| Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 1 | ## This file is part of the coreboot project. |
| 2 | ## |
| 3 | ## Copyright (C) 2014 The ChromiumOS Authors. All rights reserved. |
| 4 | ## |
| 5 | ## This program is free software; you can redistribute it and/or modify |
| 6 | ## it under the terms of the GNU General Public License as published by |
| 7 | ## the Free Software Foundation; version 2 of the License. |
| 8 | ## |
| 9 | ## This program is distributed in the hope that it will be useful, |
| 10 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | ## GNU General Public License for more details. |
| 13 | ## |
| 14 | ## You should have received a copy of the GNU General Public License |
| 15 | ## along with this program; if not, write to the Free Software |
| Patrick Georgi | b890a12 | 2015-03-26 15:17:45 +0100 | [diff] [blame] | 16 | ## Foundation, Inc. |
| Daisuke Nojiri | 742fc8d | 2014-10-10 10:51:06 -0700 | [diff] [blame] | 17 | ## |
| 18 | |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 19 | config VBOOT_STARTS_IN_BOOTBLOCK |
| Aaron Durbin | d2ab4e4 | 2015-05-08 16:01:31 -0500 | [diff] [blame] | 20 | bool "Vboot starts verifying in bootblock" |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 21 | default n |
| 22 | depends on VBOOT_VERIFY_FIRMWARE |
| 23 | help |
| 24 | Firmware verification happens during or at the end of bootblock. |
| 25 | |
| 26 | config VBOOT_STARTS_IN_ROMSTAGE |
| Aaron Durbin | d2ab4e4 | 2015-05-08 16:01:31 -0500 | [diff] [blame] | 27 | bool "Vboot starts verifying in romstage" |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 28 | default n |
| 29 | depends on VBOOT_VERIFY_FIRMWARE && !VBOOT_STARTS_IN_BOOTBLOCK |
| 30 | help |
| 31 | Firmware verification happens during or at the end of romstage. |
| 32 | |
| Daisuke Nojiri | 5d302c7 | 2015-04-09 08:18:22 -0700 | [diff] [blame] | 33 | config VBOOT2_MOCK_SECDATA |
| 34 | bool "Mock secdata for firmware verification" |
| 35 | default n |
| Aaron Durbin | 1124cec | 2015-04-22 10:41:42 -0500 | [diff] [blame] | 36 | depends on VBOOT_VERIFY_FIRMWARE |
| Daisuke Nojiri | 5d302c7 | 2015-04-09 08:18:22 -0700 | [diff] [blame] | 37 | help |
| 38 | Enabling VBOOT2_MOCK_SECDATA will mock secdata for the firmware |
| 39 | verification to avoid access to a secdata storage (typically TPM). |
| 40 | All operations for a secdata storage will be successful. This option |
| 41 | can be used during development when a TPM is not present or broken. |
| 42 | THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES. |
| 43 | |
| Vadim Bendebury | 30773d2 | 2015-03-20 16:11:13 -0700 | [diff] [blame] | 44 | config VBOOT_DISABLE_DEV_ON_RECOVERY |
| 45 | bool "Disable dev mode on recovery requests" |
| 46 | default n |
| Aaron Durbin | 1124cec | 2015-04-22 10:41:42 -0500 | [diff] [blame] | 47 | depends on VBOOT_VERIFY_FIRMWARE |
| Vadim Bendebury | 30773d2 | 2015-03-20 16:11:13 -0700 | [diff] [blame] | 48 | help |
| 49 | When this option is enabled, the Chrome OS device leaves the |
| 50 | developer mode as soon as recovery request is detected. This is |
| 51 | handy on embedded devices with limited input capabilities. |
| Patrick Georgi | efc6aa0 | 2015-04-27 18:13:50 +0200 | [diff] [blame] | 52 | |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 53 | config SEPARATE_VERSTAGE |
| Aaron Durbin | d2ab4e4 | 2015-05-08 16:01:31 -0500 | [diff] [blame] | 54 | bool "Vboot verification is built into a separate stage" |
| Patrick Georgi | efc6aa0 | 2015-04-27 18:13:50 +0200 | [diff] [blame] | 55 | default n |
| Aaron Durbin | 1124cec | 2015-04-22 10:41:42 -0500 | [diff] [blame] | 56 | depends on VBOOT_VERIFY_FIRMWARE |
| Patrick Georgi | efc6aa0 | 2015-04-27 18:13:50 +0200 | [diff] [blame] | 57 | |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 58 | config RETURN_FROM_VERSTAGE |
| Aaron Durbin | d2ab4e4 | 2015-05-08 16:01:31 -0500 | [diff] [blame] | 59 | bool "The separate verification stage returns to its caller" |
| Aaron Durbin | 57e3728 | 2015-04-28 16:17:25 -0500 | [diff] [blame] | 60 | default n |
| 61 | depends on SEPARATE_VERSTAGE |
| 62 | help |
| 63 | If this is set, the verstage returns back to the calling stage instead |
| 64 | of exiting to the succeeding stage so that the verstage space can be |
| 65 | reused by the succeeding stage. This is useful if a ram space is too |
| 66 | small to fit both the verstage and the succeeding stage. |
| Aaron Durbin | 5abcba7 | 2015-04-28 16:02:17 -0500 | [diff] [blame] | 67 | |
| 68 | # These VBOOT_X_INDEX are the position of X in FW_MAIN_A/B region. The index |
| 69 | # table is created by cros_bundle_firmware at build time based on the positions |
| 70 | # of the blobs listed in fmap.dts and stored at the top of FW_MAIN_A/B region. |
| 71 | # Unfortunately, there is no programmatical link between the blob list and the |
| 72 | # index number here. |
| 73 | config VBOOT_ROMSTAGE_INDEX |
| 74 | hex "Romstage component index" |
| 75 | default 2 |
| 76 | depends on VBOOT_VERIFY_FIRMWARE |
| 77 | help |
| 78 | This is the index of the romstage component in the verified |
| 79 | firmware block. |
| 80 | |
| 81 | config VBOOT_RAMSTAGE_INDEX |
| 82 | hex "Ramstage component index" |
| 83 | default 1 |
| 84 | depends on VBOOT_VERIFY_FIRMWARE |
| 85 | help |
| 86 | This is the index of the ramstage component in the verified |
| 87 | firmware block. |
| 88 | |
| 89 | config VBOOT_REFCODE_INDEX |
| 90 | hex "Reference code firmware index" |
| 91 | default 1 |
| 92 | depends on VBOOT_VERIFY_FIRMWARE |
| 93 | help |
| 94 | This is the index of the reference code component in the verified |
| 95 | firmware block. |
| 96 | |
| 97 | config VBOOT_BOOT_LOADER_INDEX |
| 98 | hex "Bootloader component index" |
| 99 | default 0 |
| 100 | depends on VBOOT_VERIFY_FIRMWARE |
| 101 | help |
| 102 | This is the index of the bootloader component in the verified |
| 103 | firmware block. |
| Aaron Durbin | 0e571fd | 2015-05-08 17:14:15 -0500 | [diff] [blame] | 104 | |
| Aaron Durbin | e007b0c | 2015-06-08 14:57:31 -0500 | [diff] [blame^] | 105 | config VBOOT_SECURE_OS_INDEX |
| 106 | hex "ARM64 Secure OS index" |
| 107 | default 0x5 |
| 108 | depends on VBOOT_VERIFY_FIRMWARE |
| 109 | help |
| 110 | Secure OS software component used on ARM64 machines. |
| 111 | |
| 112 | config VBOOT_BL31_INDEX |
| 113 | hex "ARM64 BL31 index" |
| 114 | default 0x4 |
| 115 | depends on VBOOT_VERIFY_FIRMWARE |
| 116 | help |
| 117 | This is the index of the BL31 program on ARM64 machines. |
| 118 | |
| Aaron Durbin | 0e571fd | 2015-05-08 17:14:15 -0500 | [diff] [blame] | 119 | config VBOOT_DYNAMIC_WORK_BUFFER |
| 120 | bool "Vboot's work buffer is dynamically allocated." |
| 121 | default n |
| 122 | depends on VBOOT_VERIFY_FIRMWARE |
| 123 | help |
| 124 | This option is used when there isn't enough pre-main memory |
| 125 | ram to allocate the vboot work buffer. That means vboot verification |
| 126 | is after memory init and requires main memory to back the work |
| 127 | buffer. |