coreboot-kgpe-d16/configs
Maximilian Brune 1d7a9debf2 Add SBOM (Software Bill of Materials) Generation
Firmware is typically delivered as one large binary image that gets
flashed. Since this final image consists of binaries and data from
a vast number of different people and companies, it's hard to
determine what all the small parts included in it are. The goal of
the software bill of materials (SBOM) is to take a firmware image
and make it easy to find out what it consists of and where those
pieces came from. Basically, this answers the question, who supplied
the code that's running on my system right now? For example, buyers
of a system can use an SBOM to perform an automated vulnerability
check or license analysis, both of which can be used to evaluate
risk in a product. Furthermore, one can quickly check to see if the
firmware is subject to a new vulnerability included in one of the
software parts (with the specified version) of the firmware.
Further reference:
https://web.archive.org/web/20220310104905/https://blogs.gnome.org/hughsie/2022/03/10/firmware-software-bill-of-materials/

- Add Makefile.inc to generate and build coswid tags
- Add templates for most payloads, coreboot, intel-microcode,
  amd-microcode. intel FSP-S/M/T, EC, BIOS_ACM, SINIT_ACM,
  intel ME and compiler (gcc,clang,other)
- Add Kconfig entries to optionally supply a path to CoSWID tags
  instead of using the default CoSWID tags
- Add CBFS entry called SBOM to each build via Makefile.inc
- Add goswid utility tool to generate SBOM data

Signed-off-by: Maximilian Brune <maximilian.brune@9elements.com>
Change-Id: Icb7481d4903f95d200eddbfed7728fbec51819d0
Reviewed-on: https://review.coreboot.org/c/coreboot/+/63639
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Martin Roth <martin.roth@amd.corp-partner.google.com>
2022-08-22 14:48:46 +00:00
..
builder configs: Update configs for OCP Delta Lake LinuxBoot payload 2021-06-01 05:59:06 +00:00
config.asrock_b85m_pro4.debug_smmstore_hotplug_gcov_ubsan_em100 cpu/x86/smm: Drop the V1 smmloader 2021-04-19 06:36:28 +00:00
config.asrock_b85m_pro4.tpm2_txt_placeholder_acms tpm: Remove USER_TPMx options, make TPM1/TPM2 menuconfig visible 2021-05-27 22:01:44 +00:00
config.asus_a88xm-e.agesa_debug AGESA f15tn: Fix building IDS tracing support 2021-08-22 22:17:32 +00:00
config.asus_p2b_ramdebug
config.asus_p8z77-v_lx2.debug_smmstore_hotplug_yabel_em100 configs: Add a weird config for Asus P8Z77-V LX2 2020-12-14 21:01:17 +00:00
config.cavium_cn8100_sff_evb_bdk_verbose_fit_payload_support configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.dell_optiplex_9010_sff config.dell_optiplex_9010_sff: Specify board model 2021-06-09 04:07:43 +00:00
config.emulation_qemu_aarch64_fit_support_timestamps configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.emulation_qemu_power9 src/mainboard/emulation/qemu-power9/*: add QEMU POWER9 mainboard 2022-02-11 20:14:55 +00:00
config.emulation_qemu_riscv_rv64 configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.emulation_qemu_x86_i440fx
config.emulation_qemu_x86_i440fx_asan configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.emulation_qemu_x86_i440fx_debug configs/i440fx: Build-test PARALLEL_MP 2022-02-07 13:48:05 +00:00
config.emulation_qemu_x86_i440fx_noserial configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.emulation_qemu_x86_i440fx_x86_64 configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.emulation_qemu_x86_q35_smm_tseg configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.facebook_fbg1701.mboot_vboot configs/config.facebook_fbg1701: Remove CONFIG_ONBOARD_SAMSUNG_MEM 2021-12-09 20:54:24 +00:00
config.facebook_fbg1701.sbom Add SBOM (Software Bill of Materials) Generation 2022-08-22 14:48:46 +00:00
config.foxconn_g41m configs/config.foxconn_g41m: Build test with X86_64 2021-07-06 06:11:50 +00:00
config.gigabyte_ga-g41m-es2l Document Gigabyte GA-G41M-ES2L 2021-02-22 07:21:30 +00:00
config.google_guado.pch_serialio_uart soc/intel/broadwell: Re-do SerialIO UART console support 2021-06-14 09:59:25 +00:00
config.google_kevin_secdata_mock
config.google_meep_cros treewide: Unify Google branding 2022-07-04 14:02:26 +00:00
config.google_octopus_spi_flash_console
config.google_panther.pch_serialio_uart sb/intel/lynxpoint: Add SerialIO UART console support 2021-06-09 05:21:23 +00:00
config.google_reef_cros drivers/pc80/rtc: Drop CMOS_POST_EXTRA option 2020-04-20 06:13:39 +00:00
config.google_trogdor.build_test configs: Add build test configs for CBFS verification 2022-01-08 00:41:18 +00:00
config.google_volteer.build_test_purposes configs: Add build test configs for CBFS verification 2022-01-08 00:41:18 +00:00
config.hp_compaq_8200_elite_sff_pc.x86_64 configs: Build test x86_64 on Sandy Bridge 2021-07-05 16:49:22 +00:00
config.intel_coffeelake_rvp11.fsp_car fsp2_0: Clean up around `config FSP_USE_REPO` 2020-04-05 23:26:04 +00:00
config.intel_galileo_gen1
config.intel_galileo_gen2
config.intel_galileo_gen2.debug
config.intel_galileo_gen2.fsp2.0
config.intel_galileo_gen2.sd
config.intel_galileo_gen2.vboot
config.intel_harcuvar
config.lenovo_t400_vboot_and_debug nb/intel/gm45: Enable 64bit support 2022-05-13 10:57:41 +00:00
config.lenovo_t420_static_option_table_no_mem_fuses
config.lenovo_thinkpad_t430_all_debug_and_option_table
config.lenovo_x201_all_debug_option_table_bt_on_wifi
config.lenovo_x220_mrc_bin
config.lenovo_x220_option_table_debug_tpm_extended_cbfs
config.libretrend_lt1000 configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.msi_ms7d25 payloads/tianocore: Rename TianoCore to edk2 2022-08-13 16:35:18 +00:00
config.ocp_deltalake_cbnt configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.ocp_tiogapass
config.pcengines_apu1
config.pcengines_apu2
config.pcengines_apu3
config.pcengines_apu4
config.pcengines_apu5
config.portwell_m107.debug_smmstore_oxpcie_em100spi configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00
config.prodrive_hermes configs: Update prodrive hermes 2022-07-14 12:48:20 +00:00
config.purism_librem15_v4.txt_build_test security/intel/txt: Add Intel TXT support 2020-07-31 16:02:54 +00:00
config.purism_librem15_v4_stm configs/config.stm: Correct config file name 2020-07-21 22:08:04 +00:00
config.scaleway_tagada configs: Add a sample config for scaleway tagada 2020-11-20 00:45:37 +00:00
config.system76_gaze15 payloads/tianocore: Rename TianoCore to edk2 2022-08-13 16:35:18 +00:00
config.system76_lemp9 payloads/tianocore: Rename TianoCore to edk2 2022-08-13 16:35:18 +00:00
config.system76_oryp5 payloads/tianocore: Rename TianoCore to edk2 2022-08-13 16:35:18 +00:00
config.up_squared.vboot_spi_flash_console configs: Explicitly specify vendor and mainboard 2021-07-07 05:48:25 +00:00