Cradicle Explorer
coreboot
/ src / sbom / Kconfig
Kconfig
  1  ## SPDX-License-Identifier: GPL-2.0-only
  2  
  3  config SBOM
  4  	bool "Include SBOM data for coreboot"
  5  	default n
  6  	help
  7  	  Select this option if you want to include a
  8  	  coswid (Concise Software Identification Tag) of coreboot itself
  9  	  into the SBOM (Software Bill of Materials) File in your build
 10  
 11  if SBOM
 12  
 13  config SBOM_COMPILER
 14  	bool "Include compiler metadata in SBOM"
 15  	default n
 16  	help
 17  	  Select this option if you want to include a
 18  	  coswid (Concise Software Identification Tag) of the compiler
 19  	  used to compile coreboot into the SBOM (Software Bill of Materials)
 20  	  File in your build
 21  	  Note: if the system toolchain is used to build coreboot
 22  	  one should check the final SBOM file for the expected results
 23  
 24  config SBOM_COMPILER_PATH
 25  	string "Path to SBOM file for the compiler"
 26  	depends on SBOM_COMPILER
 27  	default "build/sbom/compiler-gcc.json" if COMPILER_GCC
 28  	default "build/sbom/compiler-clang.json" if COMPILER_LLVM_CLANG
 29  	default "build/sbom/compiler-generic.json" if ANY_TOOLCHAIN
 30  	help
 31  	  The path of the SBOM file describing the Software included in the build
 32  	  File can be a .json, .xml, .cbor, .uswid, or .pc
 33  
 34  config SBOM_PAYLOAD
 35  	bool "Include payload metadata in SBOM"
 36  	default n
 37  	help
 38  	  Select this option if you want to include a
 39  	  coswid (Concise Software Identification Tag) of the payload into
 40  	  the SBOM (Software Bill of Materials) File in your build
 41  
 42  config SBOM_PAYLOAD_GENERATE
 43  	bool "Auto-generate generic SBOM info for payload"
 44  	depends on SBOM_PAYLOAD && (PAYLOAD_BOOTBOOT || PAYLOAD_DEPTHCHARGE || PAYLOAD_FILO || PAYLOAD_GRUB2 || PAYLOAD_LINUXBOOT || PAYLOAD_SEABIOS || PAYLOAD_SKIBOOT || PAYLOAD_UBOOT)
 45  	default y
 46  	help
 47  	  Select this option if you want coreboot to generate and include
 48  	  the coswid (Concise Software Identification Tag) instead of supplying
 49  	  it manually. Be aware that this option is only meant to be a
 50  	  transition and suppliers of Software should always prefer to include
 51  	  their own Software descriptions, since ours may be incomplete or
 52  	  straight up wrong.
 53  
 54  config SBOM_PAYLOAD_PATH
 55  	string "Path to SBOM file for the payload"
 56  	depends on SBOM_PAYLOAD && !SBOM_PAYLOAD_GENERATE
 57  	help
 58  	  The path of the SBOM file describing the Software included in the build
 59  	  File can be a .json, .xml, .cbor, .uswid, or .pc
 60  
 61  config SBOM_ME
 62  	bool "Include ME metadata in SBOM"
 63  	depends on HAVE_ME_BIN
 64  	default n
 65  	help
 66  	  Select this option if you want to include a
 67  	  coswid (Concise Software Identification Tag) of the
 68  	  ME firmware into the SBOM (Software Bill of Materials)
 69  	  File in your build
 70  
 71  config SBOM_ME_GENERATE
 72  	bool "Auto-generate generic SBOM info for ME firmware"
 73  	depends on SBOM_ME
 74  	default y
 75  	help
 76  	  Select this option if you want coreboot to generate and include
 77  	  the coswid (Concise Software Identification Tag) instead of
 78  	  supplying it manually. Be aware that this option is only meant
 79  	  to be a transition and suppliers of Software should always prefer
 80  	  to include their own Software descriptions, since ours may be
 81  	  incomplete or straight up wrong.
 82  
 83  config SBOM_ME_PATH
 84  	string "Path to sbom.json for the ME firmware"
 85  	depends on SBOM_ME && !SBOM_ME_GENERATE
 86  	help
 87  	  The path of the SBOM file describing the Software included in the build
 88  	  File can be a .json, .xml, .cbor, .uswid, or .pc
 89  
 90  config SBOM_EC
 91  	bool "Include EC metadata in SBOM"
 92  	depends on HAVE_EC_BIN
 93  	default n
 94  	help
 95  	  Select this option if you want to include a
 96  	  coswid (Concise Software Identification Tag) of the
 97  	  EC (Embedded Controller) firmware into the
 98  	  SBOM (Software Bill of Materials) File in your build
 99  
100  config SBOM_EC_PATH
101  	string "Path to SBOM file for the EC firmware"
102  	depends on SBOM_EC
103  	default "src/sbom/generic-ec.json"
104  	help
105  	  The path of the SBOM file describing the Software included in the build
106  	  File can be a .json, .xml, .cbor, .uswid, or .pc
107  
108  config SBOM_SINIT_ACM
109  	bool "Include SINIT ACM metadata in SBOM"
110  	depends on INTEL_TXT_SINITACM_FILE != ""
111  	default n
112  	help
113  	  Select this option if you want to include a
114  	  coswid (Concise Software Identification Tag) of the
115  	  SINIT ACM (Authenticated Code Module) firmware into the
116  	  SBOM (Software Bill of Materials) File in your build
117  
118  config SBOM_SINIT_ACM_PATH
119  	string "Path to SBOM file for the SINIT AMC firmware"
120  	depends on SBOM_SINIT_ACM
121  	default "src/sbom/intel-sinit-acm.json"
122  	help
123  	  The path of the SBOM file describing the Software included in the build
124  	  File can be a .json, .xml, .cbor, .uswid, or .pc
125  
126  config SBOM_BIOS_ACM
127  	bool "Include BIOS ACM metadata in SBOM"
128  	depends on INTEL_TXT_BIOSACM_FILE != ""
129  	default n
130  	help
131  	  Select this option if you want to include a
132  	  coswid (Concise Software Identification Tag) of the
133  	  BIOS ACM (Authenticated Code Module) firmware into the
134  	  SBOM (Software Bill of Materials) File in your build
135  
136  config SBOM_BIOS_ACM_PATH
137  	string "Path to SBOM file for the BIOS AMC firmware"
138  	depends on SBOM_SINIT_ACM
139  	default "src/sbom/intel-bios-acm.json"
140  	help
141  	  The path of the SBOM file describing the Software included in the build
142  	  File can be a .json, .xml, .cbor, .uswid, or .pc
143  
144  config SBOM_MICROCODE
145  	bool "Include microcode metadata in SBOM"
146  	default n
147  	help
148  	  Select this option if you want to include a
149  	  coswid (Concise Software Identification Tag) of the
150  	  microcode firmware into the SBOM (Software Bill of Materials)
151  	  File in your build
152  
153  config SBOM_FSP
154  	bool "Include Intel FSP metadata in SBOM"
155  	default n
156  	depends on (FSP_S_FILE != "" || FSP_M_FILE != "" || FSP_T_FILE != "")
157  	help
158  	  Select this option if you want to include a
159  	  coswid (Concise Software Identification Tag) of the
160  	  FSP firmware into the SBOM (Software Bill of Materials)
161  	  File in your build
162  
163  config SBOM_FSP_PATH
164  	string "Path to SBOM file for the FSP firmware"
165  	depends on SBOM_FSP
166  	default "build/sbom/generic-fsp.json"
167  	help
168  	  The path of the SBOM file describing the Software included in the build
169  	  File can be a .json, .xml, .cbor, .uswid, or .pc
170  
171  config SBOM_VBOOT
172  	bool "Include VBOOT metadata in SBOM"
173  	default n
174  	depends on VBOOT_LIB
175  	help
176  	  Select this option if you want to include a
177  	  coswid (Concise Software Identification Tag) of the
178  	  VBOOT Software into the SBOM (Software Bill of Materials)
179  	  File in your build
180  
181  endif