1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
|
##
## This file is part of the coreboot project.
##
## Copyright (C) 2007-2010 coresystems GmbH
## (Written by Stefan Reinauer <stepan@coresystems.de> for coresystems GmbH)
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; version 2 of the License.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
##
# TODO: Explain differences (if any) for onboard cards.
config VGA_ROM_RUN
bool "Run VGA Option ROMs"
default y
help
Execute VGA Option ROMs in coreboot if found. This is required
to enable PCI/AGP/PCI-E video cards when not using a SeaBIOS
payload.
When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.
If unsure, say N when using SeaBIOS as payload, Y otherwise.
config S3_VGA_ROM_RUN
bool "Re-run VGA Option ROMs on S3 resume"
default y
depends on VGA_ROM_RUN && HAVE_ACPI_RESUME
help
Execute VGA Option ROMs in coreboot when resuming from S3 suspend.
When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.
If unsure, say N when using SeaBIOS as payload, Y otherwise.
config PCI_ROM_RUN
bool "Run non-VGA Option ROMs"
default y
help
Execute non-VGA PCI Option ROMs in coreboot if found.
Examples include IDE/SATA controller Option ROMs and Option ROMs
for network cards (NICs).
When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.
If unsure, say N when using SeaBIOS as payload, Y otherwise.
config ON_DEVICE_ROM_RUN
bool "Run Option ROMs on PCI devices"
default y
help
Execute Option ROMs stored on PCI/PCIe/AGP devices in coreboot.
If disabled, only Option ROMs stored in CBFS will be executed by
coreboot. If you are concerned about security, you might want to
disable this option, but it might leave your system in a state of
degraded functionality.
When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.
If unsure, say N when using SeaBIOS as payload, Y otherwise.
choice
prompt "Option ROM execution type"
default PCI_OPTION_ROM_RUN_YABEL if !ARCH_X86
default PCI_OPTION_ROM_RUN_REALMODE if ARCH_X86
depends on PCI_ROM_RUN || VGA_ROM_RUN || GEODE_VSA
config PCI_OPTION_ROM_RUN_REALMODE
prompt "Native mode"
bool
depends on ARCH_X86
help
If you select this option, PCI Option ROMs will be executed
natively on the CPU in real mode. No CPU emulation is involved,
so this is the fastest, but also the least secure option.
(only works on x86/x64 systems)
config PCI_OPTION_ROM_RUN_YABEL
prompt "Secure mode"
bool
depends on !GEODE_VSA
help
If you select this option, the x86emu CPU emulator will be used to
execute PCI Option ROMs.
This option prevents Option ROMs from doing dirty tricks with the
system (such as installing SMM modules or hypervisors), but it is
also significantly slower than the native Option ROM initialization
method.
This is the default choice for non-x86 systems.
endchoice
config YABEL_PCI_ACCESS_OTHER_DEVICES
prompt "Allow Option ROMs to access other devices"
bool
depends on PCI_OPTION_ROM_RUN_YABEL
help
Per default, YABEL only allows Option ROMs to access the PCI device
that they are associated with. However, this causes trouble for some
onboard graphics chips whose Option ROM needs to reconfigure the
north bridge.
config YABEL_PCI_FAKE_WRITING_OTHER_DEVICES_CONFIG
prompt "Fake success on writing other device's config space"
bool
depends on YABEL_PCI_ACCESS_OTHER_DEVICES
help
By default, YABEL aborts when the Option ROM tries to write to other
devices' config spaces. With this option enabled, the write doesn't
follow through, but the Option ROM is allowed to go on.
This can create issues such as hanging Option ROMs (if it depends on
that other register changing to the written value), so test for
impact before using this option.
config YABEL_VIRTMEM_LOCATION
prompt "Location of YABEL's virtual memory"
hex
depends on PCI_OPTION_ROM_RUN_YABEL && EXPERT
default 0x1000000
help
YABEL requires 1MB memory for its CPU emulation. This memory is
normally located at 16MB.
config YABEL_VIRTMEM_LOCATION
hex
depends on PCI_OPTION_ROM_RUN_YABEL && !EXPERT
default 0x1000000
config YABEL_DIRECTHW
prompt "Direct hardware access"
bool
depends on PCI_OPTION_ROM_RUN_YABEL
help
YABEL consists of two parts: It uses x86emu for the CPU emulation and
additionally provides a PC system emulation that filters bad device
and memory access (such as PCI config space access to other devices
than the initialized one).
When choosing this option, x86emu will pass through all hardware
accesses to memory and I/O devices to the underlying memory and I/O
addresses. While this option prevents Option ROMs from doing dirty
tricks with the CPU (such as installing SMM modules or hypervisors),
they can still access all devices in the system.
Enable this option for a good compromise between security and speed.
config MULTIPLE_VGA_ADAPTERS
bool
default n
config PCI_64BIT_PREF_MEM
bool
default n
config HYPERTRANSPORT_PLUGIN_SUPPORT
bool
default n
config PCIX_PLUGIN_SUPPORT
bool
default y
config PCIEXP_PLUGIN_SUPPORT
bool
default y
config AGP_PLUGIN_SUPPORT
bool
default y
config CARDBUS_PLUGIN_SUPPORT
bool
default y
config PCIEXP_COMMON_CLOCK
prompt "Enable PCIe Common Clock"
bool
default n
help
Detect and enable Common Clock on PCIe links.
config PCIEXP_ASPM
prompt "Enable PCIe ASPM"
bool
default n
help
Detect and enable ASPM on PCIe links.
|