Kconfig: Move CONFIG_FIT and related options to Kconfig
There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.
Move these options to Kconfig and tidy up board configuration:
CONFIG_FIT
CONFIG_OF_BOARD_SETUP
CONFIG_OF_SYSTEM_SETUP
CONFIG_FIT_SIGNATURE
CONFIG_FIT_BEST_MATCH
CONFIG_FIT_VERBOSE
CONFIG_OF_STDOUT_VIA_ALIAS
CONFIG_RSA
Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.
Note: Masahiro's moveconfig.py script is amazing.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
diff --git a/Kconfig b/Kconfig
index 3ce5ba1..a9a4938 100644
--- a/Kconfig
+++ b/Kconfig
@@ -177,6 +177,10 @@
images of various types (kernel, FDT blob, ramdisk, etc.)
in a single blob. To boot this new uImage structure,
pass the address of the blob to the "bootm" command.
+ FIT is very flexible, supporting compression, multiple images,
+ multiple configurations, verification through hashing and also
+ verified boot (secure boot using RSA). This option enables that
+ feature.
config FIT_VERBOSE
bool "Display verbose messages on FIT boot"
@@ -191,8 +195,62 @@
This option enables signature verification of FIT uImages,
using a hash signed and verified using RSA. If
CONFIG_SHA_PROG_HW_ACCEL is defined, i.e support for progressive
- hashing is available using hardware, RSA library will use it.
- See doc/uImage.FIT/signature.txt for more details.
+ hashing is available using hardware, then then RSA library will use
+ it. See doc/uImage.FIT/signature.txt for more details.
+
+ WARNING: When relying on signed FIT images with a required signature
+ check the legacy image format is disabled by default, so that
+ unsigned images cannot be loaded. If a board needs the legacy image
+ format support in this case, enable it using
+ CONFIG_IMAGE_FORMAT_LEGACY.
+
+config FIT_BEST_MATCH
+ bool "Select the best match for the kernel device tree"
+ depends on FIT
+ help
+ When no configuration is explicitly selected, default to the
+ one whose fdt's compatibility field best matches that of
+ U-Boot itself. A match is considered "best" if it matches the
+ most specific compatibility entry of U-Boot's fdt's root node.
+ The order of entries in the configuration's fdt is ignored.
+
+config FIT_VERBOSE
+ bool "Show verbose messages when FIT images fails"
+ depends on FIT
+ help
+ Generally a system will have valid FIT images so debug messages
+ are a waste of code space. If you are debugging your images then
+ you can enable this option to get more verbose information about
+ failures.
+
+config OF_BOARD_SETUP
+ bool "Set up board-specific details in device tree before boot"
+ depends on OF_LIBFDT
+ help
+ This causes U-Boot to call ft_board_setup() before booting into
+ the Operating System. This function can set up various
+ board-specific information in the device tree for use by the OS.
+ The device tree is then passed to the OS.
+
+config OF_SYSTEM_SETUP
+ bool "Set up system-specific details in device tree before boot"
+ depends on OF_LIBFDT
+ help
+ This causes U-Boot to call ft_system_setup() before booting into
+ the Operating System. This function can set up various
+ system-specific information in the device tree for use by the OS.
+ The device tree is then passed to the OS.
+
+config OF_STDOUT_VIA_ALIAS
+ bool "Update the device-tree stdout alias from U-Boot"
+ depends on OF_LIBFDT
+ help
+ This uses U-Boot's serial alias from the aliases node to update
+ the device tree passed to the OS. The "linux,stdout-path" property
+ in the chosen node is set to point to the correct serial node.
+ This option currently references CONFIG_CONS_INDEX, which is
+ incorrect when used with device tree as this option does not
+ exist / should not be used.
config SYS_EXTRA_OPTIONS
string "Extra Options (DEPRECATED)"