Alexander Graf | ed980b8 | 2016-03-04 01:10:07 +0100 | [diff] [blame] | 1 | config EFI_LOADER |
Heinrich Schuchardt | 9363fd2 | 2019-05-11 10:27:58 +0200 | [diff] [blame] | 2 | bool "Support running UEFI applications" |
Heinrich Schuchardt | b20bb09 | 2019-11-17 10:44:16 +0100 | [diff] [blame] | 3 | depends on OF_LIBFDT && ( \ |
Heinrich Schuchardt | 38064ee | 2019-11-19 04:19:09 +0100 | [diff] [blame] | 4 | ARM && (SYS_CPU = arm1136 || \ |
| 5 | SYS_CPU = arm1176 || \ |
| 6 | SYS_CPU = armv7 || \ |
| 7 | SYS_CPU = armv8) || \ |
Heinrich Schuchardt | b20bb09 | 2019-11-17 10:44:16 +0100 | [diff] [blame] | 8 | X86 || RISCV || SANDBOX) |
Alexander Graf | 6698bb3 | 2018-01-24 14:54:21 +0100 | [diff] [blame] | 9 | # We need EFI_STUB_64BIT to be set on x86_64 with EFI_STUB |
| 10 | depends on !EFI_STUB || !X86_64 || EFI_STUB_64BIT |
| 11 | # We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB |
| 12 | depends on !EFI_STUB || !X86 || X86_64 || EFI_STUB_32BIT |
Heinrich Schuchardt | b7cdecf | 2019-11-20 18:48:02 +0100 | [diff] [blame] | 13 | default y if !ARM || SYS_CPU = armv7 || SYS_CPU = armv8 |
Adam Ford | a451bc2 | 2018-02-06 12:14:28 -0600 | [diff] [blame] | 14 | select LIB_UUID |
Adam Ford | 1811a92 | 2018-02-06 12:43:56 -0600 | [diff] [blame] | 15 | select HAVE_BLOCK_DEVICE |
Heinrich Schuchardt | dba5148 | 2019-01-22 21:35:23 +0100 | [diff] [blame] | 16 | select REGEX |
Heinrich Schuchardt | 503e04f | 2018-04-29 23:37:12 +0200 | [diff] [blame] | 17 | imply CFB_CONSOLE_ANSI |
Heinrich Schuchardt | 8876e1b | 2019-12-04 22:58:58 +0100 | [diff] [blame] | 18 | imply USB_KEYBOARD_FN_KEYS |
Heinrich Schuchardt | faadc04 | 2020-01-15 00:49:35 +0100 | [diff] [blame] | 19 | imply VIDEO_ANSI |
Alexander Graf | ed980b8 | 2016-03-04 01:10:07 +0100 | [diff] [blame] | 20 | help |
Heinrich Schuchardt | 9363fd2 | 2019-05-11 10:27:58 +0200 | [diff] [blame] | 21 | Select this option if you want to run UEFI applications (like GNU |
| 22 | GRUB or iPXE) on top of U-Boot. If this option is enabled, U-Boot |
| 23 | will expose the UEFI API to a loaded application, enabling it to |
| 24 | reuse U-Boot's device drivers. |
Alexander Graf | 51735ae | 2016-05-11 18:25:48 +0200 | [diff] [blame] | 25 | |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 26 | if EFI_LOADER |
Alexander Graf | 5fbb289 | 2019-02-11 15:24:00 +0100 | [diff] [blame] | 27 | |
Heinrich Schuchardt | 5ec48e3 | 2019-05-31 22:56:02 +0200 | [diff] [blame] | 28 | config EFI_GET_TIME |
| 29 | bool "GetTime() runtime service" |
| 30 | depends on DM_RTC |
| 31 | default y |
| 32 | help |
| 33 | Provide the GetTime() runtime service at boottime. This service |
| 34 | can be used by an EFI application to read the real time clock. |
| 35 | |
| 36 | config EFI_SET_TIME |
| 37 | bool "SetTime() runtime service" |
| 38 | depends on EFI_GET_TIME |
| 39 | default n |
| 40 | help |
| 41 | Provide the SetTime() runtime service at boottime. This service |
| 42 | can be used by an EFI application to adjust the real time clock. |
| 43 | |
Heinrich Schuchardt | 64b5ba4 | 2019-05-11 09:53:33 +0200 | [diff] [blame] | 44 | config EFI_DEVICE_PATH_TO_TEXT |
| 45 | bool "Device path to text protocol" |
| 46 | default y |
| 47 | help |
| 48 | The device path to text protocol converts device nodes and paths to |
| 49 | human readable strings. |
| 50 | |
Alexander Graf | 5fbb289 | 2019-02-11 15:24:00 +0100 | [diff] [blame] | 51 | config EFI_LOADER_HII |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 52 | bool "HII protocols" |
Heinrich Schuchardt | 084f093 | 2019-04-07 23:58:50 +0200 | [diff] [blame] | 53 | default y |
Alexander Graf | 5fbb289 | 2019-02-11 15:24:00 +0100 | [diff] [blame] | 54 | help |
| 55 | The Human Interface Infrastructure is a complicated framework that |
| 56 | allows UEFI applications to draw fancy menus and hook strings using |
| 57 | a translation framework. |
| 58 | |
| 59 | U-Boot implements enough of its features to be able to run the UEFI |
Heinrich Schuchardt | 084f093 | 2019-04-07 23:58:50 +0200 | [diff] [blame] | 60 | Shell, but not more than that. |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 61 | |
Heinrich Schuchardt | 95ab381 | 2019-05-16 07:52:58 +0200 | [diff] [blame] | 62 | config EFI_UNICODE_COLLATION_PROTOCOL2 |
Heinrich Schuchardt | 3349973 | 2019-05-08 23:24:26 +0200 | [diff] [blame] | 63 | bool "Unicode collation protocol" |
| 64 | default y |
| 65 | help |
| 66 | The Unicode collation protocol is used for lexical comparisons. It is |
| 67 | required to run the UEFI shell. |
| 68 | |
Heinrich Schuchardt | 95ab381 | 2019-05-16 07:52:58 +0200 | [diff] [blame] | 69 | if EFI_UNICODE_COLLATION_PROTOCOL2 |
Heinrich Schuchardt | 3349973 | 2019-05-08 23:24:26 +0200 | [diff] [blame] | 70 | |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 71 | config EFI_UNICODE_CAPITALIZATION |
| 72 | bool "Support Unicode capitalization" |
| 73 | default y |
| 74 | help |
| 75 | Select this option to enable correct handling of the capitalization of |
| 76 | Unicode codepoints in the range 0x0000-0xffff. If this option is not |
| 77 | set, only the the correct handling of the letters of the codepage |
| 78 | used by the FAT file system is ensured. |
| 79 | |
Heinrich Schuchardt | b1b782d | 2019-05-16 18:19:00 +0200 | [diff] [blame] | 80 | config EFI_UNICODE_COLLATION_PROTOCOL |
| 81 | bool "Deprecated version of the Unicode collation protocol" |
| 82 | default n |
| 83 | help |
| 84 | In EFI 1.10 a version of the Unicode collation protocol using ISO |
| 85 | 639-2 language codes existed. This protocol is not part of the UEFI |
| 86 | specification any longer. Unfortunately it is required to run the |
| 87 | UEFI Self Certification Test (SCT) II, version 2.6, 2017. |
| 88 | |
| 89 | Choose this option for testing only. It is bound to be removed. |
| 90 | |
Heinrich Schuchardt | 3349973 | 2019-05-08 23:24:26 +0200 | [diff] [blame] | 91 | endif |
| 92 | |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 93 | config EFI_LOADER_BOUNCE_BUFFER |
| 94 | bool "EFI Applications use bounce buffers for DMA operations" |
| 95 | depends on ARM64 |
| 96 | default n |
| 97 | help |
| 98 | Some hardware does not support DMA to full 64bit addresses. For this |
| 99 | hardware we can create a bounce buffer so that payloads don't have to |
| 100 | worry about platform details. |
| 101 | |
| 102 | config EFI_PLATFORM_LANG_CODES |
| 103 | string "Language codes supported by firmware" |
| 104 | default "en-US" |
| 105 | help |
| 106 | This value is used to initialize the PlatformLangCodes variable. Its |
| 107 | value is a semicolon (;) separated list of language codes in native |
| 108 | RFC 4646 format, e.g. "en-US;de-DE". The first language code is used |
| 109 | to initialize the PlatformLang variable. |
| 110 | |
Heinrich Schuchardt | 953661a | 2019-07-05 18:12:16 +0200 | [diff] [blame] | 111 | config EFI_HAVE_RUNTIME_RESET |
| 112 | # bool "Reset runtime service is available" |
| 113 | bool |
| 114 | default y |
| 115 | depends on ARCH_BCM283X || FSL_LAYERSCAPE || PSCI_RESET || SYSRESET_X86 |
| 116 | |
Heinrich Schuchardt | 6f3badb | 2019-07-22 22:04:36 +0200 | [diff] [blame] | 117 | config EFI_GRUB_ARM32_WORKAROUND |
| 118 | bool "Workaround for GRUB on 32bit ARM" |
| 119 | default y |
| 120 | depends on ARM && !ARM64 |
| 121 | help |
| 122 | GRUB prior to version 2.04 requires U-Boot to disable caches. This |
| 123 | workaround currently is also needed on systems with caches that |
| 124 | cannot be managed via CP15. |
Sughosh Ganu | f552fa4 | 2019-12-29 00:01:05 +0530 | [diff] [blame] | 125 | |
| 126 | config EFI_RNG_PROTOCOL |
| 127 | bool "EFI_RNG_PROTOCOL support" |
| 128 | depends on DM_RNG |
Peter Robinson | bdf329e | 2020-04-01 11:15:01 +0100 | [diff] [blame] | 129 | default y |
Sughosh Ganu | f552fa4 | 2019-12-29 00:01:05 +0530 | [diff] [blame] | 130 | help |
Heinrich Schuchardt | 0e22885 | 2020-02-14 23:28:58 +0100 | [diff] [blame] | 131 | Provide a EFI_RNG_PROTOCOL implementation using the hardware random |
| 132 | number generator of the platform. |
Sughosh Ganu | f552fa4 | 2019-12-29 00:01:05 +0530 | [diff] [blame] | 133 | |
Ilias Apalodimas | ec80b47 | 2020-02-21 09:55:45 +0200 | [diff] [blame] | 134 | config EFI_LOAD_FILE2_INITRD |
| 135 | bool "EFI_FILE_LOAD2_PROTOCOL for Linux initial ramdisk" |
| 136 | default n |
| 137 | help |
| 138 | Expose a EFI_FILE_LOAD2_PROTOCOL that the Linux UEFI stub can |
| 139 | use to load the initial ramdisk. Once this is enabled using |
| 140 | initrd=<ramdisk> will stop working. |
| 141 | |
| 142 | config EFI_INITRD_FILESPEC |
| 143 | string "initramfs path" |
| 144 | default "host 0:1 initrd" |
| 145 | depends on EFI_LOAD_FILE2_INITRD |
| 146 | help |
| 147 | Full path of the initramfs file, e.g. mmc 0:2 initramfs.cpio.gz. |
| 148 | |
AKASHI Takahiro | 9bf09b5 | 2020-04-14 11:51:38 +0900 | [diff] [blame] | 149 | config EFI_SECURE_BOOT |
| 150 | bool "Enable EFI secure boot support" |
| 151 | depends on EFI_LOADER |
| 152 | select SHA256 |
| 153 | select RSA |
| 154 | select RSA_VERIFY_WITH_PKEY |
| 155 | select IMAGE_SIGN_INFO |
| 156 | select ASYMMETRIC_KEY_TYPE |
| 157 | select ASYMMETRIC_PUBLIC_KEY_SUBTYPE |
| 158 | select X509_CERTIFICATE_PARSER |
| 159 | select PKCS7_MESSAGE_PARSER |
| 160 | default n |
| 161 | help |
| 162 | Select this option to enable EFI secure boot support. |
| 163 | Once SecureBoot mode is enforced, any EFI binary can run only if |
| 164 | it is signed with a trusted key. To do that, you need to install, |
| 165 | at least, PK, KEK and db. |
| 166 | |
Ilias Apalodimas | f042e47 | 2020-05-17 22:25:44 +0300 | [diff] [blame] | 167 | config EFI_MM_COMM_TEE |
| 168 | bool "UEFI variables storage service via OP-TEE" |
| 169 | depends on OPTEE |
| 170 | default n |
| 171 | help |
| 172 | If OP-TEE is present and running StandAloneMM, dispatch all UEFI variable |
| 173 | related operations to that. The application will verify, authenticate and |
| 174 | store the variables on an RPMB. |
| 175 | |
Heinrich Schuchardt | 5684c8d | 2019-05-08 23:17:38 +0200 | [diff] [blame] | 176 | endif |