xref: /aosp_15_r20/external/coreboot/src/sbom/Kconfig (revision b9411a12aaaa7e1e6a6fb7c5e057f44ee179a49c) 
1## SPDX-License-Identifier: GPL-2.0-only
2
3config SBOM
4	bool "Include SBOM data for coreboot"
5	default n
6	help
7	  Select this option if you want to include a
8	  coswid (Concise Software Identification Tag) of coreboot itself
9	  into the SBOM (Software Bill of Materials) File in your build
10
11if SBOM
12
13config SBOM_COMPILER
14	bool "Include compiler metadata in SBOM"
15	default n
16	help
17	  Select this option if you want to include a
18	  coswid (Concise Software Identification Tag) of the compiler
19	  used to compile coreboot into the SBOM (Software Bill of Materials)
20	  File in your build
21	  Note: if the system toolchain is used to build coreboot
22	  one should check the final SBOM file for the expected results
23
24config SBOM_COMPILER_PATH
25	string "Path to SBOM file for the compiler"
26	depends on SBOM_COMPILER
27	default "build/sbom/compiler-gcc.json" if COMPILER_GCC
28	default "build/sbom/compiler-clang.json" if COMPILER_LLVM_CLANG
29	default "build/sbom/compiler-generic.json" if ANY_TOOLCHAIN
30	help
31	  The path of the SBOM file describing the Software included in the build
32	  File can be a .json, .xml, .cbor, .uswid, or .pc
33
34config SBOM_PAYLOAD
35	bool "Include payload metadata in SBOM"
36	default n
37	help
38	  Select this option if you want to include a
39	  coswid (Concise Software Identification Tag) of the payload into
40	  the SBOM (Software Bill of Materials) File in your build
41
42config SBOM_PAYLOAD_GENERATE
43	bool "Auto-generate generic SBOM info for payload"
44	depends on SBOM_PAYLOAD && (PAYLOAD_BOOTBOOT || PAYLOAD_DEPTHCHARGE || PAYLOAD_FILO || PAYLOAD_GRUB2 || PAYLOAD_LINUXBOOT || PAYLOAD_SEABIOS || PAYLOAD_SKIBOOT || PAYLOAD_UBOOT)
45	default y
46	help
47	  Select this option if you want coreboot to generate and include
48	  the coswid (Concise Software Identification Tag) instead of supplying
49	  it manually. Be aware that this option is only meant to be a
50	  transition and suppliers of Software should always prefer to include
51	  their own Software descriptions, since ours may be incomplete or
52	  straight up wrong.
53
54config SBOM_PAYLOAD_PATH
55	string "Path to SBOM file for the payload"
56	depends on SBOM_PAYLOAD && !SBOM_PAYLOAD_GENERATE
57	help
58	  The path of the SBOM file describing the Software included in the build
59	  File can be a .json, .xml, .cbor, .uswid, or .pc
60
61config SBOM_ME
62	bool "Include ME metadata in SBOM"
63	depends on HAVE_ME_BIN
64	default n
65	help
66	  Select this option if you want to include a
67	  coswid (Concise Software Identification Tag) of the
68	  ME firmware into the SBOM (Software Bill of Materials)
69	  File in your build
70
71config SBOM_ME_GENERATE
72	bool "Auto-generate generic SBOM info for ME firmware"
73	depends on SBOM_ME
74	default y
75	help
76	  Select this option if you want coreboot to generate and include
77	  the coswid (Concise Software Identification Tag) instead of
78	  supplying it manually. Be aware that this option is only meant
79	  to be a transition and suppliers of Software should always prefer
80	  to include their own Software descriptions, since ours may be
81	  incomplete or straight up wrong.
82
83config SBOM_ME_PATH
84	string "Path to sbom.json for the ME firmware"
85	depends on SBOM_ME && !SBOM_ME_GENERATE
86	help
87	  The path of the SBOM file describing the Software included in the build
88	  File can be a .json, .xml, .cbor, .uswid, or .pc
89
90config SBOM_EC
91	bool "Include EC metadata in SBOM"
92	depends on HAVE_EC_BIN
93	default n
94	help
95	  Select this option if you want to include a
96	  coswid (Concise Software Identification Tag) of the
97	  EC (Embedded Controller) firmware into the
98	  SBOM (Software Bill of Materials) File in your build
99
100config SBOM_EC_PATH
101	string "Path to SBOM file for the EC firmware"
102	depends on SBOM_EC
103	default "src/sbom/generic-ec.json"
104	help
105	  The path of the SBOM file describing the Software included in the build
106	  File can be a .json, .xml, .cbor, .uswid, or .pc
107
108config SBOM_SINIT_ACM
109	bool "Include SINIT ACM metadata in SBOM"
110	depends on INTEL_TXT_SINITACM_FILE != ""
111	default n
112	help
113	  Select this option if you want to include a
114	  coswid (Concise Software Identification Tag) of the
115	  SINIT ACM (Authenticated Code Module) firmware into the
116	  SBOM (Software Bill of Materials) File in your build
117
118config SBOM_SINIT_ACM_PATH
119	string "Path to SBOM file for the SINIT AMC firmware"
120	depends on SBOM_SINIT_ACM
121	default "src/sbom/intel-sinit-acm.json"
122	help
123	  The path of the SBOM file describing the Software included in the build
124	  File can be a .json, .xml, .cbor, .uswid, or .pc
125
126config SBOM_BIOS_ACM
127	bool "Include BIOS ACM metadata in SBOM"
128	depends on INTEL_TXT_BIOSACM_FILE != ""
129	default n
130	help
131	  Select this option if you want to include a
132	  coswid (Concise Software Identification Tag) of the
133	  BIOS ACM (Authenticated Code Module) firmware into the
134	  SBOM (Software Bill of Materials) File in your build
135
136config SBOM_BIOS_ACM_PATH
137	string "Path to SBOM file for the BIOS AMC firmware"
138	depends on SBOM_SINIT_ACM
139	default "src/sbom/intel-bios-acm.json"
140	help
141	  The path of the SBOM file describing the Software included in the build
142	  File can be a .json, .xml, .cbor, .uswid, or .pc
143
144config SBOM_MICROCODE
145	bool "Include microcode metadata in SBOM"
146	default n
147	help
148	  Select this option if you want to include a
149	  coswid (Concise Software Identification Tag) of the
150	  microcode firmware into the SBOM (Software Bill of Materials)
151	  File in your build
152
153config SBOM_FSP
154	bool "Include Intel FSP metadata in SBOM"
155	default n
156	depends on (FSP_S_FILE != "" || FSP_M_FILE != "" || FSP_T_FILE != "")
157	help
158	  Select this option if you want to include a
159	  coswid (Concise Software Identification Tag) of the
160	  FSP firmware into the SBOM (Software Bill of Materials)
161	  File in your build
162
163config SBOM_FSP_PATH
164	string "Path to SBOM file for the FSP firmware"
165	depends on SBOM_FSP
166	default "build/sbom/generic-fsp.json"
167	help
168	  The path of the SBOM file describing the Software included in the build
169	  File can be a .json, .xml, .cbor, .uswid, or .pc
170
171config SBOM_VBOOT
172	bool "Include VBOOT metadata in SBOM"
173	default n
174	depends on VBOOT_LIB
175	help
176	  Select this option if you want to include a
177	  coswid (Concise Software Identification Tag) of the
178	  VBOOT Software into the SBOM (Software Bill of Materials)
179	  File in your build
180
181endif
182