Blame - src/sbom/Kconfig - coreboot

blob: 43fde4c72c4d370621bcfcb0fee634b1ebe50b25 [file] [log] [blame]

Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	1	## SPDX-License-Identifier: GPL-2.0-only
				2
				3	config SBOM
				4	bool "Include SBOM data for coreboot"
				5	default n
				6	help
				7	Select this option if you want to include a
				8	coswid (Concise Software Identification Tag) of coreboot itself
				9	into the SBOM (Software Bill of Materials) File in your build
				10
				11	if SBOM
				12
				13	config SBOM_COMPILER
				14	bool "Include compiler metadata in SBOM"
				15	default n
				16	help
				17	Select this option if you want to include a
				18	coswid (Concise Software Identification Tag) of the compiler
				19	used to compile coreboot into the SBOM (Software Bill of Materials)
				20	File in your build
				21	Note: if the system toolchain is used to build coreboot
				22	one should check the final SBOM file for the expected results
				23
Maximilian Brune	e6cd4d2	2023-01-21 20:31:05 +0100	[diff] [blame]	24	config SBOM_COMPILER_PATH
				25	string "Path to SBOM file for the compiler"
				26	depends on SBOM_COMPILER
				27	default "build/sbom/compiler-gcc.json" if COMPILER_GCC
				28	default "build/sbom/compiler-clang.json" if COMPILER_LLVM_CLANG
				29	default "build/sbom/compiler-generic.json" if ANY_TOOLCHAIN
				30	help
				31	The path of the SBOM file describing the Software included in the build
				32	File can be a .json, .xml, .cbor, .uswid, or .pc
				33
Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	34	config SBOM_PAYLOAD
				35	bool "Include payload metadata in SBOM"
				36	default n
				37	help
				38	Select this option if you want to include a
				39	coswid (Concise Software Identification Tag) of the payload into
				40	the SBOM (Software Bill of Materials) File in your build
				41
				42	config SBOM_PAYLOAD_GENERATE
				43	bool "Auto-generate generic SBOM info for payload"
Elias Souza	718a7ae	2023-02-16 21:04:09 -0300	[diff] [blame]	44	depends on SBOM_PAYLOAD && (PAYLOAD_BOOTBOOT \|\| PAYLOAD_DEPTHCHARGE \|\| PAYLOAD_FILO \|\| PAYLOAD_GRUB2 \|\| PAYLOAD_LINUXBOOT \|\| PAYLOAD_SEABIOS \|\| PAYLOAD_SKIBOOT \|\| PAYLOAD_UBOOT)
Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	45	default y
				46	help
				47	Select this option if you want coreboot to generate and include
				48	the coswid (Concise Software Identification Tag) instead of supplying
				49	it manually. Be aware that this option is only meant to be a
				50	transition and suppliers of Software should always prefer to include
				51	their own Software descriptions, since ours may be incomplete or
				52	straight up wrong.
				53
				54	config SBOM_PAYLOAD_PATH
Maximilian Brune	e6cd4d2	2023-01-21 20:31:05 +0100	[diff] [blame]	55	string "Path to SBOM file for the payload"
Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	56	depends on SBOM_PAYLOAD && !SBOM_PAYLOAD_GENERATE
				57	help
Maximilian Brune	e6cd4d2	2023-01-21 20:31:05 +0100	[diff] [blame]	58	The path of the SBOM file describing the Software included in the build
				59	File can be a .json, .xml, .cbor, .uswid, or .pc
Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	60
				61	config SBOM_ME
				62	bool "Include ME metadata in SBOM"
				63	depends on HAVE_ME_BIN
				64	default n
				65	help
				66	Select this option if you want to include a
				67	coswid (Concise Software Identification Tag) of the
				68	ME firmware into the SBOM (Software Bill of Materials)
				69	File in your build
				70
				71	config SBOM_ME_GENERATE
				72	bool "Auto-generate generic SBOM info for ME firmware"
				73	depends on SBOM_ME
				74	default y
				75	help
				76	Select this option if you want coreboot to generate and include
				77	the coswid (Concise Software Identification Tag) instead of
				78	supplying it manually. Be aware that this option is only meant
				79	to be a transition and suppliers of Software should always prefer
				80	to include their own Software descriptions, since ours may be
				81	incomplete or straight up wrong.
				82
				83	config SBOM_ME_PATH
				84	string "Path to sbom.json for the ME firmware"
				85	depends on SBOM_ME && !SBOM_ME_GENERATE
				86	help
Maximilian Brune	e6cd4d2	2023-01-21 20:31:05 +0100	[diff] [blame]	87	The path of the SBOM file describing the Software included in the build
				88	File can be a .json, .xml, .cbor, .uswid, or .pc
Maximilian Brune	1d7a9de	2022-04-14 14:54:16 +0200	[diff] [blame]	89
				90	config SBOM_EC
				91	bool "Include EC metadata in SBOM"
				92	depends on HAVE_EC_BIN
				93	default n
				94	help
				95	Select this option if you want to include a
				96	coswid (Concise Software Identification Tag) of the
				97	EC (Embedded Controller) firmware into the
				98	SBOM (Software Bill of Materials) File in your build
				99
				100	config SBOM_EC_PATH
				101	string "Path to SBOM file for the EC firmware"
				102	depends on SBOM_EC
				103	default "src/sbom/generic-ec.json"
				104	help
				105	The path of the SBOM file describing the Software included in the build
				106	File can be a .json, .xml, .cbor, .uswid, or .pc
				107
				108	config SBOM_SINIT_ACM
				109	bool "Include SINIT ACM metadata in SBOM"
				110	depends on INTEL_TXT_SINITACM_FILE != ""
				111	default n
				112	help
				113	Select this option if you want to include a
				114	coswid (Concise Software Identification Tag) of the
				115	SINIT ACM (Authenticated Code Module) firmware into the
				116	SBOM (Software Bill of Materials) File in your build
				117
				118	config SBOM_SINIT_ACM_PATH
				119	string "Path to SBOM file for the SINIT AMC firmware"
				120	depends on SBOM_SINIT_ACM
				121	default "src/sbom/intel-sinit-acm.json"
				122	help
				123	The path of the SBOM file describing the Software included in the build
				124	File can be a .json, .xml, .cbor, .uswid, or .pc
				125
				126	config SBOM_BIOS_ACM
				127	bool "Include BIOS ACM metadata in SBOM"
				128	depends on INTEL_TXT_BIOSACM_FILE != ""
				129	default n
				130	help
				131	Select this option if you want to include a
				132	coswid (Concise Software Identification Tag) of the
				133	BIOS ACM (Authenticated Code Module) firmware into the
				134	SBOM (Software Bill of Materials) File in your build
				135
				136	config SBOM_BIOS_ACM_PATH
				137	string "Path to SBOM file for the BIOS AMC firmware"
				138	depends on SBOM_SINIT_ACM
				139	default "src/sbom/intel-bios-acm.json"
				140	help
				141	The path of the SBOM file describing the Software included in the build
				142	File can be a .json, .xml, .cbor, .uswid, or .pc
				143
				144	config SBOM_MICROCODE
				145	bool "Include microcode metadata in SBOM"
				146	default n
				147	help
				148	Select this option if you want to include a
				149	coswid (Concise Software Identification Tag) of the
				150	microcode firmware into the SBOM (Software Bill of Materials)
				151	File in your build
				152
				153	config SBOM_FSP
				154	bool "Include Intel FSP metadata in SBOM"
				155	default n
				156	depends on (FSP_S_FILE != "" \|\| FSP_M_FILE != "" \|\| FSP_T_FILE != "")
				157	help
				158	Select this option if you want to include a
				159	coswid (Concise Software Identification Tag) of the
				160	FSP firmware into the SBOM (Software Bill of Materials)
				161	File in your build
				162
				163	config SBOM_FSP_PATH
				164	string "Path to SBOM file for the FSP firmware"
				165	depends on SBOM_FSP
				166	default "build/sbom/generic-fsp.json"
				167	help
				168	The path of the SBOM file describing the Software included in the build
				169	File can be a .json, .xml, .cbor, .uswid, or .pc
				170
				171	config SBOM_VBOOT
				172	bool "Include VBOOT metadata in SBOM"
				173	default n
				174	depends on VBOOT_LIB
				175	help
				176	Select this option if you want to include a
				177	coswid (Concise Software Identification Tag) of the
				178	VBOOT Software into the SBOM (Software Bill of Materials)
				179	File in your build
				180
				181	endif