| # SPDX-License-Identifier: GPL-2.0-only |
| menu "EFI (Extensible Firmware Interface) Support" |
| depends on EFI |
| |
| config EFI_VARS |
| tristate "EFI Variable Support via sysfs" |
| depends on EFI |
| default n |
| help |
| If you say Y here, you are able to get EFI (Extensible Firmware |
| Interface) variable information via sysfs. You may read, |
| write, create, and destroy EFI variables through this interface. |
| |
| Note that using this driver in concert with efibootmgr requires |
| at least test release version 0.5.0-test3 or later, which is |
| available from: |
| <http://linux.dell.com/efibootmgr/testing/efibootmgr-0.5.0-test3.tar.gz> |
| |
| Subsequent efibootmgr releases may be found at: |
| <http://github.com/vathpela/efibootmgr> |
| |
| config EFI_ESRT |
| bool |
| depends on EFI && !IA64 |
| default y |
| |
| config EFI_VARS_PSTORE |
| tristate "Register efivars backend for pstore" |
| depends on EFI_VARS && PSTORE |
| default y |
| help |
| Say Y here to enable use efivars as a backend to pstore. This |
| will allow writing console messages, crash dumps, or anything |
| else supported by pstore to EFI variables. |
| |
| config EFI_VARS_PSTORE_DEFAULT_DISABLE |
| bool "Disable using efivars as a pstore backend by default" |
| depends on EFI_VARS_PSTORE |
| default n |
| help |
| Saying Y here will disable the use of efivars as a storage |
| backend for pstore by default. This setting can be overridden |
| using the efivars module's pstore_disable parameter. |
| |
| config EFI_RUNTIME_MAP |
| bool "Export efi runtime maps to sysfs" |
| depends on X86 && EFI && KEXEC_CORE |
| default y |
| help |
| Export efi runtime memory maps to /sys/firmware/efi/runtime-map. |
| That memory map is used for example by kexec to set up efi virtual |
| mapping the 2nd kernel, but can also be used for debugging purposes. |
| |
| See also Documentation/ABI/testing/sysfs-firmware-efi-runtime-map. |
| |
| config EFI_FAKE_MEMMAP |
| bool "Enable EFI fake memory map" |
| depends on EFI && X86 |
| default n |
| help |
| Saying Y here will enable "efi_fake_mem" boot option. |
| By specifying this parameter, you can add arbitrary attribute |
| to specific memory range by updating original (firmware provided) |
| EFI memmap. |
| This is useful for debugging of EFI memmap related feature. |
| e.g. Address Range Mirroring feature. |
| |
| config EFI_MAX_FAKE_MEM |
| int "maximum allowable number of ranges in efi_fake_mem boot option" |
| depends on EFI_FAKE_MEMMAP |
| range 1 128 |
| default 8 |
| help |
| Maximum allowable number of ranges in efi_fake_mem boot option. |
| Ranges can be set up to this value using comma-separated list. |
| The default value is 8. |
| |
| config EFI_PARAMS_FROM_FDT |
| bool |
| help |
| Select this config option from the architecture Kconfig if |
| the EFI runtime support gets system table address, memory |
| map address, and other parameters from the device tree. |
| |
| config EFI_RUNTIME_WRAPPERS |
| bool |
| |
| config EFI_ARMSTUB |
| bool |
| |
| config EFI_ARMSTUB_DTB_LOADER |
| bool "Enable the DTB loader" |
| depends on EFI_ARMSTUB |
| default y |
| help |
| Select this config option to add support for the dtb= command |
| line parameter, allowing a device tree blob to be loaded into |
| memory from the EFI System Partition by the stub. |
| |
| If the device tree is provided by the platform or by |
| the bootloader this option may not be needed. |
| But, for various development reasons and to maintain existing |
| functionality for bootloaders that do not have such support |
| this option is necessary. |
| |
| config EFI_BOOTLOADER_CONTROL |
| tristate "EFI Bootloader Control" |
| depends on EFI_VARS |
| default n |
| ---help--- |
| This module installs a reboot hook, such that if reboot() is |
| invoked with a string argument NNN, "NNN" is copied to the |
| "LoaderEntryOneShot" EFI variable, to be read by the |
| bootloader. If the string matches one of the boot labels |
| defined in its configuration, the bootloader will boot once |
| to that label. The "LoaderEntryRebootReason" EFI variable is |
| set with the reboot reason: "reboot" or "shutdown". The |
| bootloader reads this reboot reason and takes particular |
| action according to its policy. |
| |
| config EFI_CAPSULE_LOADER |
| tristate "EFI capsule loader" |
| depends on EFI |
| help |
| This option exposes a loader interface "/dev/efi_capsule_loader" for |
| users to load EFI capsules. This driver requires working runtime |
| capsule support in the firmware, which many OEMs do not provide. |
| |
| Most users should say N. |
| |
| config EFI_CAPSULE_QUIRK_QUARK_CSH |
| bool "Add support for Quark capsules with non-standard headers" |
| depends on X86 && !64BIT |
| select EFI_CAPSULE_LOADER |
| default y |
| help |
| Add support for processing Quark X1000 EFI capsules, whose header |
| layout deviates from the layout mandated by the UEFI specification. |
| |
| config EFI_TEST |
| tristate "EFI Runtime Service Tests Support" |
| depends on EFI |
| default n |
| help |
| This driver uses the efi.<service> function pointers directly instead |
| of going through the efivar API, because it is not trying to test the |
| kernel subsystem, just for testing the UEFI runtime service |
| interfaces which are provided by the firmware. This driver is used |
| by the Firmware Test Suite (FWTS) for testing the UEFI runtime |
| interfaces readiness of the firmware. |
| Details for FWTS are available from: |
| <https://wiki.ubuntu.com/FirmwareTestSuite> |
| |
| Say Y here to enable the runtime services support via /dev/efi_test. |
| If unsure, say N. |
| |
| config APPLE_PROPERTIES |
| bool "Apple Device Properties" |
| depends on EFI_STUB && X86 |
| select EFI_DEV_PATH_PARSER |
| select UCS2_STRING |
| help |
| Retrieve properties from EFI on Apple Macs and assign them to |
| devices, allowing for improved support of Apple hardware. |
| Properties that would otherwise be missing include the |
| Thunderbolt Device ROM and GPU configuration data. |
| |
| If unsure, say Y if you have a Mac. Otherwise N. |
| |
| config RESET_ATTACK_MITIGATION |
| bool "Reset memory attack mitigation" |
| depends on EFI_STUB |
| help |
| Request that the firmware clear the contents of RAM after a reboot |
| using the TCG Platform Reset Attack Mitigation specification. This |
| protects against an attacker forcibly rebooting the system while it |
| still contains secrets in RAM, booting another OS and extracting the |
| secrets. This should only be enabled when userland is configured to |
| clear the MemoryOverwriteRequest flag on clean shutdown after secrets |
| have been evicted, since otherwise it will trigger even on clean |
| reboots. |
| |
| endmenu |
| |
| config UEFI_CPER |
| bool |
| |
| config UEFI_CPER_ARM |
| bool |
| depends on UEFI_CPER && ( ARM || ARM64 ) |
| default y |
| |
| config UEFI_CPER_X86 |
| bool |
| depends on UEFI_CPER && X86 |
| default y |
| |
| config EFI_DEV_PATH_PARSER |
| bool |
| depends on ACPI |
| default n |
| |
| config EFI_EARLYCON |
| def_bool y |
| depends on SERIAL_EARLYCON && !ARM && !IA64 |
| select FONT_SUPPORT |
| select ARCH_USE_MEMREMAP_PROT |