This is an automatically generated list of '''coreboot compile-time options'''. Last update: 4.21-556-gc666a91611












Option Source Format Short Description Description
Menu: General setup
LOCALVERSIONtoplevelstringLocal version string Append an extra string to the end of the coreboot version.

This can be useful if, for instance, you want to append the
respective board's hostname or some other identifying string to
the coreboot version number, so that you can easily distinguish
boot logs of different boards from each other.

CONFIGURABLE_CBFS_PREFIXtoplevelbool Select this to prompt to use to configure the prefix for cbfs files.

CBFS_PREFIXtoplevelstringCBFS prefix to use Select the prefix to all files put into the image. It's "fallback"
by default, "normal" is a common alternative.

DEFAULT_COMPILER_LLVM_CLANGtoplevelbool Allows to override the default compiler. This can for instance be
set in site-local/Kconfig.

DEFAULT_COMPILER_LLVM_CLANGtoplevelboolCompiler to use This option allows you to select the compiler used for building
coreboot.
You must build the coreboot crosscompiler for the board that you
have selected.

To build all the GCC crosscompilers (takes a LONG time), run:
make crossgcc

For help on individual architectures, run the command:
make help_toolchain

COMPILER_GCCtoplevelboolGCC Use the GNU Compiler Collection (GCC) to build coreboot.

For details see http://gcc.gnu.org.

COMPILER_LLVM_CLANGtoplevelboolLLVM/clang Use LLVM/clang to build coreboot. To use this, you must build the
coreboot version of the clang compiler. Run the command
make clang
Note that Clang is not currently working on all architectures.

For details see http://clang.llvm.org.

ARCH_SUPPORTS_CLANGtoplevelbool Opt-in flag for architectures that generally work well with CLANG.
By default the option would be hidden.

ALLOW_EXPERIMENTAL_CLANGtoplevelboolAllow experimental LLVM/Clang On some architectures CLANG does not work that well.
Use this only to try to get CLANG working.

ANY_TOOLCHAINtoplevelboolAllow building with any toolchain Many toolchains break when building coreboot since it uses quite
unusual linker features. Unless developers explicitly request it,
we'll have to assume that they use their distro compiler by mistake.
Make sure that using patched compilers is a conscious decision.

CCACHEtoplevelboolUse ccache to speed up (re)compilation Enables the use of ccache for faster builds.

Requires the ccache utility in your system $PATH.

For details see https://ccache.samba.org.

IWYUtoplevelboolTest platform with include-what-you-use This runs each source file through the include-what-you-use tool
to check the header includes.

FMD_GENPARSERtoplevelboolGenerate flashmap descriptor parser using flex and bison Enable this option if you are working on the flashmap descriptor
parser and made changes to fmd_scanner.l or fmd_parser.y.

Otherwise, say N to use the provided pregenerated scanner/parser.

UTIL_GENPARSERtoplevelboolGenerate parsers for bincfg, sconfig and kconfig locally Enable this option if you are working on the sconfig device tree
parser or bincfg and made changes to the .l or .y files.

Otherwise, say N to use the provided pregenerated scanner/parser.

USE_OPTION_TABLEtoplevelboolUse CMOS for configuration values Enable this option if coreboot shall read options from the "CMOS"
NVRAM instead of using hard-coded values.

USE_UEFI_VARIABLE_STOREtoplevelboolUse UEFI variable-store in SPI flash as option backend Enable this option if coreboot shall read/write options from the
SMMSTORE region within the SPI flash. The region must be formatted
by the payload first before it can be used.

USE_MAINBOARD_SPECIFIC_OPTION_BACKENDtoplevelboolUse mainboard-specific option backend Use a mainboard-specific mechanism to access runtime-configurable
options.

STATIC_OPTION_TABLEtoplevelboolLoad default configuration values into CMOS on each boot Enable this option to reset "CMOS" NVRAM values to default on
every boot. Use this if you want the NVRAM configuration to
never be modified from its default values.

MB_COMPRESS_RAMSTAGE_LZ4toplevelbool Select this in a mainboard to use LZ4 compression by default

COMPRESS_RAMSTAGE_LZMAtoplevelboolCompress ramstage with LZMA Compress ramstage with LZMA to save memory in the flash image.

COMPRESS_RAMSTAGE_LZ4toplevelboolCompress ramstage with LZ4 LZ4 doesn't give as good compression as LZMA, but decompresses much
faster. For large binaries such as ramstage, it's typically best to
use LZMA, but there can be cases where the faster decompression of
LZ4 can lead to a faster boot time. Testing on each individual board
is typically going to be needed due to the large number of factors
that can influence the decision. Binary size, CPU speed, ROM read
speed, cache, and other factors all play a part.

If you're not sure, stick with LZMA.

COMPRESS_PRERAM_STAGEStoplevelboolCompress romstage and verstage with LZ4 Compress romstage and (if it exists) verstage with LZ4 to save flash
space and speed up boot, since the time for reading the image from SPI
(and in the vboot case verifying it) is usually much greater than the
time spent decompressing. Doesn't work for XIP stages for obvious
reasons.

COMPRESS_BOOTBLOCKtoplevelbool This option can be used to compress the bootblock with LZ4 and attach
a small self-decompression stub to its front. This can drastically
reduce boot time on platforms where the bootblock is loaded over a
very slow connection and bootblock size trumps all other factors for
speed. Since using this option usually requires changes to the
SoC memlayout and possibly extra support code, it should not be
user-selectable. (There's no real point in offering this to the user
anyway... if it works and saves boot time, you would always want it.)

INCLUDE_CONFIG_FILEtoplevelboolInclude the coreboot .config file into the ROM image Include the .config file that was used to compile coreboot
in the (CBFS) ROM image. This is useful if you want to know which
options were used to build a specific coreboot.rom image.

Saying Y here will increase the image size by 2-3KB.

You can then use cbfstool to extract the config from a final image:

cbfstool coreboot.rom extract -n config -f <output file path>

Alternatively, you can also use cbfstool to print the image
contents (including the raw 'config' item we're looking for).

Example:

$ cbfstool coreboot.rom print
coreboot.rom: 4096 kB, bootblocksize 1008, romsize 4194304,
offset 0x0
Alignment: 64 bytes

Name Offset Type Size
cmos_layout.bin 0x0 CMOS layout 1159
fallback/romstage 0x4c0 stage 339756
fallback/ramstage 0x53440 stage 186664
fallback/payload 0x80dc0 payload 51526
config 0x8d740 raw 3324
(empty) 0x8e480 null 3610440

COLLECT_TIMESTAMPStoplevelboolCreate a table of timestamps collected during boot Make coreboot create a table of timer-ID/timer-value pairs to
allow measuring time spent at different phases of the boot process.

TIMESTAMPS_ON_CONSOLEtoplevelboolPrint the timestamp values on the console Print the timestamps to the debug console if enabled at level info.

USE_BLOBStoplevelboolAllow use of binary-only repository This draws in the blobs repository, which contains binary files that
might be required for some chipsets or boards.
This flag ensures that a "Free" option remains available for users.

USE_AMD_BLOBStoplevelboolAllow AMD blobs repository (with license agreement) This draws in the amd_blobs repository, which contains binary files
distributed by AMD, including VBIOS, PSP bootloaders, SMU firmwares,
etc. Selecting this item to download or clone the repo implies your
agreement to the AMD license agreement. A copy of the license text
may be reviewed by reading Documentation/soc/amd/amdblobs_license.md,
and your copy of the license is present in the repo once downloaded.

Note that for some products, omitting PSP, SMU images, or other items
may result in a nonbooting coreboot.rom.

USE_QC_BLOBStoplevelboolAllow QC blobs repository (selecting this agrees to the license!) This draws in the qc_blobs repository, which contains binary files
distributed by Qualcomm that are required to build firmware for
certain Qualcomm SoCs (including QcLib, QC-SEC, qtiseclib and QUP
firmware). If you say Y here you are implicitly agreeing to the
Qualcomm license agreement which can be found at:
https://review.coreboot.org/cgit/qc_blobs.git/tree/LICENSE

*****************************************************
PLEASE MAKE SURE YOU READ AND AGREE TO ALL TERMS IN
ABOVE LICENSE AGREEMENT BEFORE SELECTING THIS OPTION!
*****************************************************

Not selecting this option means certain Qualcomm SoCs and related
mainboards cannot be built and will be hidden from the "Mainboards"
section.

COVERAGEtoplevelboolCode coverage support Add code coverage support for coreboot. This will store code
coverage information in CBMEM for extraction from user space.
If unsure, say N.

UBSANtoplevelboolUndefined behavior sanitizer support Instrument the code with checks for undefined behavior. If unsure,
say N because it adds a small performance penalty and may abort
on code that happens to work in spite of the UB.

ASAN_IN_ROMSTAGEtoplevelbool Enable address sanitizer in romstage for platform.

ASAN_IN_RAMSTAGEtoplevelbool Enable address sanitizer in ramstage for platform.

ASANtoplevelboolAddress sanitizer support Enable address sanitizer - runtime memory debugger,
designed to find out-of-bounds accesses and use-after-scope bugs.

This feature consumes up to 1/8 of available memory and brings about
~1.5x performance slowdown.

If unsure, say N.

toplevel(comment)Before using this feature, make sure that
toplevel(comment)asan_shadow_offset_callback patch is applied to GCC.
NO_STAGE_CACHEtoplevelboolDisabled Do not save any component in stage cache for resume path. On resume,
all components would be read back from CBFS again.

TSEG_STAGE_CACHEtoplevelboolTSEG The option enables stage cache support for platform. Platform
can stash copies of postcar, ramstage and raw runtime data
inside SMM TSEG, to be restored on S3 resume path.

CBMEM_STAGE_CACHEtoplevelboolCBMEM The option enables stage cache support for platform. Platform
can stash copies of postcar, ramstage and raw runtime data
inside CBMEM.

While the approach is faster than reloading stages from boot media
it is also a possible attack scenario via which OS can possibly
circumvent SMM locks and SPI write protections.

If unsure, select 'N'

MAINBOARD_DISABLE_STAGE_CACHEtoplevelbool Selected by mainboards which wish to disable the stage cache.
E.g. mainboards which don't use S3 resume in the field may wish to
disable it to save boot time at the cost of increasing S3 resume time.

UPDATE_IMAGEtoplevelboolUpdate existing coreboot.rom image If this option is enabled, no new coreboot.rom file
is created. Instead it is expected that there already
is a suitable file for further processing.
The bootblock will not be modified.

If unsure, select 'N'

BOOTSPLASH_IMAGEtoplevelboolAdd a bootsplash image Select this option if you have a bootsplash image that you would
like to add to your ROM.

This will only add the image to the ROM. To actually run it check
options under 'Display' section.

BOOTSPLASH_FILEtoplevelstringBootsplash path and filename The path and filename of the file to use as graphical bootsplash
screen. The file format has to be JPEG with YCC 4:2:0 color sampling
unless converted with "Pre-process bootsplash file with ImageMagick".

The image can only be displayed by coreboot if it's smaller or has
the same size as the framebuffer resolution. Width and height have
to be a multiple of 16 pixels.

Setting these constraints allows a leaner implementation in coreboot.
The minimum necessary ImageMagick command line seems to be:
$ convert input.img -colorspace YCC -sampling-factor 4:2:0 bootsplash.jpg

BOOTSPLASH_CONVERTtoplevelboolPre-process bootsplash file with ImageMagick Use ImageMagick (`convert` program) to convert a bootsplash image
to the supported JPEG format.

BOOTSPLASH_CONVERT_RESIZEtoplevelboolResize bootsplash image Resize the image to the given resolution. Aspect ratio will be kept,
adding black bars as necessary.

BOOTSPLASH_CONVERT_RESOLUTIONtoplevelstringBootsplash image target size Target image resolution given as <width>x<height>, e.g. 1024x768.
Values not divisible by 16 will be rounded down.

When using coreboot to display the bootsplash image (CONFIG_BOOTSPLASH),
set this lower or equal to the minimum resolution you expect.

BOOTSPLASH_CONVERT_COLORSWAPtoplevelboolSwap red and blue color channels The JPEG decoder currently ignores the framebuffer color order.
If your colors seem all wrong, try this option.

FW_CONFIGtoplevelboolFirmware Configuration Probing Enable support for probing devices with fw_config. This is a simple
bitmask broken into fields and options for probing.

FW_CONFIG_SOURCE_CHROMEEC_CBItoplevelboolObtain Firmware Configuration value from Google Chrome EC CBI This option tells coreboot to read the firmware configuration value
from the Google Chrome Embedded Controller CBI interface. This source
is not tried if FW_CONFIG_SOURCE_CBFS is enabled and the value was
found in CBFS.

FW_CONFIG_SOURCE_CBFStoplevelboolObtain Firmware Configuration value from CBFS With this option enabled coreboot will look for the 32bit firmware
configuration value in CBFS at the selected prefix with the file name
"fw_config". This option will override other sources and allow the
local image to preempt the mainboard selected source and can be used as
FW_CONFIG_SOURCE_CHROMEEC_CBI fallback option.

FW_CONFIG_SOURCE_VPDtoplevelboolObtain Firmware Configuration value from VPD With this option enabled coreboot will look for the 32bit firmware
configuration value in VPD key name "fw_config". This option will
override other sources and allow the local image to preempt the mainboard
selected source and can be used for other FW_CONFIG_SOURCEs fallback option.

RAMPAYLOADtoplevelboolEnable coreboot flow without executing ramstage If this option is enabled, coreboot flow will skip ramstage
loading and execution of ramstage to load payload.

Instead it is expected to load payload from postcar stage itself.

In this flow coreboot will perform basic x86 initialization
(DRAM resource allocation), MTRR programming,
Skip PCI enumeration logic and only allocate BAR for fixed devices
(bootable devices, TPM over GSPI).

CONFIGURABLE_RAMSTAGEtoplevelboolEnable a configurable ramstage. A configurable ramstage allows you to select which parts of the ramstage
to run. Currently, we can only select a minimal PCI scanning step.
The minimal PCI scanning will only check those parts that are enabled
in the devicetree.cb. By convention none of those devices should be bridges.

MINIMAL_PCI_SCANNINGtoplevelboolEnable minimal PCI scanning If this option is enabled, coreboot will scan only PCI devices
marked as mandatory in devicetree.cb

Menu: Software Bill Of Materials (SBOM)
SBOMsbomboolInclude SBOM data for coreboot Select this option if you want to include a
coswid (Concise Software Identification Tag) of coreboot itself
into the SBOM (Software Bill of Materials) File in your build

SBOM_COMPILERsbomboolInclude compiler metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the compiler
used to compile coreboot into the SBOM (Software Bill of Materials)
File in your build
Note: if the system toolchain is used to build coreboot
one should check the final SBOM file for the expected results

SBOM_COMPILER_PATHsbomstringPath to SBOM file for the compiler The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_PAYLOADsbomboolInclude payload metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the payload into
the SBOM (Software Bill of Materials) File in your build

SBOM_PAYLOAD_GENERATEsbomboolAuto-generate generic SBOM info for payload Select this option if you want coreboot to generate and include
the coswid (Concise Software Identification Tag) instead of supplying
it manually. Be aware that this option is only meant to be a
transition and suppliers of Software should always prefer to include
their own Software descriptions, since ours may be incomplete or
straight up wrong.

SBOM_PAYLOAD_PATHsbomstringPath to SBOM file for the payload The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_MEsbomboolInclude ME metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
ME firmware into the SBOM (Software Bill of Materials)
File in your build

SBOM_ME_GENERATEsbomboolAuto-generate generic SBOM info for ME firmware Select this option if you want coreboot to generate and include
the coswid (Concise Software Identification Tag) instead of
supplying it manually. Be aware that this option is only meant
to be a transition and suppliers of Software should always prefer
to include their own Software descriptions, since ours may be
incomplete or straight up wrong.

SBOM_ME_PATHsbomstringPath to sbom.json for the ME firmware The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_ECsbomboolInclude EC metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
EC (Embedded Controller) firmware into the
SBOM (Software Bill of Materials) File in your build

SBOM_EC_PATHsbomstringPath to SBOM file for the EC firmware The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_SINIT_ACMsbomboolInclude SINIT ACM metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
SINIT ACM (Authenticated Code Module) firmware into the
SBOM (Software Bill of Materials) File in your build

SBOM_SINIT_ACM_PATHsbomstringPath to SBOM file for the SINIT AMC firmware The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_BIOS_ACMsbomboolInclude BIOS ACM metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
BIOS ACM (Authenticated Code Module) firmware into the
SBOM (Software Bill of Materials) File in your build

SBOM_BIOS_ACM_PATHsbomstringPath to SBOM file for the BIOS AMC firmware The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_MICROCODEsbomboolInclude microcode metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
microcode firmware into the SBOM (Software Bill of Materials)
File in your build

SBOM_FSPsbomboolInclude Intel FSP metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
FSP firmware into the SBOM (Software Bill of Materials)
File in your build

SBOM_FSP_PATHsbomstringPath to SBOM file for the FSP firmware The path of the SBOM file describing the Software included in the build
File can be a .json, .xml, .cbor, .uswid, or .pc

SBOM_VBOOTsbomboolInclude VBOOT metadata in SBOM Select this option if you want to include a
coswid (Concise Software Identification Tag) of the
VBOOT Software into the SBOM (Software Bill of Materials)
File in your build

Menu: Mainboard
mainboard(comment)Important: Run 'make distclean' before switching boards
ONBOARD_MEM_SAMSUNGmainboard/portwell/m107boolSamsung Samsung K4B8G1646D memory

ONBOARD_MEM_MICRONmainboard/portwell/m107boolMicron Micron MT41K512M16HA memory

ONBOARD_MEM_KINGSTONmainboard/portwell/m107boolKingston Kingston B5116ECMDXGGB memory

BOARD_EMULATION_QEMU_AARCH64mainboard/emulation/qemu-aarch64.nameboolQEMU AArch64 (virt) To execute, do:
qemu-system-aarch64 -bios ./build/coreboot.rom -M virt,secure=on,virtualization=on -cpu cortex-a53 -nographic -m 8192M

MAINBOARD_DIRmainboard/kontron/mal10NoneCarrier board This option sets the type of carrier board to be used with
the Kontron mAL10 COMe module.

BOARD_KONTRON_T10_TNImainboard/kontron/mal10boolKontron i-T10-TNIx By selecting this option, the target ROM image will be built for
the Kontron Ref.Carrier-i T10-TNI carrier board.

mainboard/adlink(comment)see under vendor LiPPERT
mainboard/google/kahlee.name(comment)Kahlee
mainboard/google/beltino.name(comment)Beltino
mainboard/google/nyan.name(comment)Nyan
mainboard/google/dedede.name(comment)Dedede
BOARD_GOOGLE_DRAWCIAmainboard/google/dedede.namebool-> Drawcia The Drawcia board supports the following devices:
- HP Chromebook x360 11 G4 EE (Drawcia)
- HP Chromebook 11 G9 EE (Drawlat)
- HP Chromebook 14 G7 (Drawman)

mainboard/google/jecht.name(comment)Jecht
mainboard/google/zork.name(comment)Zork
mainboard/google/myst.name(comment)Myst
mainboard/google/nyan_big.name(comment)Nyan Big
mainboard/google/parrot.name(comment)Parrot
mainboard/google/link.name(comment)Link
mainboard/google/oak.name(comment)Oak
mainboard/google/storm.name(comment)Storm
mainboard/google/auron.name(comment)Auron
mainboard/google/geralt.name(comment)Geralt
mainboard/google/skyrim.name(comment)Skyrim
mainboard/google/peach_pit.name(comment)Peach Pit
mainboard/google/trogdor.name(comment)Trogdor
mainboard/google/trogdor.name(comment)(Trogdor requires 'Allow QC blobs repository')
mainboard/google/slippy.name(comment)Slippy
mainboard/google/sarien.name(comment)Sarien
mainboard/google/rex.name(comment)Rex
mainboard/google/reef.name(comment)Reef
mainboard/google/stout.name(comment)Stout
mainboard/google/hatch.name(comment)Hatch
mainboard/google/cherry.name(comment)Cherry
mainboard/google/brya.name(comment)Brya
mainboard/google/gale.name(comment)Gale
mainboard/google/glados.name(comment)Glados
mainboard/google/guybrush.name(comment)Guybrush
mainboard/google/puff.name(comment)Puff
mainboard/google/drallion.name(comment)Drallion
mainboard/google/volteer.name(comment)Volteer
mainboard/google/gru.name(comment)Gru
mainboard/google/veyron.name(comment)Veyron
mainboard/google/mistral.name(comment)Mistral
mainboard/google/octopus.name(comment)Octopus
mainboard/google/butterfly.name(comment)Butterfly
mainboard/google/poppy.name(comment)Poppy
BOARD_GOOGLE_NAMImainboard/google/poppy.namebool-> Nami The Nami board supports the following devices:
- Acer Chromebook 13 / Spin 13 (Akali)
- Lenovo Yoga Chromebook C630 (Pantheon)
- HP Chromebook x360 14 (Sona)
- HP Chromebook 15 G1 (Syndra)
- Dell Inspiron Chromebook 14 (7460) (Vayne)

BOARD_GOOGLE_RAMMUSmainboard/google/poppy.namebool-> Rammus The Rammus board supports the following devices:
- Asus Chromebook C425 (Leona)
- Asus Chromebook Flip C433/C434 (Shyvana)

mainboard/google/rambi.name(comment)Rambi
mainboard/google/foster.name(comment)Foster
mainboard/google/nyan_blaze.name(comment)Nyan Blaze
mainboard/google/cyan.name(comment)Cyan
mainboard/google/veyron_mickey.name(comment)Veyron Mickey
mainboard/google/asurada.name(comment)Asurada
mainboard/google/daisy.name(comment)Daisy
mainboard/google/eve.name(comment)Eve
mainboard/google/corsola.name(comment)Kingler
mainboard/google/corsola.name(comment)Krabby
mainboard/google/corsola.name(comment)Staryu
mainboard/google/herobrine.name(comment)Herobrine
mainboard/google/herobrine.name(comment)(Herobrine requires 'Allow QC blobs repository')
mainboard/google/fizz.name(comment)Fizz
mainboard/google/veyron_rialto.name(comment)Veyron Rialto
mainboard/google/kukui.name(comment)Kukui
mainboard/google/kukui.name(comment)Jacuzzi
mainboard/google/smaug.name(comment)Smaug
FMDFILEmainboard/google/kahleestring The build system creates a default FMAP from ROM_SIZE and CBFS_SIZE,
but in some cases more complex setups are required.
When an fmd is specified, it overrides the default format.

USE_OEM_BINmainboard/google/kahleeboolAdd an oem.bin file Add an oem.bin file to identify the manufacturer in SMBIOS, overriding the
CONFIG_MAINBOARD_SMBIOS_MANUFACTURER value.

MAINBOARD_PART_NUMBERmainboard/google/nyanNoneBCT boot media Which boot media to configure the BCT for.

NYAN_BCT_CFG_SPImainboard/google/nyanboolSPI Configure the BCT for booting from SPI.

NYAN_BCT_CFG_EMMCmainboard/google/nyanbooleMMC Configure the BCT for booting from eMMC.

BOOT_DEVICE_SPI_FLASH_BUSmainboard/google/nyanintSPI bus with boot media ROM Which SPI bus the boot media is connected to.

VARIANT_SUPPORTS_PRE_V3_SCHEMATICSmainboard/google/zorkbool Whether this variant supports pre-v3 version of schematics.
Eventually, when a variant moves to a point where it no
longer has to support pre-v3 schematics, `default y` entry
for it can be dropped.

VARIANT_MIN_BOARD_ID_V3_6_SCHEMATICSmainboard/google/zorkint Minimum board version where the variant starts supporting
v3.6+ version of reference schematics.

VARIANT_MIN_BOARD_ID_V3_SCHEMATICSmainboard/google/zorkint Minimum board version where the variant starts supporting
v3 version of reference schematics.

VARIANT_SUPPORTS_WIFI_POWER_ACTIVE_HIGHmainboard/google/zorkbool Whether this variant supports active high power enable for
WiFi. For pre-v3 schematics, this is always true. There are
some variants which used v3 schematics, but did not pick up
the change for active low WiFi power enable. Those variants
will have to set this config to true. Eventually, when a
variant needs to only support v3 schematics with active low
power enable for WiFi, `default y` entry for it can be
dropped.

VARIANT_MIN_BOARD_ID_WIFI_POWER_ACTIVE_LOWmainboard/google/zorkint Minimum board version where the variant starts supporting
active low power enable for WiFi.

VARIANT_HAS_FPMCUmainboard/google/zorkbool Select y if any SKU of the board has a fingerprint sensor

VARIANT_MAX_BOARD_ID_BROKEN_FMPCU_POWERmainboard/google/zorkint Last board version that needs the extra delay for FPMCU init.

MAINBOARD_PART_NUMBERmainboard/google/nyan_bigNoneBCT boot media Which boot media to configure the BCT for.

NYAN_BIG_BCT_CFG_SPImainboard/google/nyan_bigboolSPI Configure the BCT for booting from SPI.

NYAN_BIG_BCT_CFG_EMMCmainboard/google/nyan_bigbooleMMC Configure the BCT for booting from eMMC.

BOOT_DEVICE_SPI_FLASH_BUSmainboard/google/nyan_bigintSPI bus with boot media ROM Which SPI bus the boot media is connected to.

AMDFW_CONFIG_FILEmainboard/google/skyrimstring Custom firmware list excluding the fwTPM binary.

USE_VARIANT_DXIO_DESCRIPTORmainboard/google/skyrimbool Enable this to allow a variant to override the dxio descriptor values
in port_descriptors.c

OVERRIDE_EFS_SPI_SPEEDmainboard/google/skyrimint Override EFS SPI Speed Configuration to be applied based on certain
board version.

OVERRIDE_EFS_SPI_SPEED_MIN_BOARDmainboard/google/skyrimhex Minimum board version starting which the Override EFS SPI Speed
configuration has to be applied.

ENABLE_STB_SPILL_TO_DRAMmainboard/google/skyrimhex Spill-to-DRAM is an STB feature that extends the buffer from using
just the small SRAM buffer to a much larger area reserved in main
memory.

HAVE_WWAN_POWER_SEQUENCEmainboard/google/bryaint Select this if the variant has a WWAN module and requires the poweroff sequence
to be performed on shutdown. Must define WWAN_FCPO, WWAN_RST and WWAN_PERST GPIOs
in variant.h, as well as T1_OFF_MS (time between PERST & RST) and T2_OFF_MS (time
between RST and FCPO). WWAN_PERST and T1_OFF_MS are only necessary for PCIe WWAN
(when HAVE_PCIE_WWAN is also selected).

DEFAULT_ADL_NEMmainboard/google/bryabool Brya variants with Alder Lake ESx silicon to choose this config
as eNEM was fuse disable till ESx silicon revision.

INCLUDE_NVIDIA_GPU_ASLmainboard/google/bryabool Select this if the variant has an Nvidia GN20 GPU attached to PEG1

OVERRIDE_EFS_SPI_SPEEDmainboard/google/guybrushint Override EFS SPI Speed Configuration to be applied based on certain
board version.

OVERRIDE_EFS_SPI_SPEED_MIN_BOARDmainboard/google/guybrushhex Minimum board version starting which the Override EFS SPI Speed
configuration has to be applied.

DRAM_SIZE_MBmainboard/google/fosterintBCT boot media Which boot media to configure the BCT for.

FOSTER_BCT_CFG_SPImainboard/google/fosterboolSPI Configure the BCT for booting from SPI.

FOSTER_BCT_CFG_EMMCmainboard/google/fosterbooleMMC Configure the BCT for booting from eMMC.

BOOT_DEVICE_SPI_FLASH_BUSmainboard/google/fosterintSPI bus with boot media ROM Which SPI bus the boot media is connected to.

MAINBOARD_PART_NUMBERmainboard/google/nyan_blazeNoneBCT boot media Which boot media to configure the BCT for.

NYAN_BLAZE_BCT_CFG_SPImainboard/google/nyan_blazeboolSPI Configure the BCT for booting from SPI.

NYAN_BLAZE_BCT_CFG_EMMCmainboard/google/nyan_blazebooleMMC Configure the BCT for booting from eMMC.

BOOT_DEVICE_SPI_FLASH_BUSmainboard/google/nyan_blazeintSPI bus with boot media ROM Which SPI bus the boot media is connected to.

DISPLAY_SPD_DATAmainboard/google/cyanboolDisplay Memory Serial Presence Detect Data When enabled displays the memory configuration data.

DRAM_SIZE_MBmainboard/google/smaugintBCT boot media Which boot media to configure the BCT for.

SMAUG_BCT_CFG_SPImainboard/google/smaugboolSPI Configure the BCT for booting from SPI.

SMAUG_BCT_CFG_EMMCmainboard/google/smaugbooleMMC Configure the BCT for booting from eMMC.

BOOT_DEVICE_SPI_FLASH_BUSmainboard/google/smaugintSPI bus with boot media ROM Which SPI bus the boot media is connected to.

HERMES_USES_SPS_FIRMWAREmainboard/prodrive/hermesboolBuild for use with SPS (Server Platform Services) firmware Depending on the intended use case, the Hermes mainboard can use either
CSME or SPS firmware SKUs. Choose this option if using SPS firmware, as
SPS doesn't support ACPI S3 and S4 sleep states.

ATLAS_ENABLE_IBECCmainboard/prodrive/atlasboolEnable IBECC Enables In Band Error Correction Code. It's only needed for endurance testing
and therefore not always required.
default n

PCIEXP_ASPMmainboard/prodrive/atlasbool FSP is already taking care of ASPM, which is configured through the devicetree in coreboot
on Alderlake Platforms. Disable it to save some boot time.

PCIEXP_L1_SUB_STATEmainboard/prodrive/atlasbool Enabling PCIe L1 sub states is already done in FSP.
Disable it to save some boot time.

PCIEXP_CLK_PMmainboard/prodrive/atlasbool Enabling PCIe clock power management is already done in FSP.
Disable it to save some boot time

ENABLE_BUZZER_SUPPORTmainboard/prodrive/atlasboolEnable Buzzer support 8254 timer is required for buzzer support on GPP_B14 (based on Intel doc 621483,
26.1.1 - NMI_STS_CNT). However since 8254 timer clock gating has to be enabled for
S0ix support, enabling buzzer will disable s0ix.

INCLUDE_EC_FIRMWAREmainboard/acer/aspire_vn7_572gboolInclude EC firmware blob If corrupted, the EC can recover its firmware from the SPI flash.

EC_USE_LGMRmainboard/acer/aspire_vn7_572gboolUse LPC generic memory range for EC Using MMIO accesses for EC range can improve performance.

mainboard/clevo/cml-u.name(comment)Comet Lake U
mainboard/clevo/tgl-u.name(comment)Tiger Lake U
mainboard/clevo/kbl-u.name(comment)Kaby Lake U
AGESA_USE_1_0_0_4_HEADERmainboard/pcengines/apu2bool Due to a bug in AGESA 1.0.0.A affecting boards without UMA, it is
impossible to use the newest blob. Using an older 1.0.0.4 blob
workarounds the problem, however some headers changes between blob
revisions. This option removes the changes in headers introduced
with AGESA 1.0.0.A to fit the 1.0.0.4 revision.

mainboard/starlabs/starbook.name(comment)Star Labs StarBook Series
mainboard/starlabs/lite.name(comment)Star Labs Lite Series
mainboard/amd/mayan.name(comment)Mayan
mainboard/amd/birman.name(comment)Birman
CHAUSIE_MCHP_SIG_FILEmainboard/amd/chausiestringMicrochip EC signature file The EC sig blob is the first 4kBytes of the firmware image.
The first 4 bytes form a pointer (with CRC) to where the EC firmware
is located

CHAUSIE_MCHP_FW_FILEmainboard/amd/chausiestringMicrochip EC firmware file The EC firmware blob is at the CHAUSIE_MCHP_FW_OFFSET offset of the
firmware image.

CHAUSIE_MCHP_FW_OFFSETmainboard/amd/chausiehex The EC firmware blob defaults to the 4MByte offset of the firmware
image. If this offset needs to change, a new signature block must be
generated with the updated offset.

HWM_PORTmainboard/amd/pademelonhex HWM base address must be an odd address. Hardware monitor used
addresses are HWM_PORT for index an HWM_PORT + 1 for data.
If changed, make sure fan_init.c IO window setting. The HWM
(Hardware Monitor) is used for fan control within pademelon.

MAYAN_MCHP_SIG_FILEmainboard/amd/mayanstringMicrochip EC signature file The EC sig blob is the first 4kBytes of the firmware image.
The first 4 bytes form a pointer (with CRC) to where the EC firmware
is located

MAYAN_MCHP_FW_FILEmainboard/amd/mayanstringMicrochip EC firmware file The EC firmware blob is at the MAYAN_MCHP_FW_OFFSET offset of the
firmware image.

MAYAN_MCHP_FW_OFFSETmainboard/amd/mayanhex The EC firmware blob defaults to the 4MByte offset of the firmware
image. If this offset needs to change, a new signature block must be
generated with the updated offset.

CHROMEOSmainboard/amd/mayanstringDT SLOT/M.2 SSD1 ENABLE Either DT slot or M.2 SSD1 can be used to boot on Mayan,
as they are sharing IO lanes.

AMD_LPC_DEBUG_CARDmainboard/amd/mandolinboolEnable LPC-Serial debug card on the debug header AMD's debug card contains an SMSC SIO1036 device which provides an
I/O-mapped UART in the system. This is mutually exclusive with
AMD_SOC_CONSOLE_UART which selects the SoC's integrated memory-mapped
UART for coreboot console output.

MANDOLIN_MCHP_FW_FILEmainboard/amd/mandolinstring The EC firmware blob is usually the first 128kByte of the stock
firmware image.

MANDOLIN_MCHP_FW_FILEmainboard/amd/mandolinstringState of IOMux for LPC/eMMC signals Mandolin is designed to use either LPC or eMMC signals. Use this
selection to determine which are configured for this image.

MANDOLIN_LPCmainboard/amd/mandolinbool Picasso's LPC bus signals are MUXed with some of the EMMC signals.
Select this option if LPC signals are required.

VGA_BIOS_DGPU_IDmainboard/amd/mandolinstring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in northbridge.c.

MAJOLICA_MCHP_FW_FILEmainboard/amd/majolicastring The EC firmware blob is usually the first 128kByte of the stock
firmware image.

AMD_LPC_DEBUG_CARDmainboard/amd/bilbyboolEnable LPC-Serial debug card on the debug header AMD's debug card contains an SMSC SIO1036 device which provides an
I/O-mapped UART in the system. This is mutually exclusive with
AMD_SOC_CONSOLE_UART which selects the SoC's integrated memory-mapped
UART for coreboot console output.

ONBOARD_VGA_IS_PRIMARYmainboard/amd/bilbyboolState of IOMux for LPC/eMMC signals Bilby is designed to use either LPC or eMMC signals. Use this
selection to determine which are configured for this image.

BILBY_LPCmainboard/amd/bilbybool Picasso's LPC bus signals are MUXed with some of the EMMC signals.
Select this option if LPC signals are required.

VGA_BIOS_DGPU_IDmainboard/amd/bilbystring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in northbridge.c.

BIRMAN_MCHP_SIG_FILEmainboard/amd/birmanstringMicrochip EC signature file The EC sig blob is the first 4kBytes of the firmware image.
The first 4 bytes form a pointer (with CRC) to where the EC firmware
is located

BIRMAN_MCHP_FW_FILEmainboard/amd/birmanstringMicrochip EC firmware file The EC firmware blob is at the EC_BODY FMAP region of the firmware image.

ENABLE_EVAL_CARDmainboard/amd/birmanboolEnable Eval Card Enable the Eval Card PCIe slot

ENABLE_EVAL_19Vmainboard/amd/birmanboolEnable 19V rail for Eval Card Enable the 19V rail for Eval Card PCIe slot

ENABLE_EVAL_19Vmainboard/amd/birmanboolDT SLOT/M.2 SSD1 ENABLE Either DT slot or M.2 SSD1 can be used, as they are sharing PCIe lanes.

DISABLE_DT_M2mainboard/amd/birmanboolWLAN/WWAN Selection WLAN and WWAN lane configuration

mainboard/intel/coffeelake_rvp.name(comment)Coffeelake RVP
DEVICETREEmainboard/intel/tglrvpstringON BOARD EC This option allows you to select the on board EC to use.
Select whether the board has Intel EC or Chrome EC

Menu: Debugging
DISABLE_UART_ON_TESTPADSmainboard/intel/dcp847skeboolDisable UART on testpads Serial output requires soldering to the testpad next to
NCT5577D pin 18 (txd) and gnd.

VGA_BIOS_IDmainboard/intel/stragostring The VGA_BIOS_ID for the C0 version of the video BIOS is hardcoded
in soc/intel/braswell/Makefile.inc as 8086,22b1

BASEBOARD_GLKRVP_LAPTOPmainboard/intel/glkrvpNoneON BOARD EC This option allows you to select the on board EC to use.
Select whether the board has Intel EC or Chrome EC

DIMM_SPD_SIZEmainboard/intel/mtlrvpstringON BOARD EC This option allows you to select the on board EC to use.
Select whether the board has Intel EC or/and Chrome EC

SOC_INTEL_CSE_LITE_SKUmainboard/intel/adlrvpboolUse CSE Lite firmware Enable if CSE Lite firmware is used in your build. It is commonly
used in Chrome boards (chromebooks, chromeboxes, ...).
But since ADL RVP build can be used with or without CSE Lite firmware
it is a configurable option. Alderlake RVP boards usually don't use
an CSE Lite firmware, but are still very likely to use it in case
ChromeEC is used.

DIMM_SPD_SIZEmainboard/intel/adlrvpstringON BOARD EC This option allows you to select the on board EC to use.
Select whether the board has Intel EC or Chrome EC

GEN3_EXTERNAL_CLOCK_BUFFERmainboard/intel/adlrvpbool Support external Gen-3 clock chip for ADL-P.
`CONFIG_CLKSRC_FOR_EXTERNAL_BUFFER` provides feed clock to discrete buffer
for further distribution to platform. SRCCLKREQB[7:9] maps to internal
SRCCLKREQB[6]. If any of them asserted, SRC buffer
`CONFIG_CLKSRC_FOR_EXTERNAL_BUFFER` gets enabled.

ENABLE_FSP_MEMORY_DOWNmainboard/intel/harcuvarboolEnable Memory Down Select this option to enable Memory Down function.

SPD_LOCmainboard/intel/harcuvarhexSPD binary location in cbfs Location of SPD binary for memory down function.

BOARD_EXAMPLE_MIN86mainboard/example/min86.nameboolMinimal x86 fake board This example mainboard code along with the example/min86 SoC
should serve as a minimal example how a buildable x86 SoC code
base can look like.

This can serve, for instance, as a basis to add new SoCs to
coreboot. Starting with a buildable commit should help with
the review of the actual code, and also avoid any regressions
when common coreboot code changes.

BEEP_ON_BOOTmainboard/protectli/vault_cmlboolBeep on successful boot Make the platform beep using the PC speaker in final coreboot phase.
May serve as a useful indicator in headless mode that platform is
properly booting.

VGA_BIOS_IDmainboard/protectli/vault_bswstring The VGA_BIOS_ID for the C0 version of the video bios is hardcoded
in soc/intel/braswell/Makefile.inc as 8086,22b1

mainboard/siemens/mc_ehl.name(comment)MC EHLx
mainboard/siemens/chili.name(comment)CHILI
mainboard/siemens/mc_apl1.name(comment)MC APLx
mainboard/siemens/fa_ehl.name(comment)FA EHL
INCLUDE_SMSC_SCH5545_EC_FWmainboard/dell/snb_ivb_workstationsboolInclude SMSC SCH5545 EC firmware binary This option allows to add the SMSC SCH5545 Environmental Controller
firmware binary. The firmware must be loaded after each power failure
in order to properly initialize the fan control, because EC loses its
configuration when power is cut off. Otherwise the fans will keep
running at full speed after power failure.

ENABLE_EC_UART1mainboard/purism/librem_cnlboolEnable EC UART1 Enable UART1 on the EC.

This UART can be used for boot logging by coreboot, SeaBIOS, or
Linux. It also works as a general-purpose UART.

Soldering is required to access these signals. Locate the pads for
U81 on the bottom of the board near the front edge; the IC is not
populated. TX is pin 14, RX is pin 19. The signals are 3.3V (do NOT
connect directly to an RS-232 serial port).

DRIVERS_UART_8250IOmainboard/purism/librem_bdwNone This platform does not have any way to get standard
serial output so disable it by default.

BOARD_ROMSIZE_KB_65536mainboardboolROM chip size Select the size of the ROM chip you intend to flash coreboot on.

The build system will take care of creating a coreboot.rom file
of the matching size.

COREBOOT_ROMSIZE_KB_256mainboardbool256 KB Choose this option if you have a 256 KB ROM chip.

COREBOOT_ROMSIZE_KB_512mainboardbool512 KB Choose this option if you have a 512 KB ROM chip.

COREBOOT_ROMSIZE_KB_1024mainboardbool1024 KB (1 MB) Choose this option if you have a 1024 KB (1 MB) ROM chip.

COREBOOT_ROMSIZE_KB_2048mainboardbool2048 KB (2 MB) Choose this option if you have a 2048 KB (2 MB) ROM chip.

COREBOOT_ROMSIZE_KB_4096mainboardbool4096 KB (4 MB) Choose this option if you have a 4096 KB (4 MB) ROM chip.

COREBOOT_ROMSIZE_KB_5120mainboardbool5120 KB (5 MB) Choose this option if you have a 5120 KB (5 MB) ROM chip.

COREBOOT_ROMSIZE_KB_6144mainboardbool6144 KB (6 MB) Choose this option if you have a 6144 KB (6 MB) ROM chip.

COREBOOT_ROMSIZE_KB_8192mainboardbool8192 KB (8 MB) Choose this option if you have a 8192 KB (8 MB) ROM chip.

COREBOOT_ROMSIZE_KB_10240mainboardbool10240 KB (10 MB) Choose this option if you have a 10240 KB (10 MB) ROM chip.

COREBOOT_ROMSIZE_KB_12288mainboardbool12288 KB (12 MB) Choose this option if you have a 12288 KB (12 MB) ROM chip.

COREBOOT_ROMSIZE_KB_16384mainboardbool16384 KB (16 MB) Choose this option if you have a 16384 KB (16 MB) ROM chip.

COREBOOT_ROMSIZE_KB_32768mainboardbool32768 KB (32 MB) Choose this option if you have a 32768 KB (32 MB) ROM chip.

COREBOOT_ROMSIZE_KB_65536mainboardbool65536 KB (64 MB) Choose this option if you have a 65536 KB (64 MB) ROM chip.

ENABLE_POWER_BUTTONmainboardboolEnable the power button The selected mainboard can optionally have the power button tied
to ground with a jumper so that the button appears to be
constantly depressed. If this option is enabled and the jumper is
installed then the board will turn on, but turn off again after a
short timeout, usually 4 seconds.

Select Y here if you have removed the jumper and want to use an
actual power button. Select N if you have the jumper installed.

POWER_STATE_DEFAULT_ON_AFTER_FAILUREmainboardbool Selected by platforms or mainboards that want a "default on"
behaviour.

POWER_STATE_DEFAULT_ON_AFTER_FAILUREmainboardboolSystem Power State after Failure Provides a default for the power state the system should
go into after G3 (power loss). On many boards this can be
overridden by an NVRAM option.

POWER_STATE_OFF_AFTER_FAILUREmainboardboolS5 Soft Off Choose this option if you want to put system into
S5 after reapplying power after failure.

POWER_STATE_ON_AFTER_FAILUREmainboardboolS0 Full On Choose this option if you want to keep system in
S0 after reapplying power after failure.

POWER_STATE_PREVIOUS_AFTER_FAILUREmainboardboolKeep Previous State Choose this option if you want to keep system in the
same power state as before failure after reapplying
power.

DEVICETREEtoplevelstring This symbol allows mainboards to select a different file under their
mainboard directory for the devicetree.cb file. This allows the board
variants that need different devicetrees to be in the same directory.

Examples: "devicetree.variant.cb"
"variant/devicetree.cb"

OVERRIDE_DEVICETREEtoplevelstring This symbol allows variants to provide an override devicetree file to
override the registers and/or add new devices on top of the ones
provided by baseboard devicetree using CONFIG_DEVICETREE.

Examples: "devicetree.variant-override.cb"
"variant/devicetree-override.cb"

FMDFILEtoplevelstringfmap description file in fmd format The build system creates a default FMAP from ROM_SIZE and CBFS_SIZE,
but in some cases more complex setups are required.
When an fmd is specified, it overrides the default format.

CBFS_SIZEtoplevelhexSize of CBFS filesystem in ROM This is the part of the ROM actually managed by CBFS, located at the
end of the ROM (passed through cbfstool -o) on x86 and at the start
of the ROM (passed through cbfstool -s) everywhere else. It defaults
to span the whole ROM on all but Intel systems that use an Intel Firmware
Descriptor. It can be overridden to make coreboot live alongside other
components like ChromeOS's vboot/FMAP or Intel's IFD / ME / TXE
binaries. This symbol should only be used to generate a default FMAP and
is unused when a non-default fmd file is provided via CONFIG_FMDFILE.

CBFS_AUTOGEN_ATTRIBUTEStoplevelbool If this option is selected, every file in cbfs which has a constraint
regarding position or alignment will get an additional file attribute
which describes this constraint.

Menu: Chipset
toplevel(comment)SoC
SPM_FIRMWAREsoc/mediatek/mt8186string The file name of the MediaTek SPM firmware.

SSPM_FIRMWAREsoc/mediatek/mt8186string The file name of the MediaTek SSPM firmware.

MT8183_DRAM_EMCPsoc/mediatek/mt8183bool The eMCP platform should select this option to run at different DRAM
frequencies.

MT8183_DRAM_DVFSsoc/mediatek/mt8183bool This options enables DRAM calibration with multiple frequencies (low,
medium and high) for DVFS feature.

SSPM_FIRMWAREsoc/mediatek/mt8183string The file name of the MediaTek SSPM firmware.


DPM_DM_FIRMWAREsoc/mediatek/mt8192string The file name of the MediaTek DPM DM firmware

DPM_PM_FIRMWAREsoc/mediatek/mt8192string The file name of the MediaTek DPM PM firmware

MCUPM_FIRMWAREsoc/mediatek/mt8192string The file name of the MediaTek MCUPM firmware.

SPM_FIRMWAREsoc/mediatek/mt8192string The file name of the MediaTek SPM firmware.

SSPM_FIRMWAREsoc/mediatek/mt8192string The file name of the MediaTek SSPM firmware.

SRCLKEN_RC_SUPPORTsoc/mediatek/mt8192bool This option enables clock buffer remote controller module
to control PMIC 26MHz clock output.

DEBUG_I2Csoc/mediatek/mt8173boolOutput verbose I2C related debug messages This option enables I2C related debug messages.

DEBUG_PMICsoc/mediatek/mt8173boolOutput verbose PMIC related debug messages This option enables PMIC related debug messages.

DEBUG_PMIC_WRAPsoc/mediatek/mt8173boolOutput verbose PMIC WRAP related debug messages This option enables PMIC WRAP related debug messages.
SOC_MEDIATEK_COMMONsoc/mediatek/commonbool common code blocks for Mediatek SOCs

MEDIATEK_DRAM_DVFSsoc/mediatek/commonbool This option enables DRAM calibration with multiple frequencies (low,
medium and high frequency groups, with total 7 frequencies) for DVFS
feature. All supported data rates are: 800, 1200, 1600, 1866, 2400,
3200, 4266.

MEDIATEK_DRAM_DVFS_LIMIT_FREQ_CNTsoc/mediatek/commonbool This options limit DRAM frequency calibration count from total 7 to 3,
other frequency will directly use the low frequency shu result.

MEDIATEK_DRAM_BLOB_FAST_INITsoc/mediatek/commonboolEnable running fast calibration by blob This option allows performing fast calibration through different
open-source policy.

MEDIATEK_DRAM_SCRAMBLEsoc/mediatek/commonboolEnable DRAM scramble feature This option enables DRAM data scramble, which can prevent DRAM data from
being hacked.

MEMORY_TESTsoc/mediatek/commonbool This option enables memory basic compare test to verify the DRAM read
or write is as expected.

DPM_FOUR_CHANNELsoc/mediatek/commonbool This option enables four channel configuration for DPM.

MTK_DFDsoc/mediatek/commonboolEnable MediaTek DFD (Design For Debug) settings DFD (Design for Debug) is a debugging tool, which scans flip-flops
and dumps to internal RAM on the WDT reset. We reserve 1MB on DRAM
to store logs of DFD.

USE_CBMEM_DRAM_INFOsoc/mediatek/commonboolSupport filling dram information to cbmem The DRAM initialization will keep and return DRAM information (size,
geometry and other DDR info) so we can fill that into the CBMEM.

FLASH_DUAL_IO_READsoc/mediatek/commonbool When this option is enabled, the flash controller provides the ability
to dual IO read mode.

PWRAP_WITH_PMIF_SPMIsoc/mediatek/commonbool When this option is enabled, the PMIC interface only supports PWRAP
and PMIF_SPMI.

PMIF_SPMI_IOCFG_DEFAULT_SETTINGsoc/mediatek/commonbool For SoCs where IO pins default to PMIF_SPMI mode, enable this option
to skip software PMIF_SPMI IO pins configuration.

DEVAPC_DEBUGsoc/mediatek/commonbool When this option is enabled, the DEVAPC driver prints the settings after
initialization.

DPM_DM_FIRMWAREsoc/mediatek/mt8188string The file name of the MediaTek DPM DM firmware.

DPM_PM_FIRMWAREsoc/mediatek/mt8188string The file name of the MediaTek DPM PM firmware.

MCUPM_FIRMWAREsoc/mediatek/mt8188string The file name of the MediaTek MCUPM firmware.

SPM_FIRMWAREsoc/mediatek/mt8188string The file name of the MediaTek SPM firmware.

SSPM_FIRMWAREsoc/mediatek/mt8188string The file name of the MediaTek SSPM firmware.

DPM_DM_FIRMWAREsoc/mediatek/mt8195string The file name of the MediaTek DPM DM firmware.

DPM_PM_FIRMWAREsoc/mediatek/mt8195string The file name of the MediaTek DPM PM firmware.

MCUPM_FIRMWAREsoc/mediatek/mt8195string The file name of the MediaTek MCUPM firmware.

SPM_FIRMWAREsoc/mediatek/mt8195string The file name of the MediaTek SPM firmware.

SSPM_FIRMWAREsoc/mediatek/mt8195string The file name of the MediaTek SSPM firmware.

SBL_BLOBsoc/qualcomm/ipq806xstringfile name of the Qualcomm SBL blob The path and filename of the binary blob containing
ipq806x early initialization code, as supplied by the
vendor.

SOC_QUALCOMM_COMMONsoc/qualcomm/commonbool Selected by platforms that use the common code.

IPQ_QFN_PARTsoc/qualcomm/ipq40xxbool Is the SoC a QFN part (as opposed to a BGA part)

SBL_ELFsoc/qualcomm/ipq40xxstringfile name of the QCA SBL ELF The path and filename of the binary blob containing
ipq40xx early initialization code, as supplied by the
vendor.

SBL_UTIL_PATHsoc/qualcomm/ipq40xxstringPath for utils to combine SBL_ELF and bootblock Path for utils to combine SBL_ELF and bootblock

UART_FOR_CONSOLEsoc/qualcomm/sc7180int Select the QUP instance to be used for UART console output.

UART_FOR_CONSOLEsoc/qualcomm/sc7280int Select the QUP instance to be used for UART console output.

EARLY_RESERVED_DRAM_BASEsoc/amd/genoahex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/genoahex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/genoahex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/genoahex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/genoahex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/genoahex Sets the size of DRAM allocation for romstage in linker script.

Menu: PSP Configuration Options
PSP_DISABLE_POSTCODESsoc/amd/genoaboolDisable PSP post codes Disables the output of port80 post codes from PSP.

PSP_INIT_ESPIsoc/amd/genoaboolInitialize eSPI in PSP Stage 2 Boot Loader Select to initialize the eSPI controller in the PSP Stage 2 Boot
Loader.

HAVE_PSP_WHITELIST_FILEsoc/amd/genoaboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
serial number. This feature requires a signed whitelist image
and bootloader from AMD.

If unsure, answer 'n'

PERFORM_SPL_FUSINGsoc/amd/genoaboolSend SPL fuse command to PSP Send the Security Patch Level (SPL) fusing command to the PSP in
order to update the minimum SPL version to be written to the SoC's
fuse bits. This will prevent using any embedded firmware components
with lower SPL version.

If unsure, answer 'n'

SPL_TABLE_FILEsoc/amd/genoastringSPL table file override Provide a mainboard-specific Security Patch Level (SPL) table file
override. The SPL file is required to support PSP FW anti-rollback
and needs to be created by AMD. The default SPL file specified in the
SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule
and applies to all boards that use the SoC without verstage on PSP.
In the verstage on PSP case, a different SPL file is specific as an
override via this Kconfig option.

PSP_SOFTFUSE_BITSsoc/amd/genoastringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 7: Disable PSP postcodes on Renoir and newer chips only
(Set by PSP_DISABLE_PORT80)
Bit 15: PSP debug output destination:
0=SoC MMIO UART, 1=IO port 0x3F8

See #57299 (NDA) for additional bit definitions.
SOC_AMD_CEZANNEsoc/amd/cezannebool AMD Cezanne support

FSP_M_FILEsoc/amd/cezannestringFSP-M (memory init) binary path and filename The path and filename of the FSP-M binary for this platform.

FSP_S_FILEsoc/amd/cezannestringFSP-S (silicon init) binary path and filename The path and filename of the FSP-S binary for this platform.

EARLY_RESERVED_DRAM_BASEsoc/amd/cezannehex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/cezannehex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PSP_SHAREDMEM_BASEsoc/amd/cezannehex This variable defines the base address in DRAM memory where PSP copies
the vboot workbuf. This is used in the linker script to have a static
allocation for the buffer as well as for adding relevant entries in
the BIOS directory table for the PSP.

PSP_SHAREDMEM_SIZEsoc/amd/cezannehex Sets the maximum size for the PSP to pass the vboot workbuf and
any logs or timestamps back to coreboot. This will be copied
into main memory by the PSP and will be available when the x86 is
started. The workbuf's base depends on the address of the reset
vector.

PRE_X86_CBMEM_CONSOLE_SIZEsoc/amd/cezannehex Size of the CBMEM console used in PSP verstage.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/cezannehex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/cezannehex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/cezannehex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/cezannehex Sets the size of DRAM allocation for romstage in linker script.

FSP_M_ADDRsoc/amd/cezannehex Sets the address in DRAM where FSP-M should be loaded. cbfstool
performs relocation of FSP-M to this address.

FSP_M_SIZEsoc/amd/cezannehex Sets the size of DRAM allocation for FSP-M in linker script.

FSP_TEMP_RAM_SIZEsoc/amd/cezannehex The amount of coreboot-allocated heap and stack usage by the FSP.

VERSTAGE_ADDRsoc/amd/cezannehex Sets the address in DRAM where verstage should be loaded if running
as a separate stage on x86.

VERSTAGE_SIZEsoc/amd/cezannehex Sets the size of DRAM allocation for verstage in linker script if
running as a separate stage on x86.

ASYNC_FILE_LOADINGsoc/amd/cezanneboolLoads files from SPI asynchronously When enabled, the platform will use the LPC SPI DMA controller to
asynchronously load contents from the SPI ROM. This will improve
boot time because the CPUs can be performing useful work while the
SPI contents are being preloaded.

MAX_CPUSsoc/amd/cezanneint Maximum number of threads the platform can have.

VGA_BIOS_IDsoc/amd/cezannestring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in grapthics.c.

ACPI_BERTsoc/amd/cezanneboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table.

ACPI_BERT_SIZEsoc/amd/cezannehex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

DISABLE_SPI_FLASH_ROM_SHARINGsoc/amd/cezanneint Instruct the chipset to not honor the EGPIO67_SPI_ROM_REQ pin
which indicates a board level ROM transaction request. This
removes arbitration with board and assumes the chipset controls
the SPI flash bus entirely.

DISABLE_KEYBOARD_RESET_PINsoc/amd/cezannebool Instruct the SoC to not use the state of GPIO_129 as keyboard reset
signal. When this pin is used as GPIO and the keyboard reset
functionality isn't disabled, configuring it as an output and driving
it as 0 will cause a reset.

Menu: PSP Configuration Options
PSP_DISABLE_POSTCODESsoc/amd/cezanneboolDisable PSP post codes Disables the output of port80 post codes from PSP.

PSP_POSTCODES_ON_ESPIsoc/amd/cezanneboolUse eSPI bus for PSP post codes Select to send PSP port80 post codes on eSPI bus.
If not selected, PSP port80 codes will be sent on LPC bus.

PSP_INIT_ESPIsoc/amd/cezanneboolInitialize eSPI in PSP Stage 2 Boot Loader Select to initialize the eSPI controller in the PSP Stage 2 Boot
Loader.

PSP_LOAD_MP2_FWsoc/amd/cezannebool Include the MP2 firmwares and configuration into the PSP build.

If unsure, answer 'n'

PSP_UNLOCK_SECURE_DEBUGsoc/amd/cezanneboolUnlock secure debug Select this item to enable secure debug options in PSP.

HAVE_PSP_WHITELIST_FILEsoc/amd/cezanneboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
serial number. This feature requires a signed whitelist image
and bootloader from AMD.

If unsure, answer 'n'

PERFORM_SPL_FUSINGsoc/amd/cezanneboolSend SPL fuse command to PSP Send the Security Patch Level (SPL) fusing command to the PSP in
order to update the minimum SPL version to be written to the SoC's
fuse bits. This will prevent using any embedded firmware components
with lower SPL version.

If unsure, answer 'n'

SPL_TABLE_FILEsoc/amd/cezannestringSPL table file override Provide a mainboard-specific Security Patch Level (SPL) table file
override. The SPL file is required to support PSP FW anti-rollback
and needs to be created by AMD. The default SPL file specified in the
SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule
and applies to all boards that use the SoC without verstage on PSP.
In the verstage on PSP case, a different SPL file is specific as an
override via this Kconfig option.

PSP_SOFTFUSE_BITSsoc/amd/cezannestringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 7: Disable PSP postcodes on Renoir and newer chips only
(Set by PSP_DISABLE_PORT80)
Bit 15: PSP post code destination: 0=LPC 1=eSPI
(Set by PSP_INITIALIZE_ESPI)
Bit 29: Disable MP2 firmware loading (Set by PSP_LOAD_MP2_FW)

See #55758 (NDA) for additional bit definitions.

PSP_VERSTAGE_FILEsoc/amd/cezannestringSpecify the PSP_verstage file path Add psp_verstage file to the build & PSP Directory Table

PSP_VERSTAGE_SIGNING_TOKENsoc/amd/cezannestringSpecify the PSP_verstage Signature Token file path Add psp_verstage signature token to the build & PSP Directory Table

VBOOT_STARTS_BEFORE_BOOTBLOCKsoc/amd/cezannestring Runs verstage on the PSP. Only available on
certain ChromeOS branded parts from AMD.

VBOOT_HASH_BLOCK_SIZEsoc/amd/cezannehex Because the bulk of the time in psp_verstage to hash the RO cbfs is
spent in the overhead of doing svc calls, increasing the hash block
size significantly cuts the verstage hashing time as seen below.

4k takes 180ms
16k takes 44ms
32k takes 33.7ms
36k takes 32.5ms
There's actually still room for an even bigger stack, but we've
reached a point of diminishing returns.

CMOS_RECOVERY_BYTEsoc/amd/cezannehex If the workbuf is not passed from the PSP to coreboot, set the
recovery flag and reboot. The PSP will read this byte, mark the
recovery request in VBNV, and reset the system into recovery mode.

This is the byte before the default first byte used by VBNV
(0x26 + 0x0E - 1)

RWA_REGION_ONLYsoc/amd/cezannestring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsoc/amd/cezannestring Add a space-delimited list of filenames that should only be in the
RW-B section.

SOC_AMD_STONEYRIDGEsoc/amd/stoneyridgebool AMD support for SOCs in Family 15h Models 60h-6Fh and Models 70h-7Fh.

AMD_APU_STONEYRIDGEsoc/amd/stoneyridgebool AMD Stoney Ridge APU

AMD_APU_PRAIRIEFALCONsoc/amd/stoneyridgebool AMD Embedded Prairie Falcon APU

AMD_APU_MERLINFALCONsoc/amd/stoneyridgebool AMD Embedded Merlin Falcon APU

AMD_APU_PKG_FP4soc/amd/stoneyridgebool AMD FP4 package

AMD_APU_PKG_FT4soc/amd/stoneyridgebool AMD FT4 package

DCACHE_BSP_STACK_SIZEsoc/amd/stoneyridgehex The amount of anticipated stack usage in CAR by bootblock and
other stages.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/stoneyridgehex Increase this value if preram cbmem console is getting truncated

BOTTOMIO_POSITIONsoc/amd/stoneyridgehexBottom of 32-bit IO space If PCI peripherals with big BARs are connected to the system
the bottom of the IO must be decreased to allocate such
devices.

Declare the beginning of the 128MB-aligned MMIO region. This
option is useful when PCI peripherals requesting large address
ranges are present.

VGA_BIOS_IDsoc/amd/stoneyridgestring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in northbridge.c.

STONEYRIDGE_XHCI_ENABLEsoc/amd/stoneyridgeboolEnable Stoney Ridge XHCI Controller The XHCI controller must be enabled and the XHCI firmware
must be added in order to have USB 3.0 support configured
by coreboot. The OS will be responsible for enabling the XHCI
controller if the XHCI firmware is available but the
XHCI controller is not enabled by coreboot.

STONEYRIDGE_XHCI_FWMsoc/amd/stoneyridgeboolAdd xhci firmware Add Stoney Ridge XHCI Firmware to support the onboard USB 3.0

STONEYRIDGE_GEC_FWMsoc/amd/stoneyridgebool Add Stoney Ridge GEC Firmware to support the onboard gigabit Ethernet MAC.
Must be connected to a Broadcom B50610 or B50610M PHY on the motherboard.

STONEYRIDGE_SATA_MODEsoc/amd/stoneyridgeintSATA Mode Select the mode in which SATA should be driven.
The default is NATIVE.
0: NATIVE mode does not require a ROM.
2: AHCI may work with or without AHCI ROM. It depends on the payload support.
For example, seabios does not require the AHCI ROM.
3: LEGACY IDE
4: IDE to AHCI
5: AHCI7804: ROM Required, and AMD driver required in the OS.
6: IDE to AHCI7804: ROM Required, and AMD driver required in the OS.

soc/amd/stoneyridge(comment)NATIVE
soc/amd/stoneyridge(comment)AHCI
soc/amd/stoneyridge(comment)LEGACY IDE
soc/amd/stoneyridge(comment)IDE to AHCI
soc/amd/stoneyridge(comment)AHCI7804
soc/amd/stoneyridge(comment)IDE to AHCI7804
STONEYRIDGE_LEGACY_FREEsoc/amd/stoneyridgeboolSystem is legacy free Select y if there is no keyboard controller in the system.
This sets variables in AGESA and ACPI.

SERIRQ_CONTINUOUS_MODEsoc/amd/stoneyridgebool Set this option to y for serial IRQ in continuous mode.
Otherwise it is in quiet mode.

ACPI_BERTsoc/amd/stoneyridgeboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table. This option reserves an 8MB region
for building the error structures.

USE_PSPSECUREOSsoc/amd/stoneyridgeboolInclude PSP SecureOS blobs in AMD firmware Include the PspSecureOs, PspTrustlet and TrustletKey binaries
in the amdfw section.

If unsure, answer 'y'

SOC_AMD_PSP_SELECTABLE_SMU_FWsoc/amd/stoneyridgebool Some ST implementations allow storing SMU firmware into cbfs and
calling the PSP to load the blobs at the proper time.

Merlin Falcon does not support it. If you are using 00670F00 SOC,
ask your AMD representative if it supports it or not.

AMDFW_OUTSIDE_CBFSsoc/amd/stoneyridgeboolThe AMD firmware is outside CBFS The AMDFW (PSP) is typically locatable in cbfs. Select this
option to manually attach the generated amdfw.rom outside of
cbfs. The location is selected by the FWM position.

DISABLE_KEYBOARD_RESET_PINsoc/amd/stoneyridgebool Instruct the SoC to not use the state of GPIO_129 as keyboard reset
signal. When this pin is used as GPIO and the keyboard reset
functionality isn't disabled, configuring it as an output and driving
it as 0 will cause a reset.

ACPI_BERT_SIZEsoc/amd/stoneyridgehex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

SOC_AMD_PICASSOsoc/amd/picassobool AMD Picasso support

FSP_M_FILEsoc/amd/picassostringFSP-M (memory init) binary path and filename The path and filename of the FSP-M binary for this platform.

FSP_S_FILEsoc/amd/picassostringFSP-S (silicon init) binary path and filename The path and filename of the FSP-S binary for this platform.

EARLY_RESERVED_DRAM_BASEsoc/amd/picassohex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/picassohex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PSP_SHAREDMEM_BASEsoc/amd/picassohex This variable defines the base address in DRAM memory where PSP copies
the vboot workbuf. This is used in the linker script to have a static
allocation for the buffer as well as for adding relevant entries in
the BIOS directory table for the PSP.

PSP_SHAREDMEM_SIZEsoc/amd/picassohex Sets the maximum size for the PSP to pass the vboot workbuf and
any logs or timestamps back to coreboot. This will be copied
into main memory by the PSP and will be available when the x86 is
started. The workbuf's base depends on the address of the reset
vector.

PRE_X86_CBMEM_CONSOLE_SIZEsoc/amd/picassohex Size of the CBMEM console used in PSP verstage.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/picassohex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/picassohex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/picassohex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/picassohex Sets the size of DRAM allocation for romstage in linker script.

FSP_M_ADDRsoc/amd/picassohex Sets the address in DRAM where FSP-M should be loaded. cbfstool
performs relocation of FSP-M to this address.

FSP_M_SIZEsoc/amd/picassohex Sets the size of DRAM allocation for FSP-M in linker script.

VERSTAGE_ADDRsoc/amd/picassohex Sets the address in DRAM where verstage should be loaded if running
as a separate stage on x86.

VERSTAGE_SIZEsoc/amd/picassohex Sets the size of DRAM allocation for verstage in linker script if
running as a separate stage on x86.

MAX_CPUSsoc/amd/picassoint Maximum number of threads the platform can have.

VGA_BIOS_IDsoc/amd/picassostring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev_rev() function in graphics.c.

VGA_BIOS_SECOND_IDsoc/amd/picassostring Some Dali and all Pollock APUs need a different VBIOS than some other
Dali and all Picasso APUs, but don't always have a different PCI
vendor/device IDs, so we need an alternate method to determine the
correct video BIOS. In map_oprom_vendev_rev(), we look at the return
value of soc_is_raven2() and decide which rom to load.

CHECK_REV_IN_OPROM_NAMEsoc/amd/picassobool Select this in the platform BIOS or chipset if the option rom has a
revision that needs to be checked when searching CBFS.

SERIRQ_CONTINUOUS_MODEsoc/amd/picassobool Set this option to y for serial IRQ in continuous mode.
Otherwise it is in quiet mode.

ACPI_BERTsoc/amd/picassoboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table.

ACPI_BERT_SIZEsoc/amd/picassohex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

DISABLE_SPI_FLASH_ROM_SHARINGsoc/amd/picassoint Instruct the chipset to not honor the EGPIO67_SPI_ROM_REQ pin
which indicates a board level ROM transaction request. This
removes arbitration with board and assumes the chipset controls
the SPI flash bus entirely.

DISABLE_KEYBOARD_RESET_PINsoc/amd/picassobool Instruct the SoC to not use the state of GPIO_129 as keyboard reset
signal. When this pin is used as GPIO and the keyboard reset
functionality isn't disabled, configuring it as an output and driving
it as 0 will cause a reset.

FSP_TEMP_RAM_SIZEsoc/amd/picassohex The amount of coreboot-allocated heap and stack usage by the FSP.

Menu: PSP Configuration Options
PSP_LOAD_MP2_FWsoc/amd/picassobool Include the MP2 firmwares and configuration into the PSP build.

If unsure, answer 'n'

PSP_LOAD_S0I3_FWsoc/amd/picassobool Select this item to include the S0i3 file into the PSP build.

HAVE_PSP_WHITELIST_FILEsoc/amd/picassoboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
number? This feature requires a signed whitelist image and
bootloader from AMD.

If unsure, answer 'n'

PSP_UNLOCK_SECURE_DEBUGsoc/amd/picassoboolUnlock secure debug Select this item to enable secure debug options in PSP.

PSP_VERSTAGE_FILEsoc/amd/picassostringSpecify the PSP_verstage file path Add psp_verstage file to the build & PSP Directory Table

PSP_VERSTAGE_SIGNING_TOKENsoc/amd/picassostringSpecify the PSP_verstage Signature Token file path Add psp_verstage signature token to the build & PSP Directory Table

PSP_SOFTFUSE_BITSsoc/amd/picassostringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 15: PSP post code destination: 0=LPC 1=eSPI
Bit 29: Disable MP2 firmware loading (Set by PSP_LOAD_MP2_FW)

See #55758 (NDA) for additional bit definitions.

VBOOT_STARTS_BEFORE_BOOTBLOCKsoc/amd/picassostring Runs verstage on the PSP. Only available on
certain ChromeOS branded parts from AMD.

VBOOT_HASH_BLOCK_SIZEsoc/amd/picassohex Because the bulk of the time in psp_verstage to hash the RO cbfs is
spent in the overhead of doing svc calls, increasing the hash block
size significantly cuts the verstage hashing time as seen below.

4k takes 180ms
16k takes 44ms
32k takes 33.7ms
36k takes 32.5ms
There's actually still room for an even bigger stack, but we've
reached a point of diminishing returns.

CMOS_RECOVERY_BYTEsoc/amd/picassohex If the workbuf is not passed from the PSP to coreboot, set the
recovery flag and reboot. The PSP will read this byte, mark the
recovery request in VBNV, and reset the system into recovery mode.

This is the byte before the default first byte used by VBNV
(0x26 + 0x0E - 1)

RWA_REGION_ONLYsoc/amd/picassostring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsoc/amd/picassostring Add a space-delimited list of filenames that should only be in the
RW-B section.

SOC_AMD_MENDOCINOsoc/amd/mendocinobool AMD Mendocino support

SOC_AMD_REMBRANDTsoc/amd/mendocinobool AMD Rembrandt support


FSP_M_FILEsoc/amd/mendocinostringFSP-M (memory init) binary path and filename The path and filename of the FSP-M binary for this platform.

FSP_S_FILEsoc/amd/mendocinostringFSP-S (silicon init) binary path and filename The path and filename of the FSP-S binary for this platform.

EARLY_RESERVED_DRAM_BASEsoc/amd/mendocinohex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/mendocinohex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PSP_SHAREDMEM_BASEsoc/amd/mendocinohex This variable defines the base address in DRAM memory where PSP copies
the vboot workbuf. This is used in the linker script to have a static
allocation for the buffer as well as for adding relevant entries in
the BIOS directory table for the PSP.

PSP_SHAREDMEM_SIZEsoc/amd/mendocinohex Sets the maximum size for the PSP to pass the vboot workbuf and
any logs or timestamps back to coreboot. This will be copied
into main memory by the PSP and will be available when the x86 is
started. The workbuf's base depends on the address of the reset
vector.

PRE_X86_CBMEM_CONSOLE_SIZEsoc/amd/mendocinohex Size of the CBMEM console used in PSP verstage.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/mendocinohex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/mendocinohex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/mendocinohex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/mendocinohex Sets the size of DRAM allocation for romstage in linker script.

FSP_M_ADDRsoc/amd/mendocinohex Sets the address in DRAM where FSP-M should be loaded. cbfstool
performs relocation of FSP-M to this address.

FSP_M_SIZEsoc/amd/mendocinohex Sets the size of DRAM allocation for FSP-M in linker script.

FSP_TEMP_RAM_SIZEsoc/amd/mendocinohex The amount of coreboot-allocated heap and stack usage by the FSP.

VERSTAGE_ADDRsoc/amd/mendocinohex Sets the address in DRAM where verstage should be loaded if running
as a separate stage on x86.

VERSTAGE_SIZEsoc/amd/mendocinohex Sets the size of DRAM allocation for verstage in linker script if
running as a separate stage on x86.

ASYNC_FILE_LOADINGsoc/amd/mendocinoboolLoads files from SPI asynchronously When enabled, the platform will use the LPC SPI DMA controller to
asynchronously load contents from the SPI ROM. This will improve
boot time because the CPUs can be performing useful work while the
SPI contents are being preloaded.

MAX_CPUSsoc/amd/mendocinoint Maximum number of threads the platform can have.

VGA_BIOS_IDsoc/amd/mendocinostring The default VGA BIOS PCI vendor/device ID of the GPU and VBIOS.

ACPI_BERTsoc/amd/mendocinoboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table.

ACPI_BERT_SIZEsoc/amd/mendocinohex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

DISABLE_SPI_FLASH_ROM_SHARINGsoc/amd/mendocinoint Instruct the chipset to not honor the EGPIO67_SPI_ROM_REQ pin
which indicates a board level ROM transaction request. This
removes arbitration with board and assumes the chipset controls
the SPI flash bus entirely.

DISABLE_KEYBOARD_RESET_PINsoc/amd/mendocinobool Instruct the SoC to not to reset based on the state of GPIO_21, KBDRST_L.

FEATURE_DYNAMIC_DPTCsoc/amd/mendocinobool Selected by mainboards that implement support for ALIB
to enable dynamic DPTC.

FEATURE_TABLET_MODE_DPTCsoc/amd/mendocinobool Selected by mainboards that implement support for ALIB to
switch default and tablet mode.

Menu: PSP Configuration Options
AMDFW_CONFIG_FILEsoc/amd/mendocinostringAMD PSP Firmware config file Specify the path/location of AMD PSP Firmware config file.

PSP_DISABLE_POSTCODESsoc/amd/mendocinoboolDisable PSP post codes Disables the output of port80 post codes from PSP.

PSP_POSTCODES_ON_ESPIsoc/amd/mendocinoboolUse eSPI bus for PSP post codes Select to send PSP port80 post codes on eSPI bus.
If not selected, PSP port80 codes will be sent on LPC bus.

PSP_LOAD_MP2_FWsoc/amd/mendocinobool Include the MP2 firmwares and configuration into the PSP build.

If unsure, answer 'n'

PSP_UNLOCK_SECURE_DEBUGsoc/amd/mendocinoboolUnlock secure debug Select this item to enable secure debug options in PSP.

HAVE_PSP_WHITELIST_FILEsoc/amd/mendocinoboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
serial number. This feature requires a signed whitelist image
and bootloader from AMD.

If unsure, answer 'n'

PERFORM_SPL_FUSINGsoc/amd/mendocinoboolSend SPL fuse command to PSP Send the Security Patch Level (SPL) fusing command to the PSP in
order to update the minimum SPL version to be written to the SoC's
fuse bits. This will prevent using any embedded firmware components
with lower SPL version.

If unsure, answer 'n'

SPL_TABLE_FILEsoc/amd/mendocinostringSPL table file override Provide a mainboard-specific Security Patch Level (SPL) table file
override. The SPL file is required to support PSP FW anti-rollback
and needs to be created by AMD. The default SPL file specified in the
SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule
and applies to all boards that use the SoC without verstage on PSP.
In the verstage on PSP case, a different SPL file is specific as an
override via this Kconfig option.

HAVE_SPL_RW_AB_FILEsoc/amd/mendocinoboolHave a separate mainboard-specific SPL file in RW A/B partitions Have separate mainboard-specific Security Patch Level (SPL) table
file for the RW A/B FMAP partitions.

PSP_SOFTFUSE_BITSsoc/amd/mendocinostringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 7: Disable PSP postcodes on Renoir and newer chips only
(Set by PSP_DISABLE_PORT80)
Bit 15: PSP debug output destination:
0=SoC MMIO UART, 1=IO port 0x3F8
Bit 29: Disable MP2 firmware loading (Set by PSP_LOAD_MP2_FW)

See #55758 (NDA) for additional bit definitions.

PSP_VERSTAGE_FILEsoc/amd/mendocinostringSpecify the PSP_verstage file path Add psp_verstage file to the build & PSP Directory Table

PSP_VERSTAGE_SIGNING_TOKENsoc/amd/mendocinostringSpecify the PSP_verstage Signature Token file path Add psp_verstage signature token to the build & PSP Directory Table

VBOOT_STARTS_BEFORE_BOOTBLOCKsoc/amd/mendocinostring Runs verstage on the PSP. Only available on
certain ChromeOS branded parts from AMD.

VBOOT_HASH_BLOCK_SIZEsoc/amd/mendocinohex Because the bulk of the time in psp_verstage to hash the RO cbfs is
spent in the overhead of doing svc calls, increasing the hash block
size significantly cuts the verstage hashing time as seen below.

4k takes 180ms
16k takes 44ms
32k takes 33.7ms
36k takes 32.5ms
There's actually still room for an even bigger stack, but we've
reached a point of diminishing returns.

CMOS_RECOVERY_BYTEsoc/amd/mendocinohex If the workbuf is not passed from the PSP to coreboot, set the
recovery flag and reboot. The PSP will read this byte, mark the
recovery request in VBNV, and reset the system into recovery mode.

This is the byte before the default first byte used by VBNV
(0x26 + 0x0E - 1)

RWA_REGION_ONLYsoc/amd/mendocinostring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsoc/amd/mendocinostring Add a space-delimited list of filenames that should only be in the
RW-B section.

SOC_AMD_PHOENIXsoc/amd/phoenixbool AMD Phoenix support

EARLY_RESERVED_DRAM_BASEsoc/amd/phoenixhex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/phoenixhex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PSP_SHAREDMEM_BASEsoc/amd/phoenixhex This variable defines the base address in DRAM memory where PSP copies
the vboot workbuf. This is used in the linker script to have a static
allocation for the buffer as well as for adding relevant entries in
the BIOS directory table for the PSP.

PSP_SHAREDMEM_SIZEsoc/amd/phoenixhex Sets the maximum size for the PSP to pass the vboot workbuf and
any logs or timestamps back to coreboot. This will be copied
into main memory by the PSP and will be available when the x86 is
started. The workbuf's base depends on the address of the reset
vector.

PRE_X86_CBMEM_CONSOLE_SIZEsoc/amd/phoenixhex Size of the CBMEM console used in PSP verstage.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/phoenixhex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/phoenixhex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/phoenixhex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/phoenixhex Sets the size of DRAM allocation for romstage in linker script.

FSP_M_ADDRsoc/amd/phoenixhex Sets the address in DRAM where FSP-M should be loaded. cbfstool
performs relocation of FSP-M to this address.

FSP_M_SIZEsoc/amd/phoenixhex Sets the size of DRAM allocation for FSP-M in linker script.

FSP_TEMP_RAM_SIZEsoc/amd/phoenixhex The amount of coreboot-allocated heap and stack usage by the FSP.

VERSTAGE_ADDRsoc/amd/phoenixhex Sets the address in DRAM where verstage should be loaded if running
as a separate stage on x86.

VERSTAGE_SIZEsoc/amd/phoenixhex Sets the size of DRAM allocation for verstage in linker script if
running as a separate stage on x86.

ASYNC_FILE_LOADINGsoc/amd/phoenixboolLoads files from SPI asynchronously When enabled, the platform will use the LPC SPI DMA controller to
asynchronously load contents from the SPI ROM. This will improve
boot time because the CPUs can be performing useful work while the
SPI contents are being preloaded.

MAX_CPUSsoc/amd/phoenixint Maximum number of threads the platform can have.

VGA_BIOS_IDsoc/amd/phoenixstring The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in graphics.c.

ACPI_BERTsoc/amd/phoenixboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table.

ACPI_BERT_SIZEsoc/amd/phoenixhex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

DISABLE_SPI_FLASH_ROM_SHARINGsoc/amd/phoenixint Instruct the chipset to not honor the EGPIO67_SPI_ROM_REQ pin
which indicates a board level ROM transaction request. This
removes arbitration with board and assumes the chipset controls
the SPI flash bus entirely.

DISABLE_KEYBOARD_RESET_PINsoc/amd/phoenixbool Instruct the SoC to not to reset based on the state of GPIO_21, KBDRST_L.

Menu: PSP Configuration Options
AMDFW_CONFIG_FILEsoc/amd/phoenixstringAMD PSP Firmware config file Specify the path/location of AMD PSP Firmware config file.

PSP_DISABLE_POSTCODESsoc/amd/phoenixboolDisable PSP post codes Disables the output of port80 post codes from PSP.

PSP_POSTCODES_ON_ESPIsoc/amd/phoenixboolUse eSPI bus for PSP post codes Select to send PSP port80 post codes on eSPI bus.
If not selected, PSP port80 codes will be sent on LPC bus.

PSP_LOAD_MP2_FWsoc/amd/phoenixbool Include the MP2 firmwares and configuration into the PSP build.

If unsure, answer 'n'

PSP_UNLOCK_SECURE_DEBUGsoc/amd/phoenixboolUnlock secure debug Select this item to enable secure debug options in PSP.

HAVE_PSP_WHITELIST_FILEsoc/amd/phoenixboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
serial number. This feature requires a signed whitelist image
and bootloader from AMD.

If unsure, answer 'n'

PERFORM_SPL_FUSINGsoc/amd/phoenixboolSend SPL fuse command to PSP Send the Security Patch Level (SPL) fusing command to the PSP in
order to update the minimum SPL version to be written to the SoC's
fuse bits. This will prevent using any embedded firmware components
with lower SPL version.

If unsure, answer 'n'

SPL_TABLE_FILEsoc/amd/phoenixstringSPL table file override Provide a mainboard-specific Security Patch Level (SPL) table file
override. The SPL file is required to support PSP FW anti-rollback
and needs to be created by AMD. The default SPL file specified in the
SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule
and applies to all boards that use the SoC without verstage on PSP.
In the verstage on PSP case, a different SPL file is specific as an
override via this Kconfig option.

HAVE_SPL_RW_AB_FILEsoc/amd/phoenixboolHave a separate mainboard-specific SPL file in RW A/B partitions Have separate mainboard-specific Security Patch Level (SPL) table
file for the RW A/B FMAP partitions.

PSP_SOFTFUSE_BITSsoc/amd/phoenixstringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 7: Disable PSP postcodes on Renoir and newer chips only
(Set by PSP_DISABLE_PORT80)
Bit 15: PSP debug output destination:
0=SoC MMIO UART, 1=IO port 0x3F8
Bit 29: Disable MP2 firmware loading (Set by PSP_LOAD_MP2_FW)

See #55758 (NDA) for additional bit definitions.

PSP_VERSTAGE_FILEsoc/amd/phoenixstringSpecify the PSP_verstage file path Add psp_verstage file to the build & PSP Directory Table

PSP_VERSTAGE_SIGNING_TOKENsoc/amd/phoenixstringSpecify the PSP_verstage Signature Token file path Add psp_verstage signature token to the build & PSP Directory Table

VBOOT_STARTS_BEFORE_BOOTBLOCKsoc/amd/phoenixstring Runs verstage on the PSP. Only available on
certain ChromeOS branded parts from AMD.

VBOOT_HASH_BLOCK_SIZEsoc/amd/phoenixhex Because the bulk of the time in psp_verstage to hash the RO cbfs is
spent in the overhead of doing svc calls, increasing the hash block
size significantly cuts the verstage hashing time as seen below.

4k takes 180ms
16k takes 44ms
32k takes 33.7ms
36k takes 32.5ms
There's actually still room for an even bigger stack, but we've
reached a point of diminishing returns.

CMOS_RECOVERY_BYTEsoc/amd/phoenixhex If the workbuf is not passed from the PSP to coreboot, set the
recovery flag and reboot. The PSP will read this byte, mark the
recovery request in VBNV, and reset the system into recovery mode.

This is the byte before the default first byte used by VBNV
(0x26 + 0x0E - 1)

RWA_REGION_ONLYsoc/amd/phoenixstring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsoc/amd/phoenixstring Add a space-delimited list of filenames that should only be in the
RW-B section.

SOC_AMD_GLINDAsoc/amd/glindabool AMD Glinda support

EARLY_RESERVED_DRAM_BASEsoc/amd/glindahex This variable defines the base address of the DRAM which is reserved
for usage by coreboot in early stages (i.e. before ramstage is up).
This memory gets reserved in BIOS tables to ensure that the OS does
not use it, thus preventing corruption of OS memory in case of S3
resume.

PSP_APOB_DRAM_ADDRESSsoc/amd/glindahex Location in DRAM where the PSP will copy the AGESA PSP Output
Block.

PSP_SHAREDMEM_BASEsoc/amd/glindahex This variable defines the base address in DRAM memory where PSP copies
the vboot workbuf. This is used in the linker script to have a static
allocation for the buffer as well as for adding relevant entries in
the BIOS directory table for the PSP.

PSP_SHAREDMEM_SIZEsoc/amd/glindahex Sets the maximum size for the PSP to pass the vboot workbuf and
any logs or timestamps back to coreboot. This will be copied
into main memory by the PSP and will be available when the x86 is
started. The workbuf's base depends on the address of the reset
vector.

PRE_X86_CBMEM_CONSOLE_SIZEsoc/amd/glindahex Size of the CBMEM console used in PSP verstage.

PRERAM_CBMEM_CONSOLE_SIZEsoc/amd/glindahex Increase this value if preram cbmem console is getting truncated

C_ENV_BOOTBLOCK_SIZEsoc/amd/glindahex Sets the size of the bootblock stage that should be loaded in DRAM.
This variable controls the DRAM allocation size in linker script
for bootblock stage.

ROMSTAGE_ADDRsoc/amd/glindahex Sets the address in DRAM where romstage should be loaded.

ROMSTAGE_SIZEsoc/amd/glindahex Sets the size of DRAM allocation for romstage in linker script.

FSP_M_ADDRsoc/amd/glindahex Sets the address in DRAM where FSP-M should be loaded. cbfstool
performs relocation of FSP-M to this address.

FSP_M_SIZEsoc/amd/glindahex Sets the size of DRAM allocation for FSP-M in linker script.

FSP_TEMP_RAM_SIZEsoc/amd/glindahex The amount of coreboot-allocated heap and stack usage by the FSP.

VERSTAGE_ADDRsoc/amd/glindahex Sets the address in DRAM where verstage should be loaded if running
as a separate stage on x86.

VERSTAGE_SIZEsoc/amd/glindahex Sets the size of DRAM allocation for verstage in linker script if
running as a separate stage on x86.

ASYNC_FILE_LOADINGsoc/amd/glindaboolLoads files from SPI asynchronously When enabled, the platform will use the LPC SPI DMA controller to
asynchronously load contents from the SPI ROM. This will improve
boot time because the CPUs can be performing useful work while the
SPI contents are being preloaded.

MAX_CPUSsoc/amd/glindaint Maximum number of threads the platform can have.

ACPI_BERTsoc/amd/glindaboolBuild ACPI BERT Table Report Machine Check errors identified in POST to the OS in an
ACPI Boot Error Record Table.

ACPI_BERT_SIZEsoc/amd/glindahex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

DISABLE_SPI_FLASH_ROM_SHARINGsoc/amd/glindaint Instruct the chipset to not honor the EGPIO67_SPI_ROM_REQ pin
which indicates a board level ROM transaction request. This
removes arbitration with board and assumes the chipset controls
the SPI flash bus entirely.

DISABLE_KEYBOARD_RESET_PINsoc/amd/glindabool Instruct the SoC to not to reset based on the state of GPIO_21, KBDRST_L.

Menu: PSP Configuration Options
AMDFW_CONFIG_FILEsoc/amd/glindastringAMD PSP Firmware config file Specify the path/location of AMD PSP Firmware config file.

PSP_DISABLE_POSTCODESsoc/amd/glindaboolDisable PSP post codes Disables the output of port80 post codes from PSP.

PSP_POSTCODES_ON_ESPIsoc/amd/glindaboolUse eSPI bus for PSP post codes Select to send PSP port80 post codes on eSPI bus.
If not selected, PSP port80 codes will be sent on LPC bus.

PSP_LOAD_MP2_FWsoc/amd/glindabool Include the MP2 firmwares and configuration into the PSP build.

If unsure, answer 'n'

PSP_UNLOCK_SECURE_DEBUGsoc/amd/glindaboolUnlock secure debug Select this item to enable secure debug options in PSP.

HAVE_PSP_WHITELIST_FILEsoc/amd/glindaboolInclude a debug whitelist file in PSP build Support secured unlock prior to reset using a whitelisted
serial number. This feature requires a signed whitelist image
and bootloader from AMD.

If unsure, answer 'n'

PERFORM_SPL_FUSINGsoc/amd/glindaboolSend SPL fuse command to PSP Send the Security Patch Level (SPL) fusing command to the PSP in
order to update the minimum SPL version to be written to the SoC's
fuse bits. This will prevent using any embedded firmware components
with lower SPL version.

If unsure, answer 'n'

SPL_TABLE_FILEsoc/amd/glindastringSPL table file override Provide a mainboard-specific Security Patch Level (SPL) table file
override. The SPL file is required to support PSP FW anti-rollback
and needs to be created by AMD. The default SPL file specified in the
SoC's fw.cfg is in the corresponding folder of the amd_blobs submodule
and applies to all boards that use the SoC without verstage on PSP.
In the verstage on PSP case, a different SPL file is specific as an
override via this Kconfig option.

HAVE_SPL_RW_AB_FILEsoc/amd/glindaboolHave a separate mainboard-specific SPL file in RW A/B partitions Have separate mainboard-specific Security Patch Level (SPL) table
file for the RW A/B FMAP partitions.

PSP_SOFTFUSE_BITSsoc/amd/glindastringPSP Soft Fuse bits to enable Space separated list of Soft Fuse bits to enable.
Bit 0: Enable secure debug (Set by PSP_UNLOCK_SECURE_DEBUG)
Bit 7: Disable PSP postcodes on Renoir and newer chips only
(Set by PSP_DISABLE_PORT80)
Bit 15: PSP debug output destination:
0=SoC MMIO UART, 1=IO port 0x3F8
Bit 29: Disable MP2 firmware loading (Set by PSP_LOAD_MP2_FW)

See #55758 (NDA) for additional bit definitions.

PSP_VERSTAGE_FILEsoc/amd/glindastringSpecify the PSP_verstage file path Add psp_verstage file to the build & PSP Directory Table

PSP_VERSTAGE_SIGNING_TOKENsoc/amd/glindastringSpecify the PSP_verstage Signature Token file path Add psp_verstage signature token to the build & PSP Directory Table

VBOOT_STARTS_BEFORE_BOOTBLOCKsoc/amd/glindastring Runs verstage on the PSP. Only available on
certain ChromeOS branded parts from AMD.

VBOOT_HASH_BLOCK_SIZEsoc/amd/glindahex Because the bulk of the time in psp_verstage to hash the RO cbfs is
spent in the overhead of doing svc calls, increasing the hash block
size significantly cuts the verstage hashing time as seen below.

4k takes 180ms
16k takes 44ms
32k takes 33.7ms
36k takes 32.5ms
There's actually still room for an even bigger stack, but we've
reached a point of diminishing returns.

CMOS_RECOVERY_BYTEsoc/amd/glindahex If the workbuf is not passed from the PSP to coreboot, set the
recovery flag and reboot. The PSP will read this byte, mark the
recovery request in VBNV, and reset the system into recovery mode.

This is the byte before the default first byte used by VBNV
(0x26 + 0x0E - 1)

RWA_REGION_ONLYsoc/amd/glindastring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsoc/amd/glindastring Add a space-delimited list of filenames that should only be in the
RW-B section.

SOC_INTEL_ELKHARTLAKEsoc/intel/elkhartlakebool Intel Elkhartlake support

DCACHE_RAM_SIZEsoc/intel/elkhartlakeint The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/elkhartlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value will be
sum of FSP-M stack requirement (192KiB) and CB romstage stack requirement (~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/elkhartlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

PCR_BASE_ADDRESSsoc/intel/elkhartlakehex This option allows you to select MMIO Base Address of sideband bus.

PSE_ENABLEsoc/intel/elkhartlakeboolEnable PSE ARM controller Enable PSE IP. The PSE describes the integrated programmable
service engine that is designed together with x86 Atom cores
as an Asymmetric Multi-Processing (AMP) system.

ADD_PSE_IMAGE_TO_CBFSsoc/intel/elkhartlakeboolAdd PSE Firmware to CBFS PSE FW binary is required to use PSE dedicated peripherals from
x86 subsystem. Once PSE is enabled, the FW will be loaded from
CBFS by FSP and executed.

PSE_IMAGE_FILEsoc/intel/elkhartlakestringPSE binary path and filename The path and filename of the PSE binary.

PSE_FW_FILE_SIZE_KIBsoc/intel/elkhartlakehexMemory buffer (KiB) for PSE FW image It is recommended to allocate at least 512 KiB for PSE FW.

PSE_CONFIG_BUFFER_SIZE_KIBsoc/intel/elkhartlakehexMemory buffer (KiB) for PSE config data It is recommended to allocate at least 256 KiB for PSE config
data (FSP will append PSE config data to memory region right
after PSE FW memory region).

EHL_TSN_DRIVERsoc/intel/elkhartlakebool Enable TSN GbE driver to provide board specific settings in the GBE MAC.
As an example of a possible change, the MAC address could be adjusted.

SOC_INTEL_ELKHARTLAKE_DEBUG_CONSENTsoc/intel/elkhartlakeintDebug Consent for EHL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

Desired platform debug type are
0:Disabled, 1:Enabled (DCI OOB+[DbC]), 2:Enabled (DCI OOB),
3:Enabled (USB3 DbC), 4:Enabled (XDP/MIPI60), 5:Enabled (USB2 DbC),
6:Enable (2-wire DCI OOB), 7:Manual

SOC_INTEL_ELKHARTLAKE_TCO_NO_REBOOT_ENsoc/intel/elkhartlakeboolDisable reset on second TCO expiration Setting this option will prevent a host reset if the TCO timer expires
for the second time. Since this feature is not exposed to the OS in the
standard TCO interface, this setting can be enabled on firmware level.
This might be useful depending on the TCO policy.

SOC_INTEL_SAPPHIRERAPIDS_SPsoc/intel/xeon_sp/sprbool Intel Sapphire Rapids-SP support

PCR_BASE_ADDRESSsoc/intel/xeon_sp/sprhex This option allows you to select MMIO Base Address of sideband bus.

DCACHE_RAM_SIZEsoc/intel/xeon_sp/sprhex The size of the cache-as-ram region required during bootblock
and/or romstage. FSP-T reserves the upper 0x100 for
FspReservedBuffer.

DCACHE_BSP_STACK_SIZEsoc/intel/xeon_sp/sprhex The amount of anticipated stack usage in CAR by bootblock and
other stages. It needs to include FSP-M stack requirement and
CB romstage stack requirement. The integration documentation
says this needs to be 256KiB.

FSP_M_RC_HEAP_SIZEsoc/intel/xeon_sp/sprhex On xeon_sp/spr FSP-M has two separate heap managers, one regular
whose size and base are controllable via the StackBase and
StackSize UPDs and a 'rc' heap manager that is statically
allocated at 0xfe800000 (the CAR base) and consumes about 0x150000
bytes of memory.

FSP_TEMP_RAM_SIZEsoc/intel/xeon_sp/sprhex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup. The FSP integration
documentation says this needs to be at least 128KiB, but practice
show this needs to be 256KiB or more.

INTEL_TXT_SINIT_SIZEsoc/intel/xeon_sp/sprhex According to document number 572782 this needs to be 256KiB
for the SINIT module and 64KiB for SINIT data.

INTEL_TXT_HEAP_SIZEsoc/intel/xeon_sp/sprhex This must be 960KiB according to 572782.

ENABLE_IO_MARGININGsoc/intel/xeon_sp/sprboolEnable IO Margining Enable support for I/O margining. This is mutually exclusive with
ASPM. This option is intended for debugging and validation and
should normally be disabled.

ENABLE_RMTsoc/intel/xeon_sp/sprboolEnable RMT Enable Rank Margining Tool. This option is intended for debugging and
validation and should normally be disabled.
SOC_INTEL_COOPERLAKE_SPsoc/intel/xeon_sp/cpxbool Intel Cooper Lake-SP support

PCR_BASE_ADDRESSsoc/intel/xeon_sp/cpxhex This option allows you to select MMIO Base Address of sideband bus.

DCACHE_RAM_SIZEsoc/intel/xeon_sp/cpxhex The size of the cache-as-ram region required during bootblock
and/or romstage. FSP-T reserves the upper 0x100 for
FspReservedBuffer.

DCACHE_BSP_STACK_SIZEsoc/intel/xeon_sp/cpxhex The amount of anticipated stack usage in CAR by bootblock and
other stages. It needs to include FSP-M stack requirement and
CB romstage stack requirement. The integration documentation
says this needs to be 256KiB.

FSP_M_RC_HEAP_SIZEsoc/intel/xeon_sp/cpxhex On xeon_sp/cpx FSP-M has two separate heap managers, one regular
whose size and base are controllable via the StackBase and
StackSize UPDs and a 'rc' heap manager that is statically
allocated at 0xfe800000 (the CAR base) and consumes about 0x130000
bytes of memory.

FSP_TEMP_RAM_SIZEsoc/intel/xeon_sp/cpxhex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup. The FSP integration
documentation says this needs to be at least 128KiB, but practice
show this needs to be 256KiB or more.

INTEL_TXT_SINIT_SIZEsoc/intel/xeon_sp/cpxhex According to document number 572782 this needs to be 256KiB
for the SINIT module and 64KiB for SINIT data.

INTEL_TXT_HEAP_SIZEsoc/intel/xeon_sp/cpxhex This must be 960KiB according to 572782.

SOC_ACPI_HESTsoc/intel/xeon_sp/rasNone This variable provides control for ACPI hardware error source table (HEST)

SOC_RAS_ELOGsoc/intel/xeon_sp/rasNone This variable provides enhanced error logging support used with HEST

ERROR_LOG_BUFFER_SIZEsoc/intel/xeon_sp/rashex This variable allows a configurable error log based on system requirements

SOC_INTEL_SKYLAKE_SPsoc/intel/xeon_sp/skxbool Intel Skylake-SP support

PCR_BASE_ADDRESSsoc/intel/xeon_sp/skxhex This option allows you to select MMIO Base Address of sideband bus.

INTEL_ACPI_BASE_ADDRESSsoc/intel/xeon_sphex IO Address of ACPI.

INTEL_PCH_PWRM_BASE_ADDRESSsoc/intel/xeon_sphex PCH PWRM Base address.

PCR_BASE_ADDRESSsoc/intel/xeon_sphex This option allows you to select MMIO Base Address of sideband bus.

SOC_INTEL_BROADWELLsoc/intel/broadwellbool Intel Broadwell and Haswell ULT support.

BROADWELL_LPDDR3soc/intel/broadwellbool Selected by mainboards using LPDDR3 DRAM to supply mainboard-specific
LPDDR3 DQ and DQS CPU-to-DRAM mapping info needed to perform raminit.

DCACHE_RAM_SIZEsoc/intel/broadwellhex The size of the cache-as-ram region required during bootblock
and/or romstage. Note DCACHE_RAM_SIZE and DCACHE_RAM_MRC_VAR_SIZE
must add up to a power of 2.

DCACHE_RAM_MRC_VAR_SIZEsoc/intel/broadwellhex The amount of cache-as-ram region required by the reference code.

DCACHE_BSP_STACK_SIZEsoc/intel/broadwellhex The amount of anticipated stack usage in CAR by bootblock and
other stages.

HAVE_MRCsoc/intel/broadwellboolAdd a Memory Reference Code binary Select this option to add a Memory Reference Code binary to
the resulting coreboot image.

Note: Without this binary coreboot will not work

MRC_FILEsoc/intel/broadwellstringIntel Memory Reference Code path and filename The filename of the file to use as Memory Reference Code binary.

HAVE_REFCODE_BLOBsoc/intel/broadwellboolAn external reference code blob should be put into cbfs. The reference code blob will be placed into cbfs.

REFCODE_BLOB_FILEsoc/intel/broadwellstringPath and filename to reference code blob. The path and filename to the file to be added to cbfs.

SERIRQ_CONTINUOUS_MODEsoc/intel/broadwell/pchbool If you set this option to y, the serial IRQ machine will be
operated in continuous mode.

SERIALIO_UART_CONSOLEsoc/intel/broadwell/pchbool Selected by mainboards where SerialIO UARTs can be used to retrieve
coreboot logs. Boards also need to set UART_FOR_CONSOLE accordingly.

DISABLE_ME_PCIsoc/intel/broadwell/pchboolDisable Intel ME PCI interface (MEI1) Disable and hide the ME PCI interface during finalize stage of boot.
This will prevent the OS (and userspace apps) from interacting with
the ME via the PCI interface after boot.

SOC_INTEL_ALDERLAKEsoc/intel/alderlakebool Intel Alderlake support. Mainboards should specify the PCH
type using the `SOC_INTEL_ALDERLAKE_PCH_*` options instead
of selecting this option directly.

SOC_INTEL_RAPTORLAKEsoc/intel/alderlakebool Intel Raptorlake support. Mainboards using RPL should select
SOC_INTEL_RAPTORLAKE and SOC_INTEL_ALDERLAKE_PCH_* together.

SOC_INTEL_ALDERLAKE_PCH_Msoc/intel/alderlakebool Choose this option if your mainboard has a PCH-M chipset.

SOC_INTEL_ALDERLAKE_PCH_Nsoc/intel/alderlakebool Choose this option if your mainboard has a PCH-N chipset.

SOC_INTEL_ALDERLAKE_PCH_Psoc/intel/alderlakebool Choose this option if your mainboard has a PCH-P chipset.

SOC_INTEL_ALDERLAKE_PCH_Ssoc/intel/alderlakebool Choose this option if your mainboard has a PCH-S chipset.

SOC_INTEL_RAPTORLAKE_PCH_Ssoc/intel/alderlakebool Choose this option if your mainboard has a Raptor Lake PCH-S chipset.

ALDERLAKE_CONFIGURE_DESCRIPTORsoc/intel/alderlakebool Select this if the descriptor needs to be updated at runtime. This
can only be done if the descriptor region is writable, and should only
be used as a temporary workaround.

DCACHE_RAM_SIZEsoc/intel/alderlakeint The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/alderlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value will be
sum of FSP-M stack requirement(512KiB) and CB romstage stack requirement
(~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/alderlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

MAX_PCIE_CLOCK_SRCsoc/intel/alderlakeint With external clock buffer, Alderlake-P can support up to three additional source clocks.
This is done by setting the corresponding GPIO pin(s) to native function to use as
SRCCLK_OE[6..9]. In addition, SRCCLK6 does not need to be set to free running clock.
If any of SRCCLKReq 6..9 is asserted, SRCCLK6 will be turned on.

PCR_BASE_ADDRESSsoc/intel/alderlakehex This option allows you to select MMIO Base Address of sideband bus.

ENABLE_SATA_TEST_MODEsoc/intel/alderlakeboolEnable test mode for SATA margining Enable SATA test mode in FSP-S.

FSP_TYPE_IOTsoc/intel/alderlakebool This option allows to select FSP IOT type from 3rdparty/fsp repo

SOC_INTEL_ALDERLAKE_DEBUG_CONSENTsoc/intel/alderlakeintDebug Consent for ADL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

Desired platform debug type are
0:Disabled, 2:Enabled (All Probes+TraceHub), 6:Enable (Low Power),
7:Manual

ALDERLAKE_ENABLE_SOC_WORKAROUNDsoc/intel/alderlakebool Selects the workarounds applicable for Alder Lake SoC.

USE_UNIFIED_AP_FIRMWARE_FOR_UFS_AND_NON_UFSsoc/intel/alderlakebool Alder Lake SoC based OEM board design with UFS and non-UFS planned to use an
unified AP firmware which demanded to have a unified descriptor. It means UFS
controller needs to default fuse enabled to let UFS SKU to boot.

On such design with non-UFS SKU is exhibiting S0ix failure due to UFS remain
enabled in the strap although FSP-S is making the UFS controller function
disabled. The potential root cause of this behaviour is although the UFS
controller is function disabled but MPHY clock is still in active state.

A possible solution to this problem is to issue a warm reboot (if boot path is
S5->S0 or G3->S0) after disabling the UFS and let PMC to read the function
disable state of the UFS for disabling the MPHY clock.

Mainboard users with such board design where OEM would like to use an unified AP
firmware to support both UFS and non-UFS sku booting might need to choose this
config to allow disabling UFS while booting on the non-UFS SKU.
Note: selection of this config would introduce an additional warm reset in
cold-reset scenarios due to function disabling of the UFS controller.

SI_DESC_REGIONsoc/intel/alderlakestringDescriptor Region name Name of Descriptor Region in the FMAP

SI_DESC_REGION_SZsoc/intel/alderlakeint Size of Descriptor Region in the FMAP

BUILDING_WITH_DEBUG_FSPsoc/intel/alderlakeboolDebug FSP is used for the build Set this option if debug build of FSP is used.

FSP_PUBLISH_MBP_HOBsoc/intel/alderlakebool This is to control creation of ME_BIOS_PAYLOAD_HOB (MBP HOB) by FSP.
Disabling it for the platforms, which do not use MBP HOB, can improve the boot time.

Note: It cannot be disabled for ADL-P based platforms because ADL-P FSP relies on
MBP HOB for ChipsetInit version for ChipsetInit sync. As ChipsetInit sync doesn't
occur if no MBP HOB, so it results S0ix issue. This limitation is addressed in the
later platforms so creation of MBP HOB can be skipped for ADL-N and RPL based
platforms.

INCLUDE_HSPHY_IN_FMAPsoc/intel/alderlakeboolInclude PCIe 5.0 HSPHY firmware in flash Set this option to cache the PCIe 5.0 HSPHY firmware after it is
fetched from ME during boot. By default coreboot will fetch the
HSPHY FW from ME, but if for some reason ME is not enabled or
visible, the cached blob will be attempted to initialize the PCIe
5.0 root port. Select it if ME is soft disabled or disabled with HAP
bit. If possible, the HSPHY FW will be saved to flashmap region if
the firmware file is not provided directly in the HSPHY_FW_FILE
Kconfig.

HSPHY_FW_FILEsoc/intel/alderlakestringHSPHY firmware file path Path pointing to the PCIe 5.0 HSPHY file. The file can be extracted
from full firmware image or ME region using UEFITool. If left empty,
HSPHY loading procedure will try to save the firmware to the flashmap
region if fetched successfully from ME.

SOC_INTEL_BAYTRAILsoc/intel/baytrailbool Bay Trail M/D part support.

HAVE_MRCsoc/intel/baytrailboolAdd a System Agent binary Select this option to add a System Agent binary to
the resulting coreboot image.

Note: Without this binary coreboot will not work

MRC_FILEsoc/intel/baytrailstringIntel System Agent path and filename The path and filename of the file to use as System Agent
binary.

DCACHE_RAM_SIZEsoc/intel/baytrailhex The size of the cache-as-ram region required during bootblock
and/or romstage. Note DCACHE_RAM_SIZE and DCACHE_RAM_MRC_VAR_SIZE
must add up to a power of 2.

DCACHE_RAM_MRC_VAR_SIZEsoc/intel/baytrailhex The amount of cache-as-ram region required by the reference code.

ENABLE_BUILTIN_COM1soc/intel/baytrailboolEnable builtin COM1 Serial Port The PMC has a legacy COM1 serial port. Choose this option to
configure the pads and enable it. This serial port can be used for
the debug console.

HAVE_REFCODE_BLOBsoc/intel/baytrailboolUse a binary refcode blob instead of native ModPHY init Use the ChromeBook refcode to initialize high-speed PHYs instead of
native code.

REFCODE_BLOB_FILEsoc/intel/baytrailstringPath and filename to reference code blob. The path and filename to the file to be added to cbfs.

SOC_INTEL_SKYLAKE_LGA1151_V2soc/intel/skylakebool Selected by mainboards with a LGA1151 v2 socket and a Z370, H310C or B365 PCH

ENABLE_SATA_TEST_MODEsoc/intel/skylakeboolEnable SATA test mode Enable SATA test mode in FSP-S.

DCACHE_RAM_SIZEsoc/intel/skylakehex The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/skylakehex The amount of anticipated stack usage in CAR by bootblock and
other stages.

FSP_TEMP_RAM_SIZEsoc/intel/skylakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

EXCLUDE_NATIVE_SD_INTERFACEsoc/intel/skylakebool If you set this option to n, will not use native SD controller.

PCR_BASE_ADDRESSsoc/intel/skylakehex This option allows you to select MMIO Base Address of sideband bus.

NHLT_DMIC_1CHsoc/intel/skylakebool Include DSP firmware settings for 1 channel DMIC array.

NHLT_DMIC_2CHsoc/intel/skylakebool Include DSP firmware settings for 2 channel DMIC array.

NHLT_DMIC_4CHsoc/intel/skylakebool Include DSP firmware settings for 4 channel DMIC array.

NHLT_NAU88L25soc/intel/skylakebool Include DSP firmware settings for nau88l25 headset codec.

NHLT_MAX98357soc/intel/skylakebool Include DSP firmware settings for max98357 amplifier.

NHLT_MAX98373soc/intel/skylakebool Include DSP firmware settings for max98373 amplifier.

NHLT_SSM4567soc/intel/skylakebool Include DSP firmware settings for ssm4567 smart amplifier.

NHLT_RT5514soc/intel/skylakebool Include DSP firmware settings for rt5514 DSP.

NHLT_RT5663soc/intel/skylakebool Include DSP firmware settings for rt5663 headset codec.

NHLT_MAX98927soc/intel/skylakebool Include DSP firmware settings for max98927 amplifier.

NHLT_DA7219soc/intel/skylakebool Include DSP firmware settings for DA7219 headset codec.

NO_FADT_8042soc/intel/skylakebool Choose this option if you want to disable 8042 Keyboard

SOC_INTEL_DENVERTON_NSsoc/intel/denverton_nsbool Intel Denverton-NS SoC support

PCR_BASE_ADDRESSsoc/intel/denverton_nshex This option allows you to select MMIO Base Address of sideband bus.

NON_LEGACY_UART_MODEsoc/intel/denverton_nsboolNon Legacy Mode Disable legacy UART mode

LEGACY_UART_MODEsoc/intel/denverton_nsboolLegacy Mode Enable legacy UART mode
select CONSOLE_SERIAL
select DRIVERS_UART
select DRIVERS_UART_8250IO
CONSOLE_UART_BASE_ADDRESSsoc/intel/denverton_nshexCache-as-ram implementation This option allows you to select how cache-as-ram (CAR) is set up.

USE_DENVERTON_NS_CAR_NEM_ENHANCEDsoc/intel/denverton_nsboolEnhanced Non-evict mode A current limitation of NEM (Non-Evict mode) is that code and data sizes
are derived from the requirement to not write out any modified cache line.
With NEM, if there is no physical memory behind the cached area,
the modified data will be lost and NEM results will be inconsistent.
ENHANCED NEM guarantees that modified data is always
kept in cache while clean data is replaced.

USE_DENVERTON_NS_FSP_CARsoc/intel/denverton_nsboolUse FSP CAR Use FSP APIs to initialize and tear down the Cache-As-Ram.

SOC_INTEL_BRASWELLsoc/intel/braswellbool Braswell M/D part support.

DCACHE_BSP_STACK_SIZEsoc/intel/braswellhex The amount of anticipated stack usage in CAR by bootblock and
other stages.

DCACHE_RAM_SIZEsoc/intel/braswellhex The size of the cache-as-ram region required during bootblock
and/or romstage. Note DCACHE_RAM_SIZE and DCACHE_RAM_MRC_VAR_SIZE
must add up to a power of 2.

ENABLE_BUILTIN_COM1soc/intel/braswellboolEnable builtin COM1 Serial Port The PMC has a legacy COM1 serial port. Choose this option to
configure the pads and enable it. This serial port can be used for
the debug console.

DISABLE_HPETsoc/intel/braswellboolDisable the HPET device Enable this to disable the HPET support
Solves the Linux MP-BIOS bug timer not connected.

USE_GOOGLE_FSPsoc/intel/braswellbool Select this to use Google's custom Braswell FSP header/binary
instead of the public release on Github. Only google/cyan
variants require this; all other boards should use the public release.

FSP_HEADER_PATHsoc/intel/braswellstring Location of FSP header file FspUpdVpd.h

SOC_INTEL_APOLLOLAKEsoc/intel/apollolakebool Intel Apollolake support

SOC_INTEL_GEMINILAKEsoc/intel/apollolakebool Intel Geminilake support

SKIP_CSE_RBPsoc/intel/apollolakebool Tell CSE we do not need to use Ring Buffer Protocol (RBP) to fetch
firmware for us if we are using memory-mapped SPI. This lets CSE
state machine transition to next boot state, so that it can function
as designed.

TPM_ON_FAST_SPIsoc/intel/apollolakebool TPM part is conntected on Fast SPI interface and is mapped to the
linear address space.

PCR_BASE_ADDRESSsoc/intel/apollolakehex This option allows you to select MMIO Base Address of sideband bus.

DCACHE_RAM_SIZEsoc/intel/apollolakehex The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/apollolakehex The amount of anticipated stack usage in CAR by bootblock and
other stages.

ROMSTAGE_ADDRsoc/intel/apollolakehex The base address (in CAR) where romstage should be linked

VERSTAGE_ADDRsoc/intel/apollolakehex The base address (in CAR) where verstage should be linked

FSP_M_ADDRsoc/intel/apollolakehex The address FSP-M will be relocated to during build time

NEED_LBP2soc/intel/apollolakeboolWrite contents for logical boot partition 2. Write the contents from a file into the logical boot partition 2
region defined by LBP2_FMAP_NAME.

LBP2_FMAP_NAMEsoc/intel/apollolakestringName of FMAP region to put logical boot partition 2 Name of FMAP region to write logical boot partition 2 data.

LBP2_FROM_IFWIsoc/intel/apollolakeboolExtract the LBP2 from the IFWI binary The Logical Boot Partition will be automatically extracted
from the supplied IFWI binary

LBP2_FILE_NAMEsoc/intel/apollolakestringPath of file to write to logical boot partition 2 region Name of file to store in the logical boot partition 2 region.

NEED_IFWIsoc/intel/apollolakeboolWrite content into IFWI region Write the content from a file into IFWI region defined by
IFWI_FMAP_NAME.

IFWI_FMAP_NAMEsoc/intel/apollolakestringName of FMAP region to pull IFWI into Name of FMAP region to write IFWI.

IFWI_FILE_NAMEsoc/intel/apollolakestringPath of file to write to IFWI region Name of file to store in the IFWI region.

NHLT_DMIC_1CH_16Bsoc/intel/apollolakebool Include DSP firmware settings for 1 channel 16B DMIC array.

NHLT_DMIC_2CH_16Bsoc/intel/apollolakebool Include DSP firmware settings for 2 channel 16B DMIC array.

NHLT_DMIC_4CH_16Bsoc/intel/apollolakebool Include DSP firmware settings for 4 channel 16B DMIC array.

NHLT_MAX98357soc/intel/apollolakebool Include DSP firmware settings for headset codec.

NHLT_DA7219soc/intel/apollolakebool Include DSP firmware settings for headset codec.

NHLT_RT5682soc/intel/apollolakebool Include DSP firmware settings for headset codec.
SOC_ESPIsoc/intel/apollolakebool Use eSPI bus instead of LPC

SOC_INTEL_JASPERLAKEsoc/intel/jasperlakebool Intel Jasperlake support

DCACHE_RAM_SIZEsoc/intel/jasperlakebool The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/jasperlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value
will be sum of FSP-M stack requirement(192 KiB) and CB romstage
stack requirement(~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/jasperlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

PCR_BASE_ADDRESSsoc/intel/jasperlakehex This option allows you to select MMIO Base Address of sideband bus.

SOC_INTEL_JASPERLAKE_DEBUG_CONSENTsoc/intel/jasperlakeintDebug Consent for JSL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

Desired platform debug type are
0:Disabled, 1:Enabled (DCI OOB+[DbC]), 2:Enabled (DCI OOB),
3:Enabled (USB3 DbC), 4:Enabled (XDP/MIPI60), 5:Enabled (USB2 DbC),
6:Enable (2-wire DCI OOB), 7:Manual

DCACHE_RAM_SIZEsoc/intel/cannonlakeint The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/cannonlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value will be
sum of FSP-M stack requirement (128KiB) and CB romstage stack requirement (~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/cannonlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

NHLT_DMIC_1CH_16Bsoc/intel/cannonlakebool Include DSP firmware settings for 1 channel 16B DMIC array.

NHLT_DMIC_2CH_16Bsoc/intel/cannonlakebool Include DSP firmware settings for 2 channel 16B DMIC array.

NHLT_DMIC_4CH_16Bsoc/intel/cannonlakebool Include DSP firmware settings for 4 channel 16B DMIC array.

NHLT_MAX98357soc/intel/cannonlakebool Include DSP firmware settings for headset codec.

NHLT_MAX98373soc/intel/cannonlakebool Include DSP firmware settings for headset codec.

NHLT_DA7219soc/intel/cannonlakebool Include DSP firmware settings for headset codec.

PCR_BASE_ADDRESSsoc/intel/cannonlakehex This option allows you to select MMIO Base Address of sideband bus.

MB_HAS_ACTIVE_HIGH_SD_PWR_ENABLEsoc/intel/cannonlakebool Select this if the board has a SD_PWR_ENABLE pin connected to a
active high sensing load switch to turn on power to the card reader.
This will enable a workaround in ASL _PS3 and _PS0 methods to force
SD_PWR_ENABLE to stay low in D3.

SOC_INTEL_CANNONLAKE_DEBUG_CONSENTsoc/intel/cannonlakeintDebug Consent for CNL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

SOC_INTEL_METEORLAKEsoc/intel/meteorlakebool Intel Meteorlake support. Mainboards should specify the SoC
type using the `SOC_INTEL_METEORLAKE_*` options instead
of selecting this option directly.

SOC_INTEL_METEORLAKE_U_Hsoc/intel/meteorlakebool Choose this option if your mainboard has a MTL-U (9W or 15W)
or MTL-H (28W or 45W) SoC.

Note, the MTL-U/H-Processor Line offered in a 1-Chip Platform
that includes the Compute, SOC, GT, and IOE tile on the same
package.

SOC_INTEL_METEORLAKE_Ssoc/intel/meteorlakebool Choose this option if your mainboard has a MTL-S (35W or 65W) SoC.
Note, MTL-S SoC combines Compute, GFX, SoC, IOE and PCH die.

SOC_INTEL_METEORLAKE_PRE_PRODUCTION_SILICONsoc/intel/meteorlakebool Choose this option if your mainboard has a Meteor Lake pre-production
silicon. Typically known as engineering samples (like ES). This type
of the silicon are very common for early platform development.

DCACHE_RAM_SIZEsoc/intel/meteorlakeint The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/meteorlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value will be
sum of FSP-M stack requirement(512KiB) and CB romstage stack requirement
(~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/meteorlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

PCR_BASE_ADDRESSsoc/intel/meteorlakehex This option allows you to select MMIO Base Address of sideband bus.

IOE_PCR_BASE_ADDRESSsoc/intel/meteorlakehex This option allows you to select MMIO Base Address of IOE sideband bus.

SOC_INTEL_METEORLAKE_DEBUG_CONSENTsoc/intel/meteorlakeintDebug Consent for MTL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

Desired platform debug type are
0:Disabled, 2:Enabled Trace Active, 4:Enabled Trace Ready,
6:Enable Trace Power-Off, 7:Manual

FSP_PUBLISH_MBP_HOBsoc/intel/meteorlakebool This is to control creation of ME_BIOS_PAYLOAD_HOB (MBP HOB) by FSP.
Disabling it for the platforms, which do not use MBP HOB, can improve the boot time.

BUILDING_WITH_DEBUG_FSPsoc/intel/meteorlakeboolDebug FSP is used for the build Set this option if debug build of FSP is used.

DROP_CPU_FEATURE_PROGRAM_IN_FSPsoc/intel/meteorlakebool This is to avoid FSP running basic CPU feature programming on BSP
and on APs using the "CpuFeaturesPei.efi" module. The feature programming
includes enabling x2APIC, MCA, MCE and Turbo etc.

Most of these feature programming are getting performed today in scope
of coreboot doing MP Init. Running these redundant programming in scope
of FSP (when `USE_FSP_FEATURE_PROGRAM_ON_APS` config is enabled) would
results in CPU exception.

SoC users to select this config after dropping "CpuFeaturesPei.ffs" module
from FSP-S Firmware Volume (FV). Upon selection, coreboot runs those additional
feature programming on BSP and APs.

This feature is default enabled, in case of "coreboot running MP init"
aka MP_SERVICES_PPI_V2_NOOP config is selected.

PCIE_LTR_MAX_SNOOP_LATENCYsoc/intel/meteorlakehex Latency tolerance reporting, max snoop latency value defaults to 15.73 ms.

PCIE_LTR_MAX_NO_SNOOP_LATENCYsoc/intel/meteorlakehex Latency tolerance reporting, max non-snoop latency value defaults to 15.73 ms.

SOC_INTEL_TIGERLAKEsoc/intel/tigerlakebool Intel Tigerlake support

DCACHE_RAM_SIZEsoc/intel/tigerlakeint The size of the cache-as-ram region required during bootblock
and/or romstage.

DCACHE_BSP_STACK_SIZEsoc/intel/tigerlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages. In the case of FSP_USES_CB_STACK default value will be
sum of FSP-M stack requirement(256KiB) and CB romstage stack requirement
(~1KiB).

FSP_TEMP_RAM_SIZEsoc/intel/tigerlakehex The amount of anticipated heap usage in CAR by FSP.
Refer to Platform FSP integration guide document to know
the exact FSP requirement for Heap setup.

PCR_BASE_ADDRESSsoc/intel/tigerlakehex This option allows you to select MMIO Base Address of sideband bus.

FSP_TYPE_IOTsoc/intel/tigerlakebool This option allows to select FSP IOT type from 3rdparty/fsp repo

FSP_TYPE_CLIENTsoc/intel/tigerlakebool This option allows to select FSP CLIENT type from 3rdparty/fsp repo

SOC_INTEL_TIGERLAKE_DEBUG_CONSENTsoc/intel/tigerlakeintDebug Consent for TGL This is to control debug interface on SOC.
Setting non-zero value will allow to use DBC or DCI to debug SOC.
PlatformDebugConsent in FspmUpd.h has the details.

Desired platform debug type are
0:Disabled, 1:Enabled (DCI OOB+[DbC]), 2:Enabled (DCI OOB),
3:Enabled (USB3 DbC), 4:Enabled (XDP/MIPI60), 5:Enabled (USB2 DbC),
6:Enable (2-wire DCI OOB), 7:Manual

RK3399_SPREAD_SPECTRUM_DDRsoc/rockchip/rk3399boolSpread-spectrum DDR clock Select Spread Spectrum Modulator (SSMOD) is a fully-digital circuit
used to modulate the frequency of the Silicon Creations' Fractional
PLL in order to reduce EMI.

SOC_EXAMPLE_MIN86soc/example/min86bool This example SoC code along with the example/min86 mainboard
should serve as a minimal example how a buildable x86 SoC code
base can look like.

This can serve, for instance, as a basis to add new SoCs to
coreboot. Starting with a buildable commit should help with
the review of the actual code, and also avoid any regressions
when common coreboot code changes.

MAINBOARD_DO_DSI_INITsoc/nvidia/tegra210boolUse dsi graphics interface Initialize dsi display

MAINBOARD_DO_SOR_INITsoc/nvidia/tegra210boolUse dp graphics interface Initialize dp display

CONSOLE_SERIAL_TEGRA210_UARTAsoc/nvidia/tegra210boolUARTA Serial console on UART A.

CONSOLE_SERIAL_TEGRA210_UARTBsoc/nvidia/tegra210boolUARTB Serial console on UART B.

CONSOLE_SERIAL_TEGRA210_UARTCsoc/nvidia/tegra210boolUARTC Serial console on UART C.

CONSOLE_SERIAL_TEGRA210_UARTDsoc/nvidia/tegra210boolUARTD Serial console on UART D.

CONSOLE_SERIAL_TEGRA210_UARTEsoc/nvidia/tegra210boolUARTE Serial console on UART E.

CONSOLE_SERIAL_TEGRA210_UART_ADDRESSsoc/nvidia/tegra210hex Map the UART names to the respective MMIO addresses.

BOOTROM_SDRAM_INITsoc/nvidia/tegra210boolSoC BootROM does SDRAM init with full BCT Use during Foster LPDDR4 bringup.

TRUSTZONE_CARVEOUT_SIZE_MBsoc/nvidia/tegra210hexSize of Trust Zone region Size of Trust Zone area in MiB to reserve in memory map.

TTB_SIZE_MBsoc/nvidia/tegra210hexSize of TTB Maximum size of Translation Table Buffer in MiB.

SEC_COMPONENT_SIZE_MBsoc/nvidia/tegra210hexSize of resident EL3 components Maximum size of resident EL3 components in MiB including BL31 and
Secure OS.

HAVE_MTCsoc/nvidia/tegra210boolAdd external Memory controller Training Code binary Select this option to add emc training firmware

MTC_FILEsoc/nvidia/tegra210stringtegra mtc firmware filename The filename of the mtc firmware

MTC_DIRECTORYsoc/nvidia/tegra210stringDirectory where MTC firmware file is located Path to directory where MTC firmware file is located.

MTC_ADDRESSsoc/nvidia/tegra210hex The DRAM location where MTC firmware to be loaded in. This location
needs to be consistent with the location defined in tegra_mtc.ld

SOC_AMD_COMMONsoc/amd/common.commonbool common code blocks for AMD SOCs

SOC_AMD_COMMON_BLOCK_ACPIMMIOsoc/amd/common/block/acpimmiobool Select this option to enable hardware blocks in the AcpiMmio
address space (0xfed8xxxx).

SOC_AMD_COMMON_BLOCK_ACPIMMIO_BIOSRAMsoc/amd/common/block/acpimmiobool Add functions to access settings stored in the biosram region.
This is only used by the SoCs using binaryPI and the old AGESA.

SOC_AMD_COMMON_BLOCK_ACPIMMIO_PM_IO_ACCESSsoc/amd/common/block/acpimmiobool Add functions to access the PM register block via the indirect
IO register access interface.

SOC_AMD_COMMON_BLOCK_SMNsoc/amd/common/block/smnbool Select this option to add functions to access the SMN (system management
network) register space to the build.

SOC_AMD_COMMON_BLOCK_SPIsoc/amd/common/block/spibool Select this option to add FCH SPI controller functions to the build.
This overwrites the structure spi_flash_ops to use FCH SPI code
instead of individual SPI specific code.

SOC_AMD_COMMON_BLOCK_SPI_4DW_BURSTsoc/amd/common/block/spibool Select this option to keep the 4 DWORD burst support enabled.

EFS_SPI_READ_MODEsoc/amd/common/block/spiint SPI read mode to be programmed by the PSP.
The numbers in the options below indicate how many wires
are utilized for command, address and data. For instance 1-1-2
means 1 command, 1 address and 2 data wires.
0: Normal Read (up to 33M)
1: Reserved
2: Dual IO (1-1-2)
3: Quad IO (1-1-4)
4: Dual IO (1-2-2)
5: Quad IO (1-4-4)
6: Normal Read (up to 66M)
7: Fast Read

EFS_SPI_SPEEDsoc/amd/common/block/spiint SPI Fast Speed to be programmed by the PSP.
0: 66.66Mhz
1: 33.33MHz
2: 22.22MHz
3: 16.66MHz
4: 100MHz
5: 800KHz

EFS_SPI_MICRON_FLAGsoc/amd/common/block/spiint For Family 17h Model 00h and later SoC the PSP must be aware if a Micron
part is present in EFS. Automatic detection (option 2) is available
for Family 17h Model 30h-3Fh but is unsupported otherwise.
0: Board does not use Micron parts
1: Board always uses Micron parts
2: Micron parts are optional

NORMAL_READ_SPI_SPEEDsoc/amd/common/block/spiint SPI Normal Speed to be programmed by coreboot.
0: 66.66Mhz
1: 33.33MHz
2: 22.22MHz
3: 16.66MHz
4: 100MHz
5: 800KHz

ALT_SPI_SPEEDsoc/amd/common/block/spiint SPI ALT Speed to be programmed by coreboot.
0: 66.66Mhz
1: 33.33MHz
2: 22.22MHz
3: 16.66MHz
4: 100MHz
5: 800KHz

TPM_SPI_SPEEDsoc/amd/common/block/spiint SPI TPM Speed to be programmed by coreboot.
0: 66.66Mhz
1: 33.33MHz
2: 22.22MHz
3: 16.66MHz
4: 100MHz
5: 800KHz

SOC_AMD_COMMON_BLOCK_EMMCsoc/amd/common/block/emmcbool Select this option to use AMD common EMMC driver support.

SOC_AMD_COMMON_BLOCK_I2Csoc/amd/common/block/i2cbool Select this option to add FCH I2C controller functions to the build.

SOC_AMD_COMMON_BLOCK_I2C_PAD_CTRLsoc/amd/common/block/i2cbool Select this option to add FCH I2C pad configuration functions to the
build.

SOC_AMD_COMMON_BLOCK_I23C_PAD_CTRLsoc/amd/common/block/i2cbool Select this option to add FCH I2C/I3C pad configuration functions to
the build.

SOC_AMD_COMMON_BLOCK_I2C3_TPM_SHARED_WITH_PSPsoc/amd/common/block/i2cbool Enable PSP I2C arbitration if there is I2C3 controller with TPM device
connected, which is shared between x86 and PSP. This is necessary to
ensure proper communication with I2C peripherals connected to such
bus.

SOC_AMD_COMMON_BLOCK_STBsoc/amd/common/block/stbbool Select in the SOC if it supports the Smart Trace Buffer

WRITE_STB_BUFFER_TO_CONSOLEsoc/amd/common/block/stbboolWrite STB entries to the console log This option will tell coreboot to print the STB buffer at various
points through the boot process. Note that this will prevent the
entries from being stored if the Spill-to-DRAM feature is enabled.

ENABLE_STB_SPILL_TO_DRAMsoc/amd/common/block/stbboolEnable Smart Trace Buffer Spill-to-DRAM Spill-to-DRAM is an STB feature that extends the buffer from using
just the small SRAM buffer to a much larger area reserved in main
memory.

AMD_STB_SIZE_IN_MBsoc/amd/common/block/stbintSmart Trace Buffer Spill-to-DRAM buffer size in MB Size of the STB Spill-to-DRAM buffer in MB.

ADD_POSTCODES_TO_STBsoc/amd/common/block/stbboolAdd coreboot postcodes to STB Add coreboot's postcodes to the smart trace buffer

SOC_AMD_COMMON_BLOCK_GRAPHICSsoc/amd/common/block/graphicsbool Select this option to use AMD common graphics driver support.

SOC_AMD_COMMON_BLOCK_GRAPHICS_ATIFsoc/amd/common/block/graphicsbool Select this option to provide ATIF method with display brightness querying.
Currently, the exported values only open up 0-255 as the brightness range for
the display.

SOC_AMD_GFX_CACHE_VBIOS_IN_FMAPsoc/amd/common/block/graphicsboolSupport for caching modified VBIOS tables in flash Enable support for flash based VBIOS cache.

USE_SELECTIVE_GOP_INITsoc/amd/common/block/graphicsboolRun FSP GOP driver only when needed for recovery/developer modes Select this option to only run the FSP GOP driver when needed for pre-OS display init
(eg, Recovery and Developer Modes). Otherwise, use cached VBIOS/ATOMBIOS tables.
Selecting this option will save approx. 130ms boot time on the normal boot path.

SOC_AMD_COMMON_BLOCK_SMIsoc/amd/common/block/smibool Select this option to add the common functions for setting up the SMI
configuration to the build.

SOC_AMD_COMMON_BLOCK_APOBsoc/amd/common/block/apobbool Select this option to add firmware support for the non-volatile APOB
cache to the build.

SOC_AMD_COMMON_BLOCK_APOB_NV_DISABLEsoc/amd/common/block/apobboolDisable non-volatile APOB support Select this to disable non-volatile APOB cache and train memory
on every boot.

If unsure, say N.

SOC_AMD_COMMON_BLOCK_APOB_HASHsoc/amd/common/block/apobbool Select this to use a hash of the APOB data to determine when to update
the non-volatile APOB store.

SOC_AMD_COMMON_BLOCK_PSPsoc/amd/common/block/pspbool This option builds in the Platform Security Processor initialization
functions. Do not select this directly in SoC code, select
SOC_AMD_COMMON_BLOCK_PSP_GENx instead.

SOC_AMD_COMMON_BLOCK_PSP_GEN1soc/amd/common/block/pspbool Used by the PSP in AMD systems before family 17h, e.g. stoneyridge.

SOC_AMD_COMMON_BLOCK_PSP_GEN2soc/amd/common/block/pspbool Used by the PSP in AMD family 17h, 19h and possibly newer CPUs.

SOC_AMD_PSP_SELECTABLE_SMU_FWsoc/amd/common/block/pspbool Some PSP implementations allow storing SMU firmware into cbfs and
calling the PSP to load the blobs at the proper time.

The soc/<codename> should select this if its PSP supports the feature
and each mainboard can choose to select an appropriate fanless or
fanned set of blobs. Ask your AMD representative whether your APU
is considered fanless.

SOC_AMD_COMMON_BLOCK_PSP_FUSE_SPLsoc/amd/common/block/pspbool Enable sending of set SPL message to PSP. Enable this option if the platform
will require SPL fusing to be performed by PSP.

PSP_PLATFORM_SECURE_BOOTsoc/amd/common/block/pspboolPlatform secure boot enable Select this config to enable PSP Platform Secure Boot.

Platform Secure Boot will automatically be fused on boot if the
coreboot ROM is properly signed and can not be disabled once fused.
Refer AMD PSB user guide doc# 56654, Revision# 1.00, this document is
only available with NDA customers.

PSP_INCLUDES_HSPsoc/amd/common/block/pspbool Select this config to indicate SoC includes Hardware Security Processor(HSP).

AMD_FWM_POSITION_FA0000_DEFAULTsoc/amd/common/block/pspboolAMD FW position Set the position on flash offset where the AMD FW needs to be.
This position is relative to a 16MB flash window. If the flash
size is smaller than 16MB it gets mapped at the top of that window.

SOC_AMD_COMMON_BLOCK_BANKED_GPIOSsoc/amd/common/block/gpiobool Select this option to use the newer style banks of GPIO signals.
These are at offsets +0x1500, +0x1600, and +0x1700 from the AcpiMmio
base.

SOC_AMD_COMMON_BLOCK_BANKED_GPIOS_NON_SOC_CODEBASEsoc/amd/common/block/gpiobool Select this option when selecting the GPIO bank support from AMD
chipsets outside the soc/ subtree that only support a subset of the
features available on the chipsets inside the soc/ subtree. When this
option is selected, no SMI or SCI event can be configured by the GPIO
code.

GSC_IRQ_GPIOsoc/amd/common/block/gpioint gpio_interrupt_status() is used to provide interrupt status to TPM layer.
This option specifies the GPIO number.

SOC_AMD_COMMON_BLOCK_ALINKsoc/amd/common/block/alinkbool Select this option to access the FCH A-link configuration registers.

SOC_AMD_COMMON_BLOCK_SATAsoc/amd/common/block/satabool Select this option to use AMD common SATA driver support.

SOC_AMD_COMMON_BLOCK_SIMNOW_SUPPORTEDsoc/amd/common/block/simnowbool Select this for mainboards that are supported by SimNow

SOC_AMD_COMMON_BLOCK_SIMNOW_BUILDsoc/amd/common/block/simnowboolBuild for SimNow Select this option when building for SimNow

SOC_AMD_COMMON_BLOCK_XHCIsoc/amd/common/block/xhcibool Select this option to use AMD common XHCI support.

SOC_AMD_COMMON_BLOCK_XHCI_ELOGsoc/amd/common/block/xhcibool Enables logging of XHCI events in the elog

SOC_AMD_COMMON_BLOCK_ACPIsoc/amd/common/block/acpibool Select this option to use the AcpiMmio ACPI registers.

SOC_AMD_COMMON_BLOCK_ACPI_DPTCsoc/amd/common/block/acpibool Selected by mainboards that implement support for ALIB
to enable DPTC.

ACPI_SSDT_PSD_INDEPENDENTsoc/amd/common/block/acpiboolAllow core p-state independent transitions AMD recommends the ACPI _PSD object to be configured to cause
cores to transition between p-states independently. A vendor may
choose to generate _PSD object to allow cores to transition together.

SOC_AMD_COMMON_BLOCK_ACP_GEN1soc/amd/common/block/acpbool Select this option to perform Audio Co-Processor(ACP) configuration.
Used by the ACP in AMD family 17h, 19h, and earlier (picasso, cezanne)

SOC_AMD_COMMON_BLOCK_ACP_GEN2soc/amd/common/block/acpbool Select this option to perform Audio Co-Processor(ACP) configuration.
Used by the ACP in AMD mendocino (family 17h) and possibly newer CPUs.

SOC_AMD_COMMON_BLOCK_PCIsoc/amd/common/block/pcibool This option builds functions used to program PCI interrupt
routing, both PIC and APIC modes.

SOC_AMD_COMMON_BLOCK_PCI_MMCONFsoc/amd/common/block/pcibool Selecting this option adds the AMD-common enable_pci_mmconf function
to the build.

SOC_AMD_COMMON_BLOCK_PCIE_GPP_DRIVERsoc/amd/common/block/pcibool Select this option to use AMD common PCIe GPP driver.

SOC_AMD_COMMON_BLOCK_PCIE_CLK_REQsoc/amd/common/block/pcibool This option includes code to disable PCIe clock request if the corresponding
PCIe device is disabled.

SOC_AMD_COMMON_BLOCK_CARsoc/amd/common/block/cpubool This option allows the SOC to use a standard AMD cache-as-ram (CAR)
implementation. CAR setup is built into bootblock and teardown is
in postcar. The teardown procedure does not preserve the stack so
it may not be appropriate for a romstage implementation without
additional consideration. If this option is not used, the SOC must
implement these functions separately.
This is only used for AMD CPU before family 17h. From family 17h on
the RAM is already initialized by the PSP before the x86 cores are
released from reset.

SOC_AMD_COMMON_BLOCK_NONCARsoc/amd/common/block/cpubool From family 17h on AMD CPUs/APUs don't use cache as RAM (CAR) any
more, since the RAM initialization is already done by the PSP when
the x86 cores are released from reset.

CBFS_CACHE_SIZEsoc/amd/common/block/cpuhex The size of the cbfs_cache region.

SOC_AMD_COMMON_BLOCK_CPUFREQ_FAM15H_16Hsoc/amd/common/block/cpubool Select this option to include code to calculate the CPU frequency
from the P state MSR values on AMD CPU families 15h and 16h.

SOC_AMD_COMMON_BLOCK_CPUFREQ_FAM17H_19Hsoc/amd/common/block/cpubool Select this option to include code to calculate the CPU frequency
from the P state MSR values on AMD CPU families 17h and 19h.

SOC_AMD_COMMON_BLOCK_CPUFREQ_FAM1AHsoc/amd/common/block/cpubool Select this option to include code to calculate the CPU frequency
from the P state MSR values on AMD CPU family 1Ah.

SOC_AMD_COMMON_BLOCK_MCA_COMMONsoc/amd/common/block/cpubool Add common machine check architecture support. Do not select this
in the SoC's Kconfig; select either SOC_AMD_COMMON_BLOCK_MCA or
SOC_AMD_COMMON_BLOCK_MCAX which will select this one.

SOC_AMD_COMMON_BLOCK_MCAsoc/amd/common/block/cpubool Add IA32 machine check architecture (MCA) support for pre-Zen CPUs.

SOC_AMD_COMMON_BLOCK_MCAXsoc/amd/common/block/cpubool Add extended machine check architecture (MCAX) support for AMD family
17h, 19h and possibly newer CPUs.

SOC_AMD_COMMON_BLOCK_SMMsoc/amd/common/block/cpubool Add common SMM relocation, finalization and handler functionality to
the build.

SOC_AMD_COMMON_BLOCK_SVI2soc/amd/common/block/cpubool Select this option is the SoC uses the serial VID 2 standard for
encoding the voltage it requests from the VRM.

SOC_AMD_COMMON_BLOCK_SVI3soc/amd/common/block/cpubool Select this option is the SoC uses the serial VID 3 standard for
encoding the voltage it requests from the VRM.

SOC_AMD_COMMON_BLOCK_TSCsoc/amd/common/block/cpubool Select this option to add the common functions for getting the TSC
frequency of AMD family 17h, 19h and 1Ah CPUs/APUs and to provide
TSC-based monotonic timer functionality to the build.

SOC_AMD_COMMON_BLOCK_CPU_SYNC_PSP_ADDR_MSRsoc/amd/common/block/cpubool Select this option to have coreboot sync the PSP_ADDR_MSR from
the BSP to all APs.

SOC_AMD_COMMON_BLOCK_UCODEsoc/amd/common/block/cpubool Builds in support for loading uCode.

SOC_AMD_COMMON_BLOCK_HDAsoc/amd/common/block/hdabool Select this option to use AMD common High Definition Audio
driver support.

SOC_AMD_COMMON_BLOCK_DATA_FABRICsoc/amd/common/block/data_fabricbool Select this option to add data fabric configuration related
functionality to the build.

SOC_AMD_COMMON_BLOCK_DATA_FABRIC_NP_REGIONsoc/amd/common/block/data_fabricbool Select this option to include the code to make sure that there's a
non-posted MMIO region configured in the data fabric registers that
covers the FCH MMIO from the HPET up to right below the LAPIC.

SOC_AMD_COMMON_BLOCK_DATA_FABRIC_DOMAINsoc/amd/common/block/data_fabricbool Select this option to add functionality to the build to tell the
resource allocator about the MMIO regions configured in the data
fabric registers so that it knows in which regions it can properly
allocate the non-fixed MMIO devices.

SOC_AMD_COMMON_BLOCK_DATA_FABRIC_MULTI_PCI_SEGMENTsoc/amd/common/block/data_fabricbool Some AMD SoCs support more than one PCI segment with 256 buses. Those
SoCs however have a different data fabric register layout for the PCI
bus number decoding. SoCs that use a data fabric register pair for
the PCI bus number which includes the segment number must select this
option; SoCs that use one data fabric register for the PCI bus number
which doesn't include a segment number field mustn't select this.

SOC_AMD_COMMON_BLOCK_DATA_FABRIC_EXTENDED_MMIOsoc/amd/common/block/data_fabricbool Some AMD SoCs support more than 48 bit MMIO addresses. In order to
have enough bits for this, the MMIO address extension register is
introduced. SoCs that have this register must select this option in
order for the MMIO regions to be reported correctly.

SOC_AMD_COMMON_BLOCK_LPCsoc/amd/common/block/lpcbool Select this option to use the traditional LPC-ISA bridge at D14F3.

PROVIDES_ROM_SHARINGsoc/amd/common/block/lpcbool Select this option if the LPC bridge supports ROM sharing.

SOC_AMD_COMMON_BLOCK_LPC_SPI_DMAsoc/amd/common/block/lpcbool Select this option to enable SPI DMA support.

SOC_AMD_COMMON_BLOCK_HAS_ESPIsoc/amd/common/block/lpcbool Select this option if platform supports eSPI using D14F3 configuration
registers.

SOC_AMD_COMMON_BLOCK_ESPI_EXTENDED_DECODE_RANGESsoc/amd/common/block/lpcbool Select this if the platform supports 16 instead of 4 eSPI IO decode
ranges and 5 instead of 4 eSPI MMIO decode ranges.

SOC_AMD_COMMON_BLOCK_HAS_ESPI_ALERT_ENABLEsoc/amd/common/block/lpcbool Selected by the SoC if it supports the ALERT_ENABLE bit.

SOC_AMD_COMMON_BLOCK_USE_ESPIsoc/amd/common/block/lpcbool Select this option if mainboard uses eSPI instead of LPC (if supported
by platform).

SOC_AMD_COMMON_BLOCK_ESPI_RETAIN_PORT80_ENsoc/amd/common/block/lpcbool SMU will lock up at times if the port80h enable bit is cleared. Select
this option to retain the port80 enable bit while clearing other enable
bits in the ESPI Decode register.

SOC_AMD_COMMON_BLOCK_UARTsoc/amd/common/block/uartbool Select this option to add the common functions for setting up the
UART configuration to the build.

SOC_AMD_COMMON_BLOCK_PMsoc/amd/common/block/pmbool AMD Processor common code for Power Management (PM) subsystem.

SOC_AMD_COMMON_BLOCK_PM_CHIPSET_STATE_SAVEsoc/amd/common/block/pmbool Add common functionality to write CBMEM_ID_POWER_STATE for AMD
platforms that use FSP for hardware initialization.

SOC_AMD_COMMON_BLOCK_RESETsoc/amd/common/block/pmbool Select this option to use AMD common reset driver support.

SOC_AMD_SUPPORTS_WARM_RESETsoc/amd/common/block/pmbool Select this option if the chip supports warm reset.

SOC_AMD_COMMON_BLOCK_SMBUSsoc/amd/common/block/smbusbool Select this option to add FCH SMBus controller functions to the build.

SOC_AMD_COMMON_BLOCK_ROOT_COMPLEXsoc/amd/common/block/root_complexbool Select this option to add AMD common root complex support code
to the build.

SOC_AMD_COMMON_BLOCK_SMUsoc/amd/common/block/smubool Select this option to add functions to communicate with the SMU to the build.

SOC_AMD_COMMON_BLOCK_SMU_SX_ENTRYsoc/amd/common/block/smubool Select this option to add the function to send the S3/4/5 entry
message to the SMU.

SOC_AMD_COMMON_BLOCK_AOACsoc/amd/common/block/aoacbool Select this option to add the common functions for the AOAC (always
on, always connected) block to the build.

SOC_AMD_COMMON_BLOCK_IOMMUsoc/amd/common/block/iommubool Select this option to use AMD common IOMMU support.

SOC_AMD_COMMON_FSP_PCIsoc/amd/common/fsp/pcibool This option enabled FSP to provide common PCI functions.

SOC_AMD_PIsoc/amd/common/pibool This option builds functions that interface AMD's AGESA reference
code packaged in the binaryPI form and S3-related functionality.

PI_AGESA_CAR_HEAP_BASEsoc/amd/common/pihex The AGESA PI blob may be built to allow an optional callout for
AgesaHeapRebase. If AGESA calls AgesaHeapRebase, this option
determines the location of the heap prior to DRAM availability.

PI_AGESA_TEMP_RAM_BASEsoc/amd/common/pihex During a boot from S5, AGESA copies its CAR-based heap to a temporary
location in DRAM. Once coreboot has established cbmem, the heap
is moved again. This symbol determines the temporary location for
the heap.

PI_AGESA_HEAP_SIZEsoc/amd/common/pihex This option determines the amount of space allowed for AGESA heap
prior to DRAM availability.

PSP_VERSTAGE_CCP_DMAsoc/amd/common/psp_verstagebool Configure PSP Verstage to use Crypto Co-processor (CCP) DMA while
accessing the boot device. Select it on platforms which supports
using CCP DMA to access the boot device.

PSP_S0I3_RESUME_VERSTAGEsoc/amd/common/psp_verstageboolS0i3 resume verstage Select this item to enable running verstage during S0i3 resume.

PSP_INIT_TPM_ON_S0I3_RESUMEsoc/amd/common/psp_verstagebool If the TPM is reset while in S0i3, it must be reinitialized
during s0i3 resume. This must be performed in PSP verstage since
coreboot is otherwise not involved with s0i3 resume.

PSP_SUPPORTS_EFS2_RELATIVE_ADDRsoc/amd/common/psp_verstagebool On SoCs where PSP uses A/B recovery layout, PSP support relative addressing
from the start of the SPI ROM. Enable this config on SoCs where PSP supports
relative addressing so that PSP verstage can pass the offset.

SEPARATE_SIGNED_PSPFWsoc/amd/common/psp_verstagebool Put signed AMD/PSP firmwares outside FW_MAIN_[AB] so vboot doesn't verify them,
and rely on PSP's verification.

APCB_BLOBS_DIRsoc/amd/common.commonstringMainboard blobs path The path to the APCB mainboard blobs

INTEL_HAS_TOP_SWAPsoc/intel/common.commonbool Set this config if the Intel SoC supports top swap feature

INTEL_ADD_TOP_SWAP_BOOTBLOCKsoc/intel/common.commonboolInclude a Top swap bootblock Intel PCH/Southbridges have feature that it is possible to have
the southbridge/PCH look for the bootblock at a 64K or
128K/256K/512K/1MB (in case of newer SoCs) offset
instead of the usual top of flash.
Select this to put a 'second' bootblock.

INTEL_TOP_SWAP_BOOTBLOCK_SIZEsoc/intel/common.commonhexSize of top swap boot block Set this config to a supported topswap size.
Valid sizes: 0x10000 0x20000 0x40000 0x80000 0x100000

INTEL_TOP_SWAP_FIT_ENTRY_FMAP_REGsoc/intel/common.commonstring Use this config to specify the name of a FMAP region (which should
hold a microcode) whose address as the first entry in the topswap FIT.
This is useful in creating a asymmetric FIT in top swap bootblock
than the one in non-topswap bootblock. This string will be passed
onto ifittool (-A -n option). ifittool will not parse the region for MCU
entries, and only locate the region and insert its address into FIT.

SOC_INTEL_COMMONsoc/intel/common.commonbool common code for Intel SOCs

soc/intel/common.common(comment)Intel SoC Common Code for IP blocks
SOC_INTEL_COMMON_BLOCKsoc/intel/common/blockbool SoC driver for intel common IP code

SOC_INTEL_COMMON_BLOCK_SMMsoc/intel/common/block/smmbool Intel Processor common SMM support

SOC_INTEL_COMMON_BLOCK_SMM_IO_TRAPsoc/intel/common/block/smmbool Intel Processor trap flag if it is supported

SOC_INTEL_COMMON_BLOCK_SMM_LOCK_GPIO_PADSsoc/intel/common/block/smmbool Enable locking of security-sensitive SoC and mainboard GPIOs.
An SoC may provide a list of gpios to lock, and the mainboard
may also provide a list of gpios to lock.

SOC_INTEL_COMMON_BLOCK_SMM_ESPI_DISABLEsoc/intel/common/block/smmbool Disable eSPI SMI source to prevent the embedded controller
from asserting SMI while in firmware.

SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLEsoc/intel/common/block/smmboolEnable TCO SMI Enable TCO SMI source to e.g. handle case instrusion.

SOC_INTEL_COMMON_BLOCK_SMM_S5_DELAY_MSsoc/intel/common/block/smmint Time in milliseconds that SLP_SMI for S5 waits for before
enabling sleep. This is required to avoid any race between
SLP_SMI and PWRBTN SMI.

HECI_DISABLE_USING_SMMsoc/intel/common/block/smmbool HECI disable using SMM. Select this option to make HECI disable
using SMM mode, independent of dedicated UPD to perform HECI disable.

PERIODIC_SMI_RATE_SELECTION_IN_GEN_PMCON_Bsoc/intel/common/block/smmbool Intel Core processors select the periodic SMI rate via GEN_PMCON_A.
On Intel Atom processors the register is different and they use
GEN_PMCON_B/GEN_PMCON2 with different address.

SOC_INTEL_COMMON_BLOCK_DSPsoc/intel/common/block/dspbool Intel Processor common DSP support

DISABLE_HECI1_AT_PRE_BOOTsoc/intel/common/block/cseboolDisable HECI1 at the end of boot This config decides the state of HECI1(CSE) device at the end of boot.
Mainboard users to select this config to make HECI1 `function disable`
prior to handing off to payload.

SOC_INTEL_COMMON_BLOCK_CSEsoc/intel/common/block/csebool Driver for communication with Converged Security Engine (CSE)
over Host Embedded Controller Interface (HECI)

SOC_INTEL_COMMON_BLOCK_HECI1_DISABLE_USING_SBIsoc/intel/common/block/csebool Use this config to allow common CSE block to make HECI1 function disable
in the SMM mode. From CNL PCH onwards,`HECI1` disabling can only be done
using the non-posted sideband write after FSP-S sets the postboot_sai
attribute.

SOC_INTEL_COMMON_BLOCK_HECI1_DISABLE_USING_PMC_IPCsoc/intel/common/block/csebool Use this config to allow common CSE block to make HECI1 function disable
using PMC IPC command `0xA9`. From TGL PCH onwards, disabling heci1
device using PMC IPC doesn't required to run the operation in SMM.

SOC_INTEL_COMMON_BLOCK_HECI1_DISABLE_USING_PCRsoc/intel/common/block/csebool Use this config for SoC platform prior to CNL PCH (with postboot_sai implemented)
to make `HECI1` device disable using private configuration register (PCR) write.

SOC_INTEL_STORE_CSE_FW_VERSIONsoc/intel/common/block/csebool This configuration option stores CSE RW FW version in CBMEM area.
This information can be used to identify if the CSE firmware update is successful
by comparing the currently running CSE RW firmware version against CSE version
belongs to the CONFIG_SOC_INTEL_CSE_RW_VERSION (decided statically while
building the AP FW image).

The way to retrieve the CSE firmware version is by sending the HECI command to
read the CSE Boot Partition (BP) info. The cost of sending HECI command to read
the CSE FW version is between 7ms-20ms (depending on the SoC architecture) hence,
ensure this feature is platform specific and only enabled for the platform
that would like to store the CSE version into the CBMEM.

SOC_INTEL_CSE_FW_PARTITION_CMOS_OFFSETsoc/intel/common/block/cseint This configuration option stores the starting offset of cse fw partition versions in
CMOS memory. The offset should be byte aligned and must leave enough memory to store
required firmware partition versions.

SOC_INTEL_STORE_ISH_FW_VERSIONsoc/intel/common/block/csebool This configuration option stores ISH version in CBMEM area.
This information can be used to identify the currently running ISH firmware
version.

ISH BUP is sitting inside the CSE firmware partition. The way to retrieve the
ISH version is by sending the HECI command to read the CSE FPT. The cost of sending
HECI command to read the CSE FPT is significant (~200ms) hence, the idea is to
read the CSE RW version on every cold reset (to cover the CSE update scenarios)
and store into CBMEM to avoid the cost of resending the HECI command in all
consecutive warm boots.

Later boot stages can just read the CBMEM ID to retrieve the ISH version.

Additionally, ensure this feature is platform specific hence, only enabled
for the platform that would like to store the ISH version into the CBMEM and
parse to perform some additional work.

SOC_INTEL_CSE_SEND_EOP_EARLYsoc/intel/common/block/cseboolCSE send EOP early Use this config to send End Of Post (EOP) earlier through SoC code in order to
reduce time required to send EOP and getting CSE response.
In later stages, CSE might be busy and might require more time to process EOP command.
SoC can use this Kconfig to send EOP earlier by itself.

SOC_INTEL_CSE_SEND_EOP_LATEsoc/intel/common/block/csebool Use this config to send End Of Post (EOP) late (even after CSE `final` operation)
using boot state either `BS_PAYLOAD_BOOT` or `BS_PAYLOAD_LOAD` from common code
in order to reduce time required to send EOP and getting CSE response.
It has been observed that CSE might be busy and might require more time to
process the EOP command.
SoC can use this Kconfig to send EOP later by itself.
Starting with Jasper Lake, coreboot sends EOP before loading payload hence, this
config is applicable for those platforms.

SOC_INTEL_CSE_SEND_EOP_ASYNCsoc/intel/common/block/csebool Use this config to handle End Of Post (EOP) completion
asynchronously. The EOP command is sent first and the result
is checked later leaving time to CSE to complete the
operation while coreboot perform other activities.
Performing EOP asynchronously reduces the time spent
actively waiting for command completion which can have a
significant impact on boot time.

Using this asynchronous approach comes with the limitation
that no HECI command should be sent between the time the EOP
request is posted (at CSE .final device operation) and the
time coreboot check for its completion (BS_PAYLOAD_LOAD).

SOC_INTEL_CSE_LITE_SKUsoc/intel/common/block/csebool Enables CSE Lite SKU

SOC_INTEL_CSE_LITE_PSRsoc/intel/common/block/csebool Select this config if Platform Service Record(PSR) is supported by the platform. This
config is applicable only for Lite SKU, where PSR data backup is required prior to a
CSE firmware downgrade during which CSE data is cleared. PSR services in CSE FW is
enabled only post DRAM init and the command to backup PSR data is also supported only
post DRAM init. Hence platform that selects PSR would need to perform CSE firmware sync
in ramstage.

SOC_INTEL_CSE_SERVER_SKUsoc/intel/common/block/csebool Enables CSE Server SKU

SOC_INTEL_CSE_RW_UPDATEsoc/intel/common/block/cseboolEnable the CSE RW Update Feature This config will enable CSE RW firmware update feature and also will be used ensure
all the required configs are provided by mainboard.

SOC_INTEL_CSE_FMAP_NAMEsoc/intel/common/block/csestringName of CSE Region in FMAP Name of CSE region in FMAP

SOC_INTEL_CSE_RW_A_FMAP_NAMEsoc/intel/common/block/csestringLocation of CSE RW A in FMAP Name of CSE RW A region in FMAP

SOC_INTEL_CSE_RW_B_FMAP_NAMEsoc/intel/common/block/csestringLocation of CSE RW B in FMAP Name of CSE RW B region in FMAP

SOC_INTEL_CSE_RW_CBFS_NAMEsoc/intel/common/block/csestringCBFS entry name for CSE RW blob CBFS entry name for Intel CSE CBFS RW blob

SOC_INTEL_CSE_RW_HASH_CBFS_NAMEsoc/intel/common/block/csestringCBFS name for CSE RW hash file CBFS name for Intel CSE CBFS RW hash file

SOC_INTEL_CSE_RW_VERSION_CBFS_NAMEsoc/intel/common/block/csestringCBFS name for CSE RW version file CBFS name for Intel CSE CBFS RW version file

SOC_INTEL_CSE_RW_FILEsoc/intel/common/block/csestringIntel CSE CBFS RW path and filename Intel CSE CBFS RW blob path and file name

SOC_INTEL_CSE_RW_VERSIONsoc/intel/common/block/csestringIntel CSE RW firmware version This config contains the Intel CSE RW version of the blob that is provided by
SOC_INTEL_CSE_RW_FILE config and the version must be set in the format
major.minor.hotfix.build (ex: 14.0.40.1209).

SOC_INTEL_CSE_SET_EOPsoc/intel/common/block/csebool This config ensures coreboot will send the CSE the End-of-POST message
just prior to loading the payload. This is a security feature so the
CSE will no longer respond to Pre-Boot commands.

SOC_INTEL_CSE_SUB_PART_UPDATEsoc/intel/common/block/cseboolEnable the CSE sub-partition update Feature This config will enable CSE sub-partition firmware update feature and also will be used ensure
all the required configs are provided by mainboard.

SOC_INTEL_CSE_IOM_CBFS_NAMEsoc/intel/common/block/csestringCBFS name for CSE sub-partition IOM binary CBFS entry name for Intel CSE sub-partition IOM binary

SOC_INTEL_CSE_IOM_CBFS_FILEsoc/intel/common/block/csestringIntel CBFS path and file name for CSE sub-partition IOM binary CBFS path and file name for Intel CSE sub-partition IOM binary

SOC_INTEL_CSE_NPHY_CBFS_NAMEsoc/intel/common/block/csestringCBFS name for CSE sub-partition NPHY binary CBFS entry name for Intel CSE sub-partition NPHY binary

SOC_INTEL_CSE_NPHY_CBFS_FILEsoc/intel/common/block/csestringIntel CBFS path and file name for CSE sub-partition NPHY binary CBFS path and file name for Intel CSE sub-partition NPHY binary

SOC_INTEL_CSE_LITE_COMPRESS_ME_RWsoc/intel/common/block/csebool Enable compression on Intel CSE CBFS RW blob

SOC_INTEL_CSE_PRE_CPU_RESET_TELEMETRYsoc/intel/common/block/csebool Mainboard user to select this Kconfig in order to capture pre-cpu
reset boot performance telemetry data.

SOC_INTEL_CSE_PRE_CPU_RESET_TELEMETRY_V1soc/intel/common/block/csebool This config will make mainboard use version 1 of the CSE timestamp
definitions, it can be used for Alder Lake and Raptor Lake (all SKUs).

SOC_INTEL_CSE_PRE_CPU_RESET_TELEMETRY_V2soc/intel/common/block/csebool This config will make mainboard use version 2 of the CSE timestamp
definitions, it can be used for Meteor Lake M/P.

SOC_INTEL_CSE_LITE_SYNC_IN_ROMSTAGEsoc/intel/common/block/csebool Use default flow of CSE FW Update in romstage when uncompressed ME_RW blobs are used.

SOC_INTEL_CSE_LITE_SYNC_IN_RAMSTAGEsoc/intel/common/block/csebool Use this option if CSE RW update needs to be triggered during RAMSTAGE.

SOC_INTEL_CSE_HAVE_SPEC_SUPPORTsoc/intel/common/block/csebool This option config will allow SoC platform to use applicable ME specification.
The version based CSE measured ME specification data structures are defined at
common code. Enabling this option will use those CSE defined ME specification
for the SoC. User should select pertinent ME spec version along with this option.

SOC_INTEL_COMMON_BLOCK_ME_SPEC_12soc/intel/common/block/csebool This config will enable 'ME specification version 12'. It will ensure ME specific
declaration and uses of required data structures for Host firmware status registers.

SOC_INTEL_COMMON_BLOCK_ME_SPEC_13soc/intel/common/block/csebool This config will enable 'ME specification version 13'. It will ensure ME specific
declaration and uses of required data structures for Host firmware status registers.

SOC_INTEL_COMMON_BLOCK_ME_SPEC_15soc/intel/common/block/csebool This config will enable 'ME specification version 15'. It will ensure ME specific
declaration and uses of required data structures for Host firmware status registers.

SOC_INTEL_COMMON_BLOCK_ME_SPEC_16soc/intel/common/block/csebool This config will enable 'ME specification version 16'. It will ensure ME specific
declaration and uses of required data structures for Host firmware status registers.

SOC_INTEL_COMMON_BLOCK_ME_SPEC_18soc/intel/common/block/csebool This config will enable 'ME specification version 18'. It will ensure ME specific
declaration and uses of required data structures for Host firmware status registers.

ME_SPECsoc/intel/common/block/cseint This config holds the ME spec version if defined.

CSE_COMPONENTS_PATHsoc/intel/common/block/csestringPath to directory containing all CSE input components to stitch This is the file path containing all the input CSE component files.
These will be used by cse_serger tool to stitch CSE image.

CSE_FPT_FILEsoc/intel/common/block/csestringName of CSE FPT file This file is the CSE input binary as released by Intel in a CSE kit.

CSE_DATA_FILEsoc/intel/common/block/csestringName of CSE data file This file is the CSE data binary typically generated by Intel FIT tool.

CSE_PMCP_FILEsoc/intel/common/block/csestringName of PMC file This file is the PMC input binary as released by Intel in a CSE kit.

CSE_IOMP_FILEsoc/intel/common/block/csestringName of IOM file This file is the IOM input binary as released by Intel in a CSE kit.

CSE_TBTP_FILEsoc/intel/common/block/csestringName of TBT file This file is the TBT input binary as released by Intel in a CSE kit.

CSE_NPHY_FILEsoc/intel/common/block/csestringName of NPHY file This file is the NPHY input binary as released by Intel in a CSE kit.

CSE_PCHC_FILEsoc/intel/common/block/csestringName of PCHC file This file is the PCHC input binary as released by Intel in a CSE kit.

CSE_IUNP_FILEsoc/intel/common/block/csestringName of IUNIT file This file is the PCHC input binary as released by Intel in a CSE kit.

CSE_BPDT_VERSIONsoc/intel/common/block/csestring This config indicates the BPDT version used by CSE for a given SoC.

CSE_OEMP_FILEsoc/intel/common/block/csestringName of OEM Key Manifest file OEM Key Manifest lists the public key hashes used for authenticating the
OEM created binaries to be loaded. This binary is generated by signing with
the key owned by trusted owner.

CSE_RESET_CLEAR_EC_AP_IDLE_FLAGsoc/intel/common/block/csebool Select this if the variant is a Chromebox/base. This allows AP to direct EC
to clear AP_IDLE flag before triggering reset to make sure AP can boot up
after reset.

SOC_INTEL_COMMON_BLOCK_THERMALsoc/intel/common/block/thermalbool This option allows to configure PCH thermal registers for supported PCH.

SOC_INTEL_COMMON_BLOCK_THERMAL_PCI_DEVsoc/intel/common/block/thermalbool This option allows to configure PCH thermal registers using Thermal PCI device
for chipsets till Ice Lake PCH.

SOC_INTEL_COMMON_BLOCK_THERMAL_BEHIND_PMCsoc/intel/common/block/thermalbool This option allows to configure PCH thermal registers using PMC PWRMBASE
for chipsets since Tiger Lake PCH.

SOC_INTEL_COMMON_BLOCK_CNVIsoc/intel/common/block/cnvibool Common CNVI module for Intel PCH

SOC_INTEL_COMMON_BLOCK_SPIsoc/intel/common/block/spibool Intel Processor common SPI support

SOC_INTEL_COMMON_BLOCK_SRAMsoc/intel/common/block/srambool Intel Processor common SRAM support

SOC_INTEL_COMMON_BLOCK_PCIEsoc/intel/common/block/pciebool Intel Processor common PCIE support

SOC_INTEL_COMMON_BLOCK_PCIE_RTD3soc/intel/common/block/pcie/rtd3bool When enabled, this driver will add support for ACPI controlled
Runtime D3 using GPIOs for power/reset control of the device
attached to a PCIe root port.

PCIE_LTR_MAX_SNOOP_LATENCYsoc/intel/common/block/pciehex Latency tolerance reporting, max snoop latency value defaults to 3.14 ms.

PCIE_LTR_MAX_NO_SNOOP_LATENCYsoc/intel/common/block/pciehex Latency tolerance reporting, max non-snoop latency value defaults to 3.14 ms.

PCIE_DEBUG_INFOsoc/intel/common/block/pciebool Enable debug logs in PCIe module. Allows debug information on memory
base and limit, prefetchable memory base and limit, prefetchable memory
base upper 32 bits and prefetchable memory limit upper 32 bits.

PCIE_CLOCK_CONTROL_THROUGH_P2SBsoc/intel/common/block/pciebool Enables PCIe CLK control (on/off) through P2SB. The mechanism is supported
starting from MTL platform. In older platforms like ADL & TGL, PCIe CLK is
controlled by sending IPC CMD to PMC.

IOE_DIE_CLOCK_STARTsoc/intel/common/block/pcieint The beginning of IOE DIE pcie src clk number. IOE DIE is started from MTL.

SOC_INTEL_COMMON_BLOCK_I2Csoc/intel/common/block/i2cbool Intel Processor Common I2C support

SOC_INTEL_COMMON_BLOCK_TCSSsoc/intel/common/block/tcssNone Sets up USB2/3 port mapping in TCSS MUX and sets MUX to disconnect state

ENABLE_TCSS_DISPLAY_DETECTIONsoc/intel/common/block/tcssboolEnable detection of displays over USB Type-C ports with TCSS Enable displays to be detected over Type-C ports during boot.

ENABLE_TCSS_USB_DETECTIONsoc/intel/common/block/tcssboolEnable detection of USB boot devices attached to USB Type-C ports with TCSS Enable USB-C attached storage devices to be detected at boot.
This option is required for some payloads (eg, edk2), without which devices attached
to USB-C ports will not be detected and available to boot from.

SOC_INTEL_COMMON_BLOCK_TRACEHUBsoc/intel/common/block/tracehubbool Enable Intel Trace Hub (TH) driver. Intel FSP reserves some portion of
memory for TH to store traces. This memory region information is
passed via FSP HOB to coreboot. This driver locates the HOB and marks
that memory region as reserved so that Operating System does not use
this memory.

SOC_INTEL_COMMON_BLOCK_DTTsoc/intel/common/block/dttbool Minimal PCI Driver for enabling SSDT generation of Intel
Dynamic Tuning Technology (DTT) policies and controls, also
known as Intel DPTF (Dynamic Platform and Thermal Framework)

SOC_INTEL_COMMON_BLOCK_BASE_P2SBsoc/intel/common/block/p2sbbool Intel Processor common P2SB base driver

SOC_INTEL_COMMON_BLOCK_P2SBsoc/intel/common/block/p2sbbool Intel Processor common P2SB driver for PCH or SoC die

SOC_INTEL_COMMON_BLOCK_IOE_P2SBsoc/intel/common/block/p2sbbool Intel Processor common P2SB driver for IOE die

SOC_INTEL_COMMON_BLOCK_CHIP_CONFIGsoc/intel/common/block/chipbool Intel Processor common soc/chip configuration support

SOC_INTEL_COMMON_BLOCK_SCSsoc/intel/common/block/scsbool Intel Processor common storage and communication subsystem support

SOC_INTEL_COMMON_EARLY_MMC_WAKEsoc/intel/common/block/scsbool Send CMD1 early in romstage to improve boot time. It requires emmc
DLL tuning parameters to be added to devicetree.cb

SOC_INTEL_COMMON_MMC_OVERRIDEsoc/intel/common/block/scsbool Override the MMC settings after FSP-S.
It should be used only when there is no FSP UPDs for certain setting.

SOC_INTEL_COMMON_BLOCK_GRAPHICSsoc/intel/common/block/graphicsbool Intel Processor common Graphics support

SOC_INTEL_CONFIGURE_DDI_A_4_LANESsoc/intel/common/block/graphicsbool Selected by platforms that require DDI-A bifurcation setup.

SOC_INTEL_DISABLE_IGDsoc/intel/common/block/graphicsboolDisable Integrated GFX Controller (0:2:0) Selected by mainboard user that need to skip IGD initialization
where OS can only use one GPU hence need to disable IGD and don't
need to run FSP GOP.

SOC_INTEL_GFX_FRAMEBUFFER_OFFSETsoc/intel/common/block/graphicshex PCI config offset 0x18 point to LMEMBAR and need to add GTT size to
reach at DSM which is referred here as SOC_INTEL_GFX_MEMBASE_OFFSET.
SoC that follow such design would override SOC_INTEL_GFX_FRAMEBUFFER_OFFSET
with GTT_SIZE value. On SoC platform where PCI config offset 0x18 points
to the GMADR directly can use the default value 0x0 without any override.

SOC_INTEL_GFX_NON_PREFETCHABLE_MMIOsoc/intel/common/block/graphicsbool Ignore BAR0(offset 0x10)'s pre-fetchable attribute to use non-prefetchable
MMIO to fix OS display driver failure.

SOC_INTEL_COMMON_BLOCK_IPUsoc/intel/common/block/ipubool Intel Image Processing Unit driver

SOC_INTEL_COMMON_BLOCK_FAST_SPIsoc/intel/common/block/fast_spibool Intel Processor common FAST_SPI support

FAST_SPI_DISABLE_WRITE_STATUSsoc/intel/common/block/fast_spiboolDisable write status SPI opcode Disable the write status SPI opcode in Intel Fast SPI block.

FAST_SPI_SUPPORTS_EXT_BIOS_WINDOWsoc/intel/common/block/fast_spibool Fast SPI controller on the platform supports additional
window for memory mapping BIOS region (region 1) on the SPI
flash beyond the standard limit of 16MiB. Depending upon the
size of the SPI flash part used by the mainboard, two decode
windows will be enabled:
1. Fixed decode window up to a maximum size of 16MiB under
4G boundary.
2. Extended decode window up to a maximum size provided by
the platform to map the rest of the BIOS region.
SoC selecting this config is expected to provide the base and
maximum size of the extended window in the host address space
using configs EXT_BIOS_WIN_BASE and EXT_BIOS_WIN_SIZE.

EXT_BIOS_WIN_BASEsoc/intel/common/block/fast_spihex If an additional window for mapping BIOS region greater than
16MiB is supported, then this config is used to provide the
base address reserved for the mapping. Since the mapping is
done at the top of the window, depending upon the size of the
BIOS region, the actual base address configured in the fast
SPI controller can be higher at runtime.

EXT_BIOS_WIN_SIZEsoc/intel/common/block/fast_spihex Maximum size of the extended window reserved for mapping BIOS
region greater than 16MiB. The actual mapped window might be
smaller depending upon the size of the BIOS region.

FAST_SPI_GENERATE_SSDTsoc/intel/common/block/fast_spibool Select this option if the Fast SPI controller is hidden from the OS.
If this switch is selected, an entry in the SSDT will be generated
for the controller to report the occupied resource which is not
discoverable at OS runtime.

SOC_INTEL_COMMON_BLOCK_ITSSsoc/intel/common/block/itssbool Intel Processor common interrupt timer subsystem support

SOC_INTEL_COMMON_BLOCK_GPIOsoc/intel/common/block/gpiobool Intel Processor common GPIO support

SOC_INTEL_COMMON_BLOCK_GPIO_LOCK_USING_SBIsoc/intel/common/block/gpiobool Till ADL PCH,`Pad Configuration Lock` can only be set or cleared
using non-posted sideband write.

SOC_INTEL_COMMON_BLOCK_GPIO_LOCK_USING_PCRsoc/intel/common/block/gpiobool SoC user to select this config if `Pad Configuration Lock` can only be set or
cleared using private configuration register (PCR) write.
Starting with MTL SoC, the recommendation is to use PCR for locking down the
GPIO configuration.

SOC_INTEL_COMMON_BLOCK_GPIO_PMODE_4BITSsoc/intel/common/block/gpiobool SoC user to select this config if Pad Mode (PMODE) width of PAD_CFG_DW0 regiser
is 4 bits to support Native Function 1 to 15.

SOC_INTEL_COMMON_BLOCK_SATAsoc/intel/common/block/satabool Common SATA module for Intel PCH

SOC_INTEL_COMMON_BLOCK_XHCIsoc/intel/common/block/xhcibool Intel Processor common XHCI support

SOC_INTEL_COMMON_BLOCK_XHCI_ELOGsoc/intel/common/block/xhcibool Set this option to identify if XHCI caused a wake up and log that
information into the event log.

SOC_INTEL_COMMON_BLOCK_ACPIsoc/intel/common/block/acpibool Intel Processor common code for ACPI

SOC_INTEL_COMMON_BLOCK_ACPI_LPITsoc/intel/common/block/acpibool Generate LPIT table with LPI state entries

SOC_INTEL_COMMON_BLOCK_ACPI_PEPsoc/intel/common/block/acpibool Generate an Intel Power Engine device object in the SSDT. This is
usually used for providing ACPI hooks for S0ix exit/entry.

SOC_INTEL_COMMON_BLOCK_ACPI_PEP_LPM_REQsoc/intel/common/block/acpibool Generate a 2nd set of _DSM functions for the Power Engine device that
will return a buffer that contains the contents of the PMC's LPM
requirements registers. A kernel can use this to display the
requirements for different LPM substates.

SOC_INTEL_COMMON_BLOCK_CRASHLOGsoc/intel/common/block/acpibool Generate crash data for BERT table

SOC_INTEL_COMMON_BLOCK_ACPI_CPPCsoc/intel/common/block/acpibool Generate CPPC entries for Intel SpeedShift

SOC_INTEL_COMMON_BLOCK_ACPI_CPU_HYBRIDsoc/intel/common/block/acpibool Defines hybrid CPU specific ACPI helper functions.

SOC_INTEL_UFS_OCP_TIMER_DISABLEsoc/intel/common/block/acpibool OCP Timer need to be disabled in SCS UFS IOSF Bridge to
work around the Silicon Issue due to which LTR mechanism
doesn't work.

SOC_INTEL_UFS_LTR_DISQUALIFYsoc/intel/common/block/acpibool LTR needs to be disqualified for UFS in D3 to ensure PMC
ignores LTR from UFS IP which is infinite.
SOC_INTEL_COMMON_BLOCK_RTCsoc/intel/common/block/rtcbool Intel Processor common RTC support

SOC_INTEL_COMMON_BLOCK_TIMERsoc/intel/common/block/timerbool Intel Processor common TIMER support

USE_LEGACY_8254_TIMERsoc/intel/common/block/timerboolUse Legacy 8254 Timer Setting this makes the Legacy 8254 Timer available by disabling
clock gating. This needs to be enabled in order to boot a legacy
BIOS or OS not supporting other timers like PM timer or TSC.

While SeaBIOS does not require this timer anymore, it is needed
when OpRoms are being used.

Disable this setting to save power, when the timer is not needed.

SOC_INTEL_COMMON_BLOCK_XDCIsoc/intel/common/block/xdcibool Intel Processor common XDCI support

SOC_INTEL_COMMON_BLOCK_CPUsoc/intel/common/block/cpubool This option selects Intel Common CPU Model support code
which provides various CPU related APIs which are common
between all Intel Processor families. Common CPU code is supported
for SOCs starting from SKL,KBL,APL, and future.

SOC_INTEL_COMMON_BLOCK_CPU_MPINITsoc/intel/common/block/cpubool This option selects Intel Common CPU MP Init code. In
this common MP Init mechanism, the MP Init is occurring before
calling FSP Silicon Init. Hence, MP Init will be pulled to
BS_DEV_INIT_CHIPS Entry. And on Exit of BS_DEV_INIT, it is
ensured that all MTRRs are re-programmed based on the DRAM
resource settings.

USE_FSP_FEATURE_PROGRAM_ON_APSsoc/intel/common/block/cpuboolAllow FSP running CPU feature programming on MP init Upon selection, coreboot brings APs from reset and the FSP runs feature programming.

USE_COREBOOT_MP_INITsoc/intel/common/block/cpuboolUse coreboot MP init Upon selection, coreboot performs MP Init.

SOC_INTEL_COMMON_BLOCK_CARsoc/intel/common/block/cpubool This option allows you to select how cache-as-ram (CAR) is set up.

INTEL_CAR_NEMsoc/intel/common/block/cpubool Traditionally, CAR is set up by using Non-Evict mode. This method
does not allow CAR and cache to co-exist, because cache fills are
blocked in NEM.

INTEL_CAR_CQOSsoc/intel/common/block/cpubool Cache Quality of Service allows more fine-grained control of cache
usage. As result, it is possible to set up a portion of L2 cache for
CAR and use the remainder for actual caching.

INTEL_CAR_NEM_ENHANCEDsoc/intel/common/block/cpubool A current limitation of NEM (Non-Evict mode) is that code and data sizes
are derived from the requirement to not write out any modified cache line.
With NEM, if there is no physical memory behind the cached area,
the modified data will be lost and NEM results will be inconsistent.
ENHANCED NEM guarantees that modified data is always
kept in cache while clean data is replaced.

CAR_HAS_SF_MASKSsoc/intel/common/block/cpubool In the case of non-inclusive cache architecture Snoop Filter MSR
IA32_L3_SF_MASK_x programming is required along with the data ways.
This is applicable for TGL and beyond.

SF_MASK_2WAYS_PER_BITsoc/intel/common/block/cpubool In the case of non-inclusive cache architecture when two ways in
the SF mask are controlled by one bit of the SF QoS register.
This is applicable for TGL alone.

COS_MAPPED_TO_MSBsoc/intel/common/block/cpubool On TGL and JSL platform the class of service configuration
is mapped to MSB of MSR IA32_PQR_ASSOC.

CAR_HAS_L3_PROTECTED_WAYSsoc/intel/common/block/cpubool On ADL and onwards platform has a newer requirement to protect
L3 ways in Non-Inclusive eNEM mode. Hence, MSR 0xc85 is to program
the data ways.

USE_INTEL_FSP_MP_INITsoc/intel/common/block/cpuboolPerform MP Initialization by FSP This option allows FSP to perform multiprocessor initialization.

USE_INTEL_FSP_TO_CALL_COREBOOT_PUBLISH_MP_PPIsoc/intel/common/block/cpuboolPerform MP Initialization by FSP using coreboot MP PPI service This option allows FSP to make use of MP services PPI published by
coreboot to perform multiprocessor initialization.

CPU_SUPPORTS_INTEL_TMEsoc/intel/common/block/cpubool Select this if the SoC supports Intel Total Memory Encryption (TME).

INTEL_TMEsoc/intel/common/block/cpuboolTotal Memory Encryption (TME)/Multi-key TME (MKTME) Enable Total Memory Encryption (TME)/Multi-key TME (MKTME). The spec is
available at "https://software.intel.com/sites/default/files/managed/a5
/16/Multi-Key-Total-Memory-Encryption-Spec.pdf". If CPU supports TME,
it would get enabled. If CPU supports MKTME, this same config option
enables MKTME.

TME_KEY_REGENERATION_ON_WARM_BOOTsoc/intel/common/block/cpuboolGenerate new TME key on each warm boot Program Intel TME to generate a new key for each warm boot. TME always
generates a new key on each cold boot. With this option enabled TME
generates a new key even in warm boot. Without this option TME reuses
the key for warm boot.

If a new key is generated on warm boot, DRAM contents from previous
warm boot will not get decrypted. This creates issue in accessing
CBMEM region from previous warm boot. To mitigate the issue coreboot
also programs exclusion range. Intel TME does not encrypt physical
memory range set in exclusion range. Current coreboot implementation
programs TME to exclude CBMEM region. When this config option is
enabled, coreboot instructs Intel FSP to program TME to generate
a new key on every warm boot and also exclude CBMEM region from being
encrypted by TME.

CPU_XTAL_HZsoc/intel/common/block/cpuint Base clock which virtually everything runs on.

CPU_SUPPORTS_PM_TIMER_EMULATIONsoc/intel/common/block/cpubool Select this if the SoC's ucode supports PM ACPI timer emulation (Common
timer Copy), which is required to be able to disable the TCO PM ACPI
timer for power saving.

SOC_INTEL_NO_BOOTGUARD_MSRsoc/intel/common/block/cpubool Select this on platforms that do not support Bootguard related MSRs
0x139, MSR_BC_PBEC and 0x13A, MSR_BOOT_GUARD_SACM_INFO.

SOC_INTEL_DISABLE_POWER_LIMITSsoc/intel/common/block/cpubool Select this if the Running Average Power Limits (RAPL) algorithm
for constant power management is not needed.

SOC_INTEL_SET_MIN_CLOCK_RATIOsoc/intel/common/block/cpubool If the power budget of the mainboard is limited, it can be useful to
limit the CPU power dissipation at the cost of performance by setting
the lowest possible CPU clock. Enable this option if you need smallest
possible CPU clock. This setting can be overruled by the OS if it has an
p-state driver which can adjust the clock to its need.

INTEL_KEYLOCKERsoc/intel/common/block/cpuboolIntel Key Locker Enable Intel Key Locker if supported by the CPU. Intel Key Locker provides a
mechanism to encrypt and decrypt data with an AES key without having access
to the raw key value by converting AES keys into "handles". The specification
of Key Locker can be found via document #343965 on Intel's site.

SOC_INTEL_COMMON_BLOCK_PRMRR_SIZEsoc/intel/common/block/cpuintPRMRR size PRMRR (Protected Memory Range) is the space in RAM that is used to provide a
protected memory area (e.g. for the Intel SGX Secure Enclaves and Intel
Key Locker). The memory region is accessible only by the processor itself to
protect the data from unauthorized access.

This option allows to select PRMRR size for the intended feature. Depending on
the SoC a lower, compatible value may be chosen at runtime as not all values
are supported on all families.

SOC_INTEL_COMMON_BLOCK_POWER_LIMITsoc/intel/common/block/power_limitbool This option allows to configure processor power limit values.

SOC_INTEL_RAPL_DISABLE_VIA_MCHBARsoc/intel/common/block/power_limitbool Select if disabling Running Average Power Limit (RAPL) has to be done via MCHBAR.

SOC_INTEL_COMMON_BLOCK_VARIANT_POWER_LIMITsoc/intel/common/block/power_limitbool This option allows to configure processor power limit values
for different variants based on CPU TDP and machine id.

SOC_INTEL_COMMON_BLOCK_VTDsoc/intel/common/block/vtdbool Intel Processor common VT-d/IOMMU support

ENABLE_EARLY_DMA_PROTECTIONsoc/intel/common/block/vtdboolEnable early DMA protection Setting this makes the whole memory from 0 to TOLUM and from 4GB
to TOUUD DMA protected with VT-d PMR registers.

Disable this setting if your OS does not support IOMMU. The payload
must be aware of the DMA protection, otherwise I/O devices might not
work.

If unsure, say N.

SOC_INTEL_COMMON_BLOCK_PCRsoc/intel/common/block/pcrbool Intel Processor common Private configuration registers (PCR)

PCR_COMMON_IOSF_1_0soc/intel/common/block/pcrbool The mapping of addresses via the SBREG_BAR assumes the IOSF-SB
agents are using 32-bit aligned accesses for their configuration
registers. For IOSF versions greater than 1_0, IOSF-SB
agents can use any access (8/16/32 bit aligned) for their
configuration registers

SOC_INTEL_COMMON_BLOCK_HDAsoc/intel/common/block/hdabool Intel Processor common High Definition Audio driver support

SOC_INTEL_COMMON_BLOCK_HDA_VERBsoc/intel/common/block/hdabool Enable initialization of HDA codecs.

SOC_INTEL_COMMON_BLOCK_OC_WDTsoc/intel/common/block/oc_wdtbool Intel Processor common Overclocking Watchdog support

SOC_INTEL_COMMON_OC_WDT_ENABLEsoc/intel/common/block/oc_wdtboolEnable overclocking watchdog during boot Enables Intel chipset Overclocking Watchdog to count during system
boot. The platform will reset during lockups if watchdog is not
reloaded. Software/firmware is responsible for feeding the watchdog.

If unsure, say N.

SOC_INTEL_COMMON_OC_WDT_TIMEOUT_SECONDSsoc/intel/common/block/oc_wdtint The Intel chipset Overclocking Watchdog timeout value in seconds.
coreboot will preload the watchdog with the timeout value specified
in this option. Specify a high enough value so that the platform
will have a chance to perform full memory training and boot. Default
is 10 minutes. Boards and SoCs may override this value.

SOC_INTEL_COMMON_OC_WDT_RELOAD_IN_PERIODIC_SMIsoc/intel/common/block/oc_wdtboolReload the overclocking watchdog using periodic SMI Enables Intel chipset Overclocking Watchdog reloading in the periodic
SMI handler. Without this option the platform will keep power cycling
unless the OS drivers are installed for this watchdog.

If unsure, say Y.

SOC_INTEL_COMMON_BLOCK_GSPIsoc/intel/common/block/gspibool Intel Processor Common GSPI support

SOC_INTEL_COMMON_BLOCK_GSPI_CLOCK_MHZsoc/intel/common/block/gspiint The input clock speed into the SPI controller IP block, in MHz.
No default is set here as this is an SOC-specific value
and must be provided by the SOC.

SOC_INTEL_COMMON_BLOCK_GSPI_MAXsoc/intel/common/block/gspiint Maximum number of GSPI controllers supported by the PCH. SoC
must define this config if SOC_INTEL_COMMON_BLOCK_GSPI is
selected.

SOC_INTEL_COMMON_BLOCK_GSPI_VERSION_2soc/intel/common/block/gspibool Intel Processor Common GSPI support with quirks to handle
SPI_CS_CONTROL changes introduced in CNL.

SOC_INTEL_COMMON_BLOCK_LPCsoc/intel/common/block/lpcbool Use common LPC code for platform. Only soc specific code needs to
be implemented as per requirement.

SOC_INTEL_COMMON_BLOCK_LPC_COMB_ENABLEsoc/intel/common/block/lpcbool By default COMA range to LPC is enable. COMB range to LPC is optional
and should select based on platform dedicated selection.

SOC_INTEL_COMMON_BLOCK_LPC_MIRROR_TO_GPMRsoc/intel/common/block/lpcbool Mirror LPC registers for IO/MMIO to their corresponding GPMR registers.
Required for platforms starting from SPT.

SOC_INTEL_COMMON_BLOCK_UARTsoc/intel/common/block/uartbool Intel Processor common UART support

INTEL_LPSS_UART_FOR_CONSOLEsoc/intel/common/block/uartbool Selected by mainboards that use one of the SoC's LPSS UARTS
for the coreboot console.

SOC_INTEL_COMMON_BLOCK_IRQsoc/intel/common/block/irqbool Intel common block support for assigning PCI IRQs dynamically. This
allows coreboot to control the IRQ assignments. They are passed to the
FSP via UPD, and also exposed to the OS in ACPI tables. The SoC must
provide a list of IRQ programming constraints; this module will avoid
IRQs that are used by GPIOs routed to IOAPIC.

SOC_INTEL_COMMON_BLOCK_PMCsoc/intel/common/block/pmcbool Intel Processor common code for Power Management controller(PMC)
subsystem

SOC_INTEL_MEM_MAPPED_PM_CONFIGURATIONsoc/intel/common/block/pmcbool Select this on platforms where the PMC register for PM configuration (i.e.,
GEN_PMCON_A/B etc. are memory mapped).

SOC_INTEL_COMMON_BLOCK_PMC_DISCOVERABLEsoc/intel/common/block/pmcbool Select this on platforms where the PMC device is discoverable
when scanning buses.

SOC_INTEL_COMMON_BLOCK_PMC_EPOCsoc/intel/common/block/pmcbool Enable this for PMC devices to perform EPOC (CPU Early Power-on
Configuration) related functions.

PMC_INVALID_READ_AFTER_WRITEsoc/intel/common/block/pmcbool Enable this for PMC devices where a read back of ACPI BAR and
IO access bit does not return the previously written value.

PMC_IPC_ACPI_INTERFACEsoc/intel/common/block/pmcbool Enable this to have the PMC IPC mailbox ACPI interface added
to the SSDT for use by other drivers.

PMC_GLOBAL_RESET_ENABLE_LOCKsoc/intel/common/block/pmcbool Enable this for PMC devices where the reset configuration
and lock register is located under PMC BASE at offset ETR.
Note that the reset register is still at 0xCF9 this only
controls the enable and lock feature.

NO_PM_ACPI_TIMERsoc/intel/common/block/pmcbool Selected by SoCs that do not have a PM ACPI timer.

USE_PM_ACPI_TIMERsoc/intel/common/block/pmcboolEnable ACPI PM timer This should be disabled for devices running on battery since
it can draw much power. Further, it must be disabled, if S0ix
is enabled.

Disabling this option also stops the hardware TCO timer and makes
the TCO watchdog unavailable.

Note: On platforms without uCode PM Timer emulation, legacy OSes
or payloads with ACPI version < 5.0A might not work without
PM ACPI timer.

(Legacy) software requiring `TMR_STS` (for timer overflow
interrupts) will not work with this option disabled.

SOC_INTEL_COMMON_BLOCK_LPSSsoc/intel/common/block/lpssbool Intel Processor common LPSS support

SOC_INTEL_COMMON_BLOCK_USB4soc/intel/common/block/usb4bool Minimal PCI Driver for enabling SSDT generation for the DMA component
of Intel Thunderbolt/USB4 ports.

SOC_INTEL_COMMON_BLOCK_USB4_PCIEsoc/intel/common/block/usb4bool Chip driver for adding PCI ops and SSDT generation for common Intel
USB4/Thunderbolt root ports.

SOC_INTEL_COMMON_BLOCK_USB4_XHCIsoc/intel/common/block/usb4bool Minimal PCI driver for adding PCI ops and SSDT generation for common
Intel USB4/Thunderbolt North XHCI ports.

SOC_INTEL_ENABLE_USB4_PCIE_RESOURCESsoc/intel/common/block/usb4bool Enable USB4 PCIe resources for reserving hotplug buses and memory.

SOC_INTEL_COMMON_BLOCK_SAsoc/intel/common/block/systemagentbool Intel Processor common System Agent support

SA_ENABLE_IMRsoc/intel/common/block/systemagentbool This option allows you to add the isolated memory ranges (IMRs).

SA_ENABLE_DPRsoc/intel/common/block/systemagentbool This option allows you to add the DMA Protected Range (DPR).

ACPI_BERT_SIZEsoc/intel/common/block/systemagenthex Specify the amount of DRAM reserved for gathering the data used to
generate the ACPI table.

HAVE_PAM0_REGISTERsoc/intel/common/block/systemagentbool Specify if the SOC has a PAM0 register

SOC_INTEL_COMMON_BLOCK_SMBUSsoc/intel/common/block/smbusbool Intel Processor common SMBus support

SOC_INTEL_COMMON_BLOCK_TCOsoc/intel/common/block/smbusbool Intel Processor common TCO support

SOC_INTEL_COMMON_BLOCK_TCO_ENABLE_THROUGH_SMBUSsoc/intel/common/block/smbusbool Select this config to enable TCO BAR through SMBUS

SOC_INTEL_COMMON_BLOCK_IOCsoc/intel/common/block/iocbool Intel Processor common IO Cache (IOC).
IOC will replace DMI interface starting with Meteor Lake SoC
(which does not have the PCH die).

SOC_INTEL_COMMON_BLOCK_MEMINITsoc/intel/common/block/memorybool Intel common block support for performing initialization
of FSPM UPDs.

DIMMS_PER_CHANNELsoc/intel/common/block/memoryint Maximum number of DIMMs per channel if the memory controller
supports DIMM modules for any memory technology.

DATA_BUS_WIDTHsoc/intel/common/block/memoryint Data bus width of the platform.

MRC_CHANNEL_WIDTHsoc/intel/common/block/memoryint Width of the memory channel from the perspective of MRC. This
determines the UPD organization. SoC using this common block
support is expected to set MRC_CHANNEL_WIDTH as per the FSP
MRC expectation.

SPD_CACHE_ENABLEsoc/intel/common/block/memorybool Enable to cache the spd data to the RW_SPD_CACHE region. If
this option is enabled, please make sure the RW_SPD_CACHE
region is added to the flash layout.

SOC_INTEL_COMMON_BLOCK_GPMRsoc/intel/common/block/gpmrbool Intel Processor common GPMR support

SOC_INTEL_COMMON_BLOCK_SGXsoc/intel/common/block/sgxbool Intel Processor common SGX support

SOC_INTEL_COMMON_BLOCK_SGX_LOCK_MEMORYsoc/intel/common/block/sgxbool Lock memory before SGX activation. This is only needed if MCHECK does not do it.

SOC_INTEL_COMMON_BLOCK_SGX_ENABLEsoc/intel/common/block/sgxboolEnable Software Guard Extensions (SGX) if available Intel Software Guard Extensions (SGX) is a set of new CPU instructions that can be
used by applications to set aside private regions (so-called Secure Enclaves) of
code and data.

SGX will only be enabled when supported by the CPU! Configure PRMRR size using
SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE config option.

soc/intel/common.common(comment)Intel SoC Common PCH Code
SOC_INTEL_INTEGRATED_SOUTHCLUSTERsoc/intel/common/pchbool Apollo Lake and Gemini Lake are single-chip platforms with a south
cluster instead of a PCH. Most of the IP blocks are the same as in
PCH platforms, but there are several differences that need to be
accounted for.

SOC_INTEL_COMMON_PCH_CLIENTsoc/intel/common/pchbool Selected by "Client" platforms, i.e. desktops, workstations,
laptops, tablets... This also includes uniprocessor servers
based on the same silicon as desktops and workstations. The
"Client" platforms include additional IP blocks that are of
little to no use on servers.

SOC_INTEL_COMMON_PCH_SERVERsoc/intel/common/pchbool Selected by "Server" platforms, i.e. multi-socket capable
platforms used in large servers and workstations, such as
those using the Lewisburg (C620) PCH.

SOC_INTEL_COMMON_PCH_BASEsoc/intel/common/pchbool This option is meant to be selected by the specific options above.

SOC_INTEL_COMMON_PCH_LOCKDOWNsoc/intel/common/pch/lockdownbool This option allows to have chipset lockdown for DMI, FAST_SPI and
soc_lockdown_config() to implement any additional lockdown as PMC,
LPC for supported PCH.

soc/intel/common.common(comment)Intel SoC Common coreboot stages and non-IP blocks
SOC_INTEL_COMMON_BASECODEsoc/intel/common/basecodebool Common coreboot stages and non-IP block for Intel platform

SOC_INTEL_COMMON_BASECODE_RAMTOPsoc/intel/common/basecode/ramtopbool Driver code to store the top_of_ram (RAMTOP) address into
non-volatile space (CMOS) during the first boot and use
it across all consecutive boot.

Purpose of this driver code is to cache the RAMTOP (with a
fixed size) for all consecutive boots even before calling
into the FSP. Otherwise, this range remains un-cached until postcar
boot stage updates the MTRR programming. FSP-M and late romstage
uses this uncached RAMTOP range for various purposes and having the
ability to cache this range beforehand would help to optimize the boot
time (more than 50ms).

SOC_INTEL_COMMON_BASECODE_DEBUG_FEATUREsoc/intel/common/basecode/debugbool Driver to control runtime features of Intel SoC & coreboot. For example, controlling
the CSE firmware update feature without rebuilding the code.

ACPI_CONSOLEsoc/intel/common.commonbool Provide a mechanism for serial console based ACPI debug.

PAVPsoc/intel/common.commonboolEnable PAVP (Protected Audio-Video Path) support Protected Audio-Video Path is an Intel technology used to enforce digital
rights protections on multimedia content. Streaming or other media playback
services may require it to be enabled for correct functioning.

Users might disable PAVP if the concept of digital rights management (DRM)
offends them, or if they have concerns about the security of
the Management Engine, which is where this technology is implemented.

Set this option to n to disable support.

MMAsoc/intel/common.commonboolEnable MMA (Memory Margin Analysis) support for Intel Core Set this option to y to enable MMA (Memory Margin Analysis) support

TPM_TIS_ACPI_INTERRUPTsoc/intel/common.commonint acpi_get_gpe() is used to provide interrupt status to TPM layer.
This option specifies the GPE number.

SOC_INTEL_DEBUG_CONSENTsoc/intel/common.commonboolEnable SOC debug interface Set this option to enable default debug interface of SoC such as DBC
or DCI.

SOC_INTEL_COMPLIANCE_TEST_MODEsoc/intel/common.commonboolEnable SoC hardware compliance test mode Set this option to configure hardware components in a way
that supports compliance testing activities for various
components such PCIe or USB. For example, PCI express
implementation must comply with the hardware PCIe
specification requirements: Electrical, Configuration, Link
Protocol and Transaction Protocol. The hardware must be
configured in a particular state to run the compliance
tests: some feature related to power management needs to be
turned off, hot plug should be enabled...

SOC_INTEL_CRASHLOGsoc/intel/common.commonhex Enables Crashlog.

SOC_INTEL_CRASHLOG_ON_RESETsoc/intel/common.commonhex Enables the PMC to collect crashlog records on every reset event. NOTE:
This will result in a BERT table being populated containing a PMC
crashlog record on every boot.

SOC_INTEL_IOE_DIE_SUPPORTsoc/intel/common.commonhex Enable this config if the SOC support IOE DIE.

toplevel(comment)CPU
PARALLEL_MPcpu/x86None This option uses common MP infrastructure for bringing up APs
in parallel. It additionally provides a more flexible mechanism
for sequencing the steps of bringing up the APs.
The code also works for just initialising the BSP in case there
are no APs.

PARALLEL_MP_AP_WORKcpu/x86None Allow APs to do other work after initialization instead of going
to sleep.

X86_SMM_SKIP_RELOCATION_HANDLERcpu/x86bool Skip SMM relocation using a relocation handler running in SMM
with a stub at 0x30000. This is useful on platforms that have
an alternative way to set SMBASE.

DEFAULT_X2APICcpu/x86bool Allow SoC code to set LAPIC access mode to X2APIC.

DEFAULT_X2APIC_RUNTIMEcpu/x86bool Allow SoC code to set LAPIC access mode to X2APIC_RUNTIME.

DEFAULT_X2APIC_LATE_WORKAROUNDcpu/x86bool Allow SoC code to set LAPIC access mode to X2APIC_LATE_WORKAROUND.

XAPIC_ONLYcpu/x86boolSet XAPIC mode coreboot and SMM runtime only use XAPIC mode.
FIXME: DMAR should have X2APIC optout bit set.

X2APIC_ONLYcpu/x86boolSet X2APIC mode coreboot and SMM runtime only use X2APIC mode.
Note: OS switches back to XAPIC mode if VT-d is disabled.
FIXME: S3 resume (and SMM runtime) will break if OS makes the switch.

X2APIC_RUNTIMEcpu/x86boolSupport both XAPIC and X2APIC The switch to X2APIC mode happens early in ramstage. SMM runtime can
support either mode in case the OS switches back to XAPIC.

X2APIC_LATE_WORKAROUNDcpu/x86boolUse XAPIC for AP bringup, then change to X2APIC Choose this option if the platform supports dynamic switching between
XAPIC to X2APIC. The initial Application Processors (APs) are configured
in XAPIC mode at reset and later enable X2APIC as a CPU feature.
All access mechanisms between XAPIC (mmio) and X2APIC (msr) switches
at runtime when this option is enabled.

LAPIC_MONOTONIC_TIMERcpu/x86bool Expose monotonic time using the local APIC.

TSC_MONOTONIC_TIMERcpu/x86bool Expose monotonic time using the TSC.

TSC_SYNC_LFENCEcpu/x86bool The CPU driver should select this if the CPU needs
to execute an lfence instruction in order to synchronize
rdtsc. This is true for all modern AMD CPUs.

TSC_SYNC_MFENCEcpu/x86bool The CPU driver should select this if the CPU needs
to execute an mfence instruction in order to synchronize
rdtsc. This is true for all modern Intel CPUs.

SETUP_XIP_CACHEcpu/x86bool Select this option to set up an MTRR to cache XIP stages loaded
from the bootblock. This is useful on platforms lacking a
non-eviction mode and therefore need to be careful to avoid
eviction.

X86_CLFLUSH_CARcpu/x86bool Select this on platforms that allow CLFLUSH while operating in CAR.

SMM_MODULE_STACK_SIZEcpu/x86hex This option determines the size of the stack within the SMM handler
modules.

SMM_PCI_RESOURCE_STOREcpu/x86bool This option enables support for storing PCI resources in SMRAM so
SMM can tell if they've been altered.

SMM_PCI_RESOURCE_STORE_NUM_SLOTScpu/x86int Number of slots available to store PCI BARs in SMRAM

X86_AMD_FIXED_MTRRScpu/x86bool This option informs the MTRR code to use the RdMem and WrMem fields
in the fixed MTRR MSRs.

X86_INIT_NEED_1_SIPIcpu/x86bool This option limits the number of SIPI signals sent during the
common AP setup. Intel documentation specifies an INIT SIPI SIPI
sequence, however this doesn't work on some AMD and Intel platforms.
These newer AMD and Intel platforms don't need the 10ms wait between
INIT and SIPI, so skip that too to save some time.

SOC_SETS_MSRScpu/x86bool The SoC requires different access methods for reading and writing
the MSRs. Use SoC specific routines to handle the MSR access.

RESERVE_MTRRS_FOR_OScpu/x86bool This option allows a platform to reserve 2 MTRRs for the OS usage.
The Intel SDM documents that the first 6 MTRRs are intended for
the system BIOS and the last 2 are to be reserved for OS usage.
However, modern OSes use PAT to control cacheability instead of
using MTRRs.

AP_STACK_SIZEcpu/x86hex This is the amount of stack each AP needs. The BSP stack size can be
larger and is set with STACK_SIZE.

RUNTIME_CONFIGURABLE_SMM_LOGLEVELcpu/x86bool This enables setting the SMM console log level at runtime for more
flexibility to use different log levels for each stage. Another reason
is that reading the log level from non-volatile memory such as flash
VPD or CMOS is not very ideal to be done in SMM, with this option the
value can be passed via the member variable in struct smm_runtime and
be referenced directly in SMM.

CPU_INTEL_SOCKET_FCBGA559cpu/intel/socket_FCBGA559bool Select this socket on Intel Pineview

DCACHE_BSP_STACK_SIZEcpu/intel/socket_FCBGA559hex The amount of anticipated stack usage in CAR by bootblock and
other stages.

CPU_INTEL_FIRMWARE_INTERFACE_TABLEcpu/intel/fitNone This option selects building a Firmware Interface Table (FIT).

CPU_INTEL_NUM_FIT_ENTRIEScpu/intel/fitint This option selects the number of empty entries in the FIT table.

CPU_INTEL_TURBO_NOT_PACKAGE_SCOPEDcpu/intel/turboNone This option indicates that the turbo mode setting is not package
scoped. i.e. enable_turbo() needs to be called on not just the bsp

SET_IA32_FC_LOCK_BITcpu/intel/commonboolSet IA32_FEATURE_CONTROL lock bit Although the Intel manual says you must set the lock bit in addition
to the VMX bit in order for VMX to work, this isn't strictly true, so
we have the option to leave it unlocked and allow the OS (e.g. Linux)
to manage things itself. This is beneficial for testing purposes as
there is no need to reflash the firmware just to toggle the lock bit.
However, leaving the lock bit unset will break Windows' detection of
VMX support and built-in virtualization features like Hyper-V.

SET_MSR_AESNI_LOCK_BITcpu/intel/commonboolLock the AES-NI enablement state This config sets the AES-NI lock bit, if available, to prevent any
further change of AES-NI enablement. This may be disabled for e.g.
testing or debugging.

MICROCODE_UPDATE_PRE_RAMcpu/intel/microcodebool Select this option if you want to update the microcode
during the cache as RAM setup.

RELOAD_MICROCODE_PATCHcpu/intel/microcodebool Select this option if SoC recommends to re-load microcode
patch as part of CPU multiprocessor initialization process.
This feature is mostly required with Intel latest generation
processors starting with Alder Lake (with modified MCHECK init
flow).

CPU_INTEL_MICROCODE_CBFS_SPLIT_BINScpu/intel/microcodeboolFor Intel CPU, include microcode per CPUID into CBFS This option controls whether to include external microcode binaries per
CPUID in CBFS.

The current approach of loading microcode blobs post CPU reset is to search
the unified blob in the CBFS and then perform the CBFS verification. The bigger
the unified microcode blob in size the longer it takes to perform the verification.

Select this option to store the split microcode blobs per CPUID in the CBFS.
As the microcode blobs will be divided into smaller chunks per CPUID, which will
reduce the overall search, verify and load time.

The microcode file may be removed from the ROM image at a later
time with cbfstool, if desired.

If unsure, and applicable, select "Generate from tree"

CPU_INTEL_UCODE_SPLIT_BINARIEScpu/intel/microcodestringSpecify the split microcode blob directory path Provide the split microcode blob directory path if
CPU_INTEL_MICROCODE_CBFS_SPLIT_BINS config is enabled.

CPU_INTEL_MICROCODE_CBFS_SPLIT_BINS config is allowed to pack the individual microcode
patch file per CPUID inside the CBFS.

Intel distributes CPU microcode updates based on CPUID as part of the github repository
in INC format and expects it also getting used in binary form.

For example: Intel CPU microcode `m506e3.inc` is getting converted into F-MO-S
(06-5e-03) binary file for Linux kernel.

`MicrocodeConverter` is an Intel-provided tool for converting binary form MCU into
several other common formats for integration.

Implementation logic behind CPU_INTEL_MICROCODE_CBFS_SPLIT_BINS config relies on
converting Intel CPU microcode INC file into the binary file as per format specified
here `cpu_microcode_$(CPUID).bin`. For example: Intel CPU microcode `m506e3.inc` to
convert into `cpu_microcode_506e3.bin` binary file for coreboot to integrate if
CPU_INTEL_MICROCODE_CBFS_SPLIT_BINS config is enabled.

This config provides the directory name (including path) that holds the split microcode
binary files per CPUID as mentioned above for each coreboot variants. For example: if
google/kunimitsu had built with Intel SkyLake processor with CPUID `506e3` and `506e4`
then CPU_INTEL_UCODE_SPLIT_BINARIES refers to the directory path that holds the split
microcode binary files aka `cpu_microcode_506e3.bin` and `cpu_microcode_506e4.bin`.

CONFIG_CPU_UCODE_SPLIT_BINARIES="3rdparty/blobs/mainboard/google/kunimitsu/microcode_inputs/kunimitsu"
Refer to the file representation below:
|---3rdparty
| |--- blobs
| | |--- mainboard
| | | |--- google
| | | | |--- kunimitsu
| | | | | |--- microcode_inputs
| | | | | | |--- kunimitsu
| | | | | | | |--- cpu_microcode_506e3.bin
| | | | | | | |--- cpu_microcode_506e4.bin

Users of this config option requires to manually place the microcode binary files per
CPUIDs as per the given format (`cpu_microcode_$(CPUID).bin`) in a directory.
Finally specify the microcode binary directory path using CPU_UCODE_SPLIT_BINARIES
config.

At runtime (either from romstage/ramstage), coreboot read the CPUID and search for the
`cpu_microcode_$(CPUID).bin` file (in this example: cpu_microcode_506e3.bin) inside RW
CBFS. Eventually able to locate the appropriate `cpu_microcode_$(CPUID).bin` file and
perform the verification prior loading into the CPUs (BSP and APs).

If unsure, leave this blank.

CPU_HAS_L2_ENABLE_MSRcpu/intel/car/non-evictbool Select this in Kconfig of CPU sockets/SOC where the CPU
has an MSR to enable the L2 CPU cache

SMPcpubool This option is used to enable certain functions to make coreboot
work correctly on symmetric multi processor (SMP) systems.

SSEcpubool Select SSE in your socket or model Kconfig if your CPU has SSE
streaming SIMD instructions.

SSE2cpubool Select SSE2 in your socket or model Kconfig if your CPU has SSE2
streaming SIMD instructions. Some parts of coreboot can be built
with more efficient code if SSE2 instructions are available.

USES_MICROCODE_HEADER_FILEScpubool This is selected by a board or chipset to set the default for the
microcode source choice to a list of external microcode headers

MICROCODE_BLOB_NOT_IN_BLOB_REPOcpubool Selected by platforms that don't maintain microcode updates in the
blobs repo yet.

MICROCODE_BLOB_NOT_HOOKED_UPcpubool Selected by platforms that haven't hooked microcode updates up yet.

MICROCODE_BLOB_UNDISCLOSEDcpubool Selected by work-in-progress platforms that don't have microcode
updates available yet.

USE_CPU_MICROCODE_CBFS_BINScpubool Automatically selected below to add binary microcode files
(`cpu_microcode_bins` in the makefiles) to CBFS.

CPU_MICROCODE_CBFS_DEFAULT_BINScpuboolGenerate from tree Select this option if you want microcode updates to be assembled when
building coreboot and included in the final image as a separate CBFS
file. Microcode will not be hard-coded into ramstage.

The microcode file may be removed from the ROM image at a later
time with cbfstool, if desired.

If unsure, select this option.

CPU_MICROCODE_CBFS_EXTERNAL_BINScpuboolInclude external microcode binary Select this option if you want to include external binary files
in the CPUs native format. They will be included as a separate
file in CBFS.

A word of caution: only select this option if you are sure the
microcode that you have is newer than the microcode shipping with
coreboot.

The microcode file may be removed from the ROM image at a later
time with cbfstool, if desired.

If unsure, and applicable, select "Generate from tree"

CPU_MICROCODE_CBFS_EXTERNAL_HEADERcpuboolInclude external microcode header files Select this option if you want to include external c header files
containing the CPU microcode. This will be included as a separate
file in CBFS.

A word of caution: only select this option if you are sure the
microcode that you have is newer than the microcode shipping with
coreboot.

The microcode file may be removed from the ROM image at a later
time with cbfstool, if desired.

If unsure, and applicable, select "Generate from tree"

CPU_MICROCODE_CBFS_NONEcpuboolDo not include microcode updates Select this option if you do not want CPU microcode included in CBFS.

Microcode may be added to the ROM image at a later time with cbfstool,
if desired.

If unsure, and applicable, select "Generate from tree"

The GOOD:
Microcode updates intend to solve issues that have been discovered
after CPU production. The expected effect is that systems work as
intended with the updated microcode, but we have also seen cases where
issues were solved by not applying microcode updates.

The BAD:
Note that some operating system include these same microcode patches,
so you may need to also disable microcode updates in your operating
system for this option to have an effect.

The UGLY:
A word of CAUTION: some CPUs depend on microcode updates to function
correctly. Not updating the microcode may leave the CPU operating at
less than optimal performance, or may cause outright hangups.
There are CPUs where coreboot cannot properly initialize the CPU
without microcode updates
For example, if running with the factory microcode, some Intel
SandyBridge CPUs may hang when enabling CAR, or some VIA Nano CPUs
will hang when changing the frequency.

Make sure you have a way of flashing the ROM externally before
selecting this option.

CPU_MICROCODE_HEADER_FILEScpustringList of space separated microcode header files with the path A list of one or more microcode header files with path from the
coreboot directory. These should be separated by spaces.

CPU_UCODE_BINARIEScpustringMicrocode binary path and filename Some platforms have microcode in the blobs directory, and these can
be hardcoded in the makefiles. For platforms with microcode
binaries that aren't in the makefile, set this option to pull
in the microcode.

This should contain the full path of the file for one or more
microcode binary files to include, separated by spaces.

If unsure, leave this blank.

toplevel(comment)Northbridge
BOTTOMIO_POSITIONnorthbridge/amd/pihexBottom of 32-bit IO space If PCI peripherals with big BARs are connected to the system
the bottom of the IO must be decreased to allocate such
devices.

Declare the beginning of the 128MB-aligned MMIO region. This
option is useful when PCI peripherals requesting large address
ranges are present.

VGA_BIOS_IDnorthbridge/amd/pi/00730F01string The default VGA BIOS PCI vendor/device ID should be set to the
result of the map_oprom_vendev() function in northbridge.c.

DCACHE_BSP_STACK_SIZEnorthbridge/intel/ironlakehex The amount of anticipated stack usage in CAR by bootblock and
other stages.

SANDYBRIDGE_VBOOT_IN_ROMSTAGEnorthbridge/intel/sandybridgebool Selected by boards to force VBOOT_STARTS_IN_ROMSTAGE.

SANDYBRIDGE_VBOOT_IN_BOOTBLOCKnorthbridge/intel/sandybridgeboolStart verstage in bootblock Sandy Bridge can either start verstage in a separate stage
right after the bootblock has run or it can start it
after romstage for compatibility reasons.
Sandy Bridge however uses a mrc.bin to initialize memory which
needs to be located at a fixed offset. Therefore even with
a separate verstage starting after the bootblock that same
binary is used meaning a jump is made from RW to the RO region
and back to the RW region after the binary is done.

USE_NATIVE_RAMINITnorthbridge/intel/sandybridgeboolUse native raminit Select if you want to use coreboot implementation of raminit rather than
System Agent/MRC.bin. You should answer Y.

NATIVE_RAMINIT_IGNORE_MAX_MEM_FUSESnorthbridge/intel/sandybridgebool[OVERCLOCK] Ignore CAPID fuses that limit max DRAM frequency Ignore the CAPID fuses that might limit the maximum DRAM frequency
on overclocking-capable parts. By selecting this option, the fuse
values will be ignored and the only limits on DRAM frequency are
determined by SPD values, per-board devicetree settings and hard
limits in the northbridge's MPLL. Disabled by default as it can
cause instability.
Consider this to be an overclocking option. Handle with care!

NATIVE_RAMINIT_IGNORE_XMP_MAX_DIMMSnorthbridge/intel/sandybridgebool[OVERCLOCK] Ignore XMP max DIMMs per channel The more DIMMs are in a channel, the more signal integrity worsens.
Because of this, some DIMMs only support running at XMP timings if
the number of DIMMs in the channel is below a limit. This limit is
usually 1, i.e. there must be no other DIMMs in the channel to use
XMP timings. Otherwise, non-XMP timings are used.
When this option is enabled, the max DIMMs per channel restriction
in XMP is ignored. Depending on available margins, this could work
but it can also result in system instability.
Consider this to be an overclocking option. Handle with care!

NATIVE_RAMINIT_IGNORE_XMP_REQUESTED_VOLTAGEnorthbridge/intel/sandybridgeboolIgnore XMP profile requested voltage Native raminit only supports 1.5V operation, but there are DIMMs
which request 1.65V operation in XMP profiles. This option allows
raminit to use these XMP profiles anyway, instead of falling back
to non-XMP settings.
Disabled by default because it allows forcing memory to run out of
specification. Consider this to be an overclocking option.
Handle with care!

ECAM_MMCONF_BASE_ADDRESSnorthbridge/intel/sandybridgestring The MRC blob requires it to be at 0xf0000000.

DCACHE_BSP_STACK_SIZEnorthbridge/intel/sandybridgehex The amount of BSP stack anticipated in bootblock and
other stages.

RAMINIT_ALWAYS_ALLOW_DLL_OFFnorthbridge/intel/sandybridgeboolAlso enable memory DLL-off mode on desktops and servers If enabled, allow enabling DLL-off mode for platforms other than
mobile. Saves power at the expense of higher exit latencies. Has
no effect on mobile platforms, where DLL-off is always allowed.
Power down is disabled for stability when running at high clocks.

RAMINIT_ENABLE_ECCnorthbridge/intel/sandybridgeboolEnable ECC if supported Enable ECC if supported by both, host and RAM.

MRC_FILEnorthbridge/intel/sandybridgestringIntel System Agent path and filename The path and filename of the file to use as System Agent
binary.

SDRAMPWR_4DIMMnorthbridge/intel/i440bxbool This option affects how the SDRAMC register is programmed.
Memory clock signals will not be routed properly if this option
is set wrong.

If your board has 4 DIMM slots, you must use select this option, in
your Kconfig file of the board. On boards with 3 DIMM slots,
do _not_ select this option.

I945_LVDSnorthbridge/intel/i945string Selected by mainboards that use native graphics initialization
for the LVDS port. A linear framebuffer is only supported for
LVDS.

OVERRIDE_CLOCK_DISABLEnorthbridge/intel/i945bool Usually system firmware turns off system memory clock
signals to unused SO-DIMM slots to reduce EMI and power
consumption.
However, some boards do not like unused clock signals to
be disabled.

MAXIMUM_SUPPORTED_FREQUENCYnorthbridge/intel/i945int If non-zero, this designates the maximum DDR frequency
the board supports, despite what the chipset should be
capable of.

CHECK_SLFRCS_ON_RESUMEnorthbridge/intel/i945int On some boards it may be necessary to hard reset early
during resume from S3 if the SLFRCS register indicates that
a memory channel is not guaranteed to be in self-refresh.
On other boards the check always creates a false positive,
effectively making it impossible to resume.

USE_NATIVE_RAMINITnorthbridge/intel/haswellbool[NOT WORKING] Use native raminit Select if you want to use coreboot implementation of raminit rather than
MRC.bin. Currently incomplete and does not boot.

HASWELL_VBOOT_IN_BOOTBLOCKnorthbridge/intel/haswellboolStart verstage in bootblock Haswell can either start verstage in a separate stage
right after the bootblock has run or it can start it
after romstage for compatibility reasons.
Haswell however uses a mrc.bin to initialize memory which
needs to be located at a fixed offset. Therefore even with
a separate verstage starting after the bootblock that same
binary is used meaning a jump is made from RW to the RO region
and back to the RW region after the binary is done.

USE_BROADWELL_MRCnorthbridge/intel/haswellboolUse Broadwell MRC.bin Haswell MRC.bin has several limitations: it does not support
Broadwell CPUs nor 9-series PCHs, it does not initialise PEG
ports properly and it can't use more than one SPD file entry
at the same time (which would be useful for memory overclock
when using different DIMMs, without patching SPD EEPROMs). A
workaround for some of these limitations is to use Broadwell
MRC.bin instead.

DCACHE_RAM_SIZEnorthbridge/intel/haswellhex The size of the cache-as-ram region required during bootblock
and/or romstage. Note DCACHE_RAM_SIZE and DCACHE_RAM_MRC_VAR_SIZE
must add up to a power of 2.

DCACHE_RAM_MRC_VAR_SIZEnorthbridge/intel/haswellhex The amount of cache-as-ram region required by the reference code.

DCACHE_BSP_STACK_SIZEnorthbridge/intel/haswellhex The amount of anticipated stack usage in CAR by bootblock and
other stages.

HAVE_MRCnorthbridge/intel/haswellboolAdd a System Agent binary Select this option to add a System Agent binary to
the resulting coreboot image.

Note: Without this binary coreboot will not work

MRC_FILEnorthbridge/intel/haswellstringIntel System Agent path and filename The path and filename of the file to use as System Agent
binary.

HASWELL_HIDE_PEG_FROM_MRCnorthbridge/intel/haswellboolHide PEG devices from MRC to work around hardcoded MRC behavior If set, hides all PEG devices from MRC. This allows the iGPU
to be used even when a dedicated graphics card is present.
However, it prevents MRC from programming PEG AFE registers,
which can make PEG devices unstable. When unsure, choose N.

ENABLE_DDR_2X_REFRESHnorthbridge/intel/haswellboolEnable DRAM Refresh 2x support When enabled, the memory controller will refresh the DRAM twice as often.
This probably only happens when the DRAM gets hot, but what MRC exactly
does when this setting is enabled has not been investigated.

toplevel(comment)Southbridge
HUDSON_XHCI_ENABLEsouthbridge/amd/pi/hudsonboolEnable Hudson XHCI Controller The XHCI controller must be enabled and the XHCI firmware
must be added in order to have USB 3.0 support configured
by coreboot. The OS will be responsible for enabling the XHCI
controller if the XHCI firmware is available but the
XHCI controller is not enabled by coreboot.

HUDSON_XHCI_FWMsouthbridge/amd/pi/hudsonboolAdd xhci firmware Add Hudson 2/3/4 XHCI Firmware to support the onboard USB 3.0

HUDSON_IMC_FWMsouthbridge/amd/pi/hudsonboolAdd IMC firmware Add Hudson 2/3/4 IMC Firmware to support the onboard fan control

HUDSON_GEC_FWMsouthbridge/amd/pi/hudsonbool Add Hudson 2/3/4 GEC Firmware to support the onboard gigabit Ethernet MAC.
Must be connected to a Broadcom B50610 or B50610M PHY on the motherboard.

HUDSON_SATA_MODEsouthbridge/amd/pi/hudsonintSATA Mode Select the mode in which SATA should be driven. NATIVE AHCI, or RAID.
The default is NATIVE.
0: NATIVE mode does not require a ROM.
1: RAID mode must have the two ROM files.
2: AHCI may work with or without AHCI ROM. It depends on the payload support.
For example, seabios does not require the AHCI ROM.
3: LEGACY IDE
4: IDE to AHCI
5: AHCI7804: ROM Required, and AMD driver required in the OS.
6: IDE to AHCI7804: ROM Required, and AMD driver required in the OS.

southbridge/amd/pi/hudson(comment)NATIVE
southbridge/amd/pi/hudson(comment)RAID
southbridge/amd/pi/hudson(comment)AHCI
southbridge/amd/pi/hudson(comment)LEGACY IDE
southbridge/amd/pi/hudson(comment)IDE to AHCI
southbridge/amd/pi/hudson(comment)AHCI7804
southbridge/amd/pi/hudson(comment)IDE to AHCI7804
HUDSON_LEGACY_FREEsouthbridge/amd/pi/hudsonboolSystem is legacy free Select y if there is no keyboard controller in the system.
This sets variables in AGESA and ACPI.

AMDFW_OUTSIDE_CBFSsouthbridge/amd/pi/hudsonbool The AMDFW (PSP) is typically locatable in cbfs. Select this
option to manually attach the generated amdfw.rom at an
offset of 0x20000 from the bottom of the coreboot ROM image.

SERIRQ_CONTINUOUS_MODEsouthbridge/amd/pi/hudsonbool Set this option to y for serial IRQ in continuous mode.
Otherwise it is in quiet mode.

HUDSON_ACPI_IO_BASEsouthbridge/amd/pi/hudsonhex Base address for the ACPI registers.
This value must match the hardcoded value of AGESA.

SERIRQ_CONTINUOUS_MODEsouthbridge/intel/ibexpeakbool If you set this option to y, the serial IRQ machine will be
operated in continuous mode.

HIDE_MEI_ON_ERRORsouthbridge/intel/ibexpeakboolHide MEI device on error If you enable this option, the Management Engine Interface
device will be hidden when ME is in an inoperable mode, e.g.
if me_cleaner was used.

INTEL_LYNXPOINT_LPsouthbridge/intel/lynxpointbool Set this option to y for LynxPoint LP (Haswell ULT).

SERIRQ_CONTINUOUS_MODEsouthbridge/intel/lynxpointbool If you set this option to y, the serial IRQ machine will be
operated in continuous mode.

FINALIZE_USB_ROUTE_XHCIsouthbridge/intel/lynxpointboolRoute all ports to XHCI controller in finalize step If you set this option to y, the USB ports will be routed
to the XHCI controller during the finalize SMM callback.

SERIALIO_UART_CONSOLEsouthbridge/intel/lynxpointboolUse SerialIO UART for console Selected by mainboards where SerialIO UARTs can be used to retrieve
coreboot logs. Boards also need to set UART_FOR_CONSOLE accordingly.

DISABLE_ME_PCIsouthbridge/intel/lynxpointboolDisable Intel ME PCI interface (MEI1) Disable and hide the ME PCI interface during finalize stage of boot.
This will prevent the OS (and userspace apps) from interacting with
the ME via the PCI interface after boot.

SERIRQ_CONTINUOUS_MODEsouthbridge/intel/bd82x6xbool If you set this option to y, the serial IRQ machine will be
operated in continuous mode.

HIDE_MEI_ON_ERRORsouthbridge/intel/bd82x6xboolHide MEI device on error If you enable this option, the Management Engine Interface
device will be hidden when ME is in an inoperable mode, e.g.
if me_cleaner was used.

INTEL_DESCRIPTOR_MODE_CAPABLEsouthbridge/intel/common.commonbool This config simply states that the platform is *capable* of running in
descriptor mode (when the descriptor in flash is valid).

INTEL_DESCRIPTOR_MODE_REQUIREDsouthbridge/intel/common.commonbool This config states descriptor mode is *required* for the platform to
function properly, or to function at all.

VALIDATE_INTEL_DESCRIPTORsouthbridge/intel/common.commonboolValidate Intel firmware descriptor This config enables validating the Intel firmware descriptor against the
fmap layout. If the firmware descriptor layout does not match the fmap
then the bootimage cannot be built.

INTEL_CHIPSET_LOCKDOWNsouthbridge/intel/common.commonboolLock down chipset in coreboot Some registers within host bridge on particular chipsets should be
locked down on each normal boot path (done by either coreboot or payload)
and S3 resume (always done by coreboot). Select this to let coreboot
to do this on normal boot path.

toplevel(comment)Super I/O
SUPERIO_NUVOTON_COMMON_COM_Asuperio/nuvoton/commonbool When enabled, the 'nuvoton_enable_serial()' function will unset
global CR 0x2a bit 7 to route COM A to the GPIO8 pin group.

W83977TF_HAVE_SEPARATE_IR_DEVICEsuperio/winbond/w83977tfbool Mainboard should select this option if it contains an old
version of W83977TF with a separate IR logical device.

SUPERIO_ITE_ENV_CTRL_FAN16_CONFIGsuperio/ite/commonbool Enable extended, 16-bit wide tacho counters.

SUPERIO_ITE_ENV_CTRL_8BIT_PWMsuperio/ite/commonbool PWM duty cycles are set in 8-bit registers (instead of 7 bit).

SUPERIO_ITE_ENV_CTRL_PWM_FREQ2superio/ite/commonbool The second FAN controller has a separate frequency setting.

SUPERIO_ITE_ENV_CTRL_NO_ONOFFsuperio/ite/commonbool FAN controller always works in SmartGuardian mode.

SUPERIO_ITE_ENV_CTRL_5FANSsuperio/ite/commonbool ITE FAN controller has 5 independent outputs.

SUPERIO_ITE_ENV_CTRL_7BIT_SLOPE_REGsuperio/ite/commonbool Slope PWM registers have no separate BIT6 and are set directly by
7-bit values instead.

SUPERIO_ITE_ENV_CTRL_EXT_ANY_TMPINsuperio/ite/commonbool Temperature can be read to any TMPIN from an external sensor via SST/PECI
(instead of TMPIN3 only).

SUPERIO_ASPEED_USE_UART_DELAY_WORKAROUNDsuperio/aspeed/commonboolWorkaround for BMC serial console setup bug Some mainboards with an ASPEED BMC have scrambled console output in early boot phases
because the serial output routing is not set up fast enough by the BMC. By enabling
this a delay of 500ms gets added before setting up the console and before any console
output gets printed.

Note: this problem may disappear with future BMC firmware versions. Another approach
is using a different BMC firmware like OpenBMC, u-bmc, ...

toplevel(comment)Embedded Controllers
EC_ACPIec/acpibool ACPI Embedded Controller interface. Mostly found in laptops.

EC_SUPPORTS_DPTF_TEVTec/acpibool The EC ASL code supports calling of TEVT method when provided by
SoC or mainboard.

EC_HP_KBC1126ec/hp/kbc1126bool Interface to SMSC KBC1126 embedded controller in HP laptops.

ec/hp/kbc1126(comment)Please select the following otherwise your laptop cannot be powered on.
KBC1126_FIRMWAREec/hp/kbc1126boolAdd firmware images for KBC1126 EC Select this option to add the two firmware blobs for KBC1126.
You need these two blobs to power on your machine.

KBC1126_FW1ec/hp/kbc1126stringKBC1126 firmware #1 path and filename The path and filename of the file to use as KBC1126 firmware #1.
You can use util/kbc1126/kbc1126_ec_dump to dump it from the
vendor firmware.

KBC1126_FW2ec/hp/kbc1126stringKBC1126 filename #2 path and filename The path and filename of the file to use as KBC1126 firmware #2.
You can use util/kbc1126/kbc1126_ec_dump to dump it from the
vendor firmware.

EC_KONTRON_IT8516Eec/kontron/it8516ebool Kontron uses an ITE IT8516E on the KTQM77. Its firmware might
come from Fintek (mentioned as Finte*c* somewhere in their Linux
driver).
The KTQM77 is an embedded board and the IT8516E seems to be
only used for fan control and GPIO.

EC_KONTRON_KEMPLDec/kontron/kempldbool Driver for Kontron's express module programmable logic device used
on their COMexpress modules.

EC_GOOGLE_CHROMEECec/google/chromeecbool Google's Chrome EC

EC_GOOGLE_CHROMEEC_ACPI_MEMMAPec/google/chromeecbool When defined, ACPI accesses EC memmap data on ports 66h/62h. When
not defined, the memmap data is instead accessed on 900h-9ffh via
the LPC bus.

EC_GOOGLE_CHROMEEC_ACPI_USB_PORT_POWERec/google/chromeecbool Expose methods for enabling and disabling port power on individual USB
ports through the EC.

EC_GOOGLE_CHROMEEC_BOARDIDec/google/chromeecbool Provides common routine for reading boardid from Chrome EC.

EC_GOOGLE_CHROMEEC_I2Cec/google/chromeecbool Google's Chrome EC via I2C bus.

EC_GOOGLE_CHROMEEC_I2C_PROTO3ec/google/chromeecbool Use only proto3 for i2c EC communication.

EC_GOOGLE_CHROMEEC_ESPIec/google/chromeecbool Google Chrome EC via eSPI bus.

The EC communication code is the same between eSPI and LPC, so
this option simply enables the LPC EC code. The eSPI device
still needs to correctly configure the bus transactions.

EC_GOOGLE_CHROMEEC_LPCec/google/chromeecbool Google Chrome EC via LPC bus.

EC_GOOGLE_CHROMEEC_MECec/google/chromeecbool Microchip EC variant for LPC register access.

EC_GOOGLE_CHROMEEC_PDec/google/chromeecbool Indicates that Google's Chrome USB PD chip is present.

EC_GOOGLE_CHROMEEC_SPIec/google/chromeecbool Google's Chrome EC via SPI bus.

EC_GOOGLE_CHROMEEC_SPI_WAKEUP_DELAY_USec/google/chromeecint Force delay after asserting /CS to allow EC to wakeup.

EC_GOOGLE_CHROMEEC_SKUIDec/google/chromeechex Provides common routine for reporting the skuid to ChromeOS.

EC_GOOGLE_CHROMEEC_BOARDNAMEec/google/chromeecstringChrome EC board name for EC The board name used in the Chrome EC code base to build
the EC firmware. If set, the coreboot build with also
build the EC firmware and add it to the image.

EC_GOOGLE_CHROMEEC_PD_BOARDNAMEec/google/chromeecstringChrome EC board name for PD The board name used in the Chrome EC code base to build
the PD firmware. If set, the coreboot build with also
build the EC firmware and add it to the image.

EC_GOOGLE_CHROMEEC_RTCec/google/chromeecboolEnable ChromeOS EC RTC Enable support for the real-time clock on the ChromeOS EC. This
uses the EC_CMD_RTC_GET_VALUE command to read the current time.

EC_GOOGLE_CHROMEEC_FIRMWARE_NONEec/google/chromeecboolNo EC firmware is included Disable building and including any EC firmware in the image.

config EC_GOOGLE_CHROMEEC_FIRMWARE_EXTERNAL
bool "External EC firmware is included"
help
Include EC firmware binary in the image from an external source.
It is expected to be built externally.

config EC_GOOGLE_CHROMEEC_FIRMWARE_BUILTIN
bool "Builtin EC firmware is included"
help
Build and include EC firmware binary in the image.

EC_GOOGLE_CHROMEEC_FIRMWARE_FILEec/google/chromeecstringChrome EC firmware path and filename The path and filename of the EC firmware file to use.

EC_GOOGLE_CHROMEEC_PD_FIRMWARE_NONEec/google/chromeecboolNo PD firmware is included Disable building and including any PD firmware in the image.

config EC_GOOGLE_CHROMEEC_PD_FIRMWARE_EXTERNAL
bool "External PD firmware is included"
help
Include PD firmware binary in the image from an external source.
It is expected to be built externally.

config EC_GOOGLE_CHROMEEC_PD_FIRMWARE_BUILTIN
bool "Builtin PD firmware is included"
help
Build and include PD firmware binary in the image.

EC_GOOGLE_CHROMEEC_PD_FIRMWARE_FILEec/google/chromeecstringChrome EC firmware path and filename for PD The path and filename of the PD firmware file to use.

EC_GOOGLE_CHROMEEC_SWITCHESec/google/chromeecbool Enable support for ChromeOS mode switches provided by the ChromeOS
EC.

EC_GOOGLE_CHROMEEC_INCLUDE_SSFC_IN_FW_CONFIGec/google/chromeecbool Fetch Second Source Factory Cache from CBI EEPROM and add it in the most significant
32 bits of firmware configuration.

EC_GOOGLE_CHROMEEC_MUXec/google/chromeec/muxbool This enables the Cros EC Mux driver that is required to fill the
SSDT nodes for the EC Mux platform device which is used to
configure Type C muxes and retimers.

EC_GOOGLE_CHROMEEC_I2C_TUNNELec/google/chromeec/i2c_tunnelbool This enables the Cros EC I2C tunnel driver that is required to fill the
SSDT nodes for the I2C tunnel used by the mainboard.

EC_GOOGLE_CHROMEEC_AUDIO_CODECec/google/chromeec/audio_codecbool This enables the Cros EC audio codec driver that is required to fill the
SSDT nodes for the codec device used by the mainboard.

EC_GOOGLE_COMMON_MECec/google/commonbool Google common EC functions for Microchip EMI region.

EC_GOOGLE_WILCOec/google/wilcobool Google Wilco Embedded Controller interface.

Note, the Wilco EC firmware is a modified version of Dell's
typical Latitude EC firmware, that implements a custom mailbox
protocol similar to the one used in the Chromium EC.

This particular EC firmware is not open source, just the
host-side interfaces (kernel and firmware drivers) are.

EC_BASE_ACPI_DATAec/google/wilcohex This option provides the 16-bit IO base address for the ACPI
data interface. This is the standard ACPI EC interface that
is used by the ACPI EC drivers in the OS.

EC_BASE_ACPI_COMMANDec/google/wilcohex This option provides the 16-bit IO base address for the ACPI
EC command interface. This is the standard ACPI EC interface
that is used by the ACPI EC drivers in the OS.

EC_BASE_HOST_DATAec/google/wilcohex This option provides the 16-bit IO base address for the host
data interface. This is the interface that is used to drive
the mailbox protocol.

EC_BASE_HOST_COMMANDec/google/wilcohex This option provides the 16-bit IO base address for the host
command interface. This is the interface that is used to drive
the mailbox protocol.

EC_BASE_PACKETec/google/wilcohex This option provides the 16-bit IO base address for the EC
mailbox interface data region. This data buffer is used along
with the host command and data registers to drive the EC
mailbox interface. This is also the MEC EMI base address.

EC_QUANTA_IT8518ec/quanta/it8518bool Interface to QUANTA IT8518 Embedded Controller.

EC_QUANTA_ENE_KB3940Qec/quanta/ene_kb3940qbool Interface to QUANTA ENE KB3940Q Embedded Controller.

EC_CLEVO_IT5570Eec/clevo/it5570ebool IT5570E embedded controller in Clevo notebooks

EC_CLEVO_IT5570E_MEM_BASEec/clevo/it5570ehex Memory address for the EC memory region mapped via LGMR

EC_CLEVO_IT5570E_AC_FAN_ALWAYS_ONec/clevo/it5570eboolFan always on with AC attached Never turn the fan fully off when AC is attached.

This setting can be overridden by cmos option `ac_fan_always_on`.

EC_CLEVO_IT5570E_KBLED_BOOTEFFECTec/clevo/it5570eboolKeyboard boot effect Enable the "breathing" boot effect of the LED keyboard.

This setting can be overridden by cmos option `kbled_booteffect`.

EC_CLEVO_IT5570E_KBLED_TIMEOUTec/clevo/it5570eintKeyboard backlight timeout Keyboard backlight timeout in seconds. 0 keeps the backlight
always on.

This setting can be overridden by cmos option `kbled_timeout`.

EC_CLEVO_IT5570E_FN_WIN_SWAPec/clevo/it5570eboolSwap Fn/Windows keys Swap the Fn and Windows key.

This setting can be overridden by cmos option `fn_win_swap`.

EC_CLEVO_IT5570E_FLEXICHARGERec/clevo/it5570eboolFlexicharger Enable the Flexicharger functionality.

This setting can be overridden by cmos option `flexicharger`.

EC_CLEVO_IT5570E_FLEXICHG_STARTec/clevo/it5570eintStart charge threshold Start charge threshold in percent.

This setting can be overridden by cmos option `flexicharger_start`.

EC_CLEVO_IT5570E_FLEXICHG_STOPec/clevo/it5570eintStop charge threshold Stop charge threshold in percent.

This setting can be overridden by cmos option `flexicharger_stop`.

EC_CLEVO_IT5570E_FLEXICHG_STOPec/clevo/it5570eintCamera default state Camera default state.

This setting can be overridden by cmos option `camera_boot_state`.

EC_CLEVO_IT5570E_CAM_BOOT_STATEec/clevo/it5570eintTouchpad toggle mode There are two modes for the touchpad toggle (Fn-F1):
- Ctrl-Alt-F9 mode sends the windows-native touchpad toggle keyboard shortcut.
- Keycode mode sends special key codes f7/f8 which can be configured in udev
to be handled as touchpad toggle.

This setting can be overridden by cmos option `tp_toggle_mode`.

H8_BEEP_ON_DEATHec/lenovo/h8boolBeep on fatal error Beep when encountered a fatal error.

H8_FLASH_LEDS_ON_DEATHec/lenovo/h8boolFlash LEDs on fatal error Flash all LEDs when encountered a fatal error.

H8_SUPPORT_BT_ON_WIFIec/lenovo/h8boolSupport bluetooth on wifi cards Disable BDC detection and assume bluetooth is installed. Required for
bluetooth on wifi cards, as it's not possible to detect it in coreboot.

H8_FN_CTRL_SWAPec/lenovo/h8boolSwap Fn and Ctrl keys Specifies the fallback value of the "fn_ctrl_swap" option, which is
only used when the value cannot be obtained from the option backend.
The main use-case for this Kconfig option is to enable Fn-Ctrl swap
without using any runtime configurable option backends (e.g. CMOS).

H8_FN_KEY_AS_VBOOT_RECOVERY_SWec/lenovo/h8boolEnable Fn-Key as VBOOT recovery switch If VBOOT is enabled, press Fn-Key at power on to force a recovery mode
boot instead of regular FW_MAIN_x boot.

THINKPADEC_HKEY_EISAIDec/lenovo/h8string Motherboards of newer thinkpad models can override the default to match
vendor drivers and quirks.

EC_RODA_IT8518ec/roda/it8518bool Interface to IT8518 embedded controller in Roda notebooks.

EC_STARLABS_NUVOTONec/starlabs/merlinbool Interface to Nuvoton embedded controller principally in Star Labs notebooks.

EC_STARLABS_ITEec/starlabs/merlinbool Interface to ITE embedded controller principally in Star Labs notebooks.
Works with closed-source ITE firmware versions:
TGL - 1.00 or later
CML - 1.04 or later
KBL - 3.12 or later
And open-source Merlin firmware version 1.00 or later

EC_STARLABS_NEED_ITE_BINec/starlabs/merlinbool Select if the mainboard requires EC firmware in the main flash chip.

EC_STARLABS_ADD_ITE_BINec/starlabs/merlinboolAdd Star Labs EC binary file Select to add an EC firmware binary into the coreboot image. EC firmware
is necessary, flashing a coreboot image without EC firmware will render
your laptop unusable.

EC_STARLABS_KBL_LEVELSec/starlabs/merlinbool Select if the mainboard supports multiple levels of brightness for the keyboard.

EC_STARLABS_FANec/starlabs/merlinbool Select if the mainboard has a fan.

EC_STARLABS_FAST_CHARGEec/starlabs/merlinbool Select if the mainboard supports fast charging.

EC_STARLABS_MAX_CHARGEec/starlabs/merlinbool Select if the mainboard supports limiting the maximum charge of the battery.

EC_STARLABS_MIRROR_SUPPORTec/starlabs/merlinboolEnable mirror flag support Select if the EC should mirror the EC firmware contained in the coreboot ROM.

EC_STARLABS_MIRROR_VERSIONec/starlabs/merlinhexVersion of the EC firmware that should be installed. The version of the EC that should be installed. The mirror flag will be activated
if this Kconfig option is set and it does not match the current EC version.

EC_STARLABS_MERLINec/starlabs/merlinboolUse open-source Merlin EC Firmware Use open source embedded controller firmware. Both firmwares have the
same features but differ in licensing and compilers.

EC_SMSC_MEC1308ec/smsc/mec1308bool Shared memory mailbox interface to SMSC MEC1308 Embedded Controller.

EC_COMPAL_ENE932ec/compal/ene932bool Interface to COMPAL ENE932 Embedded Controller.

EC_SYSTEM76_ECec/system76/ecbool System76 EC

EC_LIBREM_ECec/purism/librem-ecbool Purism Librem EC

EC_51NB_NPCE985LA0DXec/51nb/npce985la0dxbool Support for the 51NB NPCE985LA0DX EC

ec/51nb/npce985la0dx(comment)Please select the following otherwise your laptop cannot be powered on.
EC_51NB_NPCE985LA0DX_FIRMWAREec/51nb/npce985la0dxboolAdd firmware image for 51NB NPCE985LA0DX EC Select this option to add the firmware blob for the 51NB EC.
You need this blob to power on your machine.

EC_51NB_NPCE985LA0DX_FWec/51nb/npce985la0dxstring51NB EC firmware path The path and filename of the file to use as 51NB firmware.
HAVE_INTEL_FIRMWAREsouthbridge/intel/common/firmwarebool Platform uses the Intel Firmware Descriptor to describe the
layout of the SPI ROM chip. Enabling this option will allow you to
select further features that rely on this like providing individual
firmware blobs.

southbridge/intel/common/firmware(comment)Intel Firmware
HAVE_IFD_BINsouthbridge/intel/common/firmwareboolAdd Intel descriptor.bin file The descriptor binary

HAVE_ME_BINsouthbridge/intel/common/firmwareboolAdd Intel ME/TXE firmware The Intel processor in the selected system requires a special firmware
for an integrated controller. This might be called the Management
Engine (ME), the Trusted Execution Engine (TXE) or something else
depending on the chip. This firmware might or might not be available
in coreboot's 3rdparty/blobs repository. If it is not and if you don't
have access to the firmware from elsewhere, you can still build
coreboot without it. In this case however, you'll have to make sure
that you don't overwrite your ME/TXE firmware on your flash ROM.

STITCH_ME_BINsouthbridge/intel/common/firmwareboolStitch individual ME/CSE components This config can be selected by mainboard if it wants to stitch ME/CSE
components during build time instead of supplying a pre-stitched
binary.

CHECK_MEsouthbridge/intel/common/firmwareboolVerify the integrity of the supplied ME/TXE firmware Verify the integrity of the supplied Intel ME/TXE firmware before
proceeding with the build, in order to prevent an accidental loading
of a corrupted ME/TXE image.

ME_REGION_ALLOW_CPU_READ_ACCESSsouthbridge/intel/common/firmwareboolAllows HOST/CPU read access to ME region The config ensures Host has read access to the ME region if it is locked
through LOCK_MANAGEMENT_ENGINE config. This config is enabled when the CSE
Lite SKU is integrated.

USE_ME_CLEANERsouthbridge/intel/common/firmwareboolStrip down the Intel ME/TXE firmware Use me_cleaner to remove all the non-fundamental code from the Intel
ME/TXE firmware.
The resulting Intel ME/TXE firmware will have only the code
responsible for the very basic hardware initialization, leaving the
ME/TXE subsystem essentially in a disabled state.

Don't flash a modified ME/TXE firmware and a new coreboot image at the
same time, test them in two different steps.

WARNING: this tool isn't based on any official Intel documentation but
only on reverse engineering and trial & error.

See the project's page
https://github.com/corna/me_cleaner
or the wiki
https://github.com/corna/me_cleaner/wiki/How-to-apply-me_cleaner
https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F
https://github.com/corna/me_cleaner/wiki/me_cleaner-status
for more info about this tool

If unsure, say N.

southbridge/intel/common/firmware(comment)Please test coreboot with the original, unmodified ME firmware before using me_cleaner
HAVE_GBE_BINsouthbridge/intel/common/firmwareboolAdd gigabit ethernet configuration The integrated gigabit ethernet controller needs a configuration
file. Select this if you are going to use the PCH integrated
controller and want to add that file.

HAVE_EC_BINsouthbridge/intel/common/firmwareboolAdd EC firmware The embedded controller needs a firmware file.

Select this if you are going to use the PCH integrated controller
and have the EC firmware. EC firmware will be added to final image
through ifdtool.

HAVE_10GBE_0_BINsouthbridge/intel/common/firmwareboolAdd 10GbE Firmware Region 0 The 10GbE region firmware file for LAN device 0.

Select this if you are going to use the 10GbE 0 region and have the
firmware. The firmware will be added to final image through ifdtool.

HAVE_10GBE_1_BINsouthbridge/intel/common/firmwareboolAdd 10GbE Firmware Region 1 The 10GbE region firmware file for LAN device 1.

Select this if you are going to use the 10GbE 1 region and have the
firmware. The firmware will be added to final image through ifdtool.

10GBE_1_BIN_PATHsouthbridge/intel/common/firmwarestringProtect flash regions This option allows you to protect flash regions.

DO_NOT_TOUCH_DESCRIPTOR_REGIONsouthbridge/intel/common/firmwareboolUse the preset values to protect the regions Read and write access permissions to different regions in the flash
can be controlled via dedicated bitfields in the flash descriptor.
These permissions can be modified with the Intel Flash Descriptor
Tool (ifdtool). If you don't want to change these permissions and
keep the ones provided in the initial descriptor, use this option.

LOCK_MANAGEMENT_ENGINEsouthbridge/intel/common/firmwareboolLock ME/TXE section The Intel Firmware Descriptor supports preventing write and read
accesses from the host to the ME or TXE section. If the section
is locked, it can only be overwritten with an external SPI flash
programmer or HECI HMRFPO_ENABLE command needs to be sent to CSE
before writing to the ME Section. If CSE Lite SKU is integrated,
the Kconfig prevents only writing to the ME section.

If unsure, select "Unlock flash regions".

UNLOCK_FLASH_REGIONSsouthbridge/intel/common/firmwareboolUnlock flash regions All regions are completely unprotected and can be overwritten using
a flash programming tool.

CBFS_SIZEsouthbridge/intel/common/firmwarebool Reduce CBFS size to give room to the IFD blobs.

Menu: ChromeOS
CHROMEOSvendorcode/google/chromeosboolBuild for ChromeOS Enable ChromeOS specific features like the GPIO sub table in
the coreboot table. NOTE: Enabling this option on an unsupported
board will most likely break your build.

HAVE_REGULATORY_DOMAINvendorcode/google/chromeosboolAdd regulatory domain methods This option is needed to add ACPI regulatory domain methods

CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUMEvendorcode/google/chromeosbool Disable the platform hierarchy on resume path if the firmware
is involved in resume. The hierarchy is disabled prior to jumping
to the OS. Note that this option is sepcific to TPM2 boards.
This option is auto selected if CHROMEOS because it matches with
vboot_reference model which disables the platform hierarchy in
the boot loader. However, those operations need to be symmetric
on normal boot as well as resume and coreboot is only involved
in the resume piece w.r.t. the platform hierarchy.

CHROMEOS_USE_EC_WATCHDOG_FLAGvendorcode/google/chromeosbool Use the AP watchdog flag stored in EC.

CHROMEOS_CSE_BOARD_RESET_OVERRIDEvendorcode/google/chromeosbool On some boards that run old firmware version in cr50, Embedded Controller (EC) needs
to trigger the cold reset of Application Processor (AP) when CSE jumps from RO to RW
so that cr50 resets the TPM state. This is required on boards where the cr50 firmware
does not understand the new cr50 strap config (applicable only to boards using strap
config 0xe). Enabling this config will help to override the default global reset.

CHROMEOS_DRAM_PART_NUMBER_IN_CBIvendorcode/google/chromeosbool Some boards declare the DRAM part number in the CBI instead of the SPD. This option
allows those boards to declare that their DRAM part number is stored in the CBI.

GOOGLE_SMBIOS_MAINBOARD_VERSIONvendorcode/googlebool Provide a common implementation for mainboard version,
which returns a formatted 'rev%d' board_id() string.

GOOGLE_DSM_CALIBvendorcode/googlebool On some boards, there are calibrated parameters for Dynamic Speaker Management(DSM)
stored in VPD. Enable this config to read and parse these VPD values and write them
to ACPI DSD table in device driver. These parameters will be applied by kernel driver
through device property at boot.

GOOGLE_DSM_PARAM_FILE_NAMEvendorcode/googlebool On some boards, there are different dsm parameter files for Dynamic Speaker
Management (DSM). Enable this config to assign dsm parameters file name in ACPI
SSDT table. Kernel driver uses this to load the DSM parameter file.

CAVIUM_BDKvendorcode/caviumNone Build Cavium's BDK in romstage.

Menu: BDK
CAVIUM_BDK_VERBOSE_INITvendorcode/caviumboolEnable verbose init Build Cavium's BDK with verbose init code.

CAVIUM_BDK_VERBOSE_DRAMvendorcode/caviumboolEnable verbose dram init Build Cavium's BDK with verbose dram init code.

CAVIUM_BDK_VERBOSE_DRAM_TESTvendorcode/caviumboolEnable verbose raminit tests Build Cavium's BDK with verbose DRAM testing code.

CAVIUM_BDK_VERBOSE_QLMvendorcode/caviumboolEnable verbose qlm init Build Cavium's BDK with verbose QLM code.

CAVIUM_BDK_VERBOSE_PCIE_CONFIGvendorcode/caviumboolEnable verbose pcie config Build Cavium's BDK with verbose PCIe config code.

CAVIUM_BDK_VERBOSE_PCIEvendorcode/caviumboolEnable verbose pcie init Build Cavium's BDK with verbose PCIe code.

CAVIUM_BDK_VERBOSE_PHYvendorcode/caviumboolEnable verbose phy init Build Cavium's BDK with verbose PHY code.

CAVIUM_BDK_DDR_TUNE_HW_OFFSETSvendorcode/caviumboolHardware assisted DLL read offset tuning Automatically tune the data byte DLL read offsets.
Always done by default, but allow use of HW-assist.
NOTE: HW-assist will also tune the ECC byte.

Menu: AMD Platform Initialization
AGESA_BINARY_PI_VENDORCODE_PATHvendorcode/amd/pistringAGESA PI directory path Specify where to find the AGESA header files
for AMD platform initialization.

AGESA_BINARY_PI_FILEvendorcode/amd/pistringAGESA PI binary file name Specify the binary file to use for AMD platform initialization.

AGESA_BINARY_PI_AS_STAGEvendorcode/amd/piboolAGESA Binary PI is added as stage to CBFS. AGESA will be added as a stage utilizing --xip cbfstool options
as needed relocating the image to the proper location in memory-mapped
cpu address space. It's required that the file be in ELF format
containing the relocations necessary for relocating at runtime.

AGESA_SPLIT_MEMORY_FILESvendorcode/amd/piboolSplit AGESA Binary PI into pre- and post-memory files. Specifies that AGESA is split into two binaries for pre- and
post-memory.

AGESA_PRE_MEMORY_BINARY_PI_FILEvendorcode/amd/pistringPre memory Binary PI file name Specify the binary file to use for pre-memory AMD platform
initialization.

AGESA_POST_MEMORY_BINARY_PI_FILEvendorcode/amd/pistringPost memory Binary PI file name Specify the binary file to use for post-memory AMD platform
initialization.

AGESA_BINARY_PI_LOCATIONvendorcode/amd/pihexAGESA PI binary address in ROM Specify the ROM address at which to store the binary Platform
Initialization code.

AGESA_EXTRA_TIMESTAMPSvendorcode/amdboolAdd instrumentation for AGESA calls Insert additional timestamps around each entrypoint into
AGESA vendorcode.

UDK_VERSIONvendorcode/intelint UEFI Development Kit version for Platform
ARCH_ARMV8_EXTENSIONarch/arm64/armv8int Specify ARMv8 extension, for example '1' for ARMv8.1, to control the
'-march' option passed into the compiler. Defaults to 0 for vanilla
ARMv8 but may be overridden in the SoC's Kconfig.

All ARMv8 implementations are downwards-compatible, so this does not
need to be changed unless specific features (e.g. new instructions)
are used by the SoC's coreboot code.

ARM64_BL31_EXTERNAL_FILEarch/arm64stringPath to external BL31.ELF (leave empty to build from source) The blob to use instead of building the Arm Trusted Firmware
from tree. It is discouraged as compatibility with out-of-tree
blobs may break anytime.

ARM64_SECURE_OS_FILEarch/arm64stringSecure OS binary file Secure OS binary file.

ARM64_A53_ERRATUM_843419arch/arm64bool Some early Cortex-A53 revisions had a hardware bug that results in
incorrect address calculations in rare cases. This option enables a
linker workaround to avoid those cases if your toolchain supports it.
Should be selected automatically by SoCs that are affected.

RISCV_OPENSBIarch/riscvboolUse OpenSBI to hand over control to payload Load OpenSBI after payload has been loaded and use it to
provide the SBI and to handover control to payload.

OPENSBI_PLATFORMarch/riscvstring The OpenSBI platform to build for.

OPENSBI_TEXT_STARTarch/riscvhex The linking address used to build opensbi.

HAVE_EXP_X86_64_SUPPORTarch/x86bool Enable experimental support to build and run coreboot in 64-bit mode.
When selecting this option for a new platform, it is highly advisable
to provide a config file for Jenkins to build-test the 64-bit option.

USE_EXP_X86_64_SUPPORTarch/x86bool[EXPERIMENTAL] Run coreboot in long (64-bit) mode When set, most of coreboot runs in long (64-bit) mode instead of the
usual protected flat (32-bit) mode. 64-bit CPUs and OSes can be used
irrespective of whether coreboot runs in 32-bit or 64-bit mode. This
is an experimental option: do not enable unless one wants to test it
and has the means to recover a system when coreboot fails to boot.

ARCH_X86_64_PGTBL_LOCarch/x86hexx86_64 page table location in CBFS The position where to place pagetables. Needs to be known at
compile time. Must not overlap other files in CBFS.

RESERVED_PHYSICAL_ADDRESS_BITS_SUPPORTarch/x86bool On some systems, the upper physical address bits are reserved and
used as a tag which is typically related to a memory encryption
feature. When selecting this option, the SoC code needs to implement
get_reserved_phys_addr_bits so that the common code knows how many of
the most significant physical address bits are reserved and can't be
used as address bits.

RESET_VECTOR_IN_RAMarch/x86bool Select this option if the x86 processor's reset vector is in
preinitialized DRAM instead of the traditional 0xfffffff0 location.

PRERAM_CBMEM_CONSOLE_SIZEarch/x86hex Increase this value if preram cbmem console is getting truncated

CBFS_MCACHE_SIZEarch/x86hex Increase this value if you see CBFS mcache overflow warnings. Do NOT
change this value for vboot RW updates!

BOOTBLOCK_DEBUG_SPINLOOParch/x86bool Add a spin (JMP .) in bootblock_crt0.S during early bootblock to wait
for a JTAG debugger to break into the execution sequence.

C_ENV_BOOTBLOCK_SIZEarch/x86hex This is only the default maximum of bootblock size for linking
purposes. Platforms may provide different limit and need to
specify this when FIXED_BOOTBLOCK_SIZE is selected.

VERSTAGE_DEBUG_SPINLOOParch/x86bool Add a spin (JMP .) in assembly_entry.S during early verstage to wait
for a JTAG debugger to break into the execution sequence.

ROMSTAGE_DEBUG_SPINLOOParch/x86bool Add a spin (JMP .) in assembly_entry.S during early romstage to wait
for a JTAG debugger to break into the execution sequence.

SKIP_MAX_REBOOT_CNT_CLEARarch/x86boolDo not clear reboot count after successful boot Do not clear the reboot count immediately after successful boot.
Set to allow the payload to control normal/fallback image recovery.
Note that it is the responsibility of the payload to reset the
normal boot bit to 1 after each successful boot.

ACPI_BERTarch/x86bool Build an ACPI Boot Error Record Table.

COLLECT_TIMESTAMPS_NO_TSCarch/x86bool Use a non-TSC platform-dependent source for timestamps.

COLLECT_TIMESTAMPS_TSCarch/x86bool Use the TSC as the timestamp source.

PAGING_IN_CACHE_AS_RAMarch/x86bool Chipsets scan select this option to preallocate area in cache-as-ram
for storing paging data structures. PAE paging is currently the
only thing being supported.

NUM_CAR_PAGE_TABLE_PAGESarch/x86int The number of 4KiB pages that should be pre-allocated for page tables.

MAX_PIRQ_LINKSarch/x86int This variable specifies the number of PIRQ interrupt links which are
routable. On most chipsets, this is 4, INTA through INTD. Some
chipsets offer more than four links, commonly up to INTH. They may
also have a separate link for ATA or IOAPIC interrupts. When the PIRQ
table specifies links greater than 4, pirq_route_irqs will not
function properly, unless this variable is correctly set.

DEBUG_HW_BREAKPOINTSarch/x86bool Enable support for hardware data and instruction breakpoints through
the x86 debug registers

DEBUG_NULL_DEREF_BREAKPOINTSarch/x86bool Enable support for catching null dereferences and instruction execution

DEBUG_NULL_DEREF_HALTarch/x86bool When enabled null dereferences and instruction fetches will halt execution.
Otherwise an error will be printed.

ECFW_PTR_ADDRarch/x86hex Address of reserved space for EC firmware pointer, which should not
overlap other data such as reset vector or FIT pointer if present.

ECFW_PTR_SIZEarch/x86int Size of reserved space for EC firmware pointer

CHIPSET_DEVICETREEtoplevelstring This symbol allows a chipset to provide a set of default settings in
a devicetree which are common to all mainboards. This may include
devices (including alias names), chip drivers, register settings,
and others. This path is relative to the src/ directory.

Example: "chipset.cb"

Menu: Devices
HAVE_VGA_TEXT_FRAMEBUFFERdevicebool Selected by graphics drivers that support legacy VGA text mode.

HAVE_VBE_LINEAR_FRAMEBUFFERdevicebool Selected by graphics drivers that can set up a VBE linear-framebuffer
mode.

HAVE_LINEAR_FRAMEBUFFERdevicebool Selected by graphics drivers that can set up a generic linear
framebuffer.

HAVE_FSP_GOPdevicebool Selected by drivers that support to run a blob that implements
the Graphics Output Protocol (GOP).

MAINBOARD_NO_FSP_GOPdevicebool Selected by mainboards that do not have any graphics ports connected to the SoC.

MAINBOARD_HAS_NATIVE_VGA_INITdevicebool Selected by mainboards / drivers that provide native graphics
init within coreboot.

MAINBOARD_FORCE_NATIVE_VGA_INITdevicebool Selected by mainboards / chipsets whose graphics driver can't or
shouldn't be disabled.

VGA_ROM_RUN_DEFAULTdevicebool Selected by mainboards whose graphics initialization depends on VGA OpROM.
coreboot needs to load/execute legacy VGA OpROM in order to initialize GFX.

MAINBOARD_HAS_LIBGFXINITdevicebool Selected by mainboards that implement support for `libgfxinit`.
Usually this requires a list of ports to be probed for displays.

MAINBOARD_HAS_EARLY_LIBGFXINITdevicebool Selected by mainboards that implement early (cache-as-ram
stage) support of `libgfxinit`. Usually this requires a list
of ports to be probed for displays.

MAINBOARD_DO_NATIVE_VGA_INITdeviceboolUse native graphics init Some mainboards, such as the Google Link, allow initializing the
display without the need of a binary only VGA OPROM. Enabling this
option may be faster, but also lacks flexibility in setting modes.

MAINBOARD_USE_LIBGFXINITdeviceboolUse libgfxinit Use the SPARK library `libgfxinit` for the native graphics
initialization. This requires an Ada toolchain.

VGA_ROM_RUNdeviceboolRun VGA Option ROMs Execute VGA Option ROMs in coreboot if found. This can be used
to enable PCI/AGP/PCI-E video cards when not using a SeaBIOS
payload.

When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.

RUN_FSP_GOPdeviceboolRun a GOP driver Some platforms (e.g. Intel Braswell and Skylake/Kaby Lake) support
to run a GOP blob. This option enables graphics initialization with
such a blob.

NO_GFX_INITdeviceboolNone Select this to not perform any graphics initialization in
coreboot. This is useful if the payload (e.g. SeaBIOS) can
initialize graphics or if pre-boot graphics are not required.

NO_EARLY_GFX_INITdeviceboolNone Select this to not perform any graphics initialization at
romstage.

MAINBOARD_USE_EARLY_LIBGFXINITdeviceboolUse libgfxinit Use the SPARK library `libgfxinit` for the romstage native
graphics initialization. This requires an Ada
toolchain. Graphics at romstage is limited to VGA text mode.

PRE_GRAPHICS_DELAY_MSdeviceintGraphics initialization delay in ms On some systems, coreboot boots so fast that connected monitors
(mostly TVs) won't be able to wake up fast enough to talk to the
VBIOS. On those systems we need to wait for a bit before executing
the VBIOS.

ONBOARD_VGA_IS_PRIMARYdeviceboolUse onboard VGA as primary video device This option lets you select which VGA device will be used
to decode legacy VGA cycles. Not all chipsets implement this
however. If not selected, the last adapter found will be used,
else the onboard adapter is used.

S3_VGA_ROM_RUNdeviceboolRe-run VGA Option ROMs on S3 resume Execute VGA Option ROMs in coreboot when resuming from S3 suspend.

When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.

If unsure, say N when using SeaBIOS as payload, Y otherwise.

ALWAYS_LOAD_OPROMdevicebool Always load option ROMs if any are found. The decision to run
the ROM is still determined at runtime, but the distinction
between loading and not running comes into play for CHROMEOS.

An example where this is required is that VBT (Video BIOS Tables)
are needed for the kernel's display driver to know how a piece of
hardware is configured to be used.

ALWAYS_RUN_OPROMdevicebool Always unconditionally run the option regardless of other
policies.

ON_DEVICE_ROM_LOADdeviceboolLoad Option ROMs on PCI devices Load Option ROMs stored on PCI/PCIe/AGP VGA devices in coreboot.

If disabled, only Option ROMs stored in CBFS will be executed by
coreboot. If you are concerned about security, you might want to
disable this option, but it might leave your system in a state of
degraded functionality.

When using a SeaBIOS payload it runs all option ROMs with much
more complete BIOS interrupt services available than coreboot,
which some option ROMs require in order to function correctly.

If unsure, say N when using SeaBIOS as payload, Y otherwise.

PCI_OPTION_ROM_RUN_REALMODEdeviceboolNative mode If you select this option, PCI Option ROMs will be executed
natively on the CPU in real mode. No CPU emulation is involved,
so this is the fastest, but also the least secure option.
(only works on x86/x64 systems)

PCI_OPTION_ROM_RUN_YABELdeviceboolSecure mode If you select this option, the x86emu CPU emulator will be used to
execute PCI Option ROMs.

This option prevents Option ROMs from doing dirty tricks with the
system (such as installing SMM modules or hypervisors), but it is
also significantly slower than the native Option ROM initialization
method.

This is the default choice for non-x86 systems.

YABEL_PCI_ACCESS_OTHER_DEVICESdeviceboolAllow Option ROMs to access other devices Per default, YABEL only allows Option ROMs to access the PCI device
that they are associated with. However, this causes trouble for some
onboard graphics chips whose Option ROM needs to reconfigure the
north bridge.

YABEL_PCI_FAKE_WRITING_OTHER_DEVICES_CONFIGdeviceboolFake success on writing other device's config space By default, YABEL aborts when the Option ROM tries to write to other
devices' config spaces. With this option enabled, the write doesn't
follow through, but the Option ROM is allowed to go on.
This can create issues such as hanging Option ROMs (if it depends on
that other register changing to the written value), so test for
impact before using this option.

YABEL_VIRTMEM_LOCATIONdevicehexLocation of YABEL's virtual memory YABEL requires 1MB memory for its CPU emulation. This memory is
normally located at 16MB.

YABEL_DIRECTHWdeviceboolDirect hardware access YABEL consists of two parts: It uses x86emu for the CPU emulation and
additionally provides a PC system emulation that filters bad device
and memory access (such as PCI config space access to other devices
than the initialized one).

When choosing this option, x86emu will pass through all hardware
accesses to memory and I/O devices to the underlying memory and I/O
addresses. While this option prevents Option ROMs from doing dirty
tricks with the CPU (such as installing SMM modules or hypervisors),
they can still access all devices in the system.
Enable this option for a good compromise between security and speed.

Menu: Display
FRAMEBUFFER_SET_VESA_MODEdeviceboolSet framebuffer graphics resolution Set VESA/native framebuffer mode (needed for bootsplash and graphical framebuffer console)

FRAMEBUFFER_SET_VESA_MODEdeviceboolframebuffer graphics resolution This option sets the resolution used for the coreboot framebuffer (and
bootsplash screen).

VGA_TEXT_FRAMEBUFFERdeviceboolLegacy VGA text mode If this option is enabled, coreboot will initialize graphics in
legacy VGA text mode or, if a VGA BIOS is used and a VESA mode set,
switch to text mode before handing control to a payload.

VBE_LINEAR_FRAMEBUFFERdeviceboolVESA framebuffer This option keeps the framebuffer mode set after coreboot finishes
execution. If this option is enabled, coreboot will pass a
framebuffer entry in its coreboot table and the payload will need a
compatible driver.

GENERIC_LINEAR_FRAMEBUFFERdeviceboolLinear \"high-resolution\" framebuffer This option enables a high-resolution, linear framebuffer. If this
option is enabled, coreboot will pass a framebuffer entry in its
coreboot table and the payload will need a compatible driver.

BOOTSPLASHdeviceboolShow graphical bootsplash This option shows a graphical bootsplash screen. The graphics are
loaded from the CBFS file bootsplash.jpg.

You can either specify the location and file name of the
image in the 'General' section or add it manually to CBFS, using,
for example, cbfstool.

LINEAR_FRAMEBUFFER_MAX_WIDTHdeviceintMaximum width in pixels Set the maximum width of the framebuffer. This may help with
default fonts too tiny for high-resolution displays.

LINEAR_FRAMEBUFFER_MAX_HEIGHTdeviceintMaximum height in pixels Set the maximum height of the framebuffer. This may help with
default fonts too tiny for high-resolution displays.

DOMAIN_RESOURCE_32BIT_LIMITdevicehex When the default pci_domain_read_resources() is used,
keep 32-bit memory resources below this limit. This is
used as a workaround for missing/wrong reservations of
chipset resources that usually reside above this limit.

NO_ECAM_MMCONF_SUPPORTdevicebool Disable the use of the Enhanced Configuration
Access mechanism (ECAM) method for accessing PCI config
address space.

ECAM_MMCONF_SUPPORTdevicebool Enable the use of the Enhanced Configuration
Access mechanism (ECAM) method for accessing PCI config
address space.

AZALIA_LOCK_DOWN_R_WO_GCAPdevicebool The GCAP register is implemented as R/WO (Read / Write Once) on some
HD Audio controllers, such as Intel 6-series PCHs. Select this option
to lock down the GCAP register after deasserting the controller reset
bit. Locking is done by reading GCAP and writing back the read value.

PCI_ALLOW_BUS_MASTERdeviceboolAllow coreboot to set optional PCI bus master bits For security reasons, bus mastering should be enabled as late as
possible. In coreboot, it's usually not necessary and payloads
should only enable it for devices they use. Since not all payloads
enable bus mastering properly yet, this option gives some sort of
"backwards compatibility" and is enabled by default to keep the
traditional behaviour for now. This is currently necessary, for
instance, for libpayload based payloads as the drivers don't enable
bus mastering for PCI bridges.

PCI_SET_BUS_MASTER_PCI_BRIDGESdeviceboolPCI bridges Let coreboot configure bus mastering for PCI bridges. Enabling bus
mastering for a PCI bridge also allows it to forward requests from
downstream devices. Currently, payloads ignore this and only enable
bus mastering for the downstream device. Hence, this option is needed
for compatibility until payloads are fixed.

PCI_ALLOW_BUS_MASTER_ANY_DEVICEdeviceboolAny devices Allow coreboot to enable PCI bus mastering for any device. The actual
selection of devices depends on the various PCI drivers in coreboot.

PCIEXP_COMMON_CLOCKdeviceboolEnable PCIe Common Clock Detect and enable Common Clock on PCIe links.

PCIEXP_ASPMdeviceboolEnable PCIe ASPM Detect and enable ASPM (Active State Power Management) on PCIe links.

PCIEXP_CLK_PMdeviceboolEnable PCIe Clock Power Management Detect and enable Clock Power Management on PCIe.

PCIEXP_L1_SUB_STATEdeviceboolEnable PCIe ASPM L1 SubState Detect and enable ASPM on PCIe links.

PCIEXP_SUPPORT_RESIZABLE_BARSdeviceboolSupport PCIe Resizable BARs When enabled, this will check PCIe devices for Resizable BAR support,
and if found, will use this to discover the preferred BAR sizes of
the device in preference over the traditional moving bits method. The
amount of address space given out to devices in this manner (since
it can range up to 8 EB) can be limited with the
PCIEXP_DEFAULT_MAX_RESIZABLE_BAR_BITS Kconfig setting below.

PCIEXP_DEFAULT_MAX_RESIZABLE_BAR_BITSdeviceintBits of address space to give to Resizable BARs This is the maximum number of bits of address space to allocate for
PCIe devices with resizable BARs. For instance, if a device requests
30 bits of address space (1 GiB), but this field is set to 29, then
the device will only be allocated 29 bits worth of address space (512
MiB). Valid values range from 20 (1 MiB) to 63 (8 EiB); these come
from the Resizable BAR portion of the PCIe spec (7.8.6).

PCIEXP_LANE_ERR_STAT_CLEARdeviceboolEnable Clear PCIe Lane Error Status Clear the PCIe Lane Error Status at the end of link training.

PCIEXP_HOTPLUGdeviceboolEnable PCIe Hotplug Support Allocate resources for PCIe hotplug bridges

PCIEXP_HOTPLUG_BUSESdeviceintPCI Express Hotplug Buses This is the number of buses allocated for hotplug PCI express
bridges, for use by hotplugged child devices. The default is 8
buses.

PCIEXP_HOTPLUG_MEMdevicehexPCI Express Hotplug Memory This is the amount of memory space, in bytes, to allocate to
hotplug PCI express bridges, for use by hotplugged child devices.
This size should be page-aligned. The default is 8 MiB.

PCIEXP_HOTPLUG_PREFETCH_MEMdevicehexPCI Express Hotplug Prefetch Memory This is the amount of pre-fetchable memory space, in bytes, to
allocate to hot-plug PCI express bridges, for use by hotplugged
child devices. This size should be page-aligned. The default is
256 MiB.

PCIEXP_HOTPLUG_PREFETCH_MEM_ABOVE_4Gdevicebool This enables prefetch memory allocation above 4G boundary for the
hotplug resources.

PCIEXP_HOTPLUG_PREFETCH_MEM_BELOW_4GdeviceboolPCI Express Hotplug Prefetch Memory Allocation below 4G boundary This enables prefetch memory allocation below 4G boundary for the
hotplug resources.

PCIEXP_HOTPLUG_IOdevicehexPCI Express Hotplug I/O Space This is the amount of I/O space to allocate to hot-plug PCI
express bridges, for use by hotplugged child devices. The default
is 2 KiB.

DEFAULT_SOFTWARE_CONNECTION_MANAGERdevicebool select to default to using the Software Connection Manager

DEFAULT_SOFTWARE_CONNECTION_MANAGERdeviceboolConnection Manager Software Connection Manager doesn't work with Linux 5.13 or later,
resulting in TBT ports timing out. Firmware Connection Manager works
correctly.

Linux patch:
torvalds/linux@c6da62a
c6da62a219d028de10f2e22e93a34c7ee2b88d03

FIRMWARE_CONNECTION_MANAGERdeviceboolFirmware Connection Manager Disable SCM so that FCM can be used

SOFTWARE_CONNECTION_MANAGERdeviceboolSoftware Connection Manager Enable SCM so it's used instead of FCM.

EARLY_PCI_BRIDGEdeviceboolEarly PCI bridge While coreboot is executing code from ROM, the coreboot resource
allocator has not been running yet. Hence PCI devices living behind
a bridge are not yet visible to the system.

This option enables static configuration for a single pre-defined
PCI bridge function on bus 0.

SUBSYSTEM_VENDOR_IDdevicehexOverride PCI Subsystem Vendor ID This config option will override the devicetree settings for
PCI Subsystem Vendor ID.

Note: This option is not meant for a board's Kconfig; use the
devicetree setting `subsystemid` instead.

SUBSYSTEM_DEVICE_IDdevicehexOverride PCI Subsystem Device ID This config option will override the devicetree settings for
PCI Subsystem Device ID.

Note: This option is not meant for a board's Kconfig; use the
devicetree setting `subsystemid` instead.

VGA_BIOSdeviceboolAdd a VGA BIOS image Select this option if you have a VGA BIOS image that you would
like to add to your ROM.

You will be able to specify the location and file name of the
image later.

VGA_BIOS_FILEdevicestringVGA BIOS path and filename The path and filename of the file to use as VGA BIOS.

VGA_BIOS_IDdevicestringVGA device PCI IDs The comma-separated PCI vendor and device ID with optional revision if that
feature is enabled that would associate your vBIOS to your video card.

Example: 1106,3230 or 1106,3230,a3

In the above example 1106 is the PCI vendor ID (in hex, but without
the "0x" prefix) and 3230 specifies the PCI device ID of the
video card (also in hex, without "0x" prefix). a3 specifies the revision.

This ID needs to match the PCI VID and DID in the VGA BIOS file's
header and also needs to match the value returned by map_oprom_vendev
or map_oprom_vendev_rev if the remapping feature is used.

Under GNU/Linux you can run `lspci -nn` to list the IDs of your PCI devices.

VGA_BIOS_SECONDdeviceboolAdd a 2nd video BIOS image Select this option if you have a 2nd video BIOS image that you would
like to add to your ROM.

VGA_BIOS_SECOND_FILEdevicestring2nd video BIOS path and filename The path and filename of the file to use as video BIOS.

VGA_BIOS_SECOND_IDdevicestringGraphics device PCI IDs The comma-separated PCI vendor and device ID with optional revision if that
feature is enabled that would associate your vBIOS to your video card.

Example: 1106,3230 or 1106,3230,a3

In the above example 1106 is the PCI vendor ID (in hex, but without
the "0x" prefix) and 3230 specifies the PCI device ID of the
video card (also in hex, without "0x" prefix). a3 specifies the revision.

Under GNU/Linux you can run `lspci -nn` to list the IDs of your PCI devices.

CHECK_REV_IN_OPROM_NAMEdevicestring Select this in the platform BIOS or chipset if the option rom has a revision
that needs to be checked when searching CBFS.

VGA_BIOS_DGPUdeviceboolAdd a discrete VGA BIOS image Select this option if you have a VGA BIOS image for discrete GPU
that you would like to add to your ROM.

You will be able to specify the location and file name of the
image later.

VGA_BIOS_DGPU_FILEdevicestringDiscrete VGA BIOS path and filename The path and filename of the file to use as VGA BIOS for discrete GPU.

VGA_BIOS_DGPU_IDdevicestringDiscrete VGA device PCI IDs The comma-separated PCI vendor and device ID that would associate
your VGA BIOS to your discrete video card.

Examples:
1002,6663 for HD 8570M
1002,6665 for R5 M230

In the above examples 1002 is the PCI vendor ID (in hex, but without
the "0x" prefix) and 6663 / 6665 specifies the PCI device ID of the
discrete video card (also in hex, without "0x" prefix).

Under GNU/Linux you can run `lspci -nn` to list the IDs of your PCI devices.

INTEL_GMA_HAVE_VBTdevicebool Select this in the mainboard Kconfig to indicate the board has
a data.vbt file.

INTEL_GMA_ADD_VBTdeviceboolAdd a Video BIOS Table (VBT) binary to CBFS Add a VBT data file to CBFS. The VBT describes the integrated
GPU and connections, and is needed by the GOP driver integrated into
FSP and the OS driver in order to initialize the display.

INTEL_GMA_VBT_FILEdevicestringVBT binary path and filename The path and filename of the VBT binary.

SOFTWARE_I2CdeviceboolEnable I2C controller emulation in software This config option will enable code to override the i2c_transfer
routine with a (simple) software emulation of the protocol. This may
be useful for debugging or on platforms where a driver for the real
I2C controller is not (yet) available. The platform code needs to
provide bindings to manually toggle I2C lines.

I2C_TRANSFER_TIMEOUT_USdeviceintI2C transfer timeout in microseconds Timeout for a read/write transfers on the I2C bus, that is, the
maximum time a device could stretch clock bits before the transfer
is aborted and an error returned.

RESOURCE_ALLOCATION_TOP_DOWNdeviceboolAllocate resources from top down Top-down allocation is required to place resources above 4G by
default (i.e. even when there is still space below). On some
platforms, it might make a difference because of conflicts with
undeclared resources. EDK2 is currently reported to also have
problems on some platforms, at least with Intel's IGD.

XHCI_UTILSdevicebool Provides xHCI utility functions.

D3COLD_SUPPORTdevicebool Enable this option if all devices on your system support the
D3Cold power management state. The D3Cold state is a low-power
state where the device has been powered down and is no longer
able to maintain its context. This state can help reduce
overall system power consumption, which can be beneficial for
energy savings and thermal management.

Please note that enabling D3Cold support may break system
suspend-to-RAM (S3) functionality.

USE_DDR5device/drambool system supports DDR5 memory

USE_LPDDR4device/drambool system supports LPDDR4 memory

USE_DDR4device/drambool system supports DDR4 memory

USE_DDR3device/drambool system supports DDR3 memory

USE_DDR2device/drambool system supports DDR2 memory

Menu: Generic Drivers
CACHE_MRC_SETTINGSdrivers/mrc_cachebool Save cached MRC settings

MRC_WRITE_NV_LATEdrivers/mrc_cachebool MRC settings are normally written to NVRAM at BS_DEV_ENUMERATE-EXIT.
If a platform requires MRC settings written to NVRAM later than
normal, select this item. This will cause the write to occur at
BS_OS_RESUME_CHECK-ENTRY.

MRC_STASH_TO_CBMEMdrivers/mrc_cachebool Instead of writing back MRC_CACHE training data back to the
MRC_CACHE right away, stash the data into cbmem. This data
will be written back later to MRC_CACHE. This is selected
for platforms which either do not support writes to SPI
flash in early stages
(BOOT_DEVICE_SPI_FLASH_NO_EARLY_WRITES) or the platforms
that need to write back the MRC data in late ramstage boot
states (MRC_WRITE_NV_LATE).

MRC_SAVE_HASH_IN_TPMdrivers/mrc_cacheboolSave a hash of the MRC_CACHE data in TPM NVRAM Store a hash of the MRC_CACHE training data in a TPM NVRAM
space to ensure that it cannot be tampered with.

MRC_CACHE_USING_MRC_VERSIONdrivers/mrc_cachebool Use the MRC version info from FSP extended header to store the MRC cache data.
This method relies on the FSP_PRODUCER_DATA_TABLES belongs to the
`FspProducerDataHeader.h`file to get the MRC version.

Intel FSP built with EDK2 version 202302 onwards has support to retrieve the
MRC version by directly parsing the binary.

DRIVERS_EFI_VARIABLE_STOREdrivers/efiboolInclude EFI variable store driver Adds a driver that is able to read and write an EFI formatted
VariableStore as used by tianocore.

COMMON_CBFS_SPI_WRAPPERdrivers/spibool Use common wrapper to interface CBFS to SPI bootrom.

SPI_FLASHdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash.

SPI_SDCARDdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI sdcard.

BOOT_DEVICE_SPI_FLASH_BUSdrivers/spiint Which SPI bus the boot device is connected to.

BOOT_DEVICE_SPI_FLASH_RW_NOMMAPdrivers/spibool Provide common implementation of the RW boot device that
doesn't provide mmap() operations.

BOOT_DEVICE_SPI_FLASH_NO_EARLY_WRITESdrivers/spibool For platforms who do not allow writes to SPI flash in early
stages like romstage. Not selecting this config will result
in the auto-selection of
BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY if
BOOT_DEVICE_SPI_FLASH_RW_NOMMAP is selected by the platform.

BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLYdrivers/spibool Include the common implementation in all stages, including the
early ones.

SPI_FLASH_SMMdrivers/spibool Select this option if you want SPI flash support in SMM.

SPI_FLASH_NO_FAST_READdrivers/spiboolDisable Fast Read command Select this option if your setup requires to avoid "fast read"s
from the SPI flash parts.

SPI_FLASH_ADESTOdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Adesto Technologies.

SPI_FLASH_AMICdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by AMIC.

SPI_FLASH_ATMELdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Atmel.

SPI_FLASH_EONdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by EON.

SPI_FLASH_GIGADEVICEdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Gigadevice.

SPI_FLASH_MACRONIXdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Macronix.

SPI_FLASH_SPANSIONdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Spansion.

SPI_FLASH_SSTdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by SST.

SPI_FLASH_STMICROdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by ST MICRO.

SPI_FLASH_WINBONDdrivers/spibool Select this option if your chipset driver needs to store certain
data in the SPI flash and your SPI flash is made by Winbond.

SPI_FLASH_HAS_VOLATILE_GROUPdrivers/spibool Allows chipset to group write/erase operations under a single volatile
group.

SPI_FLASH_EXIT_4_BYTE_ADDR_MODEdrivers/spibool This will send an Exit 4-Byte Address Mode (E9h) command before the first
access to the SPI flash. On some platforms with SPI flashes larger than 32MB,
the SPI flash may power up in 4-byte addressing mode and this command needs
to be sent before coreboot's 3-byte address commands can be interpreted correctly.
On flashes that don't support 4-byte addressing mode or where it is already
disabled, this command should be a no-op.

SPI_FLASH_FORCE_4_BYTE_ADDR_MODEdrivers/spibool This will force coreboot to send addresses as 4-bytes instead of 3-bytes.
On some platforms with SPI flashes larger than 16MB, the SPI flash may need
to remain in 4-byte addressing mode.

REALTEK_8168_RESETdrivers/netbool This forces a realtek 10ec:8168 card to reset to ensure power state
is correct at boot.

REALTEK_8168_MACADDRESSdrivers/netstringRealtek rt8168 mac address This is a string to set the mac address on a Realtek rt8168 card.
It must be in the form of "xx:xx:xx:xx:xx:xx", where x is a
hexadecimal number for it to be valid. Failing to do so will
result in the default macaddress being used.

RT8168_SUPPORT_LEGACY_VPD_MACdrivers/netbool Previously VPD expected that device_indexes set to zero were
special cased. Selecting this Kconfig restores the legacy
VPD format and behaviour. If unsure, you likely do not need this!

RT8168_SET_LED_MODEdrivers/netbool This is to set a customized LED mode to distinguish 10/100/1000
link and speed status with limited LEDs available on a board.
Please refer to RTL811x datasheet section 7.2 Customizable LED
Configuration for details. With this flag enabled, the
customized_leds variable will be read from devicetree setting.

RT8168_GEN_ACPI_POWER_RESOURCEdrivers/netbool Select this if an ACPI power resource needs to be generated.

ATHEROS_ATL1E_SETMACdrivers/netbool This sets the MAC address on boards featuring the atheros 1968:1026
NIC which lack an eeprom to store it.

ATHEROS_ATL1E_MACADDRESSdrivers/netstringAtheros AR8121/AR8113/AR8114 mac address This is a string to set the mac address on an Atheros atl1e card.
It must be in the form of "xx:xx:xx:xx:xx:xx", where x is a
hexadecimal number for it to be valid. Failing to do so will
result in the default MAC address being used.

TPM_INIT_RAMSTAGEdrivers/tpmbool This driver automatically initializes the TPM if vboot is not used.
The TPM driver init is done during the ramstage chip init phase.

TPM_PPIdrivers/tpmboolGenerate ACPI code to implement TPM physical presence interface This driver automatically generates ACPI tables for the Physical
Presence Interface defined by the TCG. If not activated only a stub
will be generated without any functionality.

VPDdrivers/vpdboolSupport for Vital Product Data tables Enable support for flash based vital product data.

VPD_FMAP_NAMEdrivers/vpdstring Name of the FMAP region created in the default FMAP to store VPD tables.

VPD_FMAP_SIZEdrivers/vpdhex Size in bytes of the FMAP region created to store VPD tables.

DIGITIZER_AUTODETECTdrivers/lenovoboolAutodetect The presence of digitizer is inferred from model number stored in
AT24RF chip.

DIGITIZER_PRESENTdrivers/lenovoboolPresent The digitizer is assumed to be present.

DIGITIZER_ABSENTdrivers/lenovoboolAbsent The digitizer is assumed to be absent.

USBDEBUGdrivers/usbboolUSB 2.0 EHCI debug dongle support This option allows you to use a so-called USB EHCI Debug device
(such as the Ajays NET20DC, AMIDebug RX, or a system using the
Linux "EHCI Debug Device gadget" driver found in recent kernel)
to retrieve the coreboot debug messages (instead, or in addition
to, a serial port).

This feature is NOT supported on all chipsets in coreboot!

It also requires a USB2 controller which supports the EHCI
Debug Port capability.

See https://www.coreboot.org/EHCI_Debug_Port for an up-to-date list
of supported controllers.

If unsure, say N.

USBDEBUG_IN_PRE_RAMdrivers/usbboolEnable early (pre-RAM) usbdebug Configuring USB controllers in system-agent binary may cause
problems to usbdebug. Disabling this option delays usbdebug to
be setup on entry to ramstage.

If unsure, say Y.

USBDEBUG_HCD_INDEXdrivers/usbintIndex for EHCI controller to use with usbdebug Some boards have multiple EHCI controllers with possibly only
one having the Debug Port capability on an external USB port.

Mapping of this index to PCI device functions is southbridge
specific and mainboard level Kconfig should already provide
a working default value here.

USBDEBUG_DEFAULT_PORTdrivers/usbintDefault USB port to use as Debug Port Selects which physical USB port usbdebug dongle is connected to.
Setting of 0 means to scan possible ports starting from 1.

Intel platforms have hardwired the debug port location and this
setting makes no difference there.

Hence, if you select the correct port here, you can speed up
your boot time. Which USB port number refers to which actual
port on your mainboard (potentially also USB pin headers on
your mainboard) is highly board-specific, and you'll likely
have to find out by trial-and-error.

USBDEBUG_DONGLE_STDdrivers/usbboolUSB gadget driver or Net20DC Net20DC, BeagleBone Black, Raspberry Pi Zero W

USBDEBUG_DONGLE_BEAGLEBONEdrivers/usbboolBeagleBone (not BeagleBone Black) Use this to configure the USB hub on BeagleBone board.
Do NOT select this for the BeagleBone Black.

USBDEBUG_DONGLE_FTDI_FT232Hdrivers/usbboolFTDI FT232H UART Use this with FT232H usb-to-uart. Configuration is hard-coded
to use 8n1, no flow control.

USBDEBUG_DONGLE_WCH_CH347drivers/usbboolWCH CH347 UART Use this with CH347 usb-to-uart. Configuration is hard-coded
to use 8n1, no flow control. For compatibility across modes
0, 1, and 3, only UART 1 is supported. The UART in mode 2 is
not currently supported.

USBDEBUG_DONGLE_FTDI_FT232H_BAUDdrivers/usbintFTDI FT232H baud rate Select baud rate for FT232H in the range 733..12,000,000. Make
sure that your receiving side supports the same setting and your
connection works with it. Multiples of 115,200 seem to be a good
choice, and EHCI debug usually can't saturate more than 576,000.

USBDEBUG_DONGLE_WCH_CH347_BAUDdrivers/usbintWCH CH347 baud rate Select baud rate for CH347 in the range 1200..9,000,000. Make
sure that your receiving side supports the same setting and your
connection works with it. Multiples of 115,200 seem to be a good
choice, and EHCI debug usually can't saturate more than 576,000.

SMMSTORE_V2drivers/smmstoreboolUse version 2 of SMMSTORE API Version 2 of SMMSTORE allows secure communication with SMM and
makes no assumptions on the structure of the data stored within.
It splits the store into chunks to allows fault tolerant writes.

By using version 2 you cannot make use of software that expects
a version 1 SMMSTORE.

SMMSTORE_SIZEdrivers/smmstorehexsize of the SMMSTORE FMAP region Sets the size of the default SMMSTORE FMAP region.
If using an UEFI payload, note that UEFI specifies at least 64K.
The current implementation of SMMSTORE is append only, so until
garbage collection is implemented it is better to set this to
a rather large value.

CRB_TPMdrivers/crbbool Mainboard has Command Response Buffer support

CRB_TPM_BASE_ADDRESSdrivers/crbhex Base Address of the CRB TPM Command Structure

IPMI_KCS_REGISTER_SPACINGdrivers/ipmiint KCS status and command register IO port address spacing

IPMI_FRU_SINGLE_RW_SZdrivers/ipmiint The data size in a single IPMI FRU read/write command.
IPMB messages are limited to 32-bytes total. When the
data size is larger than this value, IPMI can complete
reading/writing the data over multiple commands.

IPMI_KCS_ROMSTAGEdrivers/ipmibool IPMI KCS support in romstage.

BMC_KCS_BASEdrivers/ipmihex The PNP base address of BMC KCS. It must be equal to the
pnp port value defined in devicetree for chip drivers/ipmi.

IPMI_KCS_TIMEOUT_MSdrivers/ipmiint The time unit is millisecond for each IPMI KCS transfer.
IPMI spec v2.0 rev 1.1 Sec. 9.15, a five-second timeout or
greater is recommended.

DRIVERS_IPMI_SUPERMICRO_OEMdrivers/ipmiboolSupermicro IPMI OEM BMC support Tested on X11SSH only. Different BMCs might not support these OEM
commands.
The following features are implemented:
* Communicates the BIOS version to the BMC
* Communicates the BIOS date to the BMC

UART_OVERRIDE_INPUT_CLOCK_DIVIDERdrivers/uartbool Set to "y" when the platform overrides the uart_input_clock_divider
routine.

UART_OVERRIDE_REFCLKdrivers/uartbool Set to "y" when the platform overrides the uart_platform_refclk
routine.

DRIVERS_UART_OXPCIEdrivers/uartboolOxford OXPCIe952 Support for Oxford OXPCIe952 serial port PCIe cards.
Currently only devices with the vendor ID 0x1415 and device ID
0xc158 or 0xc11b will work.

ELOGdrivers/elogboolSupport for flash based event log Enable support for flash based event logging.

ELOG_CBMEMdrivers/elogboolStore a copy of ELOG in CBMEM This option will have ELOG store a copy of the flash event log
in a CBMEM region and export that address in SMBIOS to the OS.
This is useful if the ELOG location is not in memory mapped flash,
but it means that events added at runtime via the SMI handler
will not be reflected in the CBMEM copy of the log.

ELOG_GSMIdrivers/elogboolSMI interface to write and clear event log This interface is compatible with the linux kernel driver
available with CONFIG_GOOGLE_GSMI and can be used to write
kernel reset/shutdown messages to the event log.

ELOG_BOOT_COUNTdrivers/elogboolMaintain a monotonic boot number in CMOS Store a monotonic boot number in CMOS and provide an interface
to read the current value and increment the counter. This boot
counter will be logged as part of the System Boot event.

ELOG_BOOT_COUNT_CMOS_OFFSETdrivers/elogintOffset in CMOS to store the boot count This value must be greater than 16 bytes so as not to interfere
with the standard RTC region. Requires 8 bytes.

CHROMEOS_CAMERAdrivers/camerabool Camera with identifiers following ChromeOS Camera Info. The info is
usually available on MIPI camera EEPROM for identifying correct
drivers and config.

OCP_VPDdrivers/ocp/vpdbool It implements functions that get common VPD variables for OCP projects.

LINUXPAYLOAD_CMDLINE_VPD_OVERWRITEdrivers/ocp/vpdbool Overwrite Linux payload's kernel command line by using VPD. Currently only
overwrite the value of kernel command line 'loglevel'. The Linux kernel command
line data is detected in the last segment loaded in memory and overwritten.

OCP_DMIdrivers/ocp/dmibool It implements the SMBIOS IPMI FRU mapping table defined in
https://www.opencompute.org/documents/facebook-xeon-motherboard-v31
22.3 SMBIOS FRU mapping table

OCP_EWLdrivers/ocp/ewlbool It implements checking FSP Enhanced Warning Log Hob.

DRIVER_PARADE_PS8625drivers/parade/ps8625bool Parade ps8625 display port to lvds bridge

DRIVER_PARADE_PS8640drivers/parade/ps8640bool Parade PS8640 MIPI DSI to eDP Converter

DRIVERS_SOUNDWIRE_MAX98363drivers/soundwire/max98363bool SoundWire MAX98363 audio amp SSDT generator.

DRIVERS_SOUNDWIRE_CS42L42drivers/soundwire/cs42l42bool SoundWire CS42L42 audio codec SSDT generator.

SPI_TPMdrivers/spi/tpmbool SPI TPM driver is enabled!

DRIVERS_PCIE_GENERICdrivers/pcie/genericbool This driver allows attaching arbitrary ACPI properties to
arbitrary PCI root ports or devices. Currently it supports one
property, "DmaProperty", which indicates to the operating system that
the PCIe device may be considered untrusted, and appropriate policies,
e.g. IOMMU isolation, should take place.

DRIVERS_EMULATION_QEMU_BOCHSdrivers/emulation/qemuboolbochs dispi interface vga driver VGA driver for qemu emulated vga cards supporting
the bochs dispi interface. This includes
standard vga, vmware svga and qxl. The default
vga (cirrus) is *not* supported, so you have to
pick another one explicitly via 'qemu -vga $card'.

DRIVERS_I2C_SX9310drivers/i2c/sx9310bool Board has a Semtech SX9310 proximity sensor.

DRIVERS_I2C_PCA9538drivers/i2c/pca9538bool Enable support for I2C I/O expander PCA9538.

DRIVERS_I2C_PTN3460drivers/i2c/ptn3460bool Enable support for external display bridge (eDP to LVDS) PTN3460.

PTN3460_EARLY_INITdrivers/i2c/ptn3460bool Enable early initialization of the PTN3460 DP-to-LVDS bridge

PTN3460_EARLY_ADDRdrivers/i2c/ptn3460hex I2C address for early initialization of the PTN3460 DP-to-LVDS bridge

DRIVERS_I2C_GPIO_MUXdrivers/i2c/gpiomuxbool When enabled, add identifiers in ACPI tables for GPIO based I2C multiplexer.

DRIVERS_I2C_NCT7802Ydrivers/i2c/nct7802ybool The NCT7802Y by Nuvoton is a Hardware Monitoring IC.

I2C_TPMdrivers/i2c/tpmbool I2C TPM driver is enabled!

TPM_ATMELdrivers/i2c/tpmbool The mainboard has an Atmel TPM chip.

DRIVERS_I2C_RV3028C7drivers/i2c/rv3028c7bool Enable support for external RTC chip RV-3028-C7

DRIVERS_I2C_LM96000drivers/i2c/lm96000bool Hardware-monitoring IC LM96000.

DRIVERS_I2C_SX9360drivers/i2c/sx9360bool Board has a Semtech SX9360 proximity sensor.

DRIVERS_I2C_DESIGNWAREdrivers/i2c/designwarebool Designware I2C support

DRIVERS_I2C_DESIGNWARE_CLOCK_MHZdrivers/i2c/designwareint The i2c ip block's clock.

DRIVERS_I2C_SX9324drivers/i2c/sx9324bool Board has a Semtech SX9324 proximity sensor.

DRIVERS_I2C_SX9324_SUPPORT_LEGACY_LINUX_DRIVERdrivers/i2c/sx9324bool Board may use the legacy sx932x linux driver.
This option is mainly to ease migrating from the legacy driver to the
Linux one and should be deleted once all variants finish migration.
This driver never reached upstream Linux and is only available in
ChromeOS kernel fork of 4.4 and 5.4. Linux later accepted a different
implementation named SX9324 and has been available since 5.4.
Ideally all variants should adopt the new driver; however, during the
transition phase, coreboot must support both drivers. By selecting this
option, coreboot's SX9324 driver will specify all properties to work with
both Linux kernel drivers.

DRIVERS_I2C_TAS5825Mdrivers/i2c/tas5825mbool Enable support for TI TAS5825M Amplifier.

DRIVERS_I2C_PI608GPdrivers/i2c/pi608gpbool Enable support for configuring the Pericom PI7C9X2G608GP Gen2 PCIe switch over SMBus.

DRIVERS_I2C_RTD2132drivers/i2c/rtd2132bool Enable support for Realtek RTD2132 DisplayPort to LVDS bridge chip.

DRIVERS_I2C_RX6110SAdrivers/i2c/rx6110sabool Enable support for external RTC chip RX6110 SA.

RX6110SA_DISABLE_ACPIdrivers/i2c/rx6110sabool Disable the generation of an ACPI entry for this RTC. This is helpful
when the native driver for this RTC in OS does not have ACPI support enabled.

DRIVERS_WIFI_GENERICdrivers/wifi/genericbool When enabled, add identifiers in ACPI tables that are common
to WiFi chipsets from multiple vendors.

DRIVERS_INTEL_WIFIdrivers/wifi/genericboolSupport Intel PCI-e WiFi adapters When enabled, add identifiers in ACPI and SMBIOS tables to
make OS drivers work with certain Intel PCI-e WiFi chipsets.

USE_SARdrivers/wifi/genericbool Enable it when wifi driver uses SAR configuration feature.

DSAR_SET_NUMdrivers/wifi/generichexNumber of SAR sets when D-SAR is enabled There can be up to 3 optional SAR table sets.

DRIVERS_TI_SN65DSI86BRIDGEdrivers/ti/sn65dsi86bridgebool TI SN65DSI86 eDP bridge driver

DRIVER_TI_TPS65090drivers/ti/tps65090bool TI TPS65090

DRIVERS_NXP_UWB_SR1XXdrivers/nxp/uwbboolNXP UWB SR1xx driver Enable support for a NXP UWB SR1xx (e.g., SR150) chip.

A configuration should be added to device tree like below:
device ref gspi0 on
chip drivers/nxp/uwb
# The ACPI name of the device. Note it will be
# truncated to 4 characters if a longer name is given.
register "name" = ""UWB0""

# Description of the module.
register "desc" = ""NXP UWB Module""

# SPI bus speed (in Hz).
register "speed" = "1000000"

# The GPIO connected to SENSORINT.
register "irq_gpio" = "ACPI_GPIO_IRQ_LEVEL_HIGH(GPP_F21)"

# The GPIO connected to CHIP_EN.
register "ce_gpio" = "ACPI_GPIO_OUTPUT_ACTIVE_HIGH(GPP_A12)"

# The GPIO connected to WAKEUP.
register "ri_gpio" = "ACPI_GPIO_OUTPUT_ACTIVE_HIGH(GPP_A7)"

device spi 0 on end
end
end

DRIVERS_USB_HUBdrivers/usb/hubbool This driver is for soldered down USB Hub in the mainboard. When enabled,
this driver will add ACPI support for the USB hub and any devices on the
downstream facing ports.

DRIVERS_USB_PCI_XHCIdrivers/usb/pci_xhciNone PCI driver that generates ACPI nodes for an xHCI compatible controller.

MEMORY_MAPPED_TPMdrivers/pc80/tpmbool Board has memory mapped TPM support

TPM_TIS_BASE_ADDRESSdrivers/pc80/tpmhex This can be used to adjust the TPM memory base address.
The default is specified by the TCG PC Client Specific TPM
Interface Specification 1.2 and should not be changed unless
the TPM being used does not conform to TPM TIS 1.2.

TPM_PIRQdrivers/pc80/tpmhex This can be used to specify a PIRQ to use instead of SERIRQ,
which is needed for SPI TPM interrupt support on x86.

VGAdrivers/pc80/vgabool Include legacy VGA support code.

ROMSTAGE_VGAdrivers/pc80/vgabool Include legacy VGA support code in romstage.

DRIVERS_PS2_KEYBOARDdrivers/pc80/pcboolPS/2 keyboard init Enable this option to initialize PS/2 keyboards found connected
to the PS/2 port.

Some payloads (eg, filo) require this option. Other payloads
(eg, GRUB 2, SeaBIOS, Linux) do not require it.
Initializing a PS/2 keyboard can take several hundred milliseconds.

If you know you will only use a payload which does not require
this option, then you can say N here to speed up boot time.
Otherwise say Y.

PS2K_EISAIDdrivers/pc80/pcstring Mainboards can override the default to match vendor drivers and quirks.

PS2M_EISAIDdrivers/pc80/pcstring Mainboards can override the default to match vendor drivers and quirks.

USE_PC_CMOS_ALTCENTURYdrivers/pc80/rtcboolUse legacy-BIOS alt-century byte in CMOS May be useful for legacy OSes that assume its presence.

DRIVERS_ACPI_THERMAL_ZONEdrivers/acpi/thermal_zonebool Adds a chip driver that generates ACPI ThermalZones. See the chapter
on Thermal Management in the ACPI specification.

IPMI_OCPdrivers/ipmi/ocpbool This implements OCP specific IPMI command

IPMI_BMC_SELdrivers/ipmi/ocpbool This implements OCP specific command to generate/send SEL record

RAS_SEL_VENDOR_IDdrivers/ipmi/ocphex This option specifies a vendor ID for BMC SEL messages

DRIVERS_INTEL_PMCdrivers/intel/pmc_muxbool When enabled, driver/intel/pmc_mux will add support for mux
configuration of USB Type-C ports via the SoC's muxes.

INTEL_DDIdrivers/intel/gmabool helper functions for intel DDI operations

INTEL_GMA_SSC_ALTERNATE_REFdrivers/intel/gmabool Set when the SSC reference clock for LVDS runs at a different fre-
quency than the general display reference clock.

To be set by northbridge or mainboard Kconfig. For most platforms,
there is no choice, i.e. for i945 and gm45 the SSC reference always
differs from the display reference clock (i945: 66Mhz SSC vs. 48MHz
DREF; gm45: 100MHz SSC vs. 96Mhz DREF), for Arrandale and newer, it's
the same frequency for SSC/non-SSC (120MHz). The only, currently
supported platform with a choice seems to be Pineview, where the
alternative is 100MHz vs. the default 96MHz.

INTEL_GMA_SWSMISCIdrivers/intel/gmabool Select this option for Atom-based platforms which use the SWSMISCI
register (0xe0) rather than the SWSCI register (0xe8).

GFX_GMA_IGNORE_PRESENCE_STRAPSdrivers/intel/gmabool libgfxinit uses the GPU presence straps to determine if a display port
is present/enabled. Select this option if a board doesn't correctly implement
these straps, causing libgfxinit to fail to detect an attached panel.

GFX_GMA_DEFAULT_MMIOdrivers/intel/gmahex Graphics device MMIO address. This is typically an unused
memory mapping region which can be allocated to the MMIO
region as graphics PCI device Base Address Range zero.

INTEL_GMA_VERSION_2drivers/intel/gmabool Intel display port and pipe related register definitions have changed since
Tiger Lake SoC. This option enables support for the updated `TRANS_DDI_FUNC_CTL`
register definitions.

SoCs that support Intel GMA Version 2 include:
* Alder Lake
* Meteor Lake
* Tiger Lake

If you are unsure whether your SoC supports Intel GMA Version 2, it is safe to
disable this option.

GFX_GMA_DYN_CPUdrivers/intel/gmabool Activates runtime CPU detection in libgfxinit.

GFX_GMA_ANALOG_I2C_PORTdrivers/intel/gmastring Boards with a DVI-I connector share the I2C pins for both analog and
digital displays. In that case, the EDID for a VGA display has to be
read over the I2C interface of the coupled digital port.

DRIVERS_INTEL_DPTFdrivers/intel/dptfbool When enabled, entries in the devicetree are used to generate
Intel DPTF Tables at runtime in the SSDT.

DPTF_USE_EISA_HIDdrivers/intel/dptfbool Prior to Tiger Lake, all DPTF devices used 7-character EISA
IDs. If selected, the 7-character _HIDs will be emitted,
otherwise, it will use the "new" style, which are regular
8-character _HIDs.

DRIVERS_INTEL_DPTF_SUPPORTS_TPCHdrivers/intel/dptfbool When enabled, chip driver/intel/dptf will publish information to the
SSDT for the TPCH device.

DRIVERS_INTEL_DPTF_SUPPORTS_TPWRdrivers/intel/dptfbool When enabled, chip driver/intel/dptf will publish information to the
SSDT for TPWR device.

DRIVERS_INTEL_DPTF_SUPPORTS_TBATdrivers/intel/dptfbool When enabled, chip driver/intel/dptf will publish information to the
SSDT for TBAT device.

DRIVERS_INTEL_MIPI_CAMERAdrivers/intel/mipi_camerabool MIPI CSI I2C camera SSDT generator. Generates SSDB and PWDB
structures which are used by the Intel kernel drivers.

DRIVERS_INTEL_MIPI_SUPPORTS_PRE_PRODUCTION_SOCdrivers/intel/mipi_camerabool Use this config to provide information to IPU kernel driver
if pre-production or production signed IPU FW needs to be loaded.

HAVE_INTEL_PTTdrivers/intel/pttbool Activate if your platform has Intel Platform Trust Technology like Intel iTPM and you want to use it.

DRIVERS_INTEL_ISHdrivers/intel/ishbool When enabled, chip driver/intel/ish will publish information to the
SSDT _DSD table for the ISH device.

PLATFORM_USES_FSP1_1drivers/intel/fsp1_1bool Does the code require the Intel Firmware Support Package?

drivers/intel/fsp1_1(comment)Intel FSP 1.1
HAVE_FSP_BINdrivers/intel/fsp1_1boolAdd Intel FSP binary to flash image Select this option to add an Intel FSP binary to
the resulting coreboot image.

Note: Without this binary, coreboot builds relying on the FSP
will not boot

FSP_FILEdrivers/intel/fsp1_1stringIntel FSP binary path and filename The path and filename of the Intel FSP binary for this platform.

FSP_LOCdrivers/intel/fsp1_1hexIntel FSP Binary location in CBFS The location in CBFS that the FSP is located. This must match the
value that is set in the FSP binary. If the FSP needs to be moved,
rebase the FSP with Intel's BCT (tool).

DISPLAY_UPD_DATAdrivers/intel/fsp1_1boolDisplay UPD data Display the user specified product data prior to memory
initialization.

USE_GENERIC_FSP_CAR_INCdrivers/intel/fsp1_1bool The chipset can select this to use a generic cache_as_ram.inc file
that should be good for all FSP based platforms.

SKIP_FSP_CARdrivers/intel/fsp1_1bool Selected by platforms that implement their own CAR setup.

BMP_LOGOdrivers/intel/fsp1_1boolEnable logo Uses the FSP to display the boot logo. This method supports a
BMP file only. The uncompressed size can be up to 1 MB.

PLATFORM_USES_FSP2_0drivers/intel/fsp2_0bool Include FSP 2.0 wrappers and functionality

PLATFORM_USES_FSP2_1drivers/intel/fsp2_0bool Include FSP 2.1 wrappers and functionality.
Feature added into FSP 2.1 specification that impacts coreboot is:
1. Remove FSP stack switch and use the same stack with boot firmware

PLATFORM_USES_FSP2_2drivers/intel/fsp2_0bool Include FSP 2.2 wrappers and functionality.
Features added into FSP 2.2 specification that impact coreboot are:
1. Added multi-phase silicon initialization to increase the modularity of the
FspSiliconInit() API
2. FSP_INFO_HEADER changes to add FspMultiPhaseSiInitEntryOffset
3. Added EnableMultiPhaseSiliconInit, bootloaders designed for FSP2.0/2.1 can disable
the FspMultiPhaseSiInit() API and continue to use FspSiliconInit() without change.

PLATFORM_USES_FSP2_3drivers/intel/fsp2_0bool Include FSP 2.3 wrappers and functionality.
Features added into FSP 2.3 specification that impact coreboot are:
1. Added ExtendedImageRevision field in FSP_INFO_HEADER
2. Added FSP_NON_VOLATILE_STORAGE_HOB2

PLATFORM_USES_FSP2_X86_32drivers/intel/fsp2_0bool The FSP 2.0 runs in x86_32 protected mode.
Once there's a x86_64 FSP this needs to default to n.

HAVE_INTEL_FSP_REPOdrivers/intel/fsp2_0bool Select this, if the FSP binaries for the platform are public
and available in 3rdparty/fsp/. When selecting this option, the
platform must also set FSP_HEADER_PATH and FSP_FD_PATH correctly.

FSP_USE_REPOdrivers/intel/fsp2_0boolUse binaries of the Intel FSP repository on GitHub Select this option to use the default FSP headers and binaries
found in the IntelFsp GitHub repository at

https://github.com/IntelFsp/FSP/

If unsure, say Y.

FSP_HEADER_PATHdrivers/intel/fsp2_0stringLocation of FSP headers Include directory with the FSP ABI header files.

ADD_FSP_BINARIESdrivers/intel/fsp2_0boolAdd Intel FSP 2.0 binaries to CBFS Add the FSP-M and FSP-S binaries to CBFS.

FSP_T_LOCATIONdrivers/intel/fsp2_0hex The location for FSP-T.

FSP_FULL_FDdrivers/intel/fsp2_0boolUse a combined FSP FD file Use a combined FSP FD file instead of specifying individual, already split
binaries and split the file at build-time.

FSP_FD_PATHdrivers/intel/fsp2_0stringLocation of FSP FD file Path to the FSP FD file that contains the individual FSP-T, FSP-M
and FSP-S binaries. The file gets split at build-time.

FSP_T_FILEdrivers/intel/fsp2_0stringIntel FSP-T (temp RAM init) binary path and filename The path and filename of the Intel FSP-T binary for this platform.

FSP_M_FILEdrivers/intel/fsp2_0stringIntel FSP-M (memory init) binary path and filename The path and filename of the Intel FSP-M binary for this platform.

FSP_S_FILEdrivers/intel/fsp2_0stringIntel FSP-S (silicon init) binary path and filename The path and filename of the Intel FSP-S binary for this platform.

FSP_CARdrivers/intel/fsp2_0bool Use FSP APIs to initialize & Tear Down the Cache-As-Ram

FSP_T_RESERVED_SIZEdrivers/intel/fsp2_0hex This is the size of the area reserved by FSP-T. This is not
defined in the FSP specification but in the SOC integration
guides.

NO_FSP_TEMP_RAM_EXITdrivers/intel/fsp2_0bool Select this on a platform where you want to use FSP-T but use
coreboot code to tear down CAR.

FSP_M_XIPdrivers/intel/fsp2_0bool Select this value when FSP-M is execute-in-place.

FSP_T_XIPdrivers/intel/fsp2_0bool Select this value when FSP-T is execute-in-place.

FSP_USES_CB_STACKdrivers/intel/fsp2_0bool Enable support for fsp to use same stack as coreboot.
This option allows fsp to continue using coreboot stack
without reinitializing stack pointer. This feature is
supported Icelake onwards.

FSP_TEMP_RAM_SIZEdrivers/intel/fsp2_0hex The amount of memory coreboot reserves for the FSP to use. In the
case of FSP 2.1 and newer that share the stack with coreboot instead
of having its own stack, this is the amount of anticipated heap usage
in CAR by FSP to setup HOB and needs to be the recommended value from
the Platform FSP integration guide. In the case of the FSP having its
own stack that will be placed in DRAM and not in CAR, this is the
amount of memory the FSP needs for its stack and heap.

FSP_PLATFORM_MEMORY_SETTINGS_VERSIONSdrivers/intel/fsp2_0bool This is selected by SoC or mainboard to supply their own
concept of a version for the memory settings respectively.
This allows deployed systems to bump their version number
with the same FSP which will trigger a retrain of the memory.

BMP_LOGOdrivers/intel/fsp2_0boolEnable logo Uses the FSP to display the boot logo. This method supports a
BMP file only. The uncompressed size can be up to 1 MB. The logo can
be compressed based on either `BMP_LOGO_COMPRESS_*` configs (default LZMA).

BMP_LOGO_COMPRESS_LZMAdrivers/intel/fsp2_0boolUse LZMA compression for BMP logo This option enables the use of LZMA compression for the BMP logo.
LZMA is a lossless compression algorithm that can significantly reduce
the size of the logo, without sacrificing quality.

If this option is not enabled, the BMP logo will be uncompressed.

BMP_LOGO_COMPRESS_LZ4drivers/intel/fsp2_0boolCompress BMP logo using LZ4 This option enables compression of the BMP logo using the LZ4 algorithm.
Although the size reduction is not as efficient as LZMA compression, however,
it can also make the boot process slightly faster compared to the LZMA.

FSP_ALIGNMENT_FSP_Sdrivers/intel/fsp2_0int Sets the CBFS alignment for FSP-S

FSP_ALIGNMENT_FSP_Mdrivers/intel/fsp2_0int Sets the CBFS alignment for FSP-M

FSP_M_ADDRdrivers/intel/fsp2_0hex The address FSP-M will be relocated to during build time

FSP_STATUS_GLOBAL_RESET_REQUIRED_3drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESET_REQUIRED_4drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESET_REQUIRED_5drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESET_REQUIRED_6drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESET_REQUIRED_7drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESET_REQUIRED_8drivers/intel/fsp2_0bool FSP Reset Status code used for global reset as per FSP EAS v2.0 section 11.2.2

FSP_STATUS_GLOBAL_RESETdrivers/intel/fsp2_0hex If global reset is supported by SoC then select the correct status value for global
reset type from SoC Kconfig based on available Kconfig options
FSP_STATUS_GLOBAL_RESET_REQUIRED_X. Default is unsupported.

SOC_INTEL_COMMON_FSP_RESETdrivers/intel/fsp2_0bool Common code block to handle platform reset request raised by FSP. The FSP
will use the FSP EAS v2.0 section 12.2.2 (OEM Status Code) to indicate that
a reset is required.

FSPS_HAS_ARCH_UPDdrivers/intel/fsp2_0bool SoC users must select this Kconfig if the `FSPS_UPD` header has architecture
UPD structure as `FSPS_ARCH_UPD`. Typically, platform with FSP 2.2 specification
onwards has support for `FSPS_ARCH_UPD` section as part of `FSPS_UPD` structure.
But there are some exceptions as in TGL, JSL, XEON_SP FSP header doesn't have
support for FSPS_ARCH_UPD.

FSPS_USE_MULTI_PHASE_INITdrivers/intel/fsp2_0bool SoC users to select this Kconfig to set EnableMultiPhaseSiliconInit to enable and
execute FspMultiPhaseSiInit() API.

USE_FSP_NOTIFY_PHASE_POST_PCI_ENUMdrivers/intel/fsp2_0bool The FSP API is used to notify the FSP about different phases in the boot process.
The current FSP specification supports three notify phases:
- Post PCI enumeration
- Ready to Boot
- End of Firmware
This option allows FSP to execute Notify Phase API (Post PCI enumeration).
SoC users can override this config to use coreboot native implementations
to perform the required lock down and chipset register configuration prior
to executing any 3rd-party code during PCI enumeration (i.e. Option ROM).

coreboot native implementation to skip FSP Notify Phase (Post PCI enumeration)
is still WIP.

USE_FSP_NOTIFY_PHASE_READY_TO_BOOTdrivers/intel/fsp2_0bool The FSP API is used to notify the FSP about different phases in the boot process.
The current FSP specification supports three notify phases:
- Post PCI enumeration
- Ready to Boot
- End of Firmware
This option allows FSP to execute Notify Phase API (Ready to Boot).
SoC users can override this config to use coreboot native implementations
to perform the required lock down and chipset register configuration prior
boot to payload.

USE_FSP_NOTIFY_PHASE_END_OF_FIRMWAREdrivers/intel/fsp2_0bool The FSP API is used to notify the FSP about different phases in the boot process.
The current FSP specification supports three notify phases:
- Post PCI enumeration
- Ready to Boot
- End of Firmware
This option allows FSP to execute Notify Phase API (End of Firmware).
SoC users can override this config to use coreboot native implementations
to perform the required lock down and chipset register configuration prior
boot to payload.

FSP_USES_CB_DEBUG_EVENT_HANDLERdrivers/intel/fsp2_0bool This option allows to create `Debug Event Handler` to print FSP debug messages
to output device using coreboot native implementation.

DISPLAY_FSP_TIMESTAMPSdrivers/intel/fsp2_0boolDisplay FSP Timestamps Select this config to retrieve FSP timestamps from Firmware Performance Data Table
(FPDT) and display from ramstage after FSP-S is executed.

To be able to use this, FSP has to be compiled with `PcdFspPerformanceEnable` set to
`TRUE`.

FSP_ENABLE_SERIAL_DEBUGdrivers/intel/fsp2_0boolOutput FSP debug messages on serial console Output FSP debug messages on serial console.

The config option is selected based on your FSP configuration i.e., debug or
release. Enable this option from site-local to print FSP serial messages using
coreboot native debug driver when coreboot has integrated the debug FSP
binaries. coreboot disables serial messages when this config is not enabled.

FSP_NVS_DATA_POST_SILICON_INITdrivers/intel/fsp2_0bool Select this config to enable the workaround for Intel SoC platforms that
do not adhere to the FSP 2.x specification requirement, where the FSP
Silicon Init API produces Non-Volatile Storage (NVS) data instead of the
FSP-Memory Init API.

According to the FSP 2.x specification (section 11.3), the FSP populates the
NVS data using the FSP_NON_VOLATILE_STORAGE_HOB and expects the boot firmware
to parse the FSP_NON_VOLATILE_STORAGE_HOB after the FspMemoryInit() API in API
mode.

However, not all Intel SoC platforms that support the FSP 2.x specification
adhere to this requirement. For example, the FSP binary for XEON SP platform
produces NVS data (aka FSP_NON_VOLATILE_STORAGE_HOB) after the FspSiliconInit()
API. Therefore, attempting to locate NVS data after the FspMemoryInit() API on
these platforms would result in an error. Use this config to find the NVS data
and store it in Non-Volatile Storage after the FspSiliconInit() API.

FSP_MULTIPHASE_SI_INIT_RETURN_BROKENdrivers/intel/fsp2_0bool Select this config for Intel SoC platform where FSP MultiPhaseSiInit API is unable
to return ERROR status properly.

The config option will be selected based on the target SoC platform and if the
problem existed inside the FSP MultiPhaseSiInit. At present the problem has only
reported with Alder Lake and Raptor Lake FSP where MultiPhaseSiInit API is unable
to return any ERROR status.

DRIVERS_SIL_3114drivers/sil/3114boolSilicon Image SIL3114 It sets PCI class to IDE compatible native mode, allowing
SeaBIOS, FILO etc... to boot from it.

DRIVERS_GENESYSLOGIC_GL9755drivers/genesyslogic/gl9755boolGenesys Logic GL9755 GL9755 is a PCI Express Rev. 2.1 compliant card reader controller
which integrates PCI Express PHY, UHS-II PHY, memory card access
interface, regulators (3.3V-to-1.8V and 3.3V-to-1.2V) and card
power switch.

DRIVERS_GENESYSLOGIC_GL9750drivers/genesyslogic/gl9750boolGenesys Logic GL9750 GL9750 is a PCI Express Rev. 1.1 compliant card reader controller
which integrates PCI Express PHY, memory card access interface,
regulators (3.3V-to-1.2V) and card power switch. Enabling this driver
will disable L0s support, which will allow the device to enter the
PCIe L1 link state.

DRIVERS_GFX_GENERICdrivers/gfx/genericbool Include support for generic graphics device in devicetree

DRIVERS_WWAN_FM350GLdrivers/wwan/fmbool This driver is for Fibocom FM350-GL PCIe 5G WWAN.
When enabled, this driver will add support for ACPI controlled
WWAN using GPIOs for power/reset control of the device.
This driver depends on rtd3 driver code to build as it needs to
point to the rtd3 chip on the same parent for the methods provided
only for the same root port.

DRIVER_MAXIM_MAX77686drivers/maxim/max77686bool Maxim MAX77686 power regulator

DRIVERS_GENERIC_CBFS_UUIDdrivers/generic/cbfs-uuidboolSystem UUID in CBFS Enable this option to read the SMBIOS system UUID from a
text file located in CBFS.

DRIVERS_GENERIC_CBFS_SERIALdrivers/generic/cbfs-serialboolSerial number in CBFS Enable this option to read the board serial number from a
text file located in CBFS.

DRIVERS_PCIE_RTD3_DEVICEdrivers/pcie/rtd3/devicebool When enabled, this driver will add support for ACPI controlled
Runtime D3 using GPIOs for power/reset control of the PCIe device.

DRIVERS_ETH_PHY_M88E1512drivers/net/phy/m88e1512bool Enable support for external Marvell PHY chip 88E1512.

DRIVERS_INTEL_USB4_RETIMERdrivers/intel/usb4/retimerbool A retimer is a device that retransmits a fresh copy of the signal it
receives, by doing CDR and retransmitting the data (i.e., it is
protocol-aware). If your mainboard has a USB4 retimer (usually
located close to the USB4 ports), then select this driver.

MP_SERVICES_PPIdrivers/intel/fsp2_0/ppibool This option allows to create MP service PPI for Intel FSP usage.
Intel FSP will use this PPI to run CPU feature programming on APs.

MP_SERVICES_PPI_V1drivers/intel/fsp2_0/ppibool This option provides EFI_PEI_MP_SERVICES_PPI structure definitions
along with all APIs as per edk2 specification.

MP_SERVICES_PPI_V2drivers/intel/fsp2_0/ppibool This option provides EDKII_PEI_MP_SERVICES2_PPI structure definitions
along with all APIs as per edk2 specification. MP services2 PPI is slight
modification over MP services1 PPIs. A new API StartupAllCPUs have been
added to allow running a task on BSP and all APs. Also the EFI_PEI_SERVICES
parameter has been removed from all MP PPI APIs.

MP_SERVICES_PPI_V2_NOOPdrivers/intel/fsp2_0/ppibool This option implement EFI_PEI_MP_SERVICES_PPI structure definitions
with APIs that returns mp_api_unsupported().

STORAGE_ERASEcommonlib/storageboolSupport SD/MMC erase operations Select to enable SD/MMC erase oprations

STORAGE_WRITEcommonlib/storageboolSupport SD/MMC write operations Select to enable SD/MMC write oprations

SD_MMC_DEBUGcommonlib/storageboolDebug SD/MMC card/devices operations Display overview of SD/MMC card/device operations

SD_MMC_TRACEcommonlib/storageboolTrace SD/MMC card/device operations Display details of SD/MMC card/device operations

SDHC_DEBUGcommonlib/storageboolDebug SD/MMC controller settings Display clock speed and bus width settings

SDHC_TRACEcommonlib/storageboolTrace SD/MMC controller operations Display the operations performed by the SD/MMC controller

SDHCI_ADMA_IN_BOOTBLOCKcommonlib/storagebool Determine if bootblock is able to use ADMA2 or ADMA64

SDHCI_ADMA_IN_ROMSTAGEcommonlib/storagebool Determine if romstage is able to use ADMA2 or ADMA64

SDHCI_ADMA_IN_VERSTAGEcommonlib/storagebool Determine if verstage is able to use ADMA2 or ADMA64

Menu: Security
Menu: CBFS verification
CBFS_VERIFICATIONlib.cbfs_verificationboolEnable CBFS verification Say yes here to enable code that cryptographically verifies each CBFS
file as it gets loaded by chaining it to a trust anchor that is
embedded in the bootblock. This only makes sense if you use some
out-of-band mechanism to guarantee the integrity of the bootblock
itself, such as Intel Boot Guard or flash write-protection.

If a CBFS image was created with this option enabled, cbfstool will
automatically update the hash embedded in the bootblock whenever it
modifies the CBFS.

TOCTOU_SAFETYlib.cbfs_verificationboolProtect against time-of-check vs. time-of-use vulnerabilities Say yes here to eliminate time-of-check vs. time-of-use vulnerabilities
for CBFS verification. This means that data from flash must be verified
every time it is loaded (not just the first time), which requires a bit
more overhead and is incompatible with certain configurations.

Using this option only makes sense when the mechanism securing the
bootblock is also safe against these vulnerabilities (i.e. there's no
point in enabling this when you just rely on flash write-protection).

CBFS_ALLOW_UNVERIFIED_DECOMPRESSIONlib.cbfs_verificationboolRun decompression algorithms on potentially untrusted code This controls whether cbfs_unverified_area_...() access functions may
decompress files. This exposes the attack surface of all supported
decompression algorithms. Even if you don't compress the files you are
planning to load with these functions, since file metadata is also
unverified, an attacker can potentially replace them with compressed
files to access a vulnerability in the decompression code.

If you don't need to load compressed files from unverified areas, say
no here for tighter security.

CBFS_HASH_ALGOlib.cbfs_verificationintHash algorithm Select the hash algorithm used in CBFS verification. Note that SHA-1 is
generally considered insecure today and should not be used without good
reason. When using CBFS verification together with measured boot, using
the same hash algorithm (usually SHA-256) for both is more efficient.

Menu: Verified Boot (vboot)
VBOOT_LIBsecurity/vbootbool Build and link the vboot library. Makes the vboot API accessible across
all coreboot stages, without enabling vboot verification. For verification,
please see the VBOOT option below.

VBOOTsecurity/vbootboolVerify firmware with vboot. Enabling VBOOT will use vboot to verify the components of the firmware
(stages, payload, etc).

security/vboot(comment)Anti-Rollback Protection disabled because mocking secdata is enabled.
VBOOT_SLOTS_RW_Asecurity/vbootboolFirmware RO + RW_A Have one update partition beside the RO partition.

VBOOT_SLOTS_RW_ABsecurity/vbootboolFirmware RO + RW_A + RW_B Have two update partitions beside the RO partition.

VBOOT_CBFS_INTEGRATIONsecurity/vbootboolEnable vboot and CBFS integration Say yes here to enable cryptographic verification of RW slots CBFS
metadata. This will replace body hash verification.

This option enables integration of vboot and CBFS. Verification of RW
slots is performed by calculation of their CBFS metadata hash.
It also requires CBFS_VERIFICATION to be enabled, so that CBFS files
contents are correctly verified.

VBOOT_VBNV_CMOSsecurity/vbootbool VBNV is stored in CMOS

VBOOT_VBNV_OFFSETsecurity/vboothex CMOS offset for VbNv data. This value must match cmos.layout
in the mainboard directory, minus 14 bytes for the RTC.

VBOOT_VBNV_CMOS_BACKUP_TO_FLASHsecurity/vbootbool Vboot non-volatile storage data will be backed up from CMOS to flash
and restored from flash if the CMOS is invalid due to power loss.

VBOOT_VBNV_FLASHsecurity/vbootbool VBNV is stored in flash storage

VBOOT_STARTS_BEFORE_BOOTBLOCKsecurity/vbootbool Firmware verification happens before the main processor is brought
online.

VBOOT_STARTS_IN_BOOTBLOCKsecurity/vbootbool Firmware verification happens during the end of or right after the
bootblock. This implies that a static VBOOT2_WORK() buffer must be
allocated in memlayout.

VBOOT_STARTS_IN_ROMSTAGEsecurity/vbootbool Firmware verification happens during the end of romstage (after
memory initialization). This implies that the vboot work buffer is
in CBMEM from the start and doesn't need to be reserved in memlayout.

VBOOT_MOCK_SECDATAsecurity/vbootboolMock secdata for firmware verification Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
verification to avoid access to a secdata storage (typically TPM).
All operations for a secdata storage will be successful. This option
can be used during development when a TPM is not present or broken.
THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.

VBOOT_DISABLE_DEV_ON_RECOVERYsecurity/vbootbool When this option is enabled, the ChromeOS device leaves the
developer mode as soon as recovery request is detected. This is
handy on embedded devices with limited input capabilities.

VBOOT_SEPARATE_VERSTAGEsecurity/vbootbool If this option is set, vboot verification runs in a standalone stage
that is loaded from the bootblock and exits into romstage. If it is
not set, the verification code is linked directly into the bootblock
or the romstage and runs as part of that stage (cf. related options
VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and VBOOT_RETURN_FROM_VERSTAGE).

VBOOT_RETURN_FROM_VERSTAGEsecurity/vbootbool If this is set, the verstage returns back to the calling stage instead
of exiting to the succeeding stage so that the verstage space can be
reused by the succeeding stage. This is useful if a RAM space is too
small to fit both the verstage and the succeeding stage.

VBOOT_MUST_REQUEST_DISPLAYsecurity/vbootbool Set this option to indicate to vboot that this platform will skip its
display initialization on a normal (non-recovery, non-developer) boot.
Unless display is specifically requested, the video option ROM is not
loaded, and any other native display initialization code is not run.

VBOOT_ALWAYS_ENABLE_DISPLAYsecurity/vbootboolForce to always enable display Set this option to indicate to vboot that display should always be enabled.

VBOOT_ALWAYS_ALLOW_UDCsecurity/vbootboolAlways allow UDC This option allows UDC to be enabled regardless of the vboot state.

VBOOT_HAS_REC_HASH_SPACEsecurity/vbootbool Set this option to indicate to vboot that recovery data hash space
is present in TPM.

VBOOT_LID_SWITCHsecurity/vbootbool Whether this platform has a lid switch. If it does, vboot will not
decrement try counters for boot failures if the lid is closed.

VBOOT_WIPEOUT_SUPPORTEDsecurity/vbootbool When this option is enabled, the firmware provides the ability to
signal the application the need for factory reset (a.k.a. wipe
out) of the device

VBOOT_FWID_MODELsecurity/vbootstringFirmware ID model This is the first part of the FWID written to various regions of a
vboot firmware image to identify its version.

VBOOT_FWID_VERSIONsecurity/vbootstringFirmware ID version This is the second part of the FWID written to various regions of a
vboot firmware image to identify its version.

VBOOT_NO_BOARD_SUPPORTsecurity/vbootboolAllow the use of vboot without board support Enable weak functions for get_write_protect_state and
get_recovery_mode_switch in order to proceed with refactoring
of the vboot2 code base. Later on this code is removed and replaced
by interfaces.

RO_REGION_ONLYsecurity/vbootstringAdditional files that should not be copied to RW Add a space delimited list of filenames that should only be in the
RO section.

RW_REGION_ONLYsecurity/vbootstring Add a space delimited list of filenames that should only be in the
RW sections.

RWA_REGION_ONLYsecurity/vbootstring Add a space-delimited list of filenames that should only be in the
RW-A section.

RWB_REGION_ONLYsecurity/vbootstring Add a space-delimited list of filenames that should only be in the
RW-B section.

CBFS_MCACHE_RW_PERCENTAGEsecurity/vbootintPercentage of CBFS metadata cache used for RW CBFS The amount of the CBFS_MCACHE area that's used for the RW CBFS, in
percent from 0 to 100. The remaining area will be used for the RO
CBFS. Default is an even 50/50 split. When VBOOT is disabled, this
will automatically be 0 (meaning the whole MCACHE is used for RO).
Do NOT change this value for vboot RW updates!

VBOOT_ENABLE_CBFS_FALLBACKsecurity/vbootbool When this option is enabled, the CBFS code will look for a file in the
RO (COREBOOT) region if it isn't available in the active RW region.

VBOOT_EARLY_EC_SYNCsecurity/vbootbool Enables CrOS EC software sync in romstage, before memory training
runs. This is useful mainly as a way to achieve full USB-PD
negotiation earlier in the boot flow, as the EC will only do this once
it has made the sysjump to its RW firmware. It should not
significantly impact boot time, as this operation will be performed
later in the boot flow if it is disabled here.

VBOOT_EC_EFSsecurity/vbootboolEarly firmware selection (EFS) EC CrosEC can support EFS: Early Firmware Selection. If it's enabled,
software sync needs to also support it. This setting tells vboot to
perform EFS software sync.

VBOOT_X86_SHA256_ACCELERATIONsecurity/vbootboolUse sha extension for sha256 hash calculation Use sha256msg1, sha256msg2, sha256rnds2 instruction to accelerate
SHA hash calculation in vboot.

VBOOT_ARMV8_CE_SHA256_ACCELERATIONsecurity/vbootboolUse ARMv8 Crypto Extension for sha256 hash calculation Use ARMv8 Crypto Extension to accelerate SHA hash calculation in vboot.

VBOOT_DEFINE_WIDEVINE_COUNTERSsecurity/vbootbool Set up Widevine Secure Counters in TPM NVRAM by defining space. Enabling this
config will only define the counter space. Counters need to be incremented
separately before any read operation is performed on them.

VBOOT_HASH_BLOCK_SIZEsecurity/vboothex Set the default hash size. Generally 1k is reasonable, but in some
cases it may improve hashing speed to increase the size.

Note that this buffer is allocated in the stack. Although the
build should fail if the stack size is exceeded, it's something to
be aware of when changing the size.

VBOOT_GSCVDsecurity/vbootboolGenerate GSC verification data Generate a Google Security Chip Verification Data (GSCVD) structure on the flash to
allow the GSC to verify the CBFS verification anchor. Used by default with Ti50 GSCs.
Requires an RO_GSCVD FMAP section.

VBOOT_GSC_BOARD_IDsecurity/vbootstring GSC board ID to be embedded in the GSCVD. Usually each specific mainboard variant
has its own. Google engineers can find these in the go/cros-dlm database ("Products").
The specific board IDs are filled in as part of the production signing process, so
this value is just a default and doesn't need to be set per-variant in coreboot.
(Note: This is a completely separate thing from coreboot's `board_id()` function.)

Menu: GBB configuration
GBB_HWIDsecurity/vbootstringHardware ID A hardware identifier for device. On ChromeOS this is used for auto
update and recovery, and will be generated when manufacturing by the
factory software, in a strictly defined format.
Leave empty to get a test-only ChromeOS HWID v2 string generated.

Menu: Vboot Keys
POWER_OFF_ON_CR50_UPDATEsecurity/tpm/tss/vendor/cr50bool Power off machine while waiting for CR50 update to take effect.

CR50_USE_LONG_INTERRUPT_PULSESsecurity/tpm/tss/vendor/cr50bool Whether to request longer interrupt pulses using Cr50 BOARD_CFG register.
If the Cr50 firmware is too old, it will not be able to honor the request.

GOOGLE_TPM_IRQ_TIMEOUT_MSsecurity/tpm/tss/vendor/cr50int Timeout in milliseconds for waiting for TPM IRQ. Default to 100ms/10ms on platforms
using Cr50 in order to support legacy pre-ready-IRQ cr50 factory images. Default to
750ms otherwise.

CR50_RESET_CLEAR_EC_AP_IDLE_FLAGsecurity/tpm/tss/vendor/cr50bool Select this if the variant is a Chromebox/base. This allows AP to direct EC
to clear AP_IDLE flag after AP shutdown before triggering CR50 reset and
shutting down AP so that AP can boot up after CR50 reset.

Menu: Trusted Platform Module
NO_TPMsecurity/tpmboolNo TPM No TPM support. Select this option if your system doesn't have a TPM,
or if you don't want coreboot to communicate with your TPM in any way.
(If your board doesn't offer a TPM interface, this will be the only
possible option.)

TPM1security/tpmboolTPM 1.2 Select this option if your TPM uses the older TPM 1.2 protocol.

TPM2security/tpmboolTPM 2.0 Select this option if your TPM uses the newer TPM 2.0 protocol.

MAINBOARD_HAS_TPM1security/tpmbool This option can be selected by a mainboard to represent that its TPM
always uses the 1.2 protocol, and that it should be on by default.

MAINBOARD_HAS_TPM2security/tpmbool This option can be selected by a mainboard to represent that its TPM
always uses the 2.0 protocol, and that it should be on by default.

TPM_DEACTIVATEsecurity/tpmboolDeactivate TPM Deactivate TPM by issuing deactivate command.

DEBUG_TPMsecurity/tpmboolOutput verbose TPM debug messages This option enables additional TPM related debug messages.

TPM_RDRESP_NEED_DELAYsecurity/tpmboolEnable Delay Workaround for TPM Certain TPMs seem to need some delay when reading response
to work around a race-condition-related issue, possibly
caused by ill-programmed TPM firmware.

TPM_STARTUP_IGNORE_POSTINITsecurity/tpmbool Select this to ignore POSTINIT INVALID return codes on TPM
startup. This is useful on platforms where a previous stage
issued a TPM startup. Examples of use cases are Intel TXT
or VBOOT on the Intel Arrandale processor, which issues a
CPU-only reset during the romstage.

TPM_MEASURED_BOOTsecurity/tpmboolEnable Measured Boot Enables measured boot (experimental)

TPM_LOG_CBsecurity/tpmboolcoreboot's custom format Custom coreboot-specific format of the log derived from TPM1 log format.
TPM_LOG_TPM1security/tpmboolTPM 1.2 format Log per TPM 1.2 specification.
See "TCG PC Client Specific Implementation Specification for Conventional BIOS".
TPM_LOG_TPM2security/tpmboolTPM 2.0 format Log per TPM 2.0 specification.
See "TCG PC Client Platform Firmware Profile Specification".

TPM_MEASURED_BOOT_INIT_BOOTBLOCKsecurity/tpmbool Initialize TPM inside the bootblock instead of ramstage. This is
useful with some form of hardware assisted root of trust
measurement like Intel TXT/CBnT.

TPM_MEASURED_BOOT_RUNTIME_DATAsecurity/tpmstringRuntime data whitelist Runtime data whitelist of cbfs filenames. Needs to be a
space delimited list

TPM_SETUP_HIBERNATE_ON_ERRsecurity/tpmbool Select this to force a device to hibernate on the next AP shutdown when a TPM
setup error occurs. This will cause a cold boot of the system and offer an
opportunity to recover the TPM should it be hung. This is only effective if
the Z-State brings the power rail down.

Menu: Memory initialization
PLATFORM_HAS_DRAM_CLEARsecurity/memorybool Selected by platforms that support clearing all DRAM
after DRAM initialization.

SECURITY_CLEAR_DRAM_ON_REGULAR_BOOTsecurity/memoryboolAlways clear all DRAM on regular boot Always clear the DRAM after DRAM initialization regardless
of additional security implementations in use.
This increases boot time depending on the amount of DRAM
installed.

INTEL_TXT_LIBsecurity/intel/txtbool This option includes library functions related to the TXT
operation which SoC would still like to access without enabling
INTEL_TXT config.

INTEL_TXT_BIOSACM_FILEsecurity/intel/txtstringBIOS ACM file Intel TXT BIOS ACM file. This file can be obtained through privileged
access to Intel resources. Or for some platforms found inside the
blob repository.

INTEL_TXT_SINITACM_FILEsecurity/intel/txtstringSINIT ACM file Intel TXT SINIT ACM file. This file can be obtained through privileged
access to Intel resources. Or for some platforms found inside the
blob repository.

INTEL_TXT_DPR_SIZEsecurity/intel/txtint Specify the size the DPR region needs to have. On at least Haswell,
the MRC does not have an input to specify the size of DPR, so this
field is only used to check if the programmed size is large enough.

INTEL_TXT_BDR_VERSIONsecurity/intel/txtintBIOS Data Region version Specify the TXT heap BIOS Data Region version. Sometimes when using
an older Trusted Boot version, it may report unsupported BIOS Data
Region version and refuse to set up the measured launch environment.
Setting lower version may work around such issue. Allowed values
currently range from 2 to 6.

INTEL_TXT_TEST_BIOS_ACM_CALLING_CODEsecurity/intel/txtboolTest BIOS ACM calling code with NOP function Run a NOP function of the BIOS ACM to check that the ACM calling code
is functioning properly. Use in pre-production environments only!

INTEL_TXT_LOGGINGsecurity/intel/txtboolEnable verbose logging Print more TXT related debug output.
Use in pre-production environments only!

INTEL_TXT_BIOSACM_ALIGNMENTsecurity/intel/txthex Exceptions are Ivy and Sandy Bridge with 64 KiB and Purley with 256 KiB
alignment size. If necessary, override from platform-specific Kconfig.

INTEL_TXT_SINIT_SIZEsecurity/intel/txthex This is the size that will be programmed in TXT_SINIT_SIZE.
This needs to be at least the size of the SINIT ACM.
This is platform dependent. For instance on CPX this has
to be the ACM size + 64K.

INTEL_TXT_HEAP_SIZEsecurity/intel/txthex This is the size that will be programmed in TXT_HEAP_SIZE.
This is platform dependent.

STMsecurity/intel/stmboolEnable STM Enabling the STM will load a simple hypervisor into SMM that will
restrict the actions of the SMI handler, which is the part of BIOS
that functions in system management mode (SMM). The kernel can
configure the STM to prevent the SMI handler from accessing platform
resources.
The STM closes a vulnerability in Intel TXT (D-RTM)
The SMI handler provides a list of platform resources that it
requires access to the STM during STM startup, which the kernel
cannot override.
An additional capability, called STM-PE, provides a protected
execution capability that allows modules to be executed without
observation and interference. Examples of usage include kernel
introspection and virtualized trusted platform module (vTPM).
Requirement: SMM must be enabled and there must be sufficient room
within the TSEG to fit the MSEG.

Menu: SMI Transfer Monitor (STM)
MSEG_SIZEsecurity/intel/stmhexmseg size The MSEG_SIZE of 0x100000 assumes that:
IED_REGION_SIZE = 0x400000
SMM_RESERVED_SIZE = 0x200000
SMM_TSEG_SIZE = 0x800000

To use STM/PE, a larger MSEG_SIZE is necessary. This can be
done by either increasing SMM_TSEG_SIZE or reducing the
IED_REGION_SIZE and/or SMM_RESERVED_SIZE or some combination
of the three.
NOTE: The authors experience is that these configuration
parameters have to be changed at the soc Konfig for them to
be applied.
Minimum sizes:
STM only - 0x100000 - Supports up to 38 processor threads
- 0x200000 - Supports up to 102 processor threads
STM/PE - 0x300000+ depending on the amount of memory needed
for the protected execution virtual
machine (VM/PE)

STM_STMPE_ENABLEDsecurity/intel/stmboolSTM/PE Enabled STM/PE provides for additional virtual machines in SMRAM
that provides a protected execution environment for
applications such as introspection, which need to be
protected from malicious code. More information can be
found on the stmpe branch of
https://review.coreboot.org/STM


BIOS_RESOURCE_LIST_SIZEsecurity/intel/stmhexbios resource list size The BIOS resource list defines the resources that the
SMI handler needs. This list is created during the
coreboot bootup. Unless there has been a lot of elements
added to this list, this value should not change.

STM_BINARY_FILEsecurity/intel/stmstringSTM binary file Location of the STM binary file. The default location is
where the file will be located when coreboot builds
the STM.

STM_HEAPSIZEsecurity/intel/stmhexstm heapsize The STM_HEAPSIZE defines the heap space that is available
to the STM. The default size assumes a MSEG_SIZE of 0x100000.
For STM/PE this size should be a minimum of 0x246000.

STM_TTYS0_BASEsecurity/intel/stmhexstm uart Defines the serial port for STM console output. 0x000 indicates
no serial port.

STM_CBMEM_CONSOLEsecurity/intel/stmboolSTM cbmem console Places the STM console output into the cbmem.

STM_CONSOLE_DEBUGsecurity/intel/stmboolDebug output "Produces all STM console output"

STM_CONSOLE_RELEASEsecurity/intel/stmboolDeactivate console output "No console output is produced"
INTEL_CBNT_SUPPORTsecurity/intel/cbntboolIntel CBnT support Enables Intel Converged Bootguard and Trusted Execution Technology
Support. This will enable one to add a Key Manifest (KM) and a Boot
Policy Manifest (BPM) to the filesystem. It will also wrap a FIT around
the firmware and update appropriate entries.

INTEL_CBNT_LOGGINGsecurity/intel/cbntboolEnable verbose CBnT logging Print more CBnT related debug output.
Use in pre-production environments only!

INTEL_CBNT_GENERATE_KMsecurity/intel/cbntboolGenerate Key Manifest (KM) Select y to generate the Key Manifest (KM).
Select n to include a KM binary.

INTEL_CBNT_KM_ONLY_UNSIGNEDsecurity/intel/cbntboolOnly unsigned key manifest (KM) Skip signing the KM.
The resulting unsigned KM will be placed at build/km_unsigned.bin.
The resulting coreboot image will not be functional with CBnT.
After the unsigned KM is signed externally you can either rebuild
coreboot using that binary or add it to cbfs and fit:
"$ cbfstool build/coreboot.rom add -f km.bin -n key_manifest.bin -t raw -a 16"
"$ ifittool -r COREBOOT -a -n key_manifest.bin -t 11 -s 12 -f build/coreboot.rom"
'-s 12' where 12 is CONFIG_CPU_INTEL_NUM_FIT_ENTRIES.

INTEL_CBNT_CBNT_PROV_KM_USE_CFG_FILEsecurity/intel/cbntboolKM: use a CBnT json config file Select y to generate KM from a json config file.
Select n to generate KM from Kconfig options

INTEL_CBNT_GENERATE_BPMsecurity/intel/cbntboolGenerate Boot Policy Manifest (BPM) Select y to generate the Boot Policy Manifest (BPM).
Select n to include a BPM binary.

INTEL_CBNT_BPM_ONLY_UNSIGNEDsecurity/intel/cbntboolOnly unsigned boot policy manifest (BPM) Skip signing the BPM.
The resulting unsigned BPM will be placed at build/bpm_unsigned.bin.
The resulting coreboot image will not be functional with CBnT.
After the unsigned BPM is signed externally you can add it to cbfs
and fit:
"$ cbfstool build/coreboot.rom add -f bpm.bin -n boot_policy_manifest.bin -t raw -a 16"
"$ ifittool -r COREBOOT -a -n boot_policy_manifest.bin -t 12 -s 12 -f build/coreboot.rom"
'-s 12' where 12 is CONFIG_CPU_INTEL_NUM_FIT_ENTRIES.

INTEL_CBNT_CBNT_PROV_BPM_USE_CFG_FILEsecurity/intel/cbntboolBPM: use a CBnT json config file Select y to generate BPM from a json config file.
Select n to generate BPM from Kconfig options

INTEL_CBNT_CBNT_PROV_CFG_FILEsecurity/intel/cbntstringCBnT json config file Location of the bg-prov json config file.
Either get a sample JSON config file:
$ bg-prov template
Or extract it from a working configuration:
$ bg-prov read-config

INTEL_CBNT_PROV_EXTERNAL_BINsecurity/intel/cbntboolUse an external cbnt-prov binary Building cbnt-prov requires godeps which makes it impossible to build
it in an offline environment. A solution is to use an external binary.

INTEL_CBNT_PROV_EXTERNAL_BIN_PATHsecurity/intel/cbntstringcbnt-prov path Path to the cbnt-prov binary.

INTEL_CBNT_KM_PUB_KEY_FILEsecurity/intel/cbntstringKey manifest (KM) public key Location of the key manifest (KM) public key file in .pem format.

INTEL_CBNT_KM_PRIV_KEY_FILEsecurity/intel/cbntstringKey manifest (KM) private key Location of the key manifest (KM) private key file in .pem format.

INTEL_CBNT_BPM_PUB_KEY_FILEsecurity/intel/cbntstringBoot policy manifest (BPM) public key Location of the boot policy manifest (BPM) public key file in .pem format.

INTEL_CBNT_BPM_PRIV_KEY_FILEsecurity/intel/cbntstringBoot policy manifest (BPM) private key Location of the boot policy manifest (BPM) private key file in .pem format.

Menu: KM options
INTEL_CBNT_KM_REVISIONsecurity/intel/cbntintKM revision Version of the Key Manifest defined by the Platform Manufacturer.
The actual value is transparent to Boot Guard and is not processed by Boot Guard.

INTEL_CBNT_KM_SVNsecurity/intel/cbntintKM security Version Number This value is determined by the Platform Manufacturer.
Boot Guard uses this to compare it to the Key Manifest
Revocation Value (Revocation.KMSVN) in FPF.

If KMSVN < Revocation.KMSVN, the KM will be revoked. It will trigger ENF (the
enforcement policy).
IF KMSVN > Revocation.KMSVN, the Revocation.KMSVN will be set to the KMSVN.

Note: Once the value reaches 0Fh, revocation saturates and one can no longer
revoke newer KMs.

INTEL_CBNT_KM_IDsecurity/intel/cbntintKM ID This identifies the Key Manifest to be used for a platform.
This must match the Key Manifest Identifier programmed in
the field programmable fuses.

Menu: BPM options
INTEL_CBNT_BPM_REVISIONsecurity/intel/cbntintBPM revision Version of the Key Manifest defined by the Platform Manufacturer.
The actual value is transparent to Boot Guard and is not processed by Boot Guard.

INTEL_CBNT_BPM_SVNsecurity/intel/cbntintBPM Security Version Number This value is determined by the Platform Manufacturer.

INTEL_CBNT_ACM_SVNsecurity/intel/cbntintS-ACM Security Version Number This defines the minimum version the S-ACM must have.

INTEL_CBNT_NUM_NEM_PAGESsecurity/intel/cbntint Set the amount of 4K pages of CAR required.

INTEL_CBNT_PBETsecurity/intel/cbntintPBET value in s Protect BIOS Environment Timer (PBET) value.
Factor used by CSE to compute PBE timer value.
Actual PBE timer value is set by CSE using formula:
PBE timer value = 5 sec + PBETValue.

INTEL_CBNT_IBB_FLAGSsecurity/intel/cbntintIBB flags IBB Control flags.
3: Don't extend PCR 0
7: extend PCR 7

INTEL_CBNT_SINIT_SVNsecurity/intel/cbntintSINIT ACM security version number Minimum required version for the SINIT ACM.

INTEL_CBNT_PD_INTERVALsecurity/intel/cbntint Duration of Power Down in 5 sec increments.

INTEL_CBNT_KEY_MANIFEST_BINARYsecurity/intel/cbntstringKM (Key Manifest) binary location Location of the Key Manifest (KM)

INTEL_CBNT_BOOT_POLICY_MANIFEST_BINARYsecurity/intel/cbntstringBPM (Boot Policy Manifest) binary location Location of the Boot Policy Manifest (BPM)

INTEL_CBNT_CMOS_OFFSETsecurity/intel/cbnthex Address in RTC CMOS used by CBNT. Uses 2 bytes. If using an option table
adapt the cmos.layout accordingly. The bytes should not be checksummed.

BOOTMEDIA_LOCK_CONTROLLERsecurity/lockdownboolLock boot media using the controller Select this if you want the controller to lock specific regions.
This only works on some platforms, please check the code or boot log.
On Intel platforms for e.g. this will make use of the SPIBAR PRRs.

BOOTMEDIA_LOCK_CHIPsecurity/lockdownboolLock boot media using the chip Select this if you want the chip to lock specific regions.
This only works on some chips, please check the code or search the
boot log for "BM-LOCKDOWN".

BOOTMEDIA_LOCK_WHOLE_ROsecurity/lockdownboolWrite-protect the whole boot medium Select this if you want to write-protect the whole firmware boot
medium.

The locking will take place during the chipset lockdown.
Chipset lockdown is platform specific und might be done unconditionally,
when INTEL_CHIPSET_LOCKDOWN is set or has to be triggered later
(e.g. by the payload or the OS).

NOTE: If you trigger the chipset lockdown unconditionally,
you won't be able to write to the whole flash chip using the
internal controller any more.

BOOTMEDIA_LOCK_WHOLE_NO_ACCESSsecurity/lockdownboolRead- and write-protect the whole boot medium Select this if you want to protect the firmware boot medium against
all further accesses. On platforms that memory map a part of the
boot medium the corresponding region is still readable.

The locking will take place during the chipset lockdown.
Chipset lockdown is platform specific und might be done unconditionally,
when INTEL_CHIPSET_LOCKDOWN is set or has to be triggered later
(e.g. by the payload or the OS).

NOTE: If you trigger the chipset lockdown unconditionally,
you won't be able to write to the whole flash chip using the
internal controller any more.

BOOTMEDIA_LOCK_WPRO_VBOOT_ROsecurity/lockdownboolWrite-protect WP_RO FMAP region in boot medium Select this if you want to write-protect the WP_RO region as specified
in the VBOOT FMAP. You will be able to write every region outside
of WP_RO using the internal controller (eg. FW_MAIN_A/FW_MAIN_B).
In case of BOOTMEDIA_LOCK_IN_VERSTAGE the locking will take place
early, preventing locking of facilities used in ramstage, like the
MRC cache. If not using BOOTMEDIA_LOCK_IN_VERSTAGE the chipset lockdown
is either triggered by coreboot (when INTEL_CHIPSET_LOCKDOWN is set) or
has to be triggered later (e.g. by the payload or the OS).

BOOTMEDIA_LOCK_IN_VERSTAGEsecurity/lockdownboolLock boot media down in verstage Select this if you want to write-protect the WP_RO region as soon as
possible. This option prevents using write protecting facilities in
ramstage, like the MRC cache for example.
Use this option if you don't trust code running after verstage.

BOOTMEDIA_SMM_BWPsecurity/lockdownboolBoot media only writable in SMM Only allow flash writes in SMM. Select this if you want to use SMMSTORE
while also preventing unauthorized writes through the internal controller.
Note that this breaks flashconsole, since the flash becomes read-only.

BOOTMEDIA_SPI_LOCK_REBOOTsecurity/lockdownboolLock SPI flash until next reboot The SPI chip is locked until power is removed and re-applied.
Supported by Winbond parts.

BOOTMEDIA_SPI_LOCK_PINsecurity/lockdownboolLock SPI flash using WP# pin The SPI chip is locked using a non-volatile configuration bit. Writes
are only possible if the WP# is not asserted. Supported by Winbond
and Macronix parts.

BOOTMEDIA_SPI_LOCK_PERMANENTsecurity/lockdownboolLock SPI flash permanently The SPI chip is permanently locked using a non-volatile configuration
bit. No writes are ever possible again after we perform the lock.
Supported by Winbond parts.

Menu: Eltan Security Settings
Menu: Measured Boot (mboot)
VENDORCODE_ELTAN_MBOOTvendorcode/eltan/security/mbootboolMeasure firmware with mboot. Enabling MBOOT will use mboot to measure the components of the firmware
(stages, payload, etc).

Menu: Verified Boot (verified_boot)
VENDORCODE_ELTAN_VBOOT_USE_SHA512vendorcode/eltan/security/verified_bootboolSHA512 hashes Use SHA512 for the vboot operations, this applies to the digest in
the manifest and the manifest digest.

ACPI_AMD_HARDWARE_SLEEP_VALUESacpiNone Provide common definitions for AMD hardware PM1_CNT register sleep
values.

ACPI_CPU_STRINGacpistring Specifies the ACPI name format string used by the acpigen
function to generate the processor scope. Default is CPxx.

ACPI_INTEL_HARDWARE_SLEEP_VALUESacpistring Provide common definitions for Intel hardware PM1_CNT register sleep
values.

ACPI_SOC_NVSacpibool Set to indicate <soc/nvs.h> exists for the platform with a definition
for global_nvs.

ACPI_GNVS_USB_CHARGECTLacpibool Set to indicate <soc/nvs.h> implements fields s3u0, s3u1, s5u0, s5u1
to control USB port power rail for S3/S4/S5 sleep states.

ACPI_CUSTOM_MADTacpibool Selected by platforms that need to expose custom MADT entries.

ACPI_NO_PCAT_8259acpibool Selected by platforms that don't expose a PC/AT 8259 PIC pair.

ACPI_EINJacpibool This variable provides control for ACPI error injection table (EINJ)

HAVE_ACPI_TABLESacpibool This variable specifies whether a given board has ACPI table support.
It is usually set in mainboard/*/Kconfig.

ACPI_LPITacpibool Selected by platforms that support and fill Intel Low Power Idle Table.

ACPI_GTDTacpibool Selected by platforms that implement ARM generic timers

MAX_ACPI_TABLE_SIZE_KBacpiint Set the maximum size of all ACPI tables in KiB.

BOOT_DEVICE_MEMORY_MAPPEDtoplevelbool Inform system if SPI is memory-mapped or not.

BOOT_DEVICE_SUPPORTS_WRITEStoplevelbool Indicate that the platform has writable boot device
support.

Menu: Console
BOOTBLOCK_CONSOLEconsoleboolEnable early (bootblock) console output. Use console during the bootblock if supported

POSTCAR_CONSOLEconsoleboolEnable console output during postcar. Use console during the postcar if supported

SQUELCH_EARLY_SMPconsoleboolSquelch AP CPUs from early console. When selected only the BSP CPU will output to early console.

Console drivers have unpredictable behaviour if multiple threads
attempt to share the same resources without a spinlock.

If unsure, say Y.

CONSOLE_SERIALconsoleboolSerial port console output Send coreboot debug output to a serial port.

The type of serial port driver selected based on your configuration is
shown on the following menu line. Supporting multiple different types
of UARTs in one build is not supported.

FIXED_UART_FOR_CONSOLEconsolebool Select to remove the prompt from UART_FOR_CONSOLE in case a
specific UART has to be used (e.g. when the platform code
performs dangerous configurations).

console(comment)I/O mapped, 8250-compatible
console(comment)memory mapped, 8250-compatible
console(comment)device-specific UART
OVERRIDE_UART_FOR_CONSOLEconsolebool Set to "y" when the platform overrides the index of uart port by providing
a get_uart_for_console routine.

UART_FOR_CONSOLEconsoleintIndex for UART port to use for console Select an I/O port to use for serial console:
0 = 0x3f8, 1 = 0x2f8, 2 = 0x3e8, 3 = 0x2e8

TTYS0_BASEconsolehex Map the COM port number to the respective I/O port.

console(comment)Serial port base address = 0x3f8
console(comment)Serial port base address = 0x2f8
console(comment)Serial port base address = 0x3e8
console(comment)Serial port base address = 0x2e8
UART_OVERRIDE_BAUDRATEconsolebool Set to "y" when the platform overrides the baudrate by providing
a get_uart_baudrate routine.

CONSOLE_SERIAL_921600consolebool921600 Set serial port Baud rate to 921600.
CONSOLE_SERIAL_460800consolebool460800 Set serial port Baud rate to 460800.
CONSOLE_SERIAL_230400consolebool230400 Set serial port Baud rate to 230400.
CONSOLE_SERIAL_115200consolebool115200 Set serial port Baud rate to 115200.
CONSOLE_SERIAL_57600consolebool57600 Set serial port Baud rate to 57600.
CONSOLE_SERIAL_38400consolebool38400 Set serial port Baud rate to 38400.
CONSOLE_SERIAL_19200consolebool19200 Set serial port Baud rate to 19200.
CONSOLE_SERIAL_9600consolebool9600 Set serial port Baud rate to 9600.

TTYS0_BAUDconsoleint Map the Baud rates to an integer.

SPKMODEMconsoleboolspkmodem (console on speaker) console output Send coreboot debug output through speaker

CONSOLE_USBconsoleboolUSB dongle console output Send coreboot debug output to USB.

Configuration for USB hardware is under menu Generic Drivers.

CONSOLE_NE2KconsoleboolNetwork console over NE2000 compatible Ethernet adapter Send coreboot debug output to a Ethernet console, it works
same way as Linux netconsole, packets are received to UDP
port 6666 on IP/MAC specified with options below.
Use following netcat command: nc -u -l -p 6666

CONSOLE_NE2K_DST_MACconsolestringDestination MAC address of remote system Type in either MAC address of logging system or MAC address
of the router.

CONSOLE_NE2K_DST_IPconsolestringDestination IP of logging system This is IP address of the system running for example
netcat command to dump the packets.

CONSOLE_NE2K_SRC_IPconsolestringIP address of coreboot system This is the IP of the coreboot system

CONSOLE_NE2K_IO_PORTconsolehexNE2000 adapter fixed IO port address This is the IO port address for the IO port
on the card, please select some non-conflicting region,
32 bytes of IO spaces will be used (and align on 32 bytes
boundary, qemu needs broader align)

CONSOLE_CBMEMconsoleboolSend console output to a CBMEM buffer Enable this to save the console output in a CBMEM buffer. This would
allow to see coreboot console output from Linux space.

CONSOLE_CBMEM_BUFFER_SIZEconsolehexRoom allocated for console output in CBMEM Space allocated for console output storage in CBMEM. The default
value (128K or 0x20000 bytes) is large enough to accommodate
even the BIOS_SPEW level.

CONSOLE_CBMEM_DUMP_TO_UARTconsoleboolDump CBMEM console on resets Enable this to have CBMEM console buffer contents dumped on the
serial output in case serial console is disabled and the device
resets itself while trying to boot the payload.

CONSOLE_CBMEM_PRINT_PRE_BOOTBLOCK_CONTENTSconsolebool Pre-bootblock stages (i.e., VBOOT_STARTS_BEFORE_BOOTBLOCK) might not
have the ability to log to the UART, so their console messages are
inaccessible until the boot processes gets into the payload or OS.
This feature will dump the pre-bootblock CBMEM console immediately
after the bootblock console is initialized.
CONSOLE_SPI_FLASHconsoleboolSPI Flash console output Send coreboot debug output to the SPI Flash in the FMAP CONSOLE area

This option can cause premature wear on the SPI flash and should not
be used as a normal means of debugging. It is only to be enabled and
used when porting a new motherboard which has no other console
available (no UART, no POST, no cbmem access(non bootable)). Since
a non bootable machine will require the use of an external SPI Flash
programmer, the developer can grab the console log at the same time.

The flash console will not be erased on reboot, so once it is full,
the flashconsole driver will stop writing to it. This is to avoid
wear on the flash, and to avoid erasing sectors (which may freeze
the SPI controller on skylake).

The 'CONSOLE' area can be extracted from the FMAP with :
cbfstool rom.bin read -r CONSOLE -f console.log

CONSOLE_SPI_FLASH_BUFFER_SIZEconsolehexRoom allocated for console output in FMAP Space allocated for console output storage in FMAP. The default
value (128K or 0x20000 bytes) is large enough to accommodate
even the BIOS_SPEW level.

CONSOLE_I2C_SMBUSconsoleboolSMBus console output Send coreboot debug output to the SMBus.
The output can be read with an I2C slave device connected
the SMBus. Please refer to the technotes section of the
coreboot documentation for more details.

console(comment)Set logging device address and data register address
CONSOLE_I2C_SMBUS_SLAVE_ADDRESSconsolehexI2C slave address of the logging device I2C address of the device which logs the data.

CONSOLE_I2C_SMBUS_SLAVE_DATA_REGISTERconsolehexData register address of the I2C logging device This an 8-bit data register.

SC16IS7XX_INITconsoleboolInitialize SC16IS7XX I2C to UART converter chip SC16IS7XX is a slave I2C to UART converter chip. Enabling
this option will initialize the chip.

The default I2C slave address value 0x48 is the address of
SC16IS7XX I2C to UART converter chip when the A1 and A0 pins
are set to Vcc.

The default data register address value 0x00 is the data
register address of SC16IS7XX I2C to UART converter chip.

CONSOLE_QEMU_DEBUGCONconsoleboolQEMU debug console output Send coreboot debug output to QEMU's isa-debugcon device:

qemu-system-x86_64 \
-chardev file,id=debugcon,path=/dir/file.log \
-device isa-debugcon,iobase=0x402,chardev=debugcon

EM100PRO_SPI_CONSOLEconsoleboolEM100Pro SPI debug console output Enable support for the debug console on the Dediprog EM100Pro.
This is currently working only in ramstage due to how the spi
drivers are written.

CONSOLE_SYSTEM76_ECconsoleboolSystem76 EC console output Send coreboot debug output to a System76 embedded controller.

CONSOLE_AMD_SIMNOWconsoleboolAMD SimNow console output Send coreboot debug output to IO ports for SimNow

CONSOLE_OVERRIDE_LOGLEVELconsolebool Set to "y" when the platform overrides the loglevel by providing
a get_console_loglevel routine.

DEFAULT_CONSOLE_LOGLEVEL_8consolebool8: SPEW Way too many details.
DEFAULT_CONSOLE_LOGLEVEL_7consolebool7: DEBUG Debug-level messages.
DEFAULT_CONSOLE_LOGLEVEL_6consolebool6: INFO Informational messages.
DEFAULT_CONSOLE_LOGLEVEL_5consolebool5: NOTICE Normal but significant conditions.
DEFAULT_CONSOLE_LOGLEVEL_4consolebool4: WARNING Warning conditions.
DEFAULT_CONSOLE_LOGLEVEL_3consolebool3: ERR Error conditions.
DEFAULT_CONSOLE_LOGLEVEL_2consolebool2: CRIT Critical conditions.
DEFAULT_CONSOLE_LOGLEVEL_1consolebool1: ALERT Action must be taken immediately.
DEFAULT_CONSOLE_LOGLEVEL_0consolebool0: EMERG System is unusable.

DEFAULT_CONSOLE_LOGLEVELconsoleint Map the log level config names to an integer.

CONSOLE_USE_LOGLEVEL_PREFIXconsoleboolUse loglevel prefix to indicate line loglevel When enabled, if the code contains a:
`printk(BIOS_DEBUG, "This is a debug message!\n")`,
it will show up as:
`[DEBUG] This is a debug message!`

CONSOLE_USE_ANSI_ESCAPESconsoleboolUse ANSI escape sequences for console highlighting If enabled, certain consoles (e.g. UART) that are meant to be read on
a terminal will use ANSI escape sequences (like `ESC [1m`) to
highlight lines based on their log level. Disable this if your
terminal does not support ANSI escape sequences.

CMOS_POSTconsoleboolStore post codes in CMOS for debugging If enabled, coreboot will store post codes in CMOS and switch between
two offsets on each boot so the last post code in the previous boot
can be retrieved. This uses 3 bytes of CMOS.

CMOS_POST_OFFSETconsolehexOffset into CMOS to store POST codes If CMOS_POST is enabled then an offset into CMOS must be provided.
If CONFIG_HAVE_OPTION_TABLE is enabled then it will use the value
defined in the mainboard option table.

CONSOLE_POSTconsoleboolShow POST codes on the debug console If enabled, coreboot will additionally print POST codes (which are
usually displayed using a so-called "POST card" ISA/PCI/PCI-E
device) on the debug console.

POST_IOconsoleboolSend POST codes to an IO port If enabled, POST codes will be written to an IO port.

POST_IO_PORTconsolehexIO port for POST codes POST codes on x86 are typically written to the LPC bus on port
0x80. However, it may be desirable to change the port number
depending on the presence of coprocessors/microcontrollers or if the
platform does not support IO in the conventional x86 manner.

NO_EARLY_BOOTBLOCK_POSTCODESconsolehex Some chipsets require that the routing for the port 80h POST
code be configured before any POST codes are sent out. If this is
not done, the system can hang on the first POST code. This
initialization can be done in the boot block, but there are a couple
of POST codes that go out before the chipset's C bootblock
initialization can happen. This option suppresses all postcodes in
the early assembly code.

ACPI_S1_NOT_SUPPORTEDtoplevelbool Set this to 'y' on platforms that do not support ACPI S1 state.

DISABLE_ACPI_HIBERNATEtoplevelbool Removes S4 from the available sleepstates

RESUME_PATH_SAME_AS_BOOTtoplevelbool This option indicates that when a system resumes it takes the
same path as a regular boot. e.g. an x86 system runs from the
reset vector at 0xfffffff0 on both resume and warm/cold boot.

HAVE_MONOTONIC_TIMERtoplevelbool The board/chipset provides a monotonic timer.

GENERIC_UDELAYtoplevelbool The board/chipset uses a generic udelay function utilizing the
monotonic timer.

TIMER_QUEUEtoplevelbool Provide a timer queue for performing time-based callbacks.

COOP_MULTITASKINGtoplevelbool Cooperative multitasking allows callbacks to be multiplexed on the
main thread. With this enabled it allows for multiple execution paths
to take place when they have udelay() calls within their code.

NUM_THREADStoplevelint How many execution threads to cooperatively multitask with.

HAVE_MAINBOARD_SPECIFIC_OPTION_BACKENDtoplevelbool Selected by mainboards which implement a mainboard-specific mechanism
to access the values for runtime-configurable options. For example, a
custom BMC interface or an EEPROM with an externally-imposed layout.

HAVE_OPTION_TABLEtoplevelbool This variable specifies whether a given board has a cmos.layout
file containing NVRAM/CMOS bit definitions.
It defaults to 'n' but can be selected in mainboard/*/Kconfig.

GFXUMAtoplevelbool Enable Unified Memory Architecture for graphics.

HAVE_MP_TABLEtoplevelbool This variable specifies whether a given board has MP table support.
It is usually set in mainboard/*/Kconfig.
Whether or not the MP table is actually generated by coreboot
is configurable by the user via GENERATE_MP_TABLE.

HAVE_PIRQ_TABLEtoplevelbool This variable specifies whether a given board has PIRQ table support.
It is usually set in mainboard/*/Kconfig.
Whether or not the PIRQ table is actually generated by coreboot
is configurable by the user via GENERATE_PIRQ_TABLE.

ACPI_NHLTtoplevelbool Build support for NHLT (non HD Audio) ACPI table generation.

Menu: System tables
GENERATE_MP_TABLEtoplevelboolGenerate an MP table Generate an MP table (conforming to the Intel MultiProcessor
specification 1.4) for this board.

If unsure, say Y.

GENERATE_PIRQ_TABLEtoplevelboolGenerate a PIRQ table Generate a PIRQ table for this board.

If unsure, say Y.

GENERATE_SMBIOS_TABLEStoplevelboolGenerate SMBIOS tables Generate SMBIOS tables for this board.

If unsure, say Y.

SMBIOS_TYPE41_PROVIDED_BY_DEVTREEtoplevelbool If enabled, only generate SMBIOS Type 41 entries for PCI devices in
the devicetree for which Type 41 information is provided, e.g. with
the `smbios_dev_info` devicetree syntax. This is useful to manually
assign specific instance IDs to onboard devices irrespective of the
device traversal order. It is assumed that instance IDs for devices
of the same class are unique.
When disabled, coreboot autogenerates SMBIOS Type 41 entries for all
appropriate PCI devices in the devicetree. Instance IDs are assigned
successive numbers from a monotonically increasing counter, with one
counter for each device class.

BIOS_VENDORtoplevelstringSMBIOS BIOS Vendor name The BIOS Vendor name to store in the SMBIOS Type0 table.

MAINBOARD_SERIAL_NUMBERtoplevelstringSMBIOS Serial Number The Serial Number to store in SMBIOS structures.

MAINBOARD_VERSIONtoplevelstringSMBIOS Version Number The Version Number to store in SMBIOS structures.

MAINBOARD_SMBIOS_MANUFACTURERtoplevelstringSMBIOS Manufacturer Override the default Manufacturer stored in SMBIOS structures.

MAINBOARD_SMBIOS_PRODUCT_NAMEtoplevelstringSMBIOS Product name Override the default Product name stored in SMBIOS structures.

VPD_SMBIOS_VERSIONtoplevelboolPopulates SMBIOS type 0 version from the VPD_RO variable 'firmware_version' Selecting this option will read firmware_version from
VPD_RO and override SMBIOS type 0 version. One special
scenario of using this feature is to assign a BIOS version
to a coreboot image without the need to rebuild from source.

Menu: Payload
PAYLOAD_NONEpayloadsboolDon't add a payload Select this option if you want to create an "empty" coreboot
ROM image for a certain mainboard, i.e. a coreboot ROM image
which does not yet contain a payload.

For such an image to be useful, you have to use 'cbfstool'
to add a payload to the ROM image later.

PAYLOAD_ELFpayloadsboolAn ELF executable payload Select this option if you have a payload image (an ELF file)
which coreboot should run as soon as the basic hardware
initialization is completed.

You will be able to specify the location and file name of the
payload image later.

PAYLOAD_FITpayloadsboolA FIT payload Select this option if you have a payload image (a FIT file) which
coreboot should run as soon as the basic hardware initialization
is completed.

You will be able to specify the location and file name of the
payload image later.

PAYLOAD_DEPTHCHARGEpayloads/external/depthcharge.nameboolDepthcharge Select this option if you want to build a coreboot image
with a depthcharge payload.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_FILOpayloads/external/FILO.nameboolFILO Select this option if you want to build a coreboot image
with a FILO payload. If you don't know what this is
about, just leave it enabled.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_SEABIOSpayloads/external/SeaBIOS.nameboolSeaBIOS Select this option if you want to build a coreboot image
with a SeaBIOS payload. If you don't know what this is
about, just leave it enabled.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_EDK2payloads/external/edk2.namebooledk2 payload Select this option if you want to build a coreboot image
with a edk2 payload. If you don't know what this is
about, just leave it enabled.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_LINUXpayloads/external/linux.nameboolA Linux payload Select this option if you have a Linux bzImage which coreboot
should run as soon as the basic hardware initialization
is completed.

You will be able to specify the location and file name of the
payload image later.

PAYLOAD_BOOTBOOTpayloads/external/BOOTBOOT.nameboolBOOTBOOT Select this option if you want to build a coreboot image
with a BOOTBOOT Protocol payload.

See https://gitlab.com/bztsrc/bootboot for more information.

PAYLOAD_LINUXBOOTpayloads/external/LinuxBoot.nameboolLinuxBoot Select this option if you want to build a coreboot image
with a LinuxBoot payload. If you don't know what this is
about, just leave it enabled.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_UBOOTpayloads/external/U-Boot.nameboolU-Boot Select this option if you want to build a coreboot image
with a U-Boot payload.

See https://doc.coreboot.org/payloads.html and U-Boot's documentation
at http://git.denx.de/?p=u-boot.git;a=blob;f=doc/README.x86
for more information.

PAYLOAD_GRUB2payloads/external/GRUB2.nameboolGRUB2 Select this option if you want to build a coreboot image
with a GRUB2 payload. If you don't know what this is
about, just leave it enabled.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_SEAGRUBpayloads/external/GRUB2.nameboolGRUB2 atop SeaBIOS Select this option if you want to build a coreboot image
with a GRUB2 payload running atop SeaBIOS to improve its
hardware compatibility.

See https://doc.coreboot.org/payloads.html for more information.

PAYLOAD_SKIBOOTpayloads/external/skiboot.nameboolskiboot Select this option if you want to build a coreboot image
with a skiboot payload.

DEPTHCHARGE_STABLEpayloads/external/depthchargeboolstable Latest stable version.

DEPTHCHARGE_MASTERpayloads/external/depthchargeboolmaster Newest Depthcharge version.

DEPTHCHARGE_REVISIONpayloads/external/depthchargeboolgit revision Select this option if you have a specific commit or branch that
you want to use as the revision from which to build Depthcharge.

You will be able to specify the name of a branch or a commit SHA
later.

DEPTHCHARGE_REVISION_IDpayloads/external/depthchargestringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use.

MAINBOARD_DEPTHCHARGEpayloads/external/depthchargestring Override BOARD setting for depthcharge

LP_DEFCONFIG_OVERRIDEpayloads/external/depthchargeboolUse default libpayload config The Depthcharge makefile looks for a file config.<boardname> in the
libpayload/configs directory. Say Y here to use the file defconfig
instead. This is can be a convenience for development purposes, or
if the defaults in defconfig are sufficient for your system.

FILO_STABLEpayloads/external/FILObooltested Tested FILO version

FILO_HEADpayloads/external/FILOboolHEAD Newest FILO version

FILO_USE_AUTOBOOTpayloads/external/FILOboolUse FILO's autoboot Select this option to make FILO autoboot a command line after
timeout. This disables the GRUB legacy like interface.

FILO_AUTOBOOT_FILEpayloads/external/FILOstringConfigure FILO's autoboot kernel filename and parameters Examples:

#AUTOBOOT_FILE = "hda1:/vmlinuz root=/dev/sda1 console=tty0 console=ttyS0,115200"
#AUTOBOOT_FILE = "mem@0xfff80000"
#AUTOBOOT_FILE = "hde1@0"
#AUTOBOOT_FILE = "uda1:/vmlinuz.elf"
#AUTOBOOT_FILE = "flashb@0x00400000,0x154a00 console=tty0 console=ttyS0,115200"

FILO_AUTOBOOT_DELAYpayloads/external/FILOintTime in seconds before booting Time in seconds before booting AUTOBOOT_FILE.

SEABIOS_STABLEpayloads/external/SeaBIOSbool1.16.2 Stable SeaBIOS version
SEABIOS_MASTERpayloads/external/SeaBIOSboolmaster Newest SeaBIOS version
SEABIOS_REVISIONpayloads/external/SeaBIOSboolgit revision Select this option if you have a specific commit or branch
that you want to use as the revision from which to
build SeaBIOS.

You will be able to specify the name of a branch or a commit id
later.

SEABIOS_REVISION_IDpayloads/external/SeaBIOSstringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use.

SEABIOS_PS2_TIMEOUTpayloads/external/SeaBIOSintPS/2 keyboard controller initialization timeout (milliseconds) Some PS/2 keyboard controllers don't respond to commands immediately
after powering on. This specifies how long SeaBIOS will wait for the
keyboard controller to become ready before giving up.

SEABIOS_THREAD_OPTIONROMSpayloads/external/SeaBIOSboolHardware init during option ROM execution Allow hardware init to run in parallel with optionrom execution.

This can reduce boot time, but can cause some timing
variations during option ROM code execution. It is not
known if all option ROMs will behave properly with this option.

SEABIOS_HARDWARE_IRQpayloads/external/SeaBIOSboolHardware Interrupts Program and support hardware interrupts using the i8259
programmable interrupt controller (PIC). Deselected by
boards which would otherwise hang at the boot menu (eg,
google/rambi).

SEABIOS_VGA_COREBOOTpayloads/external/SeaBIOSboolInclude generated option rom that implements legacy VGA BIOS compatibility coreboot can initialize the GPU of some mainboards.

After initializing the GPU, the information about it can be passed to the payload.
Provide an option rom that implements this legacy VGA BIOS compatibility requirement.

PAYLOAD_CONFIGFILEpayloads/external/SeaBIOSstringSeaBIOS config file This option allows a platform to set Kconfig options for a basic
SeaBIOS payload. In general, if the option is used, the default
would be "$(top)/src/mainboard/$(MAINBOARDDIR)/config_seabios"

SEABIOS_BOOTORDER_FILEpayloads/external/SeaBIOSstringSeaBIOS bootorder file Add a SeaBIOS bootorder file. From the wiki:
"The bootorder file may be used to configure the boot up order. The file
should be ASCII text and contain one line per boot method. The description
of each boot method follows an Open Firmware device path format. SeaBIOS
will attempt to boot from each item in the file - first line of the file
first."

See: https://www.coreboot.org/SeaBIOS#Configuring_boot_order

If used, a typical value would be:
$(top)/src/mainboard/$(MAINBOARDDIR)/bootorder

SEABIOS_ADD_SERCON_PORT_FILEpayloads/external/SeaBIOSboolAdd SeaBIOS sercon-port file to CBFS Select this option to enable SeaBIOS' VGA adapter emulation
on serial port.

SEABIOS_SERCON_PORT_ADDRpayloads/external/SeaBIOShexSeaBIOS sercon-port base address Set this field to the IO address of a serial port for SeaBIOS' VGA
adapter emulation.

By default primary console UART defined by TTYS0_BASE is used.

SEABIOS_DEBUG_LEVELpayloads/external/SeaBIOSintSeaBIOS debug level (verbosity) The higher the number, the more verbose SeaBIOS will be. See the table
below for the current values corresponding to various items as of SeaBIOS
version 1.10.1. Set this value to -1 to use SeaBIOS' default.

Output at various SeaBIOS log levels:
level 0 - Logging disabled
level 1 - Basic output, interrupts 5, 18h, 19h, 40h, SMP, PNP, PMM
level 2 - AHCI, Floppy, Basic ps2, interrupts 11h, 12h, 14h, 17h
level 3 - bootsplash, initializations, SeaBIOS VGA BIOS interrupts
level 4 - BIOS tables, more optionrom
level 5 - Extra bootsplash, more XHCI
level 6 - ATA commands, extra optionrom
level 7 - extra ps2 commands, more OHCI & EHCI
level 8 - extra malloc info, more AHCI
level 9 - interrupts 15h, 16h, 1ah, APM, PCI, SMIs, PCIBIOS,
USB-HID commands, SDcard commands, Floppy commands
level 10 - interrupt 13h (Drives other than floppy)
level 20 - interrupt 10h (Display)

payloads/external/SeaBIOS(comment)Using default SeaBIOS log level
payloads/external/SeaBIOS(comment)SeaBIOS logging disabled
PAYLOAD_FILEpayloads/external/edk2stringedk2 binary The result of a UefiPayloadPkg build

PAYLOAD_FILEpayloads/external/edk2stringEDK II build type Select the build type for edk2. UniversalPayload is recommended, as it is
replacing UefiPayloadPkg. Whilst in the transition phase between the two,
both options exist.

EDK2_UEFIPAYLOADpayloads/external/edk2boolBuild UefiPayloadPkg Build the standard UefiPayloadPkg

EDK2_UNIVERSAL_PAYLOADpayloads/external/edk2boolBuild Universal Payload Select this option if you want to build a coreboot image
with EDK2s Universal Payload. If you don't know what this is
about, just leave it enabled.

Universal Payload should ideally only be built from upstream EDK2,
https://github.com/tianocore/edk2, as this is regularly build tested
and it encourages patches to be merged upstream.

Whilst the required patches are being merged, this is pointed to
Star Labs GitHub repository which contains these patches and is based
on a known working commit.

See https://universalscalablefirmware.github.io/documentation/ for more information.

EDK2_UNIVERSAL_PAYLOADpayloads/external/edk2boolTianocore's EDK II payload Select which type of payload edk2 will build (default is UefiPayload)
UefiPayload: MrChromebox's customized fork of edk2 which works on most
x86_64 devices
Upstream: Use upstream edk2 payload from https://github.com/tianocore/edk2

EDK2_REPO_MRCHROMEBOXpayloads/external/edk2boolMrChromebox' edk2 fork Select this option to build using MrChromebox's custom edk2 fork,
which incorporates fixes/improvements from System 76's and 9elements' trees.

EDK2_REPO_OFFICIALpayloads/external/edk2boolOfficial edk2 repository Select this option if you want to use the official edk2 repository to build
edk2.

Please note, this option will not work on any SOC without modification.

EDK2_REPO_CUSTOMpayloads/external/edk2boolSpecify your own repository Specify your own edk2 repository and branch to use.

EDK2_REPOSITORYpayloads/external/edk2stringURL to git repository for edk2 coreboot supports an array of build options which can be found below. These options
will only have an effect if the relevant options exist in the target repository.

EDK2_TAG_OR_REVpayloads/external/edk2stringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use. This must exist in
EDK2_REPOSITORY, and in the case of a branch name, prefixed with origin i.e.
"origin/uefipayload_202202"

EDK2_USE_EDK2_PLATFORMSpayloads/external/edk2boolUse edk2-platforms repository Clone edk2-platforms repository to the edk2 workspace for additional modules.

EDK2_PLATFORMS_REPOSITORYpayloads/external/edk2stringURL to git repository for edk2-platforms URL to the edk2-platfors repository to clone.

EDK2_PLATFORMS_TAG_OR_REVpayloads/external/edk2stringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use. This must exist in
EDK2_PLATFORMS_REPOSITORY, and in the case of a branch name, prefixed with
origin i.e. "origin/master"

EDK2_PLATFORMS_TAG_OR_REVpayloads/external/edk2stringedk2 build Select whether to generate a debug or release build for
edk2; default is to generate a release build.

EDK2_DEBUGpayloads/external/edk2boolGenerate edk2 debug build Generate a debug build.

EDK2_RELEASEpayloads/external/edk2boolGenerate edk2 release build Generate a release build.

EDK2_BOOTSPLASH_FILEpayloads/external/edk2stringedk2 Bootsplash path and filename The path and filename of the file to use as graphical bootsplash
image. If this option is not configured, the default
coreboot logo (European Brown Hare) will used.

You can use any image format supported by imagemagick, a list of which
can be found [here](https://imagemagick.org/script/formats.php).

The build process will automatically convert this to the format that
edk2 requires, which is an uncompressed BMP, in BMP3 format. It does
this using imagemagick (`convert splosh.bmp BMP3:splash.bmp`).

The newly formatted file will be the dimensions size as the original
one.

The build process will automatically do this conversion, so it can
be supplied with any format that imagemagick can process (which is
pretty much any!).

This image will also be used as the BGRT boot image, which may
persist through your OS boot process.

See ACPI spec 6.3, 5.2.22 Boot Graphics Resource Table (BGRT), and
Microsoft's documentation on BGRT positioning:
Docs/Windows/Windows Drivers/Bring up guide/Boot screen components

Accordingly, the image used should be no taller/wider than 40% of
the display panel's native pixel height/width (or resolution set).

If an absolute path is not given, the path will assumed to be
relative to the coreboot root directory.

EDK2_BOOT_MANAGER_ESCAPEpayloads/external/edk2boolUse Escape key for Boot Manager Use Escape as the hot-key to access the Boot Manager. This replaces
the default key of F2.

EDK2_BOOT_TIMEOUTpayloads/external/edk2intSet the timeout for boot menu prompt The length of time in seconds for which the boot splash/menu prompt will be displayed.
For boards with an internal display, the default value of 2s is generally sufficient.
For boards with an external display, a value of 5s is generally sufficient.

EDK2_CBMEM_LOGGINGpayloads/external/edk2boolEnable edk2 logging to CBMEM Select this option if you want to enable edk2 logging to CBMEM.
You may want to increase the default cbmem buffer size when selecting
this option, especially if using a debug (vs release) build.
Selecting this option will increase the payload size in CBFS by 0x10000.

EDK2_CPU_TIMER_LIBpayloads/external/edk2bool For recent Intel and AMD CPUs, the 0x15 CPUID instruction will return Time
Stamp Counter Frequence. For CPUs that do not support this instruction,
EDK2 must include a different library which is the reason why this must be
configured at build time.

If this is enabled, and the CPU doesn't support 0x15, it will fail to
boot. If it is not enabled, and the CPU does support 0x15, it will still
boot but without support for the leaf. Consequently, it is disabled by
default.

EDK2_FOLLOW_BGRT_SPECpayloads/external/edk2boolCenter logo 38.2% from the top of screen Follow the BGRT Specification implemented by Microsoft and
the Boot Logo 38.2% will be vertically centered 38.2% from
the top of the display.

EDK2_FULL_SCREEN_SETUPpayloads/external/edk2boolUse the full screen for the edk2 frontpage Allow edk2 to use the full screen to display the frontpage
(aka "Boot Menu"). With this option disable, it will be
limited to 640x480.

EDK2_HAVE_EFI_SHELLpayloads/external/edk2boolInclude EFI Shell Include the EFI shell Binary

EDK2_PRIORITIZE_INTERNALpayloads/external/edk2boolPrioritize internal boot devices Prioritize internal boot devices over external devices

EDK2_PS2_SUPPORTpayloads/external/edk2boolSupport PS/2 Keyboards Include support for PS/2 keyboards

EDK2_SD_MMC_TIMEOUTpayloads/external/edk2intTimeout in ms for initializing SD and eMMC devices The amount of time allowed to initialize the SD Card reader and/or eMMC drive.
Most only require 10ms, but certain readers can take 1s.

EDK2_SERIAL_SUPPORTpayloads/external/edk2boolSupport serial output Enable serial port output in edk2. Serial output limits the performance of edk2's
FrontPage.

EDK2_SECURE_BOOT_SUPPORTpayloads/external/edk2boolEnable UEFI Secure Boot support Select this option to enable UEFI SecureBoot support in edk2.
UEFI SecureBoot will be disabled by default and can be enabled from the menu option.

EDK2_GOP_DRIVERpayloads/external/edk2boolAdd a GOP driver to the Tianocore build Select this option to have edk2 use an external GOP driver for display init.

EDK2_GOP_FILEpayloads/external/edk2stringGOP driver file The name of the GOP driver file passed to edk2.

EDK2_DISABLE_TPMpayloads/external/edk2boolDisable TPM support in edk2 Select this option to disable TPM support in edk2. This is necessary to avoid boot
hangs on some boards with a CR50 TPM, particularly those with an AMD Zen SoC.

EDK2_CUSTOM_BUILD_PARAMSpayloads/external/edk2stringedk2 additional custom build parameters edk2 has build options that are not modified by coreboot, and these can be
found in `UefiPayloadPkg/UefiPayloadPkg.dsc`. Forks may also support
additional build options that should have been upstreamed but have not.

This option can support both macros `-D` and Pcds `--pcd`.

PAYLOAD_FILEpayloads/external/linuxstringLinux path and filename The path and filename of the bzImage kernel to use as payload.

LINUX_COMMAND_LINEpayloads/external/linuxstringLinux command line A command line to add to the Linux kernel.

LINUX_INITRDpayloads/external/linuxstringLinux initrd An initrd image to add to the Linux kernel.

LINUXBOOT_X86_64payloads/external/LinuxBootboolx86_64 AMD64 kernel and initramfs

LINUXBOOT_X86payloads/external/LinuxBootboolx86 X86 kernel and initramfs

LINUXBOOT_ARMpayloads/external/LinuxBootboolarm64 arm kernel and initramfs

LINUXBOOT_ARM64payloads/external/LinuxBootboolarm64 AARCH64 kernel and initramfs

LINUXBOOT_RISCV_RV32payloads/external/LinuxBootboolRISC-V RISC-V kernel and initramfs

LINUXBOOT_RISCV_RV64payloads/external/LinuxBootboolRISC-V RISC-V kernel and initramfs

payloads/external/LinuxBoot(comment)Linux kernel
LINUXBOOT_KERNEL_PATHpayloads/external/LinuxBootstringPath to kernel The kernel path is either and absolute path or relative to the
LinuxBoot directory

LINUXBOOT_CROSS_COMPILEpayloads/external/LinuxBootstringcross compiler Choose a custom cross compiler toolchain to use.
It can be useful if you don't want to use the coreboot toolchain
or experience problems using it.

LINUXBOOT_KERNEL_VERSIONpayloads/external/LinuxBootstringkernel version Choose the Linux kernel version number. (x.x.x)
Release candidate kernels (rc) are currently are not supported.

LINUXBOOT_KERNEL_CONFIGFILEpayloads/external/LinuxBootstringConfig file path Path to the kernel configuration file.

Note: this can be a defconfig file or a complete .config file.

LINUX_COMMAND_LINEpayloads/external/LinuxBootstringKernel command-line Add your own kernel command-line arguments.

payloads/external/LinuxBoot(comment)Linux initramfs
LINUXBOOT_UROOTpayloads/external/LinuxBootboolu-root Enable u-root linuxboot mode.
See http://u-root.tk/ for more information.

LINUXBOOT_UROOT_CUSTOMpayloads/external/LinuxBootboolcustom choose a custom u-root branch

LINUXBOOT_UROOT_MAINpayloads/external/LinuxBootboolmain Latest u-root version

LINUXBOOT_UROOT_VERSIONpayloads/external/LinuxBootstringBuild format u-root build format (e.g. bb or source). (default "bb")

LINUXBOOT_UROOT_FILESpayloads/external/LinuxBootstringAdd files to u-root base Additional files, directories, and binaries (with their ldd dependencies) to add to archive.
Can be speficified multiple times.

LINUXBOOT_UROOT_INITCMDpayloads/external/LinuxBootstringInit target Symlink target for /init.
Can be an absolute path or a u-root command name. (default "init")

LINUXBOOT_UROOT_SHELLpayloads/external/LinuxBootstringdefault shell Default shell.
Can be an absolute path or a u-root command name. (default "elvish")

LINUXBOOT_UROOT_COMMANDSpayloads/external/LinuxBootstringU-root commands List of additional modules to include,
separated by space. (default "boot coreboot-app")

LINUXBOOT_UROOT_COMMANDSpayloads/external/LinuxBootstringChoose a specific bootloader Specify a bootloader which starts after u-root init. It will be a symlink
to /bin/uinit. Default: systemboot

SPECIFIC_BOOTLOADER_NONEpayloads/external/LinuxBootboolnone Leave u-root to decide which bootloaders to load first after init, if
any at all. Most likely u-root will start into the defined u-root shell.

SPECIFIC_BOOTLOADER_SYSTEMBOOTpayloads/external/LinuxBootboolsystemboot If systemboot has been used as a bootloader wrapper in the past,
enable this option. It will invoke -uinitcmd=systemboot and result in
a BIOS/UEFI BDS boot behavior.

SPECIFIC_BOOTLOADER_CUSTOM_CMDpayloads/external/LinuxBootstringSpecify a custom program to start This option will symlink the input to /bin/unit which will set it as the
first boot program after the u-root init. Program flags are not
symlinkable.

UBOOT_STABLEpayloads/external/U-Bootboolv2023.07 Stable U-Boot version

UBOOT_MASTERpayloads/external/U-Bootboolmaster Newest U-Boot version

PAYLOAD_CONFIGFILEpayloads/external/U-BootstringU-Boot config file This option allows a platform to set Kconfig options for a basic
U-Boot payload. In general, if the option is used, the default
would be "$(top)/src/mainboard/$(MAINBOARDDIR)/config_uboot"
for a config stored in the coreboot mainboard directory, or
"$(project_dir)/configs/coreboot-x86_defconfig" to use a config
from the U-Boot config directory

GRUB2_STABLEpayloads/external/GRUB2bool2.06 Stable GRUB2 version

GRUB2_MASTERpayloads/external/GRUB2boolHEAD Newest GRUB2 version

GRUB2_REVISIONpayloads/external/GRUB2boolgit revision Select this option if you have a specific commit or branch
that you want to use as the revision from which to
build GRUB2.

You will be able to specify the name of a branch or a commit id
later.
GRUB2_REVISION_IDpayloads/external/GRUB2stringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use.

GRUB2_EXTRA_MODULESpayloads/external/GRUB2stringExtra modules to include in GRUB image Space-separated list of additional modules to include. Few common
ones:
* bsd for *BSD
* png/jpg for PNG/JPG images
* gfxmenu for graphical menus (you'll need a theme as well)
* gfxterm_background for setting background

GRUB2_INCLUDE_RUNTIME_CONFIG_FILEpayloads/external/GRUB2boolInclude GRUB2 runtime config file into ROM image The GRUB2 payload reads its runtime configuration file from etc/grub.cfg
stored in the CBFS on the flash ROM chip. Without that, it’ll just drop
into a rescue shell.

This configuration may need to be coreboot specific.

Select this option, if you want to include the GRUB2 runtime
configuration file into CBFS as `etc/grub.cfg` automatically.

You will be able to specify the path of the configuration file later.

Without this option you would need to add this file manually with
build/cbfstool build/coreboot.rom add -f grub.cfg -n etc/grub.cfg -t raw

GRUB2_RUNTIME_CONFIG_FILEpayloads/external/GRUB2stringPath of grub.cfg The path of the GRUB2 runtime configuration file to be added to CBFS.

SEAGRUB_ALLOW_SEABIOS_BOOTMENUpayloads/external/GRUB2boolAllow to access SeaBIOS boot menu before launching GRUB Enable this to allow the access to the boot menu of SeaBIOS. It
increases the flexibility but allows to entirely bypass GRUB, along
with all secure mechanism implemented in its runtime config.
Please use this with caution.

SKIBOOT_GIT_REPOpayloads/external/skibootstringGit repository of skiboot payload Git repository which will be used to clone skiboot.

SKIBOOT_REVISIONpayloads/external/skibootstringRevision of skiboot payload Revision, that skiboot repository will be checked out to, before building
an image.

Menu: PXE Options
PXE_ROMpayloads/external/iPXEboolAdd an existing PXE ROM image Select this option if you have a PXE ROM image that you would
like to add to your ROM.

BUILD_IPXEpayloads/external/iPXEboolBuild and add an iPXE ROM Select this option to fetch and build a ROM from the iPXE project.

IPXE_STABLEpayloads/external/iPXEbool2022.1 iPXE uses a rolling release with no stable version, for
reproducibility, use the last commit of a given month as the
'stable' version.
This is iPXE from the end of January, 2022.

IPXE_MASTERpayloads/external/iPXEboolmaster Newest iPXE version.

PXE_ROM_FILEpayloads/external/iPXEstringPXE ROM filename The path and filename of the file to use as PXE ROM.

PXE_ROM_IDpayloads/external/iPXEstringnetwork card PCI IDs The comma-separated PCI vendor and device ID that would associate
your PXE ROM to your network card.

Example: 10ec,8168

In the above example 10ec is the PCI vendor ID (in hex, but without
the "0x" prefix) and 8168 specifies the PCI device ID of the
network card (also in hex, without "0x" prefix).

Under GNU/Linux you can run `lspci -nn` to list the IDs of your PCI devices.

PXE_SERIAL_CONSOLEpayloads/external/iPXEboolEnable iPXE serial console Enable/disable iPXE serial console. Since SeaBIOS supports serial
console this option might be helpful to avoid duplicated output.

Unselect to let only SeaBIOS handle printing output.

PXE_NO_PROMPTpayloads/external/iPXEboolDo not show prompt to boot from PXE Don't wait for the user to press Ctrl-B.
The PXE still can be run as it shows up in SeaBIOS's payload list.

PXE_ADD_SCRIPTpayloads/external/iPXEboolEmbed an iPXE script for automated provisioning Enable to embed a script that is run instead of an iPXE shell.

PXE_SCRIPTpayloads/external/iPXEstringEmbedded iPXE script path and filename Path to a script that is embedded into the iPXE binary.
Example: startup.ipxe

Uses the ipxe script instead showing the prompt:
"Press Ctrl-B to start iPXE..."

PXE_HAS_HTTPSpayloads/external/iPXEboolEnable HTTPS protocol Enable HTTPS protocol, which allows you to encrypt all communication
with a web server and to verify the server's identity

PAYLOAD_FILEpayloadsstringPayload path and filename The path and filename of the ELF executable file to use as payload.

PAYLOAD_FILEpayloadsstringPayload compression algorithm Choose the compression algorithm for the chosen payloads.
You can choose between None, LZMA, or LZ4.

COMPRESSED_PAYLOAD_NONEpayloadsboolUse no compression for payloads Do not compress the payload.

COMPRESSED_PAYLOAD_LZMApayloadsboolUse LZMA compression for payloads In order to reduce the size payloads take up in the ROM chip
coreboot can compress them using the LZMA algorithm.

COMPRESSED_PAYLOAD_LZ4payloadsboolUse LZ4 compression for payloads In order to reduce the size payloads take up in the ROM chip
coreboot can compress them using the LZ4 algorithm.
PAYLOAD_OPTIONSpayloadsstring Additional cbfstool options for the payload

PAYLOAD_IS_FLAT_BINARYpayloadsstring Add the payload to cbfs as a flat binary type instead of as an
elf payload

PAYLOAD_FIT_SUPPORTpayloadsboolFIT support Select this option if your payload is of type FIT.
Enables FIT parser and devicetree patching. The FIT is non
self-extracting and needs to have a compatible compression format.

COMPRESS_SECONDARY_PAYLOADpayloadsboolUse LZMA compression for secondary payloads In order to reduce the size secondary payloads take up in the
ROM chip they can be compressed using the LZMA algorithm.

Menu: Secondary Payloads
COREINFO_SECONDARY_PAYLOADpayloadsboolLoad coreinfo as a secondary payload coreinfo can be loaded as a secondary payload under SeaBIOS, GRUB,
or any other payload that can load additional payloads.

GRUB2_SECONDARY_PAYLOADpayloadsboolLoad GRUB2 as a secondary payload GRUB2 can be loaded as a secondary payload under SeaBIOS or any
other payload that can load additional payloads.

MEMTEST_SECONDARY_PAYLOADpayloadsboolLoad Memtest86+ as a secondary payload Memtest86+ can be loaded as a secondary payload under SeaBIOS, GRUB,
or any other payload that can load additional payloads.

NVRAMCUI_SECONDARY_PAYLOADpayloadsboolLoad nvramcui as a secondary payload nvramcui can be loaded as a secondary payload under SeaBIOS, GRUB,
or any other payload that can load additional payloads.

SEABIOS_SECONDARY_PAYLOADpayloadsboolLoad SeaBIOS as a secondary payload SeaBIOS can be loaded as a secondary payload under GRUB or any
other payload that can load additional payloads.

TINT_SECONDARY_PAYLOADpayloadsboolLoad tint as a secondary payload tint can be loaded as a secondary payload under SeaBIOS, GRUB,
or any other payload that can load additional payloads.

COREDOOM_SECONDARY_PAYLOADpayloadsboolLoad coreDOOM as a secondary payload coreDOOM can be loaded as a secondary payload under SeaBIOS, GRUB,
or any other payload that can load additional payloads. Requires a
linear framebuffer. If built as a secondary payload for SeaBIOS, the
generated VGA BIOS option rom is also required.

COREDOOM_WAD_FILEpayloads/external/coreDOOM.secondarystringDOOM WAD file Add a WAD file to be loaded by coreDOOM.

A WAD file contains all the game data for the Doom-engine, and
is required to play the game.

A list of the WAD files included in the official games can be
found here: https://doomwiki.org/wiki/IWAD
These WADs can be extracted from copies of the game that you
own, and the shareware WADs may be freely downloaded from the
internet.

For a completely free (as in freedom) experience, the Freedoom
project (https://freedoom.github.io) provides original game
content under the BSD license. Other WADs not mentioned here are
also available and may be found from various sources such as
the internet and copies of other games using the Doom engine.

payloads/external/Memtest86Plus.secondary(comment)Memtest86+
MEMTEST_STABLEpayloads/external/Memtest86Plus.secondaryboolStable Stable Memtest86+ version.

For reproducible builds, this option must be selected.
MEMTEST_MAINpayloads/external/Memtest86Plus.secondaryboolMain Newest Memtest86+ version.

This option will fetch the newest version of the Memtest86+ code,
updating as new changes are committed. This makes the build
non-reproducible, as it can fetch different code each time.

MEMTEST_REVISIONpayloads/external/Memtest86Plus.secondaryboolgit revision Select this option if you have a specific commit or branch
that you want to use as the revision from which to
build Memtest86+. Using a branch version makes the build
non-reproducible, as it can fetch different code each time.

You will be able to specify the name of a branch or a commit id
later.

MEMTEST_REVISION_IDpayloads/external/Memtest86Plus.secondarystringInsert a commit's SHA-1 or a branch name The commit's SHA-1 or branch name of the revision to use.

Menu: Debugging
toplevel(comment)CPU Debug Settings
toplevel(comment)BLOB Debug Settings
DISPLAY_FSP_CALLS_AND_STATUSdrivers/intel/fsp2_0.debug_blobboolDisplay the FSP calls and status Display the FSP call entry point and parameters prior to calling FSP
and display the status upon return from FSP.

DISPLAY_FSP_HEADERdrivers/intel/fsp2_0.debug_blobboolDisplay the FSP header Display the FSP header information when the FSP file is found.

DISPLAY_HOBSdrivers/intel/fsp2_0.debug_blobboolDisplay the hand-off-blocks Display the FSP HOBs which are provided for coreboot.

DISPLAY_UPD_DATAdrivers/intel/fsp2_0.debug_blobboolDisplay UPD data Display the user specified product data prior to memory
initialization.

VERIFY_HOBSdrivers/intel/fsp2_0.debug_blobboolVerify the FSP hand-off-blocks Verify that the HOBs required by coreboot are returned by FSP and
that the resource HOBs are in the correct order and position.

DISPLAY_FSP_VERSION_INFOdrivers/intel/fsp2_0.debug_blobboolDisplay Firmware Ingredient Version Information Select this option to display Firmware version information.

DISPLAY_FSP_VERSION_INFO_2drivers/intel/fsp2_0.debug_blobbool Select this option to display Firmware version information
using new header 'FirmwareVersionInfo.h'.

ENABLE_FSP_ERROR_INFOdrivers/intel/fsp2_0.debug_blobboolEnable FSP Error Information Select this option to enable FSP Error information. FSP detects certain errors
and notifies coreboot of a fatal error occurring during the execution of the FSP.
Although it's defined in FSP v2.1 but has only been verified on Intel Xeon-SP
Sapphire Rapids.

HAVE_GPIO_SNAPSHOT_VERIFY_SUPPORTdrivers/intel/fsp2_0.debug_blobbool Select this option if platform provides support for GPIO
config snapshot and verify callbacks: `gpio_snapshot()`
and `gpio_verify_snapshot()`

CHECK_GPIO_CONFIG_CHANGESdrivers/intel/fsp2_0.debug_blobboolCheck GPIO config changes across calls to FSP-S Select this option to identify if any GPIOs are re-configured
by FSP-S differently than the mainboard configuration. This
requires platform support to snapshot and verify that config
matches snapshot.

toplevel(comment)General Debug Settings
GDB_STUBtoplevelboolGDB debugging support If enabled, you will be able to set breakpoints for gdb debugging.
See src/arch/x86/c_start.S for details.

GDB_WAITtoplevelboolWait for a GDB connection in the ramstage If enabled, coreboot will wait for a GDB connection in the ramstage.


FATAL_ASSERTStoplevelboolHalt when hitting a BUG() or assertion error If enabled, coreboot will call hlt() on a BUG() or failed ASSERT().

DEBUG_CBFStoplevelboolOutput verbose CBFS debug messages This option enables additional CBFS related debug messages.

DEBUG_RAM_SETUPtoplevelboolOutput verbose RAM init debug messages This option enables additional RAM init related debug messages.
It is recommended to enable this when debugging issues on your
board which might be RAM init related.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

DEBUG_PIRQtoplevelboolCheck PIRQ table consistency If unsure, say N.

DEBUG_SMBUStoplevelboolOutput verbose SMBus debug messages This option enables additional SMBus (and SPD) debug messages.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

DEBUG_SMItoplevelboolOutput verbose SMI debug messages This option enables additional SMI related debug messages.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

DEBUG_MALLOCtoplevelboolOutput verbose malloc debug messages This option enables additional malloc related debug messages.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

DEBUG_RESOURCEStoplevelboolOutput verbose PCI MEM and IO resource debug messages This option enables additional PCI memory and IO debug messages.
Note: This option will increase the size of the coreboot image.
If unsure, say N.

DEBUG_CONSOLE_INITtoplevelboolDebug console initialisation code With this option printk()'s are attempted before console hardware
initialisation has been completed. Your mileage may vary.

Typically you will need to modify source in console_hw_init() such
that a working console appears before the one you want to debug.

If unsure, say N.

REALMODE_DEBUGtoplevelboolEnable debug messages for option ROM execution This option enables additional x86emu related debug messages.

Note: This option will increase the time to emulate a ROM.

If unsure, say N.

X86EMU_DEBUGtoplevelboolOutput verbose x86emu debug messages This option enables additional x86emu related debug messages.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_JMPtoplevelboolTrace JMP/RETF Print information about JMP and RETF opcodes from x86emu.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_TRACEtoplevelboolTrace all opcodes Print _all_ opcodes that are executed by x86emu.

WARNING: This will produce a LOT of output and take a long time.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_PNPtoplevelboolLog Plug&Play accesses Print Plug And Play accesses made by option ROMs.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_DISKtoplevelboolLog Disk I/O Print Disk I/O related messages.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_PMMtoplevelboolLog PMM Print messages related to POST Memory Manager (PMM).

Note: This option will increase the size of the coreboot image.

If unsure, say N.


X86EMU_DEBUG_VBEtoplevelboolDebug VESA BIOS Extensions Print messages related to VESA BIOS Extension (VBE) functions.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_INT10toplevelboolRedirect INT10 output to console Let INT10 (i.e. character output) calls print messages to debug output.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_INTERRUPTStoplevelboolLog intXX calls Print messages related to interrupt handling.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_CHECK_VMEM_ACCESStoplevelboolLog special memory accesses Print messages related to accesses to certain areas of the virtual
memory (e.g. BDA (BIOS Data Area) or interrupt vectors)

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_MEMtoplevelboolLog all memory accesses Print memory accesses made by option ROM.
Note: This also includes accesses to fetch instructions.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_IOtoplevelboolLog IO accesses Print I/O accesses made by option ROM.

Note: This option will increase the size of the coreboot image.

If unsure, say N.

X86EMU_DEBUG_TIMINGStoplevelboolOutput timing information Print timing information needed by i915tool.

If unsure, say N.

DEBUG_SPI_FLASHtoplevelboolOutput verbose SPI flash debug messages This option enables additional SPI flash related debug messages.

DEBUG_IPMItoplevelboolOutput verbose IPMI debug messages This option enables additional IPMI related debug messages.

DEBUG_INTEL_MEtoplevelboolVerbose logging for Intel Management Engine Enable verbose logging for Intel Management Engine driver that
is present on Intel 6-series chipsets.
DEBUG_FUNCtoplevelboolEnable function entry and exit reporting macros This option enables additional function entry and exit debug messages
for select functions.
Note: This option will increase the size of the coreboot image.
If unsure, say N.

DEBUG_COVERAGEtoplevelboolDebug code coverage If enabled, the code coverage hooks in coreboot will output some
information about the coverage data that is dumped.

DEBUG_BOOT_STATEtoplevelboolDebug boot state machine Control debugging of the boot state machine. When selected displays
the state boundaries in ramstage.

DEBUG_ADA_CODEtoplevelboolCompile debug code in Ada sources Add the compiler switch `-gnata` to compile code guarded by
`pragma Debug`.

HAVE_EM100_SUPPORTtoplevelbool This is enabled by platforms which can support using the EM100.

EM100toplevelboolConfigure image for EM100 usage The Dediprog EM100 SPI emulator allows fast loading of new SPI images
over USB. However it only supports a maximum SPI clock of 20MHz and
single data output. Enable this option to use a 20MHz SPI clock and
disable "Dual Output Fast Read" Support.

On AMD platforms this changes the SPI speed at run-time if the
mainboard code supports this. On supported Intel platforms this works
by changing the settings in the descriptor.bin file.

DEBUG_ACPICA_COMPATIBLEtoplevelboolPrint out ACPI tables in ACPICA compatible format Select this to print out ACPI tables in an ACPICA compatible
format. Set the console loglevel to verbosity 'SPEW'.
To analyze ACPI tables capture the coreboot log between
"Printing ACPI in ACPICA compatible table" and "Done printing
ACPI in ACPICA compatible table".
Remove the prefix "[SPEW ] " and then issue 'acpixtract -a dump'
to extract all the tables. Then use 'iasl -d' on the .dat files
to decompile the tables.

MISSING_BOARD_RESETlibbool Selected by boards that don't provide a do_board_reset()
implementation. This activates a stub that logs the missing
board reset and halts execution.

ROMSTAGE_ADAlibbool Selected by features that use Ada code in romstage.

RAMSTAGE_ADAlibbool Selected by features that use Ada code in ramstage.

RAMSTAGE_LIBHWBASElibbool Selected by features that require `libhwbase` in ramstage.

ROMSTAGE_LIBHWBASElibbool Selected by features that require `libhwbase` in romstage.

FLATTENED_DEVICE_TREElibbool Selected by features that require to parse and manipulate a flattened
devicetree in ramstage.

HAVE_SPD_IN_CBFSlibbool If enabled, add support for adding spd.hex files in cbfs as spd.bin
and locating it runtime to load SPD.

DIMM_MAXlibint Total number of memory DIMM slots available on motherboard.
It is multiplication of number of channel to number of DIMMs per
channel

DIMM_SPD_SIZElibint Total SPD size that will be used for DIMM.
Ex: DDR3 256, DDR4 512.

SPD_CACHE_IN_FMAPlibbool Enables capability to cache DIMM SPDs in a dedicated FMAP region
to speed loading of SPD data. Currently requires board-level
romstage implementation to read/write/utilize cached SPD data.
When the default FMAP is used, will create a region named RW_SPD_CACHE
to store the cached SPD data.

SPD_CACHE_FMAP_NAMElibstring Name of the FMAP region created in the default FMAP to cache SPD data.

NO_FMAP_CACHElibbool If your platform really doesn't want to use an FMAP cache (e.g. due to
space constraints), you can select this to disable warnings and save
a bit more code.

ESPI_DEBUGlibbool This option enables eSPI library helper functions for displaying debug
information.

NO_CBFS_MCACHElibbool Disables the CBFS metadata cache. This means that your platform does
not need to provide a CBFS_MCACHE section in memlayout and can save
the associated CAR/SRAM size. In that case every single CBFS file
lookup must re-read the same CBFS directory entries from flash to find
the respective file.

CBFS_CACHE_ALIGNlibint Sets the alignment of the buffers returned by the cbfs_cache.

CBFS_PRELOADlibbool When enabled it will be possible to preload CBFS files into the
cbfs_cache. This helps reduce boot time by loading the files
in the background before they are actually required. This feature
depends on the read-only boot_device having a DMA controller to
perform the background transfer.

DECOMPRESS_OFASTlibbool Compile the decompressing function in -Ofast instead of standard -Os

POWER_BUTTON_DEFAULT_ENABLEtoplevelbool Select when the board has a power button which can optionally be
disabled by the user.

POWER_BUTTON_DEFAULT_DISABLEtoplevelbool Select when the board has a power button which can optionally be
enabled by the user, e.g. when the board ships with a jumper over
the power switch contacts.

POWER_BUTTON_FORCE_ENABLEtoplevelbool Select when the board requires that the power button is always
enabled.

POWER_BUTTON_FORCE_DISABLEtoplevelbool Select when the board requires that the power button is always
disabled, e.g. when it has been hardwired to ground.

POWER_BUTTON_IS_OPTIONALtoplevelbool Internal option that controls ENABLE_POWER_BUTTON visibility.

REG_SCRIPTtoplevelbool Internal option that controls whether we compile in register scripts.

MAX_REBOOT_CNTtoplevelint Internal option that sets the maximum number of bootblock executions allowed
with the normal image enabled before assuming the normal image is defective
and switching to the fallback image.

NO_XIP_EARLY_STAGEStoplevelbool Identify if early stages are eXecute-In-Place(XIP).

EARLY_CBMEM_LISTtoplevelbool Enable display of CBMEM during romstage and postcar.

RELOCATABLE_MODULEStoplevelbool If RELOCATABLE_MODULES is selected then support is enabled for
building relocatable modules in the RAM stage. Those modules can be
loaded anywhere and all the relocations are handled automatically.

GENERIC_GPIO_LIBtoplevelbool If enabled, compile the generic GPIO library. A "generic" GPIO
implies configurability usually found on SoCs, particularly the
ability to control internal pull resistors.

BOOTBLOCK_IN_CBFStoplevelbool Select this on platforms that have a top aligned bootblock inside cbfs.

MEMLAYOUT_LD_FILEtoplevelstring This variable allows SoC/mainboard to supply in a custom linker file
if required. This determines the linker file used for all the stages
(bootblock, romstage, verstage, ramstage, postcar) in
src/arch/${ARCH}/Makefile.inc.