config EFI_LOADER
- bool "Support running EFI Applications in U-Boot"
- depends on (ARM || X86 || RISCV || SANDBOX) && OF_LIBFDT
+ bool "Support running UEFI applications"
+ depends on OF_LIBFDT && ( \
+ ARM && (SYS_CPU = arm1136 || \
+ SYS_CPU = arm1176 || \
+ SYS_CPU = armv7 || \
+ SYS_CPU = armv8) || \
+ X86 || RISCV || SANDBOX)
# We need EFI_STUB_64BIT to be set on x86_64 with EFI_STUB
depends on !EFI_STUB || !X86_64 || EFI_STUB_64BIT
# We need EFI_STUB_32BIT to be set on x86_32 with EFI_STUB
depends on !EFI_STUB || !X86 || X86_64 || EFI_STUB_32BIT
- default y
+ default y if !ARM || SYS_CPU = armv7 || SYS_CPU = armv8
select LIB_UUID
select HAVE_BLOCK_DEVICE
select REGEX
imply CFB_CONSOLE_ANSI
+ imply USB_KEYBOARD_FN_KEYS
+ imply VIDEO_ANSI
+ help
+ Select this option if you want to run UEFI applications (like GNU
+ GRUB or iPXE) on top of U-Boot. If this option is enabled, U-Boot
+ will expose the UEFI API to a loaded application, enabling it to
+ reuse U-Boot's device drivers.
+
+if EFI_LOADER
+
+config EFI_GET_TIME
+ bool "GetTime() runtime service"
+ depends on DM_RTC
+ default y
help
- Select this option if you want to run EFI applications (like grub2)
- on top of U-Boot. If this option is enabled, U-Boot will expose EFI
- interfaces to a loaded EFI application, enabling it to reuse U-Boot's
- device drivers.
+ Provide the GetTime() runtime service at boottime. This service
+ can be used by an EFI application to read the real time clock.
+
+config EFI_SET_TIME
+ bool "SetTime() runtime service"
+ depends on EFI_GET_TIME
+ default n
+ help
+ Provide the SetTime() runtime service at boottime. This service
+ can be used by an EFI application to adjust the real time clock.
+
+config EFI_DEVICE_PATH_TO_TEXT
+ bool "Device path to text protocol"
+ default y
+ help
+ The device path to text protocol converts device nodes and paths to
+ human readable strings.
+
+config EFI_LOADER_HII
+ bool "HII protocols"
+ default y
+ help
+ The Human Interface Infrastructure is a complicated framework that
+ allows UEFI applications to draw fancy menus and hook strings using
+ a translation framework.
+
+ U-Boot implements enough of its features to be able to run the UEFI
+ Shell, but not more than that.
+
+config EFI_UNICODE_COLLATION_PROTOCOL2
+ bool "Unicode collation protocol"
+ default y
+ help
+ The Unicode collation protocol is used for lexical comparisons. It is
+ required to run the UEFI shell.
+
+if EFI_UNICODE_COLLATION_PROTOCOL2
config EFI_UNICODE_CAPITALIZATION
bool "Support Unicode capitalization"
- depends on EFI_LOADER
default y
help
Select this option to enable correct handling of the capitalization of
set, only the the correct handling of the letters of the codepage
used by the FAT file system is ensured.
+config EFI_UNICODE_COLLATION_PROTOCOL
+ bool "Deprecated version of the Unicode collation protocol"
+ default n
+ help
+ In EFI 1.10 a version of the Unicode collation protocol using ISO
+ 639-2 language codes existed. This protocol is not part of the UEFI
+ specification any longer. Unfortunately it is required to run the
+ UEFI Self Certification Test (SCT) II, version 2.6, 2017.
+
+ Choose this option for testing only. It is bound to be removed.
+
+endif
+
+config EFI_LOADER_BOUNCE_BUFFER
+ bool "EFI Applications use bounce buffers for DMA operations"
+ depends on ARM64
+ default n
+ help
+ Some hardware does not support DMA to full 64bit addresses. For this
+ hardware we can create a bounce buffer so that payloads don't have to
+ worry about platform details.
+
config EFI_PLATFORM_LANG_CODES
string "Language codes supported by firmware"
- depends on EFI_LOADER
default "en-US"
help
This value is used to initialize the PlatformLangCodes variable. Its
RFC 4646 format, e.g. "en-US;de-DE". The first language code is used
to initialize the PlatformLang variable.
-config EFI_LOADER_BOUNCE_BUFFER
- bool "EFI Applications use bounce buffers for DMA operations"
- depends on EFI_LOADER && ARM64
+config EFI_HAVE_RUNTIME_RESET
+ # bool "Reset runtime service is available"
+ bool
+ default y
+ depends on ARCH_BCM283X || FSL_LAYERSCAPE || PSCI_RESET || SYSRESET_X86
+
+config EFI_GRUB_ARM32_WORKAROUND
+ bool "Workaround for GRUB on 32bit ARM"
+ default y
+ depends on ARM && !ARM64
+ help
+ GRUB prior to version 2.04 requires U-Boot to disable caches. This
+ workaround currently is also needed on systems with caches that
+ cannot be managed via CP15.
+
+config EFI_RNG_PROTOCOL
+ bool "EFI_RNG_PROTOCOL support"
+ depends on DM_RNG
+ default y
+ help
+ Provide a EFI_RNG_PROTOCOL implementation using the hardware random
+ number generator of the platform.
+
+config EFI_LOAD_FILE2_INITRD
+ bool "EFI_FILE_LOAD2_PROTOCOL for Linux initial ramdisk"
default n
help
- Some hardware does not support DMA to full 64bit addresses. For this
- hardware we can create a bounce buffer so that payloads don't have to
- worry about platform details.
+ Expose a EFI_FILE_LOAD2_PROTOCOL that the Linux UEFI stub can
+ use to load the initial ramdisk. Once this is enabled using
+ initrd=<ramdisk> will stop working.
-config EFI_LOADER_HII
- bool "Expose HII protocols to EFI applications"
+config EFI_INITRD_FILESPEC
+ string "initramfs path"
+ default "host 0:1 initrd"
+ depends on EFI_LOAD_FILE2_INITRD
+ help
+ Full path of the initramfs file, e.g. mmc 0:2 initramfs.cpio.gz.
+
+config EFI_SECURE_BOOT
+ bool "Enable EFI secure boot support"
depends on EFI_LOADER
- default y
+ select SHA256
+ select RSA
+ select RSA_VERIFY_WITH_PKEY
+ select IMAGE_SIGN_INFO
+ select ASYMMETRIC_KEY_TYPE
+ select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select X509_CERTIFICATE_PARSER
+ select PKCS7_MESSAGE_PARSER
+ default n
help
- The Human Interface Infrastructure is a complicated framework that
- allows UEFI applications to draw fancy menus and hook strings using
- a translation framework.
+ Select this option to enable EFI secure boot support.
+ Once SecureBoot mode is enforced, any EFI binary can run only if
+ it is signed with a trusted key. To do that, you need to install,
+ at least, PK, KEK and db.
- U-Boot implements enough of its features to be able to run the UEFI
- Shell, but not more than that.
+config EFI_MM_COMM_TEE
+ bool "UEFI variables storage service via OP-TEE"
+ depends on OPTEE
+ default n
+ help
+ If OP-TEE is present and running StandAloneMM, dispatch all UEFI variable
+ related operations to that. The application will verify, authenticate and
+ store the variables on an RPMB.
+
+endif
projects / oweals / u-boot.git / blobdiff