100 | [diff] [blame] | 87 | The path of the SBOM file describing the Software included in the build |
| 88 | File can be a .json, .xml, .cbor, .uswid, or .pc |
Maximilian Brune | 1d7a9de | 2022-04-14 14:54:16 +0200 | [diff] [blame] | 89 | |
| 90 | config SBOM_EC |
| 91 | bool "Include EC metadata in SBOM" |
| 92 | depends on HAVE_EC_BIN |
| 93 | default n |
| 94 | help |
| 95 | Select this option if you want to include a |
| 96 | coswid (Concise Software Identification Tag) of the |
| 97 | EC (Embedded Controller) firmware into the |
| 98 | SBOM (Software Bill of Materials) File in your build |
| 99 | |
| 100 | config SBOM_EC_PATH |
| 101 | string "Path to SBOM file for the EC firmware" |
| 102 | depends on SBOM_EC |
| 103 | default "src/sbom/generic-ec.json" |
| 104 | help |
| 105 | The path of the SBOM file describing the Software included in the build |
| 106 | File can be a .json, .xml, .cbor, .uswid, or .pc |
| 107 | |
| 108 | config SBOM_SINIT_ACM |
| 109 | bool "Include SINIT ACM metadata in SBOM" |
| 110 | depends on INTEL_TXT_SINITACM_FILE != "" |
| 111 | default n |
| 112 | help |
| 113 | Select this option if you want to include a |
| 114 | coswid (Concise Software Identification Tag) of the |
| 115 | SINIT ACM (Authenticated Code Module) firmware into the |
| 116 | SBOM (Software Bill of Materials) File in your build |
| 117 | |
| 118 | config SBOM_SINIT_ACM_PATH |
| 119 | string "Path to SBOM file for the SINIT AMC firmware" |
| 120 | depends on SBOM_SINIT_ACM |
| 121 | default "src/sbom/intel-sinit-acm.json" |
| 122 | help |
| 123 | The path of the SBOM file describing the Software included in the build |
| 124 | File can be a .json, .xml, .cbor, .uswid, or .pc |
| 125 | |
| 126 | config SBOM_BIOS_ACM |
| 127 | bool "Include BIOS ACM metadata in SBOM" |
| 128 | depends on INTEL_TXT_BIOSACM_FILE != "" |
| 129 | default n |
| 130 | help |
| 131 | Select this option if you want to include a |
| 132 | coswid (Concise Software Identification Tag) of the |
| 133 | BIOS ACM (Authenticated Code Module) firmware into the |
| 134 | SBOM (Software Bill of Materials) File in your build |
| 135 | |
| 136 | config SBOM_BIOS_ACM_PATH |
| 137 | string "Path to SBOM file for the BIOS AMC firmware" |
| 138 | depends on SBOM_SINIT_ACM |
| 139 | default "src/sbom/intel-bios-acm.json" |
| 140 | help |
| 141 | The path of the SBOM file describing the Software included in the build |
| 142 | File can be a .json, .xml, .cbor, .uswid, or .pc |
| 143 | |
| 144 | config SBOM_MICROCODE |
| 145 | bool "Include microcode metadata in SBOM" |
| 146 | default n |
| 147 | help |
| 148 | Select this option if you want to include a |
| 149 | coswid (Concise Software Identification Tag) of the |
| 150 | microcode firmware into the SBOM (Software Bill of Materials) |
| 151 | File in your build |
| 152 | |
| 153 | config SBOM_FSP |
| 154 | bool "Include Intel FSP metadata in SBOM" |
| 155 | default n |
| 156 | depends on (FSP_S_FILE != "" || FSP_M_FILE != "" || FSP_T_FILE != "") |
| 157 | help |
| 158 | Select this option if you want to include a |
| 159 | coswid (Concise Software Identification Tag) of the |
| 160 | FSP firmware into the SBOM (Software Bill of Materials) |
| 161 | File in your build |
| 162 | |
| 163 | config SBOM_FSP_PATH |
| 164 | string "Path to SBOM file for the FSP firmware" |
| 165 | depends on SBOM_FSP |
| 166 | default "build/sbom/generic-fsp.json" |
| 167 | help |
| 168 | The path of the SBOM file describing the Software included in the build |
| 169 | File can be a .json, .xml, .cbor, .uswid, or .pc |
| 170 | |
| 171 | config SBOM_VBOOT |
| 172 | bool "Include VBOOT metadata in SBOM" |
| 173 | default n |
| 174 | depends on VBOOT_LIB |
| 175 | help |
| 176 | Select this option if you want to include a |
| 177 | coswid (Concise Software Identification Tag) of the |
| 178 | VBOOT Software into the SBOM (Software Bill of Materials) |
| 179 | File in your build |
| 180 | |
| 181 | endif |