mirror of
https://github.com/AsahiLinux/u-boot
synced 2025-01-21 01:24:18 +00:00
72239fc85f
This adds a new config value FIT_SIGNATURE_MAX_SIZE, which controls the max size of a FIT header's totalsize field. The field is checked before signature checks are applied to protect from reading past the intended FIT regions. This field is not part of the vboot signature so it should be sanity checked. If the field is corrupted then the structure or string region reads may have unintended behavior, such as reading from device memory. A default value of 256MB is set and intended to support most max storage sizes. Suggested-by: Simon Glass <sjg@chromium.org> Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
489 lines
17 KiB
Text
489 lines
17 KiB
Text
#
|
|
# For a description of the syntax of this configuration file,
|
|
# see the file Documentation/kbuild/kconfig-language.txt in the
|
|
# Linux kernel source tree.
|
|
#
|
|
mainmenu "U-Boot $UBOOTVERSION Configuration"
|
|
|
|
config UBOOTVERSION
|
|
string
|
|
option env="UBOOTVERSION"
|
|
|
|
# Allow defaults in arch-specific code to override any given here
|
|
source "arch/Kconfig"
|
|
|
|
menu "General setup"
|
|
|
|
config BROKEN
|
|
bool
|
|
help
|
|
This option cannot be enabled. It is used as dependency
|
|
for broken and incomplete features.
|
|
|
|
config LOCALVERSION
|
|
string "Local version - append to U-Boot release"
|
|
help
|
|
Append an extra string to the end of your U-Boot version.
|
|
This will show up in your boot log, for example.
|
|
The string you set here will be appended after the contents of
|
|
any files with a filename matching localversion* in your
|
|
object and source tree, in that order. Your total string can
|
|
be a maximum of 64 characters.
|
|
|
|
config LOCALVERSION_AUTO
|
|
bool "Automatically append version information to the version string"
|
|
default y
|
|
help
|
|
This will try to automatically determine if the current tree is a
|
|
release tree by looking for Git tags that belong to the current
|
|
top of tree revision.
|
|
|
|
A string of the format -gxxxxxxxx will be added to the localversion
|
|
if a Git-based tree is found. The string generated by this will be
|
|
appended after any matching localversion* files, and after the value
|
|
set in CONFIG_LOCALVERSION.
|
|
|
|
(The actual string used here is the first eight characters produced
|
|
by running the command:
|
|
|
|
$ git rev-parse --verify HEAD
|
|
|
|
which is done within the script "scripts/setlocalversion".)
|
|
|
|
config CC_OPTIMIZE_FOR_SIZE
|
|
bool "Optimize for size"
|
|
default y
|
|
help
|
|
Enabling this option will pass "-Os" instead of "-O2" to gcc
|
|
resulting in a smaller U-Boot image.
|
|
|
|
This option is enabled by default for U-Boot.
|
|
|
|
config CC_COVERAGE
|
|
bool "Enable code coverage analysis"
|
|
depends on SANDBOX
|
|
help
|
|
Enabling this option will pass "--coverage" to gcc to compile
|
|
and link code instrumented for coverage analysis.
|
|
|
|
config DISTRO_DEFAULTS
|
|
bool "Select defaults suitable for booting general purpose Linux distributions"
|
|
imply USE_BOOTCOMMAND
|
|
select CMD_BOOTZ if ARM && !ARM64
|
|
select CMD_BOOTI if ARM64
|
|
select CMD_DHCP if CMD_NET
|
|
select CMD_PING if CMD_NET
|
|
select CMD_PXE if NET
|
|
select CMD_ENV_EXISTS
|
|
select CMD_EXT2
|
|
select CMD_EXT4
|
|
select CMD_FAT
|
|
select CMD_FS_GENERIC
|
|
imply CMD_MII if NET
|
|
select CMD_PART if PARTITIONS
|
|
select HUSH_PARSER
|
|
select CMDLINE_EDITING
|
|
select AUTO_COMPLETE
|
|
select SYS_LONGHELP
|
|
select SUPPORT_RAW_INITRD
|
|
select ENV_VARS_UBOOT_CONFIG
|
|
help
|
|
Select this to enable various options and commands which are suitable
|
|
for building u-boot for booting general purpose Linux distributions.
|
|
|
|
config ENV_VARS_UBOOT_CONFIG
|
|
bool "Add arch, board, vendor and soc variables to default environment"
|
|
help
|
|
Define this in order to add variables describing the
|
|
U-Boot build configuration to the default environment.
|
|
These will be named arch, cpu, board, vendor, and soc.
|
|
Enabling this option will cause the following to be defined:
|
|
- CONFIG_SYS_ARCH
|
|
- CONFIG_SYS_CPU
|
|
- CONFIG_SYS_BOARD
|
|
- CONFIG_SYS_VENDOR
|
|
- CONFIG_SYS_SOC
|
|
|
|
config SYS_BOOT_GET_CMDLINE
|
|
bool "Enable kernel command line setup"
|
|
help
|
|
Enables allocating and saving kernel cmdline in space between
|
|
"bootm_low" and "bootm_low" + BOOTMAPSZ.
|
|
|
|
config SYS_BOOT_GET_KBD
|
|
bool "Enable kernel board information setup"
|
|
help
|
|
Enables allocating and saving a kernel copy of the bd_info in
|
|
space between "bootm_low" and "bootm_low" + BOOTMAPSZ.
|
|
|
|
config SYS_MALLOC_F
|
|
bool "Enable malloc() pool before relocation"
|
|
default y if DM
|
|
help
|
|
Before relocation, memory is very limited on many platforms. Still,
|
|
we can provide a small malloc() pool if needed. Driver model in
|
|
particular needs this to operate, so that it can allocate the
|
|
initial serial device and any others that are needed.
|
|
|
|
config SYS_MALLOC_F_LEN
|
|
hex "Size of malloc() pool before relocation"
|
|
depends on SYS_MALLOC_F
|
|
default 0x1000 if AM33XX
|
|
default 0x400
|
|
help
|
|
Before relocation, memory is very limited on many platforms. Still,
|
|
we can provide a small malloc() pool if needed. Driver model in
|
|
particular needs this to operate, so that it can allocate the
|
|
initial serial device and any others that are needed.
|
|
|
|
config SPL_SYS_MALLOC_F_LEN
|
|
hex "Size of malloc() pool in SPL before relocation"
|
|
depends on SYS_MALLOC_F
|
|
default SYS_MALLOC_F_LEN
|
|
help
|
|
Before relocation, memory is very limited on many platforms. Still,
|
|
we can provide a small malloc() pool if needed. Driver model in
|
|
particular needs this to operate, so that it can allocate the
|
|
initial serial device and any others that are needed.
|
|
|
|
config TPL_SYS_MALLOC_F_LEN
|
|
hex "Size of malloc() pool in TPL before relocation"
|
|
depends on SYS_MALLOC_F
|
|
default SYS_MALLOC_F_LEN
|
|
help
|
|
Before relocation, memory is very limited on many platforms. Still,
|
|
we can provide a small malloc() pool if needed. Driver model in
|
|
particular needs this to operate, so that it can allocate the
|
|
initial serial device and any others that are needed.
|
|
|
|
menuconfig EXPERT
|
|
bool "Configure standard U-Boot features (expert users)"
|
|
default y
|
|
help
|
|
This option allows certain base U-Boot options and settings
|
|
to be disabled or tweaked. This is for specialized
|
|
environments which can tolerate a "non-standard" U-Boot.
|
|
Use this only if you really know what you are doing.
|
|
|
|
if EXPERT
|
|
config SYS_MALLOC_CLEAR_ON_INIT
|
|
bool "Init with zeros the memory reserved for malloc (slow)"
|
|
default y
|
|
help
|
|
This setting is enabled by default. The reserved malloc
|
|
memory is initialized with zeros, so first malloc calls
|
|
will return the pointer to the zeroed memory. But this
|
|
slows the boot time.
|
|
|
|
It is recommended to disable it, when CONFIG_SYS_MALLOC_LEN
|
|
value, has more than few MiB, e.g. when uses bzip2 or bmp logo.
|
|
Then the boot time can be significantly reduced.
|
|
Warning:
|
|
When disabling this, please check if malloc calls, maybe
|
|
should be replaced by calloc - if one expects zeroed memory.
|
|
|
|
config TOOLS_DEBUG
|
|
bool "Enable debug information for tools"
|
|
help
|
|
Enable generation of debug information for tools such as mkimage.
|
|
This can be used for debugging purposes. With debug information
|
|
it is possible to set breakpoints on particular lines, single-step
|
|
debug through the source code, etc.
|
|
|
|
endif # EXPERT
|
|
|
|
config PHYS_64BIT
|
|
bool "64bit physical address support"
|
|
help
|
|
Say Y here to support 64bit physical memory address.
|
|
This can be used not only for 64bit SoCs, but also for
|
|
large physical address extention on 32bit SoCs.
|
|
|
|
config BUILD_ROM
|
|
bool "Build U-Boot as BIOS replacement"
|
|
depends on X86
|
|
help
|
|
This option allows to build a ROM version of U-Boot.
|
|
The build process generally requires several binary blobs
|
|
which are not shipped in the U-Boot source tree.
|
|
Please, see doc/README.x86 for details.
|
|
|
|
endmenu # General setup
|
|
|
|
menu "Boot images"
|
|
|
|
config ANDROID_BOOT_IMAGE
|
|
bool "Enable support for Android Boot Images"
|
|
default y if FASTBOOT
|
|
help
|
|
This enables support for booting images which use the Android
|
|
image format header.
|
|
|
|
config FIT
|
|
bool "Support Flattened Image Tree"
|
|
select MD5
|
|
select SHA1
|
|
help
|
|
This option allows you to boot the new uImage structure,
|
|
Flattened Image Tree. FIT is formally a FDT, which can include
|
|
images of various types (kernel, FDT blob, ramdisk, etc.)
|
|
in a single blob. To boot this new uImage structure,
|
|
pass the address of the blob to the "bootm" command.
|
|
FIT is very flexible, supporting compression, multiple images,
|
|
multiple configurations, verification through hashing and also
|
|
verified boot (secure boot using RSA).
|
|
|
|
if FIT
|
|
|
|
config FIT_ENABLE_SHA256_SUPPORT
|
|
bool "Support SHA256 checksum of FIT image contents"
|
|
select SHA256
|
|
default y
|
|
help
|
|
Enable this to support SHA256 checksum of FIT image contents. A
|
|
SHA256 checksum is a 256-bit (32-byte) hash value used to check that
|
|
the image contents have not been corrupted. SHA256 is recommended
|
|
for use in secure applications since (as at 2016) there is no known
|
|
feasible attack that could produce a 'collision' with differing
|
|
input data. Use this for the highest security. Note that only the
|
|
SHA256 variant is supported: SHA512 and others are not currently
|
|
supported in U-Boot.
|
|
|
|
config FIT_SIGNATURE
|
|
bool "Enable signature verification of FIT uImages"
|
|
depends on DM
|
|
select RSA
|
|
select HASH
|
|
help
|
|
This option enables signature verification of FIT uImages,
|
|
using a hash signed and verified using RSA. If
|
|
CONFIG_SHA_PROG_HW_ACCEL is defined, i.e support for progressive
|
|
hashing is available using hardware, then the RSA library will use
|
|
it. See doc/uImage.FIT/signature.txt for more details.
|
|
|
|
WARNING: When relying on signed FIT images with a required signature
|
|
check the legacy image format is disabled by default, so that
|
|
unsigned images cannot be loaded. If a board needs the legacy image
|
|
format support in this case, enable it using
|
|
CONFIG_IMAGE_FORMAT_LEGACY.
|
|
|
|
config FIT_SIGNATURE_MAX_SIZE
|
|
hex "Max size of signed FIT structures"
|
|
depends on FIT_SIGNATURE
|
|
default 0x10000000
|
|
help
|
|
This option sets a max size in bytes for verified FIT uImages.
|
|
A sane value of 256MB protects corrupted DTB structures from overlapping
|
|
device memory. Assure this size does not extend past expected storage
|
|
space.
|
|
|
|
config FIT_VERBOSE
|
|
bool "Show verbose messages when FIT images fail"
|
|
help
|
|
Generally a system will have valid FIT images so debug messages
|
|
are a waste of code space. If you are debugging your images then
|
|
you can enable this option to get more verbose information about
|
|
failures.
|
|
|
|
config FIT_BEST_MATCH
|
|
bool "Select the best match for the kernel device tree"
|
|
help
|
|
When no configuration is explicitly selected, default to the
|
|
one whose fdt's compatibility field best matches that of
|
|
U-Boot itself. A match is considered "best" if it matches the
|
|
most specific compatibility entry of U-Boot's fdt's root node.
|
|
The order of entries in the configuration's fdt is ignored.
|
|
|
|
config FIT_IMAGE_POST_PROCESS
|
|
bool "Enable post-processing of FIT artifacts after loading by U-Boot"
|
|
depends on TI_SECURE_DEVICE
|
|
help
|
|
Allows doing any sort of manipulation to blobs after they got extracted
|
|
from FIT images like stripping off headers or modifying the size of the
|
|
blob, verification, authentication, decryption etc. in a platform or
|
|
board specific way. In order to use this feature a platform or board-
|
|
specific implementation of board_fit_image_post_process() must be
|
|
provided. Also, anything done during this post-processing step would
|
|
need to be comprehended in how the images were prepared before being
|
|
injected into the FIT creation (i.e. the blobs would have been pre-
|
|
processed before being added to the FIT image).
|
|
|
|
if SPL
|
|
|
|
config SPL_FIT
|
|
bool "Support Flattened Image Tree within SPL"
|
|
depends on SPL
|
|
select SPL_OF_LIBFDT
|
|
|
|
config SPL_FIT_PRINT
|
|
bool "Support FIT printing within SPL"
|
|
depends on SPL_FIT
|
|
help
|
|
Support printing the content of the fitImage in a verbose manner in SPL.
|
|
|
|
config SPL_FIT_SIGNATURE
|
|
bool "Enable signature verification of FIT firmware within SPL"
|
|
depends on SPL_DM
|
|
select SPL_FIT
|
|
select SPL_RSA
|
|
|
|
config SPL_LOAD_FIT
|
|
bool "Enable SPL loading U-Boot as a FIT"
|
|
select SPL_FIT
|
|
help
|
|
Normally with the SPL framework a legacy image is generated as part
|
|
of the build. This contains U-Boot along with information as to
|
|
where it should be loaded. This option instead enables generation
|
|
of a FIT (Flat Image Tree) which provides more flexibility. In
|
|
particular it can handle selecting from multiple device tree
|
|
and passing the correct one to U-Boot.
|
|
|
|
config SPL_LOAD_FIT_FULL
|
|
bool "Enable SPL loading U-Boot as a FIT"
|
|
select SPL_FIT
|
|
help
|
|
Normally with the SPL framework a legacy image is generated as part
|
|
of the build. This contains U-Boot along with information as to
|
|
where it should be loaded. This option instead enables generation
|
|
of a FIT (Flat Image Tree) which provides more flexibility. In
|
|
particular it can handle selecting from multiple device tree
|
|
and passing the correct one to U-Boot.
|
|
|
|
config SPL_FIT_IMAGE_POST_PROCESS
|
|
bool "Enable post-processing of FIT artifacts after loading by the SPL"
|
|
depends on SPL_LOAD_FIT
|
|
help
|
|
Allows doing any sort of manipulation to blobs after they got extracted
|
|
from the U-Boot FIT image like stripping off headers or modifying the
|
|
size of the blob, verification, authentication, decryption etc. in a
|
|
platform or board specific way. In order to use this feature a platform
|
|
or board-specific implementation of board_fit_image_post_process() must
|
|
be provided. Also, anything done during this post-processing step would
|
|
need to be comprehended in how the images were prepared before being
|
|
injected into the FIT creation (i.e. the blobs would have been pre-
|
|
processed before being added to the FIT image).
|
|
|
|
config SPL_FIT_SOURCE
|
|
string ".its source file for U-Boot FIT image"
|
|
depends on SPL_FIT
|
|
help
|
|
Specifies a (platform specific) FIT source file to generate the
|
|
U-Boot FIT image. This could specify further image to load and/or
|
|
execute.
|
|
|
|
config SPL_FIT_GENERATOR
|
|
string ".its file generator script for U-Boot FIT image"
|
|
depends on SPL_FIT
|
|
default "board/sunxi/mksunxi_fit_atf.sh" if SPL_LOAD_FIT && ARCH_SUNXI
|
|
help
|
|
Specifies a (platform specific) script file to generate the FIT
|
|
source file used to build the U-Boot FIT image file. This gets
|
|
passed a list of supported device tree file stub names to
|
|
include in the generated image.
|
|
|
|
endif # SPL
|
|
|
|
endif # FIT
|
|
|
|
config IMAGE_FORMAT_LEGACY
|
|
bool "Enable support for the legacy image format"
|
|
default y if !FIT_SIGNATURE
|
|
help
|
|
This option enables the legacy image format. It is enabled by
|
|
default for backward compatibility, unless FIT_SIGNATURE is
|
|
set where it is disabled so that unsigned images cannot be
|
|
loaded. If a board needs the legacy image format support in this
|
|
case, enable it here.
|
|
|
|
config OF_BOARD_SETUP
|
|
bool "Set up board-specific details in device tree before boot"
|
|
depends on OF_LIBFDT
|
|
help
|
|
This causes U-Boot to call ft_board_setup() before booting into
|
|
the Operating System. This function can set up various
|
|
board-specific information in the device tree for use by the OS.
|
|
The device tree is then passed to the OS.
|
|
|
|
config OF_SYSTEM_SETUP
|
|
bool "Set up system-specific details in device tree before boot"
|
|
depends on OF_LIBFDT
|
|
help
|
|
This causes U-Boot to call ft_system_setup() before booting into
|
|
the Operating System. This function can set up various
|
|
system-specific information in the device tree for use by the OS.
|
|
The device tree is then passed to the OS.
|
|
|
|
config OF_STDOUT_VIA_ALIAS
|
|
bool "Update the device-tree stdout alias from U-Boot"
|
|
depends on OF_LIBFDT
|
|
help
|
|
This uses U-Boot's serial alias from the aliases node to update
|
|
the device tree passed to the OS. The "linux,stdout-path" property
|
|
in the chosen node is set to point to the correct serial node.
|
|
This option currently references CONFIG_CONS_INDEX, which is
|
|
incorrect when used with device tree as this option does not
|
|
exist / should not be used.
|
|
|
|
config SYS_EXTRA_OPTIONS
|
|
string "Extra Options (DEPRECATED)"
|
|
help
|
|
The old configuration infrastructure (= mkconfig + boards.cfg)
|
|
provided the extra options field. If you have something like
|
|
"HAS_BAR,BAZ=64", the optional options
|
|
#define CONFIG_HAS
|
|
#define CONFIG_BAZ 64
|
|
will be defined in include/config.h.
|
|
This option was prepared for the smooth migration from the old
|
|
configuration to Kconfig. Since this option will be removed sometime,
|
|
new boards should not use this option.
|
|
|
|
config SYS_TEXT_BASE
|
|
depends on !NIOS2 && !XTENSA
|
|
depends on !EFI_APP
|
|
default 0x80800000 if ARCH_OMAP2PLUS
|
|
default 0x4a000000 if ARCH_SUNXI && !MACH_SUN9I && !MACH_SUN8I_V3S
|
|
default 0x2a000000 if ARCH_SUNXI && MACH_SUN9I
|
|
default 0x42e00000 if ARCH_SUNXI && MACH_SUN8I_V3S
|
|
hex "Text Base"
|
|
help
|
|
The address in memory that U-Boot will be running from, initially.
|
|
|
|
|
|
|
|
config SYS_CLK_FREQ
|
|
depends on ARC || ARCH_SUNXI
|
|
int "CPU clock frequency"
|
|
help
|
|
TODO: Move CONFIG_SYS_CLK_FREQ for all the architecture
|
|
|
|
config ARCH_FIXUP_FDT_MEMORY
|
|
bool "Enable arch_fixup_memory_banks() call"
|
|
default y
|
|
help
|
|
Enable FDT memory map syncup before OS boot. This feature can be
|
|
used for booting OS with different memory setup where the part of
|
|
the memory location should be used for different purpose.
|
|
|
|
endmenu # Boot images
|
|
|
|
source "api/Kconfig"
|
|
|
|
source "common/Kconfig"
|
|
|
|
source "cmd/Kconfig"
|
|
|
|
source "disk/Kconfig"
|
|
|
|
source "dts/Kconfig"
|
|
|
|
source "env/Kconfig"
|
|
|
|
source "net/Kconfig"
|
|
|
|
source "drivers/Kconfig"
|
|
|
|
source "fs/Kconfig"
|
|
|
|
source "lib/Kconfig"
|
|
|
|
source "test/Kconfig"
|