blob: d828a9de13ee1c7abcbdb4b1b0973a24c0a9105a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
## This file is part of the coreboot project.
##
## Copyright (C) 2019 9elements Agency GmbH
## Copyright (C) 2019 Facebook Inc.
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; version 2 of the License.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
config INTEL_TXT
bool "Intel TXT support"
default n
select MRC_SETTINGS_PROTECT if CACHE_MRC_SETTINGS
select ENABLE_VMX if CPU_INTEL_COMMON
select AP_IN_SIPI_WAIT
depends on (TPM1 || TPM2)
depends on CPU_INTEL_FIRMWARE_INTERFACE_TABLE
depends on PLATFORM_HAS_DRAM_CLEAR
depends on SOC_INTEL_FSP_BROADWELL_DE || SOC_INTEL_COMMON_BLOCK_SA
if INTEL_TXT
menu "Intel"
config INTEL_TXT_BIOSACM_FILE
string "BIOS ACM file"
default "3rdparty/blobs/soc/intel/fsp_broadwell_de/biosacm.bin" if SOC_INTEL_FSP_BROADWELL_DE
default "3rdparty/blobs/soc/intel/skylake/biosacm.bin" if SOC_INTEL_COMMON_SKYLAKE_BASE
help
Intel TXT BIOS ACM file. This file can be obtained through privileged
access to Intel resources. Or for some platforms found inside the
blob repository.
config INTEL_TXT_SINITACM_FILE
string "SINIT ACM file"
default "3rdparty/blobs/soc/intel/fsp_broadwell_de/sinitacm.bin" if SOC_INTEL_FSP_BROADWELL_DE
default "3rdparty/blobs/soc/intel/skylake/sinitacm.bin" if SOC_INTEL_COMMON_SKYLAKE_BASE
help
Intel TXT SINIT ACM file. This file can be obtained through privileged
access to Intel resources. Or for some platforms found inside the
blob repository.
config INTEL_TXT_LOGGING
bool "Enable verbose logging"
help
Print more TXT related debug output.
Use in pre-production environments only!
config INTEL_TXT_BIOSACM_ALIGNMENT
hex
default 0x20000 # 128 KiB
help
Exceptions are Ivy and Sandy Bridge with 64 KiB and Purley with 256 KiB
alignment size. If necessary, override from platform-specific Kconfig.
config INTEL_TXT_CBFS_BIOS_POLICY
string
default "txt_bios_policy.bin"
config INTEL_TXT_CBFS_BIOS_ACM
string
default "txt_bios_acm.bin"
config INTEL_TXT_CBFS_SINIT_ACM
string
default "txt_sinit_acm.bin"
endmenu # Intel
endif
|
