summaryrefslogtreecommitdiff
path: root/src/security/vboot/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'src/security/vboot/Kconfig')
-rw-r--r--src/security/vboot/Kconfig15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index a382e670c4..ea5f2a3c2a 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -107,6 +107,21 @@ config VBOOT_STARTS_IN_ROMSTAGE
memory initialization). This implies that vboot working data is
allocated in CBMEM.
+config VBOOT_MIGRATE_WORKING_DATA
+ bool
+ default y if CACHE_AS_RAM
+ depends on !VBOOT_STARTS_IN_ROMSTAGE
+ help
+ In order to make vboot data structures available downstream,
+ migrate verified boot working data to CBMEM after CBMEM comes
+ online, when VBOOT_STARTS_IN_BOOTBLOCK is employed. This should
+ always be enabled on x86 architectures to migrate data from CAR
+ before losing access in ramstage, and should almost always be
+ disabled in SRAM architectures, where access to SRAM is usually
+ retained. Any SRAM platform where the original location of the
+ VBOOT_WORKBUF region becomes inaccessible in later stages should
+ manually select this option.
+
config VBOOT_MOCK_SECDATA
bool "Mock secdata for firmware verification"
default n
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-21 17:58:07 +0000