]>
Commit | Line | Data |
---|---|---|
ec8f24b7 | 1 | # SPDX-License-Identifier: GPL-2.0-only |
04851772 MF |
2 | menu "EFI (Extensible Firmware Interface) Support" |
3 | depends on EFI | |
4 | ||
5 | config EFI_VARS | |
6 | tristate "EFI Variable Support via sysfs" | |
7 | depends on EFI | |
8 | default n | |
9 | help | |
10 | If you say Y here, you are able to get EFI (Extensible Firmware | |
11 | Interface) variable information via sysfs. You may read, | |
12 | write, create, and destroy EFI variables through this interface. | |
13 | ||
14 | Note that using this driver in concert with efibootmgr requires | |
15 | at least test release version 0.5.0-test3 or later, which is | |
0e4ca02b | 16 | available from: |
04851772 MF |
17 | <http://linux.dell.com/efibootmgr/testing/efibootmgr-0.5.0-test3.tar.gz> |
18 | ||
19 | Subsequent efibootmgr releases may be found at: | |
0e4ca02b | 20 | <http://github.com/vathpela/efibootmgr> |
04851772 | 21 | |
3846c158 PJ |
22 | config EFI_ESRT |
23 | bool | |
24 | depends on EFI && !IA64 | |
25 | default y | |
26 | ||
04851772 MF |
27 | config EFI_VARS_PSTORE |
28 | tristate "Register efivars backend for pstore" | |
29 | depends on EFI_VARS && PSTORE | |
30 | default y | |
31 | help | |
32 | Say Y here to enable use efivars as a backend to pstore. This | |
33 | will allow writing console messages, crash dumps, or anything | |
34 | else supported by pstore to EFI variables. | |
35 | ||
36 | config EFI_VARS_PSTORE_DEFAULT_DISABLE | |
37 | bool "Disable using efivars as a pstore backend by default" | |
38 | depends on EFI_VARS_PSTORE | |
39 | default n | |
40 | help | |
41 | Saying Y here will disable the use of efivars as a storage | |
42 | backend for pstore by default. This setting can be overridden | |
43 | using the efivars module's pstore_disable parameter. | |
44 | ||
926172d4 DY |
45 | config EFI_RUNTIME_MAP |
46 | bool "Export efi runtime maps to sysfs" | |
2965faa5 | 47 | depends on X86 && EFI && KEXEC_CORE |
926172d4 DY |
48 | default y |
49 | help | |
50 | Export efi runtime memory maps to /sys/firmware/efi/runtime-map. | |
51 | That memory map is used for example by kexec to set up efi virtual | |
52 | mapping the 2nd kernel, but can also be used for debugging purposes. | |
53 | ||
54 | See also Documentation/ABI/testing/sysfs-firmware-efi-runtime-map. | |
55 | ||
0f96a99d TI |
56 | config EFI_FAKE_MEMMAP |
57 | bool "Enable EFI fake memory map" | |
58 | depends on EFI && X86 | |
59 | default n | |
60 | help | |
61 | Saying Y here will enable "efi_fake_mem" boot option. | |
62 | By specifying this parameter, you can add arbitrary attribute | |
63 | to specific memory range by updating original (firmware provided) | |
64 | EFI memmap. | |
65 | This is useful for debugging of EFI memmap related feature. | |
66 | e.g. Address Range Mirroring feature. | |
67 | ||
68 | config EFI_MAX_FAKE_MEM | |
69 | int "maximum allowable number of ranges in efi_fake_mem boot option" | |
70 | depends on EFI_FAKE_MEMMAP | |
71 | range 1 128 | |
72 | default 8 | |
73 | help | |
74 | Maximum allowable number of ranges in efi_fake_mem boot option. | |
75 | Ranges can be set up to this value using comma-separated list. | |
76 | The default value is 8. | |
77 | ||
b617c526 DW |
78 | config EFI_SOFT_RESERVE |
79 | bool "Reserve EFI Specific Purpose Memory" | |
80 | depends on EFI && EFI_STUB && ACPI_HMAT | |
81 | default ACPI_HMAT | |
82 | help | |
83 | On systems that have mixed performance classes of memory EFI | |
84 | may indicate specific purpose memory with an attribute (See | |
85 | EFI_MEMORY_SP in UEFI 2.8). A memory range tagged with this | |
86 | attribute may have unique performance characteristics compared | |
87 | to the system's general purpose "System RAM" pool. On the | |
88 | expectation that such memory has application specific usage, | |
89 | and its base EFI memory type is "conventional" answer Y to | |
90 | arrange for the kernel to reserve it as a "Soft Reserved" | |
91 | resource, and set aside for direct-access (device-dax) by | |
92 | default. The memory range can later be optionally assigned to | |
93 | the page allocator by system administrator policy via the | |
94 | device-dax kmem facility. Say N to have the kernel treat this | |
95 | memory as "System RAM" by default. | |
96 | ||
97 | If unsure, say Y. | |
98 | ||
0302f71c MS |
99 | config EFI_PARAMS_FROM_FDT |
100 | bool | |
101 | help | |
102 | Select this config option from the architecture Kconfig if | |
103 | the EFI runtime support gets system table address, memory | |
104 | map address, and other parameters from the device tree. | |
105 | ||
022ee6c5 AB |
106 | config EFI_RUNTIME_WRAPPERS |
107 | bool | |
108 | ||
f4f75ad5 AB |
109 | config EFI_ARMSTUB |
110 | bool | |
111 | ||
3d7ee348 AB |
112 | config EFI_ARMSTUB_DTB_LOADER |
113 | bool "Enable the DTB loader" | |
114 | depends on EFI_ARMSTUB | |
d3109593 | 115 | default y |
3d7ee348 AB |
116 | help |
117 | Select this config option to add support for the dtb= command | |
118 | line parameter, allowing a device tree blob to be loaded into | |
119 | memory from the EFI System Partition by the stub. | |
120 | ||
d3109593 SB |
121 | If the device tree is provided by the platform or by |
122 | the bootloader this option may not be needed. | |
123 | But, for various development reasons and to maintain existing | |
124 | functionality for bootloaders that do not have such support | |
125 | this option is necessary. | |
3d7ee348 | 126 | |
06f7d4a1 CJ |
127 | config EFI_BOOTLOADER_CONTROL |
128 | tristate "EFI Bootloader Control" | |
129 | depends on EFI_VARS | |
130 | default n | |
131 | ---help--- | |
132 | This module installs a reboot hook, such that if reboot() is | |
133 | invoked with a string argument NNN, "NNN" is copied to the | |
134 | "LoaderEntryOneShot" EFI variable, to be read by the | |
135 | bootloader. If the string matches one of the boot labels | |
136 | defined in its configuration, the bootloader will boot once | |
137 | to that label. The "LoaderEntryRebootReason" EFI variable is | |
138 | set with the reboot reason: "reboot" or "shutdown". The | |
139 | bootloader reads this reboot reason and takes particular | |
140 | action according to its policy. | |
141 | ||
65117f1a KHL |
142 | config EFI_CAPSULE_LOADER |
143 | tristate "EFI capsule loader" | |
144 | depends on EFI | |
145 | help | |
146 | This option exposes a loader interface "/dev/efi_capsule_loader" for | |
147 | users to load EFI capsules. This driver requires working runtime | |
148 | capsule support in the firmware, which many OEMs do not provide. | |
149 | ||
150 | Most users should say N. | |
151 | ||
2959c95d | 152 | config EFI_CAPSULE_QUIRK_QUARK_CSH |
1ae83c5c | 153 | bool "Add support for Quark capsules with non-standard headers" |
2959c95d JK |
154 | depends on X86 && !64BIT |
155 | select EFI_CAPSULE_LOADER | |
156 | default y | |
157 | help | |
158 | Add support for processing Quark X1000 EFI capsules, whose header | |
159 | layout deviates from the layout mandated by the UEFI specification. | |
160 | ||
ff6301da IH |
161 | config EFI_TEST |
162 | tristate "EFI Runtime Service Tests Support" | |
163 | depends on EFI | |
164 | default n | |
165 | help | |
166 | This driver uses the efi.<service> function pointers directly instead | |
167 | of going through the efivar API, because it is not trying to test the | |
168 | kernel subsystem, just for testing the UEFI runtime service | |
169 | interfaces which are provided by the firmware. This driver is used | |
170 | by the Firmware Test Suite (FWTS) for testing the UEFI runtime | |
171 | interfaces readiness of the firmware. | |
172 | Details for FWTS are available from: | |
173 | <https://wiki.ubuntu.com/FirmwareTestSuite> | |
174 | ||
175 | Say Y here to enable the runtime services support via /dev/efi_test. | |
176 | If unsure, say N. | |
177 | ||
58c5475a LW |
178 | config APPLE_PROPERTIES |
179 | bool "Apple Device Properties" | |
180 | depends on EFI_STUB && X86 | |
181 | select EFI_DEV_PATH_PARSER | |
182 | select UCS2_STRING | |
183 | help | |
184 | Retrieve properties from EFI on Apple Macs and assign them to | |
185 | devices, allowing for improved support of Apple hardware. | |
186 | Properties that would otherwise be missing include the | |
187 | Thunderbolt Device ROM and GPU configuration data. | |
188 | ||
189 | If unsure, say Y if you have a Mac. Otherwise N. | |
190 | ||
ccc829ba MG |
191 | config RESET_ATTACK_MITIGATION |
192 | bool "Reset memory attack mitigation" | |
193 | depends on EFI_STUB | |
194 | help | |
195 | Request that the firmware clear the contents of RAM after a reboot | |
196 | using the TCG Platform Reset Attack Mitigation specification. This | |
197 | protects against an attacker forcibly rebooting the system while it | |
198 | still contains secrets in RAM, booting another OS and extracting the | |
a5c03c31 MG |
199 | secrets. This should only be enabled when userland is configured to |
200 | clear the MemoryOverwriteRequest flag on clean shutdown after secrets | |
201 | have been evicted, since otherwise it will trigger even on clean | |
202 | reboots. | |
ccc829ba | 203 | |
1c5fecb6 N |
204 | config EFI_RCI2_TABLE |
205 | bool "EFI Runtime Configuration Interface Table Version 2 Support" | |
0b6b30c6 | 206 | depends on X86 || COMPILE_TEST |
1c5fecb6 N |
207 | help |
208 | Displays the content of the Runtime Configuration Interface | |
209 | Table version 2 on Dell EMC PowerEdge systems as a binary | |
210 | attribute 'rci2' under /sys/firmware/efi/tables directory. | |
211 | ||
212 | RCI2 table contains BIOS HII in XML format and is used to populate | |
213 | BIOS setup page in Dell EMC OpenManage Server Administrator tool. | |
214 | The BIOS setup page contains BIOS tokens which can be configured. | |
215 | ||
216 | Say Y here for Dell EMC PowerEdge systems. | |
217 | ||
4444f854 MG |
218 | config EFI_DISABLE_PCI_DMA |
219 | bool "Clear Busmaster bit on PCI bridges during ExitBootServices()" | |
220 | help | |
221 | Disable the busmaster bit in the control register on all PCI bridges | |
222 | while calling ExitBootServices() and passing control to the runtime | |
223 | kernel. System firmware may configure the IOMMU to prevent malicious | |
224 | PCI devices from being able to attack the OS via DMA. However, since | |
225 | firmware can't guarantee that the OS is IOMMU-aware, it will tear | |
226 | down IOMMU configuration when ExitBootServices() is called. This | |
227 | leaves a window between where a hostile device could still cause | |
228 | damage before Linux configures the IOMMU again. | |
229 | ||
230 | If you say Y here, the EFI stub will clear the busmaster bit on all | |
231 | PCI bridges before ExitBootServices() is called. This will prevent | |
232 | any malicious PCI devices from being able to perform DMA until the | |
233 | kernel reenables busmastering after configuring the IOMMU. | |
234 | ||
235 | This option will cause failures with some poorly behaved hardware | |
236 | and should not be enabled without testing. The kernel commandline | |
237 | options "efi=disable_early_pci_dma" or "efi=no_disable_early_pci_dma" | |
238 | may be used to override this option. | |
239 | ||
04851772 | 240 | endmenu |
fce7d3bf JB |
241 | |
242 | config UEFI_CPER | |
243 | bool | |
46cd4b75 | 244 | |
c6d8c8ef TB |
245 | config UEFI_CPER_ARM |
246 | bool | |
247 | depends on UEFI_CPER && ( ARM || ARM64 ) | |
248 | default y | |
249 | ||
f9e1bdb9 YG |
250 | config UEFI_CPER_X86 |
251 | bool | |
252 | depends on UEFI_CPER && X86 | |
253 | default y | |
254 | ||
46cd4b75 LW |
255 | config EFI_DEV_PATH_PARSER |
256 | bool | |
257 | depends on ACPI | |
258 | default n | |
69c1f396 AB |
259 | |
260 | config EFI_EARLYCON | |
261 | def_bool y | |
262 | depends on SERIAL_EARLYCON && !ARM && !IA64 | |
263 | select FONT_SUPPORT | |
264 | select ARCH_USE_MEMREMAP_PROT |