coreboot-kgpe-d16/src/mainboard/intel/galileo/Kconfig

189 lines
4.7 KiB
Text
Raw Normal View History

##
## This file is part of the coreboot project.
##
## Copyright (C) 2015-2018 Intel Corp.
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; version 2 of the License.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
if BOARD_INTEL_GALILEO
config BOARD_SPECIFIC_OPTIONS
def_bool y
select BOARD_ROMSIZE_KB_8192
select ENABLE_BUILTIN_HSUART1
select HAVE_ACPI_TABLES
select SOC_INTEL_QUARK
select MAINBOARD_HAS_I2C_TPM_ATMEL
select MAINBOARD_HAS_TPM2
config MAINBOARD_DIR
string
default intel/galileo
config MAINBOARD_PART_NUMBER
string
default "Galileo"
config MAINBOARD_VENDOR
string
default "Intel"
config GALILEO_GEN2
bool "Board generation: GEN1 (n) or GEN2 (y)"
default y
help
The coreboot binary will configure only one generation of the Galileo
board since coreboot can not determine the board generation at
runtime. Select which generation of the Galileo that coreboot
should initialize.
choice
prompt "FSP version"
default FSP_VERSION_2_0
config FSP_VERSION_1_1
bool "FSP 1.1"
select PLATFORM_USES_FSP1_1
# select ADD_FSP_RAW_BIN
help
Use FSP 1_1 binary
config FSP_VERSION_2_0
bool "FSP 2.0"
select PLATFORM_USES_FSP2_0
select UDK_2015_BINDING
select POSTCAR_STAGE
help
Use FSP 2.0 binary
endchoice
config FSP_VERSION
string
default "fsp1_1" if FSP_VERSION_1_1
default "fsp2_0" if FSP_VERSION_2_0
choice
prompt "FSP binary type"
default FSP_BUILD_TYPE_DEBUG
config FSP_BUILD_TYPE_DEBUG
bool "Debug"
help
Use the debug version of FSP
config FSP_BUILD_TYPE_RELEASE
bool "Release"
help
Use the release version of FSP
endchoice
config FSP_BUILD_TYPE
string
default "DEBUG" if FSP_BUILD_TYPE_DEBUG
default "RELEASE" if FSP_BUILD_TYPE_RELEASE
choice
prompt "FSP type"
depends on FSP_VERSION_2_0 || FSP_VERSION_1_1
default FSP_TYPE_1_1_PEI if FSP_VERSION_1_1
default FSP_TYPE_2_0_PEI if FSP_VERSION_2_0
config FSP_TYPE_1_1
bool "MemInit subroutine"
depends on FSP_VERSION_1_1
help
FSP 1.1 implemented as subroutines, no EDK-II cores
config FSP_TYPE_1_1_PEI
bool "SEC + PEI Core + MemInit PEIM"
depends on FSP_VERSION_1_1
help
FSP 1.1 implemented using SEC and PEI core
config FSP_TYPE_2_0
bool "MemInit subroutine"
depends on FSP_VERSION_2_0
help
FSP 2.0 implemented as subroutines, no EDK-II cores
config FSP_TYPE_2_0_PEI
bool "SEC + PEI Core + MemInit PEIM"
depends on FSP_VERSION_2_0
help
FSP 2.0 implemented using SEC and PEI core
endchoice
config FSP_TYPE
string
default "Fsp1_1" if FSP_TYPE_1_1
default "Fsp1_1Pei" if FSP_TYPE_1_1_PEI
default "Fsp2_0" if FSP_TYPE_2_0
default "Fsp2_0Pei" if FSP_TYPE_2_0_PEI
config FSP_DEBUG_ALL
bool "Enable all FSP debug support"
depends on FSP_VERSION_2_0 || FSP_VERSION_1_1
default y
# Enable display and verification for coreboot build tests
select DISPLAY_HOBS
select DISPLAY_MTRRS
select DISPLAY_SMM_MEMORY_MAP
select DISPLAY_UPD_DATA
select DISPLAY_ESRAM_LAYOUT if FSP_VERSION_2_0
select DISPLAY_FSP_CALLS_AND_STATUS if FSP_VERSION_2_0
select DISPLAY_FSP_HEADER if FSP_VERSION_2_0
select POSTCAR_CONSOLE if FSP_VERSION_2_0
select VERIFY_HOBS if FSP_VERSION_2_0
select DISPLAY_FSP_ENTRY_POINTS if FSP_VERSION_1_1
help
Turn on debug support to display HOBS, MTRRS, SMM_MEMORY_MAP, UPD_DATA
also turn on FSP 2.0 debug support for ESRAM_LAYOUT,
FSP_CALLS_AND_STATUS, FSP_HEADER, POSTCAR_CONSOLE and VERIFY_HOBS
or FSP 1.1 DISPLAY_FSP_ENTRY_POINTS
mainboard/intel/galileo: Add vboot support Add the necessary files and changes to support vboot. TEST=Build and run on Galileo Gen2 with a SparkFun CryptoShield 1. Obtain and install a SparkFun CryptoShield. https://www.sparkfun.com/products/13183 2. Edit src/mainboard/intel/galileo/Kconfig to select VBOOT_WITH_CRYPTO_SHIELD 3. Use make menuconfig to update the config values and select a payload that will fit. I used SeaBIOS which does not boot. 4. Build coreboot 5. Use the command file below to generate the signed coreboot image. 6. Flash build/coreboot.rom onto the Galileo board 7. The test is successful if verstage detects that it needs recovery after Phase 1. This is expected because the image does not contain the GBB section. 8. Flash build/coreboot.signed.bin onto the Galileo board 9. The test is successful if verstage reaches Phase 4 and selects SLOT A to load the rest of the files. commands: gbb_utility -c 0x100,0x1000,0x7ce80,0x1000 gbb.blob dd conv=fdatasync ibs=4096 obs=4096 count=1553 \ if=build/coreboot.rom of=build/coreboot.signed.rom dd conv=fdatasync obs=4096 obs=4096 seek=1553 if=gbb.blob \ of=build/coreboot.signed.rom dd conv=fdatasync ibs=4096 obs=4096 skip=1680 seek=1680 \ count=368 if=build/coreboot.rom of=build/coreboot.signed.rom gbb_utility \ --set --hwid='Galileo' \ -r $PWD/keys/recovery_key.vbpubk \ -k $PWD/keys/root_key.vbpubk \ build/coreboot.signed.rom 3rdparty/vboot/scripts/image_signing/sign_firmware.sh \ build/coreboot.signed.rom \ $PWD/keys \ build/coreboot.signed.rom Change-Id: I02eb0ef647cd34c13a5fe8be0bdbe1bb38524d0c Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com> Reviewed-on: https://review.coreboot.org/18821 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-01-04 17:34:01 +01:00
config VBOOT_WITH_CRYPTO_SHIELD
bool "Verified boot using the Crypto Shield board"
default n
select COLLECT_TIMESTAMPS
select VBOOT_SEPARATE_VERSTAGE
mainboard/intel/galileo: Add vboot support Add the necessary files and changes to support vboot. TEST=Build and run on Galileo Gen2 with a SparkFun CryptoShield 1. Obtain and install a SparkFun CryptoShield. https://www.sparkfun.com/products/13183 2. Edit src/mainboard/intel/galileo/Kconfig to select VBOOT_WITH_CRYPTO_SHIELD 3. Use make menuconfig to update the config values and select a payload that will fit. I used SeaBIOS which does not boot. 4. Build coreboot 5. Use the command file below to generate the signed coreboot image. 6. Flash build/coreboot.rom onto the Galileo board 7. The test is successful if verstage detects that it needs recovery after Phase 1. This is expected because the image does not contain the GBB section. 8. Flash build/coreboot.signed.bin onto the Galileo board 9. The test is successful if verstage reaches Phase 4 and selects SLOT A to load the rest of the files. commands: gbb_utility -c 0x100,0x1000,0x7ce80,0x1000 gbb.blob dd conv=fdatasync ibs=4096 obs=4096 count=1553 \ if=build/coreboot.rom of=build/coreboot.signed.rom dd conv=fdatasync obs=4096 obs=4096 seek=1553 if=gbb.blob \ of=build/coreboot.signed.rom dd conv=fdatasync ibs=4096 obs=4096 skip=1680 seek=1680 \ count=368 if=build/coreboot.rom of=build/coreboot.signed.rom gbb_utility \ --set --hwid='Galileo' \ -r $PWD/keys/recovery_key.vbpubk \ -k $PWD/keys/root_key.vbpubk \ build/coreboot.signed.rom 3rdparty/vboot/scripts/image_signing/sign_firmware.sh \ build/coreboot.signed.rom \ $PWD/keys \ build/coreboot.signed.rom Change-Id: I02eb0ef647cd34c13a5fe8be0bdbe1bb38524d0c Signed-off-by: Lee Leahy <leroy.p.leahy@intel.com> Reviewed-on: https://review.coreboot.org/18821 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-01-04 17:34:01 +01:00
select VBOOT
select VBOOT_STARTS_IN_BOOTBLOCK
select VBOOT_SOFT_REBOOT_WORKAROUND
select VBOOT_VBNV_CMOS
help
Perform a verified boot using the TPM on the Crypto Shield board.
config DRIVER_TPM_I2C_ADDR
hex "Address of the I2C TPM chip"
depends on VBOOT_WITH_CRYPTO_SHIELD
default 0x29
help
I2C address of the TPM chip on the Crypto Shield board.
config FMDFILE
string "FMAP description file in fmd format"
depends on VBOOT
default "src/mainboard/$(CONFIG_MAINBOARD_DIR)/vboot.fmd"
help
The build system creates a default FMAP from ROM_SIZE and CBFS_SIZE,
but in some cases more complex setups are required.
When an FMD descriptionn file is specified, the build system uses it
instead of creating a default FMAP file.
config ENABLE_SD_TESTING
bool "Enable SD card testing"
default y
select COMMONLIB_STORAGE_SD
select SDHC_DEBUG
select STORAGE_LOG
select STORAGE_TEST
endif # BOARD_INTEL_QUARK