Kconfig: Move CONFIG_FIT and related options to Kconfig

There are already two FIT options in Kconfig but the CONFIG options are
still in the header files. We need to do a proper move to fix this.

Move these options to Kconfig and tidy up board configuration:

   CONFIG_FIT
   CONFIG_OF_BOARD_SETUP
   CONFIG_OF_SYSTEM_SETUP
   CONFIG_FIT_SIGNATURE
   CONFIG_FIT_BEST_MATCH
   CONFIG_FIT_VERBOSE
   CONFIG_OF_STDOUT_VIA_ALIAS
   CONFIG_RSA

Unfortunately the first one is a little complicated. We need to make sure
this option is not enabled in SPL by this change. Also this option is
enabled automatically in the host builds by defining CONFIG_FIT in the
image.h file. To solve this, add a new IMAGE_USE_FIT #define which can
be used in files that are built on the host but must also build for U-Boot
and SPL.

Note: Masahiro's moveconfig.py script is amazing.

Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Add microblaze change, various configs/ re-applies]
Signed-off-by: Tom Rini <trini@konsulko.com>
diff --git a/Kconfig b/Kconfig
index 3ce5ba1..a9a4938 100644
--- a/Kconfig
+++ b/Kconfig
@@ -177,6 +177,10 @@
 	  images of various types (kernel, FDT blob, ramdisk, etc.)
 	  in a single blob.  To boot this new uImage structure,
 	  pass the address of the blob to the "bootm" command.
+	  FIT is very flexible, supporting compression, multiple images,
+	  multiple configurations, verification through hashing and also
+	  verified boot (secure boot using RSA). This option enables that
+	  feature.
 
 config FIT_VERBOSE
 	bool "Display verbose messages on FIT boot"
@@ -191,8 +195,62 @@
 	  This option enables signature verification of FIT uImages,
 	  using a hash signed and verified using RSA. If
 	  CONFIG_SHA_PROG_HW_ACCEL is defined, i.e support for progressive
-	  hashing is available using hardware, RSA library will use it.
-	  See doc/uImage.FIT/signature.txt for more details.
+	  hashing is available using hardware, then then RSA library will use
+	  it. See doc/uImage.FIT/signature.txt for more details.
+
+	  WARNING: When relying on signed FIT images with a required signature
+	  check the legacy image format is disabled by default, so that
+	  unsigned images cannot be loaded. If a board needs the legacy image
+	  format support in this case, enable it using
+	  CONFIG_IMAGE_FORMAT_LEGACY.
+
+config FIT_BEST_MATCH
+	bool "Select the best match for the kernel device tree"
+	depends on FIT
+	help
+	  When no configuration is explicitly selected, default to the
+	  one whose fdt's compatibility field best matches that of
+	  U-Boot itself. A match is considered "best" if it matches the
+	  most specific compatibility entry of U-Boot's fdt's root node.
+	  The order of entries in the configuration's fdt is ignored.
+
+config FIT_VERBOSE
+	bool "Show verbose messages when FIT images fails"
+	depends on FIT
+	help
+	  Generally a system will have valid FIT images so debug messages
+	  are a waste of code space. If you are debugging your images then
+	  you can enable this option to get more verbose information about
+	  failures.
+
+config OF_BOARD_SETUP
+	bool "Set up board-specific details in device tree before boot"
+	depends on OF_LIBFDT
+	help
+	  This causes U-Boot to call ft_board_setup() before booting into
+	  the Operating System. This function can set up various
+	  board-specific information in the device tree for use by the OS.
+	  The device tree is then passed to the OS.
+
+config OF_SYSTEM_SETUP
+	bool "Set up system-specific details in device tree before boot"
+	depends on OF_LIBFDT
+	help
+	  This causes U-Boot to call ft_system_setup() before booting into
+	  the Operating System. This function can set up various
+	  system-specific information in the device tree for use by the OS.
+	  The device tree is then passed to the OS.
+
+config OF_STDOUT_VIA_ALIAS
+	bool "Update the device-tree stdout alias from U-Boot"
+	depends on OF_LIBFDT
+	help
+	  This uses U-Boot's serial alias from the aliases node to update
+	  the device tree passed to the OS. The "linux,stdout-path" property
+	  in the chosen node is set to point to the correct serial node.
+	  This option currently references CONFIG_CONS_INDEX, which is
+	  incorrect when used with device tree as this option does not
+	  exist / should not be used.
 
 config SYS_EXTRA_OPTIONS
 	string "Extra Options (DEPRECATED)"