summaryrefslogtreecommitdiff
path: root/src/vboot/Kconfig
blob: a92a2fa5e131485e1af2d946a728783c96e8635b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
## This file is part of the coreboot project.
##
## Copyright (C) 2014 The ChromiumOS Authors.  All rights reserved.
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; version 2 of the License.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
## GNU General Public License for more details.
##

config VBOOT_VBNV_OFFSET
	hex
	default 0x26
	depends on PC80_SYSTEM
	help
	  CMOS offset for VbNv data. This value must match cmos.layout
	  in the mainboard directory, minus 14 bytes for the RTC.

config VBOOT_VBNV_CMOS
	bool "Vboot non-volatile storage in CMOS."
	default n
	help
	  VBNV is stored in CMOS

config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
	bool "Back up Vboot non-volatile storage from CMOS to flash."
	default n
	depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES
	help
	  Vboot non-volatile storage data will be backed up from CMOS to flash
	  and restored from flash if the CMOS is invalid due to power loss.

config VBOOT_VBNV_EC
	bool "Vboot non-volatile storage in EC."
	default n
	help
	  VBNV is stored in EC

config VBOOT_VBNV_FLASH
	def_bool n
	depends on BOOT_DEVICE_SUPPORTS_WRITES
	help
	  VBNV is stored in flash storage

config VBOOT_STARTS_IN_BOOTBLOCK
	bool "Vboot starts verifying in bootblock"
	default n
	depends on VBOOT
	help
	  Firmware verification happens during or at the end of bootblock.

config VBOOT_STARTS_IN_ROMSTAGE
	bool "Vboot starts verifying in romstage"
	default n
	depends on VBOOT && !VBOOT_STARTS_IN_BOOTBLOCK
	help
	  Firmware verification happens during or at the end of romstage.

config VBOOT_MOCK_SECDATA
	bool "Mock secdata for firmware verification"
	default n
	depends on VBOOT
	help
	  Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
	  verification to avoid access to a secdata storage (typically TPM).
	  All operations for a secdata storage will be successful. This option
	  can be used during development when a TPM is not present or broken.
	  THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.

config VBOOT_DISABLE_DEV_ON_RECOVERY
	bool "Disable dev mode on recovery requests"
	default n
	depends on VBOOT
	help
	  When this option is enabled, the Chrome OS device leaves the
	  developer mode as soon as recovery request is detected. This is
	  handy on embedded devices with limited input capabilities.

config SEPARATE_VERSTAGE
	bool "Vboot verification is built into a separate stage"
	default n
	depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK
	help
	  If this option is set, vboot verification runs in a standalone stage
	  that is loaded from the bootblock and exits into romstage. If it is
	  not set, the verification code is linked directly into the bootblock
	  or the romstage and runs as part of that stage (cf. related options
	  VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and RETURN_FROM_VERSTAGE).

config RETURN_FROM_VERSTAGE
	bool "The separate verification stage returns to its caller"
	default n
	depends on SEPARATE_VERSTAGE
	help
	  If this is set, the verstage returns back to the calling stage instead
	  of exiting to the succeeding stage so that the verstage space can be
	  reused by the succeeding stage. This is useful if a RAM space is too
	  small to fit both the verstage and the succeeding stage.

config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
	bool
	default n
	depends on VBOOT
	help
	  This option ensures that the recovery request is not lost because of
	  reboots caused after vboot verification is run. e.g. reboots caused by
	  FSP components on Intel platforms.

config VBOOT_OPROM_MATTERS
	bool "Video option ROM matters (= can skip display init)"
	default n
	depends on VBOOT
	help
	  Set this option to indicate to vboot that this platform will skip its
	  display initialization on a normal (non-recovery, non-developer) boot.
	  Vboot calls this "oprom matters" because on x86 devices this
	  traditionally meant that the video option ROM will not be loaded, but
	  it works functionally the same for other platforms that can skip their
	  native display initialization code instead.

config VBOOT_HAS_REC_HASH_SPACE
	bool
	default n
	depends on VBOOT
	help
	  Set this option to indicate to vboot that recovery data hash space
	  is present in TPM.

config VBOOT_SOFT_REBOOT_WORKAROUND
	bool
	default n

config VBOOT
	bool "Verify firmware with vboot."
	default n
	select TPM if !MAINBOARD_HAS_TPM2
	select TPM2 if MAINBOARD_HAS_TPM2
	select TPM_INIT_FAILURE_IS_FATAL if PC80_SYSTEM && LPC_TPM
	select SKIP_TPM_STARTUP_ON_NORMAL_BOOT if PC80_SYSTEM && LPC_TPM
	depends on HAVE_HARD_RESET
	help
	  Enabling VBOOT will use vboot to verify the components of the firmware
	  (stages, payload, etc).