vboot: Move remaining features out of vendorcode/google/chromeos

This patch attempts to finish the separation between CONFIG_VBOOT and CONFIG_CHROMEOS by moving the remaining options and code (including image generation code for things like FWID and GBB flags, which are intrinsic to vboot itself) from src/vendorcode/google/chromeos to src/vboot. Also taking this opportunity to namespace all VBOOT Kconfig options, and clean up menuconfig visibility for them (i.e. some options were visible even though they were tied to the hardware while others were invisible even though it might make sense to change them). CQ-DEPEND=CL:459088 Change-Id: I3e2e31150ebf5a96b6fe507ebeb53a41ecf88122 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/18984 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2017-02-13 17:53:29 -08:00
parent 73d042bd90
commit 58c3938705
74 changed files with 562 additions and 575 deletions
--- a/src/arch/x86/assembly_entry.S
+++ b/src/arch/x86/assembly_entry.S
@ -21,7 +21,7 @@
 * verstage runs directly after bootblock.
 */
 #define ROMSTAGE_AFTER_VERSTAGE \
-	(IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) && \
+	(IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) && \
 		IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) && ENV_ROMSTAGE)
 #if IS_ENABLED(CONFIG_C_ENVIRONMENT_BOOTBLOCK) || ROMSTAGE_AFTER_VERSTAGE
--- a/src/arch/x86/bootblock_simple.c
+++ b/src/arch/x86/bootblock_simple.c
@ -28,7 +28,7 @@ static void main(unsigned long bist)
 #endif
 	}
-#if CONFIG_SEPARATE_VERSTAGE
+#if CONFIG_VBOOT_SEPARATE_VERSTAGE
 	const char *target1 = "fallback/verstage";
 #else
 	const char *target1 = "fallback/romstage";
--- a/src/arch/x86/car.ld
+++ b/src/arch/x86/car.ld
@ -21,7 +21,7 @@
 	_car_region_start = . ;
 	/* Vboot work buffer is completely volatile outside of verstage and
 	 * romstage. Appropriate code needs to handle the transition. */
-#if IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)
+#if IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)
 	VBOOT2_WORK(., 16K)
 #endif
 	/* Stack for CAR stages. Since it persists across all stages that
--- a/src/ec/google/chromeec/Kconfig
+++ b/src/ec/google/chromeec/Kconfig
@ -160,7 +160,7 @@ config EC_GOOGLE_CHROMEEC_PD_FIRMWARE_FILE
 	  The path and filename of the PD firmware file to use.
 config EC_GOOGLE_CHROMEEC_SWITCHES
-	depends on EC_GOOGLE_CHROMEEC && CHROMEOS
+	depends on EC_GOOGLE_CHROMEEC && VBOOT
 	bool
 	help
 	  Enable support for Chrome OS mode switches provided by the Chrome OS
--- a/src/ec/google/chromeec/switches.c
+++ b/src/ec/google/chromeec/switches.c
@ -20,7 +20,7 @@
 #if IS_ENABLED(CONFIG_EC_GOOGLE_CHROMEEC_LPC)
 int get_lid_switch(void)
 {
-	if (!IS_ENABLED(CONFIG_LID_SWITCH))
+	if (!IS_ENABLED(CONFIG_VBOOT_LID_SWITCH))
 		return -1;
 	return !!(google_chromeec_get_switches() & EC_SWITCH_LID_OPEN);
--- a/src/include/memlayout.h
+++ b/src/include/memlayout.h
@ -154,7 +154,7 @@
 		INCLUDE "verstage/lib/program.ld"
 	#define OVERLAP_VERSTAGE_ROMSTAGE(addr, size) \
-		_ = ASSERT(IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) == 1, \
+		_ = ASSERT(IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) == 1, \
 			"Must set RETURN_FROM_VERSTAGE to overlap romstage."); \
 		VERSTAGE(addr, size)
 #else
--- a/src/lib/Makefile.inc
+++ b/src/lib/Makefile.inc
@ -54,11 +54,11 @@ libverstage-$(CONFIG_TPM) += tlcl.c
 libverstage-$(CONFIG_TPM2) += tpm2_marshaling.c
 libverstage-$(CONFIG_TPM2) += tpm2_tlcl.c
-ifeq ($(CONFIG_SEPARATE_VERSTAGE),y)
+ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)
 romstage-$(CONFIG_TPM) += tlcl.c
 romstage-$(CONFIG_TPM2) += tpm2_marshaling.c
 romstage-$(CONFIG_TPM2) += tpm2_tlcl.c
-endif # CONFIG_SEPARATE_VERSTAGE
+endif # CONFIG_VBOOT_SEPARATE_VERSTAGE
 verstage-$(CONFIG_GENERIC_UDELAY) += timer.c
 verstage-$(CONFIG_GENERIC_GPIO_LIB) += gpio.c
--- a/src/mainboard/google/auron/Kconfig
+++ b/src/mainboard/google/auron/Kconfig
@ -16,8 +16,10 @@ if BOARD_GOOGLE_BASEBOARD_AURON
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
 config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/beltino/Kconfig
+++ b/src/mainboard/google/beltino/Kconfig
@ -15,8 +15,8 @@ config BOARD_GOOGLE_BASEBOARD_BELTINO
 if BOARD_GOOGLE_BASEBOARD_BELTINO
-config CHROMEOS
+config VBOOT
-	select PHYSICAL_REC_SWITCH
+	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/butterfly/Kconfig
+++ b/src/mainboard/google/butterfly/Kconfig
@ -17,7 +17,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 	select SERIRQ_CONTINUOUS_MODE 	# Workaround for EC/KBC IRQ1.
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/chell/Kconfig
+++ b/src/mainboard/google/chell/Kconfig
@ -20,9 +20,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MONOTONIC_TIMER_MSR
 	select SOC_INTEL_SKYLAKE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 config IRQ_SLOT_COUNT
 	int
--- a/src/mainboard/google/cosmos/Kconfig
+++ b/src/mainboard/google/cosmos/Kconfig
@ -26,7 +26,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH
 	select SPI_FLASH_SPANSION
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
--- a/src/mainboard/google/cyan/Kconfig
+++ b/src/mainboard/google/cyan/Kconfig
@ -15,9 +15,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select HAVE_ACPI_RESUME
 	select PCIEXP_L1_SUB_STATE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select VBOOT_VBNV_CMOS
 config DISPLAY_SPD_DATA
--- a/src/mainboard/google/daisy/Kconfig
+++ b/src/mainboard/google/daisy/Kconfig
@ -28,7 +28,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_NATIVE_VGA_INIT
 	select MAINBOARD_DO_NATIVE_VGA_INIT
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_EC
 config MAINBOARD_DIR
--- a/src/mainboard/google/eve/Kconfig
+++ b/src/mainboard/google/eve/Kconfig
@ -21,10 +21,10 @@ config BOARD_SPECIFIC_OPTIONS
 	select SOC_INTEL_KABYLAKE
 	select TPM2
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select HAS_RECOVERY_MRC_CACHE
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select MRC_CLEAR_NORMAL_CACHE_ON_RECOVERY_RETRAIN
 config DRIVER_TPM_I2C_BUS
--- a/src/mainboard/google/fizz/Kconfig
+++ b/src/mainboard/google/fizz/Kconfig
@ -14,7 +14,7 @@ config BOARD_SPECIFIC_OPTIONS
 	select NO_FADT_8042
 	select SOC_INTEL_KABYLAKE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
--- a/src/mainboard/google/foster/Kconfig
+++ b/src/mainboard/google/foster/Kconfig
@ -26,7 +26,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select COMMON_CBFS_SPI_WRAPPER
 	select SPI_FLASH_WINBOND
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
@ -84,7 +84,7 @@ config GBB_HWID
 	depends on CHROMEOS
 	default "FOSTER TEST 1184"
-config CHROMEOS_FWID_MODEL
+config VBOOT_FWID_MODEL
 	string
 	default "Nvidia_Foster"
--- a/src/mainboard/google/gale/Kconfig
+++ b/src/mainboard/google/gale/Kconfig
@ -31,9 +31,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select SPI_FLASH_WINBOND
 	select DRIVERS_UART
-config CHROMEOS
+config VBOOT
 	select VBOOT_DISABLE_DEV_ON_RECOVERY
-	select WIPEOUT_SUPPORTED
+	select VBOOT_WIPEOUT_SUPPORTED
 config BOARD_VARIANT_DK01
 	bool "Build an image for DK01"
--- a/src/mainboard/google/glados/Kconfig
+++ b/src/mainboard/google/glados/Kconfig
@ -20,9 +20,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MONOTONIC_TIMER_MSR
 	select SOC_INTEL_SKYLAKE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 config IRQ_SLOT_COUNT
 	int
--- a/src/mainboard/google/gru/Kconfig
+++ b/src/mainboard/google/gru/Kconfig
@ -45,7 +45,7 @@ config BOARD_SPECIFIC_OPTIONS
 	select SPI_FLASH_GIGADEVICE
 	select SPI_FLASH_WINBOND
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select MAINBOARD_HAS_SPI_TPM_CR50 if GRU_HAS_TPM2
 	select SPI_TPM if GRU_HAS_TPM2
--- a/src/mainboard/google/jecht/Kconfig
+++ b/src/mainboard/google/jecht/Kconfig
@ -14,7 +14,9 @@ if BOARD_GOOGLE_BASEBOARD_JECHT
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select PHYSICAL_REC_SWITCH
+
 config VBOOT
 	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/lars/Kconfig
+++ b/src/mainboard/google/lars/Kconfig
@ -22,9 +22,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MONOTONIC_TIMER_MSR
 	select SOC_INTEL_SKYLAKE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 config IRQ_SLOT_COUNT
 	int
--- a/src/mainboard/google/link/Kconfig
+++ b/src/mainboard/google/link/Kconfig
@ -16,9 +16,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SERIRQ_CONTINUOUS_MODE
 	select MAINBOARD_HAS_NATIVE_VGA_INIT
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/nyan/Kconfig
+++ b/src/mainboard/google/nyan/Kconfig
@ -31,7 +31,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 	select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select VBOOT_VBNV_EC
--- a/src/mainboard/google/nyan_big/Kconfig
+++ b/src/mainboard/google/nyan_big/Kconfig
@ -32,7 +32,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 	select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select VBOOT_VBNV_EC
--- a/src/mainboard/google/nyan_blaze/Kconfig
+++ b/src/mainboard/google/nyan_blaze/Kconfig
@ -33,7 +33,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_WINBOND
 	select SPI_FLASH_FAST_READ_DUAL_OUTPUT_3B
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select VBOOT_VBNV_EC
--- a/src/mainboard/google/oak/Kconfig
+++ b/src/mainboard/google/oak/Kconfig
@ -33,10 +33,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select RAM_CODE_SUPPORT
 	select SPI_FLASH
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select VBOOT_EC_SLOW_UPDATE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
--- a/src/mainboard/google/parrot/Kconfig
+++ b/src/mainboard/google/parrot/Kconfig
@ -17,7 +17,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	# Workaround for EC/KBC IRQ1.
 	select SERIRQ_CONTINUOUS_MODE
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/peach_pit/Kconfig
+++ b/src/mainboard/google/peach_pit/Kconfig
@ -25,7 +25,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_DO_NATIVE_VGA_INIT
 	select DRIVER_PARADE_PS8625
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_EC
 config MAINBOARD_DIR
--- a/src/mainboard/google/poppy/Kconfig
+++ b/src/mainboard/google/poppy/Kconfig
@ -16,9 +16,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select NO_FADT_8042
 	select SOC_INTEL_KABYLAKE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 config GBB_HWID
 	string
--- a/src/mainboard/google/purin/Kconfig
+++ b/src/mainboard/google/purin/Kconfig
@ -27,7 +27,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_SPANSION
 	select SPI_FLASH_STMICRO # required for the reference board BCM958305K
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
--- a/src/mainboard/google/rambi/Kconfig
+++ b/src/mainboard/google/rambi/Kconfig
@ -13,9 +13,9 @@ config BOARD_GOOGLE_BASEBOARD_RAMBI
 if BOARD_GOOGLE_BASEBOARD_RAMBI
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/reef/Kconfig
+++ b/src/mainboard/google/reef/Kconfig
@ -37,11 +37,11 @@ config DRIVER_TPM_I2C_IRQ
 	int
 	default 60 # GPE0_DW1_28
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select HAS_RECOVERY_MRC_CACHE
 	select MRC_CLEAR_NORMAL_CACHE_ON_RECOVERY_RETRAIN
-	select LID_SWITCH if BASEBOARD_REEF_LAPTOP
+	select VBOOT_LID_SWITCH if BASEBOARD_REEF_LAPTOP
 config MAINBOARD_DIR
 	string
--- a/src/mainboard/google/rotor/Kconfig
+++ b/src/mainboard/google/rotor/Kconfig
@ -21,7 +21,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_CHROMEOS
 	select BOARD_ROMSIZE_KB_4096
-config CHROMEOS
+config VBOOT
 	select VBOOT_MOCK_SECDATA
 config MAINBOARD_DIR
@ -37,7 +37,7 @@ config GBB_HWID
 	depends on CHROMEOS
 	default "ROTOR TEST 1234"
-config CHROMEOS_FWID_MODEL
+config VBOOT_FWID_MODEL
 	string
 	default "Marvell_Rotor"
--- a/src/mainboard/google/slippy/Kconfig
+++ b/src/mainboard/google/slippy/Kconfig
@ -21,9 +21,9 @@ config BOARD_GOOGLE_BASEBOARD_SLIPPY
 if BOARD_GOOGLE_BASEBOARD_SLIPPY
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select MAINBOARD_DO_NATIVE_VGA_INIT if (BOARD_GOOGLE_FALCO || BOARD_GOOGLE_PEPPY)
 	select VBOOT_VBNV_CMOS
--- a/src/mainboard/google/smaug/Kconfig
+++ b/src/mainboard/google/smaug/Kconfig
@ -32,7 +32,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_CHROMEOS
 	select RAM_CODE_SUPPORT
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
 	select VBOOT_VBNV_FLASH
--- a/src/mainboard/google/storm/Kconfig
+++ b/src/mainboard/google/storm/Kconfig
@ -29,9 +29,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select SPI_FLASH_STMICRO
 	select DRIVERS_UART
-config CHROMEOS
+config VBOOT
 	select VBOOT_DISABLE_DEV_ON_RECOVERY
-	select WIPEOUT_SUPPORTED
+	select VBOOT_WIPEOUT_SUPPORTED
 config BOARD_VARIANT_AP148
 	bool "pick this to build an image for ap148"
--- a/src/mainboard/google/stout/Kconfig
+++ b/src/mainboard/google/stout/Kconfig
@ -17,7 +17,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 	select SANDYBRIDGE_IVYBRIDGE_LVDS
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/google/veyron/Kconfig
+++ b/src/mainboard/google/veyron/Kconfig
@ -45,7 +45,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_GIGADEVICE
 	select SPI_FLASH_WINBOND
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_EC
 config MAINBOARD_DIR
@ -54,6 +54,11 @@ config MAINBOARD_DIR
 config MAINBOARD_PART_NUMBER
 	string
 	default "Veyron_Jaq" if BOARD_GOOGLE_VEYRON_JAQ
 	default "Veyron_Jerry" if BOARD_GOOGLE_VEYRON_JERRY
 	default "Veyron_Mighty" if BOARD_GOOGLE_VEYRON_MIGHTY
 	default "Veyron_Minnie" if BOARD_GOOGLE_VEYRON_MINNIE
 	default "Veyron_Speedy" if BOARD_GOOGLE_VEYRON_SPEEDY
 	default "Veyron"
 config MAINBOARD_VENDOR
@ -112,12 +117,4 @@ config GBB_HWID
 	default "MINNIE TEST A-A 5151" if BOARD_GOOGLE_VEYRON_MINNIE
 	default "SPEEDY TEST A-A 8421" if BOARD_GOOGLE_VEYRON_SPEEDY
 config CHROMEOS_FWID_MODEL
 	string
 	default "Google_Veyron_Jaq" if BOARD_GOOGLE_VEYRON_JAQ
 	default "Google_Veyron_Jerry" if BOARD_GOOGLE_VEYRON_JERRY
 	default "Google_Veyron_Mighty" if BOARD_GOOGLE_VEYRON_MIGHTY
 	default "Google_Veyron_Minnie" if BOARD_GOOGLE_VEYRON_MINNIE
 	default "Google_Veyron_Speedy" if BOARD_GOOGLE_VEYRON_SPEEDY
 endif #  BOARD_GOOGLE_VEYRON
--- a/src/mainboard/google/veyron_mickey/Kconfig
+++ b/src/mainboard/google/veyron_mickey/Kconfig
@ -30,8 +30,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_GIGADEVICE
 	select SPI_FLASH_WINBOND
-config CHROMEOS
+config VBOOT
-	select PHYSICAL_REC_SWITCH
+	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
@ -40,7 +40,7 @@ config MAINBOARD_DIR
 config MAINBOARD_PART_NUMBER
 	string
-	default "Veyron_mickey"
+	default "Veyron_Mickey"
 config MAINBOARD_VENDOR
 	string
@ -72,8 +72,4 @@ config GBB_HWID
 	depends on CHROMEOS
 	default "MICKEY TEST A-A 0352"
 config CHROMEOS_FWID_MODEL
 	string
 	default "Google_Veyron_Mickey"
 endif #  BOARD_GOOGLE_VEYRON_MICKEY
--- a/src/mainboard/google/veyron_rialto/Kconfig
+++ b/src/mainboard/google/veyron_rialto/Kconfig
@ -30,8 +30,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SPI_FLASH_GIGADEVICE
 	select SPI_FLASH_WINBOND
-config CHROMEOS
+config VBOOT
-	select PHYSICAL_REC_SWITCH
+	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_FLASH
 config MAINBOARD_DIR
--- a/src/mainboard/intel/baskingridge/Kconfig
+++ b/src/mainboard/intel/baskingridge/Kconfig
@ -14,7 +14,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_LPC_TPM
 	select INTEL_INT15
-config CHROMEOS
+config VBOOT
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/intel/emeraldlake2/Kconfig
+++ b/src/mainboard/intel/emeraldlake2/Kconfig
@ -13,7 +13,7 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select INTEL_INT15
 	#select MAINBOARD_HAS_CHROMEOS
-config CHROMEOS
+config VBOOT
 	#select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/intel/galileo/Kconfig
+++ b/src/mainboard/intel/galileo/Kconfig
@ -153,7 +153,7 @@ config VBOOT_WITH_CRYPTO_SHIELD
 	select COLLECT_TIMESTAMPS
 	select I2C_TPM
 	select MAINBOARD_HAS_I2C_TPM_ATMEL
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
 	select VBOOT_SOFT_REBOOT_WORKAROUND
--- a/src/mainboard/intel/kblrvp/Kconfig
+++ b/src/mainboard/intel/kblrvp/Kconfig
@ -14,8 +14,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select MAINBOARD_HAS_CHROMEOS
 	select GENERIC_SPD_BIN
-config CHROMEOS
+config VBOOT
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 choice
 	prompt "TPM to USE"
--- a/src/mainboard/intel/kunimitsu/Kconfig
+++ b/src/mainboard/intel/kunimitsu/Kconfig
@ -34,9 +34,9 @@ config KUNIMITSU_USES_FSP2_0
 endchoice
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 config IRQ_SLOT_COUNT
 	int
--- a/src/mainboard/intel/strago/Kconfig
+++ b/src/mainboard/intel/strago/Kconfig
@ -15,9 +15,9 @@ config BOARD_SPECIFIC_OPTIONS
 	select SOC_INTEL_BRASWELL
 	select PCIEXP_L1_SUB_STATE
-config CHROMEOS
+config VBOOT
 	select EC_GOOGLE_CHROMEEC_SWITCHES
-	select LID_SWITCH
+	select VBOOT_LID_SWITCH
 	select VBOOT_VBNV_CMOS
 config DYNAMIC_VNN_SUPPORT
--- a/src/mainboard/intel/wtm2/Kconfig
+++ b/src/mainboard/intel/wtm2/Kconfig
@ -15,6 +15,8 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
 config VBOOT
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/samsung/lumpy/Kconfig
+++ b/src/mainboard/samsung/lumpy/Kconfig
@ -20,9 +20,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select DRIVERS_GENERIC_IOAPIC
 	select INTEL_INT15
-config CHROMEOS
+config VBOOT
-	select PHYSICAL_DEV_SWITCH
+	select VBOOT_PHYSICAL_DEV_SWITCH
-	select PHYSICAL_REC_SWITCH
+	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/mainboard/samsung/stumpy/Kconfig
+++ b/src/mainboard/samsung/stumpy/Kconfig
@ -17,9 +17,9 @@ config BOARD_SPECIFIC_OPTIONS # dummy
 	select SUPERIO_SMSC_LPC47N207
 	select INTEL_INT15
-config CHROMEOS
+config VBOOT
-	select PHYSICAL_DEV_SWITCH
+	select VBOOT_PHYSICAL_DEV_SWITCH
-	select PHYSICAL_REC_SWITCH
+	select VBOOT_PHYSICAL_REC_SWITCH
 	select VBOOT_VBNV_CMOS
 config MAINBOARD_DIR
--- a/src/soc/broadcom/cygnus/Kconfig
+++ b/src/soc/broadcom/cygnus/Kconfig
@ -28,10 +28,10 @@ config SOC_BROADCOM_CYGNUS
 if SOC_BROADCOM_CYGNUS
-config CHROMEOS
+config VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
-	select RETURN_FROM_VERSTAGE
+	select VBOOT_RETURN_FROM_VERSTAGE
 config CONSOLE_SERIAL_UART_ADDRESS
 	hex
--- a/src/soc/intel/apollolake/Kconfig
+++ b/src/soc/intel/apollolake/Kconfig
@ -70,7 +70,9 @@ config CPU_SPECIFIC_OPTIONS
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select SEPARATE_VERSTAGE
+
 config VBOOT
 	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
--- a/src/soc/intel/quark/romstage/fsp1_1.c
+++ b/src/soc/intel/quark/romstage/fsp1_1.c
@ -119,7 +119,7 @@ void soc_memory_init_params(struct romstage_params *params,
 		printk(BIOS_SPEW, "| coreboot stack    |\n");
 		printk(BIOS_SPEW, "+-------------------+ 0x%p",
 			_car_stack_start);
-		if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE)) {
+		if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE)) {
 			printk(BIOS_SPEW, "\n");
 			printk(BIOS_SPEW, "| vboot data        |\n");
 			printk(BIOS_SPEW, "+-------------------+ 0x%08x",
--- a/src/soc/intel/skylake/Kconfig
+++ b/src/soc/intel/skylake/Kconfig
@ -87,8 +87,10 @@ config USE_FSP1_1_DRIVER
 config CHROMEOS
 	select CHROMEOS_RAMOOPS_DYNAMIC
-	select SEPARATE_VERSTAGE
+
-	select VBOOT_EC_SLOW_UPDATE if EC_GOOGLE_CHROMEEC
+config VBOOT
 	select VBOOT_EC_SLOW_UPDATE if VBOOT_EC_SOFTWARE_SYNC
 	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
--- a/src/soc/marvell/armada38x/Kconfig
+++ b/src/soc/marvell/armada38x/Kconfig
@ -7,13 +7,15 @@ config SOC_MARVELL_ARMADA38X
 	select ARCH_RAMSTAGE_ARMV7
 	select HAVE_UART_SPECIAL
 	select BOOTBLOCK_CONSOLE
 	select RETURN_FROM_VERSTAGE
 	select BOOTBLOCK_CUSTOM
 	select GENERIC_UDELAY
 	select UART_OVERRIDE_REFCLK
 if SOC_MARVELL_ARMADA38X
 config VBOOT
 	select VBOOT_RETURN_FROM_VERSTAGE
 config BOOTBLOCK_CPU_INIT
 	string
 	default "soc/marvell/armada38x/bootblock.c"
--- a/src/soc/marvell/bg4cd/Kconfig
+++ b/src/soc/marvell/bg4cd/Kconfig
@ -28,7 +28,7 @@ config SOC_MARVELL_BG4CD
 if SOC_MARVELL_BG4CD
-config CHROMEOS
+config VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
 endif
--- a/src/soc/marvell/mvmap2315/Kconfig
+++ b/src/soc/marvell/mvmap2315/Kconfig
@ -31,8 +31,7 @@ config SOC_MARVELL_MVMAP2315
 if SOC_MARVELL_MVMAP2315
-config CHROMEOS
+config VBOOT
 	select VBOOT
 	select VBOOT_STARTS_IN_ROMSTAGE
 config CONSOLE_SERIAL_MVMAP2315_UART_ADDRESS
--- a/src/soc/mediatek/mt8173/Kconfig
+++ b/src/soc/mediatek/mt8173/Kconfig
@ -17,10 +17,10 @@ config SOC_MEDIATEK_MT8173
 if SOC_MEDIATEK_MT8173
-config CHROMEOS
+config VBOOT
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
 config MEMORY_TEST
 	bool
--- a/src/soc/nvidia/tegra124/Kconfig
+++ b/src/soc/nvidia/tegra124/Kconfig
@ -16,10 +16,10 @@ config SOC_NVIDIA_TEGRA124
 if SOC_NVIDIA_TEGRA124
-config CHROMEOS
+config VBOOT
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
 config TEGRA124_MODEL_TD570D
 	bool "TD570D"
--- a/src/soc/nvidia/tegra210/Kconfig
+++ b/src/soc/nvidia/tegra210/Kconfig
@ -17,9 +17,9 @@ config SOC_NVIDIA_TEGRA210
 if SOC_NVIDIA_TEGRA210
-config CHROMEOS
+config VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
 	select VBOOT_OPROM_MATTERS
 config MAINBOARD_DO_DSI_INIT
--- a/src/soc/qualcomm/ipq40xx/Kconfig
+++ b/src/soc/qualcomm/ipq40xx/Kconfig
@ -12,10 +12,10 @@ config SOC_QC_IPQ40XX
 if SOC_QC_IPQ40XX
-config CHROMEOS
+config VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select RETURN_FROM_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
-	select SEPARATE_VERSTAGE
+	select VBOOT_RETURN_FROM_VERSTAGE
 	select VBOOT_VBNV_FLASH
 config IPQ_QFN_PART
--- a/src/soc/qualcomm/ipq806x/Kconfig
+++ b/src/soc/qualcomm/ipq806x/Kconfig
@ -11,11 +11,11 @@ config SOC_QC_IPQ806X
 if SOC_QC_IPQ806X
-config CHROMEOS
+config VBOOT
 	select VBOOT_STARTS_IN_BOOTBLOCK
 	select VBOOT_VBNV_FLASH
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
-	select RETURN_FROM_VERSTAGE
+	select VBOOT_RETURN_FROM_VERSTAGE
 config MBN_ENCAPSULATION
 	depends on USE_BLOBS
--- a/src/soc/rockchip/rk3288/Kconfig
+++ b/src/soc/rockchip/rk3288/Kconfig
@ -31,11 +31,11 @@ config SOC_ROCKCHIP_RK3288
 if SOC_ROCKCHIP_RK3288
-config CHROMEOS
+config VBOOT
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_STARTS_IN_BOOTBLOCK
-	select SEPARATE_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
-	select RETURN_FROM_VERSTAGE
+	select VBOOT_RETURN_FROM_VERSTAGE
 config PMIC_BUS
 	int
--- a/src/soc/rockchip/rk3399/Kconfig
+++ b/src/soc/rockchip/rk3399/Kconfig
@ -14,9 +14,9 @@ config SOC_ROCKCHIP_RK3399
 if SOC_ROCKCHIP_RK3399
-config CHROMEOS
+config VBOOT
-	select RETURN_FROM_VERSTAGE
+	select VBOOT_SEPARATE_VERSTAGE
-	select SEPARATE_VERSTAGE
+	select VBOOT_RETURN_FROM_VERSTAGE
 	select VBOOT_OPROM_MATTERS
 	select VBOOT_STARTS_IN_BOOTBLOCK
--- a/src/vboot/Kconfig
+++ b/src/vboot/Kconfig
@ -12,127 +12,7 @@
 ## GNU General Public License for more details.
 ##
-config VBOOT_VBNV_OFFSET
+menu "Verified Boot (vboot)"
 	hex
 	default 0x26
 	depends on PC80_SYSTEM
 	help
 	  CMOS offset for VbNv data. This value must match cmos.layout
 	  in the mainboard directory, minus 14 bytes for the RTC.
 config VBOOT_VBNV_CMOS
 	bool "Vboot non-volatile storage in CMOS."
 	default n
 	help
 	  VBNV is stored in CMOS
 config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
 	bool "Back up Vboot non-volatile storage from CMOS to flash."
 	default n
 	depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES
 	help
 	  Vboot non-volatile storage data will be backed up from CMOS to flash
 	  and restored from flash if the CMOS is invalid due to power loss.
 config VBOOT_VBNV_EC
 	bool "Vboot non-volatile storage in EC."
 	default n
 	help
 	  VBNV is stored in EC
 config VBOOT_VBNV_FLASH
 	def_bool n
 	depends on BOOT_DEVICE_SUPPORTS_WRITES
 	help
 	  VBNV is stored in flash storage
 config VBOOT_STARTS_IN_BOOTBLOCK
 	bool "Vboot starts verifying in bootblock"
 	default n
 	depends on VBOOT
 	help
 	  Firmware verification happens during or at the end of bootblock.
 config VBOOT_STARTS_IN_ROMSTAGE
 	bool "Vboot starts verifying in romstage"
 	default n
 	depends on VBOOT && !VBOOT_STARTS_IN_BOOTBLOCK
 	help
 	  Firmware verification happens during or at the end of romstage.
 config VBOOT_MOCK_SECDATA
 	bool "Mock secdata for firmware verification"
 	default n
 	depends on VBOOT
 	help
 	  Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
 	  verification to avoid access to a secdata storage (typically TPM).
 	  All operations for a secdata storage will be successful. This option
 	  can be used during development when a TPM is not present or broken.
 	  THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.
 config VBOOT_DISABLE_DEV_ON_RECOVERY
 	bool "Disable dev mode on recovery requests"
 	default n
 	depends on VBOOT
 	help
 	  When this option is enabled, the Chrome OS device leaves the
 	  developer mode as soon as recovery request is detected. This is
 	  handy on embedded devices with limited input capabilities.
 config SEPARATE_VERSTAGE
 	bool "Vboot verification is built into a separate stage"
 	default n
 	depends on VBOOT && VBOOT_STARTS_IN_BOOTBLOCK
 	help
 	  If this option is set, vboot verification runs in a standalone stage
 	  that is loaded from the bootblock and exits into romstage. If it is
 	  not set, the verification code is linked directly into the bootblock
 	  or the romstage and runs as part of that stage (cf. related options
 	  VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and RETURN_FROM_VERSTAGE).
 config RETURN_FROM_VERSTAGE
 	bool "The separate verification stage returns to its caller"
 	default n
 	depends on SEPARATE_VERSTAGE
 	help
 	  If this is set, the verstage returns back to the calling stage instead
 	  of exiting to the succeeding stage so that the verstage space can be
 	  reused by the succeeding stage. This is useful if a RAM space is too
 	  small to fit both the verstage and the succeeding stage.
 config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	bool
 	default n
 	depends on VBOOT
 	help
 	  This option ensures that the recovery request is not lost because of
 	  reboots caused after vboot verification is run. e.g. reboots caused by
 	  FSP components on Intel platforms.
 config VBOOT_OPROM_MATTERS
 	bool "Video option ROM matters (= can skip display init)"
 	default n
 	depends on VBOOT
 	help
 	  Set this option to indicate to vboot that this platform will skip its
 	  display initialization on a normal (non-recovery, non-developer) boot.
 	  Vboot calls this "oprom matters" because on x86 devices this
 	  traditionally meant that the video option ROM will not be loaded, but
 	  it works functionally the same for other platforms that can skip their
 	  native display initialization code instead.
 config VBOOT_HAS_REC_HASH_SPACE
 	bool
 	default n
 	depends on VBOOT
 	help
 	  Set this option to indicate to vboot that recovery data hash space
 	  is present in TPM.
 config VBOOT_SOFT_REBOOT_WORKAROUND
 	bool
 	default n
 config VBOOT
 	bool "Verify firmware with vboot."
@ -145,3 +25,293 @@ config VBOOT
 	help
 	  Enabling VBOOT will use vboot to verify the components of the firmware
 	  (stages, payload, etc).
 if VBOOT
 config VBOOT_VBNV_CMOS
 	bool
 	default n
 	depends on PC80_SYSTEM
 	help
 	  VBNV is stored in CMOS
 config VBOOT_VBNV_OFFSET
 	hex
 	default 0x26
 	depends on VBOOT_VBNV_CMOS
 	help
 	  CMOS offset for VbNv data. This value must match cmos.layout
 	  in the mainboard directory, minus 14 bytes for the RTC.
 config VBOOT_VBNV_CMOS_BACKUP_TO_FLASH
 	bool
 	default n
 	depends on VBOOT_VBNV_CMOS && BOOT_DEVICE_SUPPORTS_WRITES
 	help
 	  Vboot non-volatile storage data will be backed up from CMOS to flash
 	  and restored from flash if the CMOS is invalid due to power loss.
 config VBOOT_VBNV_EC
 	bool
 	default n
 	help
 	  VBNV is stored in EC
 config VBOOT_VBNV_FLASH
 	bool
 	default n
 	depends on BOOT_DEVICE_SUPPORTS_WRITES
 	help
 	  VBNV is stored in flash storage
 config VBOOT_STARTS_IN_BOOTBLOCK
 	bool
 	default n
 	help
 	  Firmware verification happens during the end of or right after the
 	  bootblock. This implies that a static VBOOT2_WORK() buffer must be
 	  allocated in memlayout.
 config VBOOT_STARTS_IN_ROMSTAGE
 	bool
 	default n
 	depends on !VBOOT_STARTS_IN_BOOTBLOCK
 	help
 	  Firmware verification happens during the end of romstage (after
 	  memory initialization). This implies that vboot working data is
 	  allocated in CBMEM.
 config VBOOT_MOCK_SECDATA
 	bool "Mock secdata for firmware verification"
 	default n
 	help
 	  Enabling VBOOT_MOCK_SECDATA will mock secdata for the firmware
 	  verification to avoid access to a secdata storage (typically TPM).
 	  All operations for a secdata storage will be successful. This option
 	  can be used during development when a TPM is not present or broken.
 	  THIS SHOULD NOT BE LEFT ON FOR PRODUCTION DEVICES.
 config VBOOT_DISABLE_DEV_ON_RECOVERY
 	bool
 	default n
 	help
 	  When this option is enabled, the Chrome OS device leaves the
 	  developer mode as soon as recovery request is detected. This is
 	  handy on embedded devices with limited input capabilities.
 config VBOOT_SEPARATE_VERSTAGE
 	bool
 	default n
 	depends on VBOOT_STARTS_IN_BOOTBLOCK
 	help
 	  If this option is set, vboot verification runs in a standalone stage
 	  that is loaded from the bootblock and exits into romstage. If it is
 	  not set, the verification code is linked directly into the bootblock
 	  or the romstage and runs as part of that stage (cf. related options
 	  VBOOT_STARTS_IN_BOOTBLOCK/_ROMSTAGE and VBOOT_RETURN_FROM_VERSTAGE).
 config VBOOT_RETURN_FROM_VERSTAGE
 	bool
 	default n
 	depends on VBOOT_SEPARATE_VERSTAGE
 	help
 	  If this is set, the verstage returns back to the calling stage instead
 	  of exiting to the succeeding stage so that the verstage space can be
 	  reused by the succeeding stage. This is useful if a RAM space is too
 	  small to fit both the verstage and the succeeding stage.
 config VBOOT_SAVE_RECOVERY_REASON_ON_REBOOT
 	bool
 	default n
 	help
 	  This option ensures that the recovery request is not lost because of
 	  reboots caused after vboot verification is run. e.g. reboots caused by
 	  FSP components on Intel platforms.
 config VBOOT_OPROM_MATTERS
 	bool
 	default n
 	help
 	  Set this option to indicate to vboot that this platform will skip its
 	  display initialization on a normal (non-recovery, non-developer) boot.
 	  Vboot calls this "oprom matters" because on x86 devices this
 	  traditionally meant that the video option ROM will not be loaded, but
 	  it works functionally the same for other platforms that can skip their
 	  native display initialization code instead.
 config VBOOT_HAS_REC_HASH_SPACE
 	bool
 	default n
 	help
 	  Set this option to indicate to vboot that recovery data hash space
 	  is present in TPM.
 config VBOOT_SOFT_REBOOT_WORKAROUND
 	bool
 	default n
 config VBOOT_EC_SOFTWARE_SYNC
 	bool "Enable EC software sync"
 	default y if EC_GOOGLE_CHROMEEC
 	default n
 	help
 	  EC software sync is a mechanism where the AP helps the EC verify its
 	  firmware similar to how vboot verifies the main system firmware. This
 	  option selects whether vboot should support EC software sync.
 config VBOOT_EC_SLOW_UPDATE
 	bool
 	default n
 	depends on VBOOT_EC_SOFTWARE_SYNC
 	help
 	  Whether the EC (or PD) is slow to update and needs to display a
 	  screen that informs the user the update is happening.
 config VBOOT_PHYSICAL_DEV_SWITCH
 	bool
 	default n
 	help
 	  Whether this platform has a physical developer switch. Note that this
 	  disables virtual dev switch functionality (through secdata). Operation
 	  where both a physical pin and the virtual switch get sampled is not
 	  supported by coreboot.
 config VBOOT_PHYSICAL_REC_SWITCH
 	bool
 	default n
 	help
 	  Whether this platform has a physical recovery switch.
 config VBOOT_LID_SWITCH
 	bool
 	default n
 	help
 	  Whether this platform has a lid switch. If it does, vboot will not
 	  decrement try counters for boot failures if the lid is closed.
 config VBOOT_WIPEOUT_SUPPORTED
 	bool
 	default n
 	help
 	  When this option is enabled, the firmware provides the ability to
 	  signal the application the need for factory reset (a.k.a. wipe
 	  out) of the device
 config VBOOT_FWID_MODEL
 	string "Firmware ID model"
 	default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)"
 	help
 	  This is the first part of the FWID written to various regions of a
 	  vboot firmware image to identify its version.
 config VBOOT_FWID_VERSION
 	string "Firmware ID version"
 	default "$(KERNELVERSION)"
 	help
 	  This is the second part of the FWID written to various regions of a
 	  vboot firmware image to identify its version.
 menu "GBB configuration"
 config GBB_HWID
 	string "Hardware ID"
 	default "NOCONF HWID"
 config GBB_BMPFV_FILE
 	string "Path to bmpfv image"
 	default ""
 config GBB_FLAG_DEV_SCREEN_SHORT_DELAY
 	bool "Reduce dev screen delay"
 	default n
 config GBB_FLAG_LOAD_OPTION_ROMS
 	bool "Load option ROMs"
 	default n
 config GBB_FLAG_ENABLE_ALTERNATE_OS
 	bool "Allow booting a non-Chrome OS kernel if dev switch is on"
 	default n
 config GBB_FLAG_FORCE_DEV_SWITCH_ON
 	bool "Force dev switch on"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_USB
 	bool "Allow booting from USB in dev mode even if dev_boot_usb=0"
 	default y
 config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
 	bool "Disable firmware rollback protection"
 	default y
 config GBB_FLAG_ENTER_TRIGGERS_TONORM
 	bool "Return to normal boot with Enter"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_LEGACY
 	bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0"
 	default n
 config GBB_FLAG_FAFT_KEY_OVERIDE
 	bool "Allow booting using alternative keys for FAFT servo testing"
 	default n
 config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
 	bool "Disable EC software sync"
 	default n
 config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY
 	bool "Default to booting to legacy in dev mode"
 	default n
 config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC
 	bool "Disable PD software sync"
 	default n
 config GBB_FLAG_DISABLE_LID_SHUTDOWN
 	bool "Disable shutdown on closed lid"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP
 	bool "Allow fastboot even if dev_boot_fastboot_full_cap=0"
 	default n
 config GBB_FLAG_ENABLE_SERIAL
 	bool "Tell vboot to enable serial console"
 	default n
 endmenu # GBB
 menu "Vboot Keys"
 config VBOOT_ROOT_KEY
 	string "Root key (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk"
 config VBOOT_RECOVERY_KEY
 	string "Recovery key (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk"
 config VBOOT_FIRMWARE_PRIVKEY
 	string "Firmware key (private)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk"
 config VBOOT_KERNEL_KEY
 	string "Kernel subkey (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk"
 config VBOOT_KEYBLOCK
 	string "Keyblock to use for the RW regions"
 	default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock"
 config VBOOT_KEYBLOCK_VERSION
 	int "Keyblock version number"
 	default 1
 config VBOOT_KEYBLOCK_PREAMBLE_FLAGS
 	hex "Keyblock preamble flags"
 	default 0x0
 endmenu # Keys
 endif # VBOOT
 endmenu # Verified Boot (vboot)
--- a/src/vboot/Makefile.inc
+++ b/src/vboot/Makefile.inc
@ -67,17 +67,17 @@ verstage-y += common.c
 verstage-y += verstage.c
 ifeq (${CONFIG_VBOOT_MOCK_SECDATA},y)
 libverstage-y += secdata_mock.c
-romstage-$(CONFIG_SEPARATE_VERSTAGE) += secdata_mock.c
+romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_mock.c
 else
 libverstage-y += secdata_tpm.c
-romstage-$(CONFIG_SEPARATE_VERSTAGE) += secdata_tpm.c
+romstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += secdata_tpm.c
 endif
 romstage-y += vboot_handoff.c common.c
 ramstage-y += common.c
 postcar-y += common.c
-ifeq ($(CONFIG_SEPARATE_VERSTAGE),y)
+ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)
 VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-verstage-y))
 else
 ifeq ($(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK),y)
@ -85,7 +85,7 @@ VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-bootblock-y))
 else
 VB_FIRMWARE_ARCH := $(ARCHDIR-$(ARCH-romstage-y))
 endif
-endif # CONFIG_SEPARATE_VERSTAGE
+endif # CONFIG_VBOOT_SEPARATE_VERSTAGE
 VB2_LIB = $(obj)/external/vboot_reference/vboot_fw20.a
 VBOOT_CFLAGS += $(patsubst -I%,-I$(top)/%, $(filter-out -I$(obj), $(filter-out -include $(src)/include/kconfig.h, $(CPPFLAGS_libverstage))))
@ -106,7 +106,7 @@ $(VB2_LIB): $(obj)/config.h
 libverstage-srcs += $(VB2_LIB)
-ifeq ($(CONFIG_SEPARATE_VERSTAGE),y)
+ifeq ($(CONFIG_VBOOT_SEPARATE_VERSTAGE),y)
 # This works under the assumption that romstage and verstage use the same
 # architecture and thus CC_verstage is the same as CC_romstage. If this is not
@ -115,7 +115,7 @@ ifeq ($(CONFIG_VBOOT_HAS_REC_HASH_SPACE),y)
 romstage-srcs += $(VB2_LIB)
 endif
-cbfs-files-$(CONFIG_SEPARATE_VERSTAGE) += $(CONFIG_CBFS_PREFIX)/verstage
+cbfs-files-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += $(CONFIG_CBFS_PREFIX)/verstage
 $(CONFIG_CBFS_PREFIX)/verstage-file := $(objcbfs)/verstage.elf
 $(CONFIG_CBFS_PREFIX)/verstage-type := stage
 $(CONFIG_CBFS_PREFIX)/verstage-compression := $(CBFS_PRERAM_COMPRESS_FLAG)
@ -137,7 +137,7 @@ bootblock-srcs += $(objgenerated)/libverstage.a
 else
 romstage-srcs += $(objgenerated)/libverstage.a
 endif
-endif # CONFIG_SEPARATE_VERSTAGE
+endif # CONFIG_VBOOT_SEPARATE_VERSTAGE
 # Define a list of files that need to be in RO only.
 # All other files will be installed into RO and RW regions
@ -155,4 +155,115 @@ regions-for-file = $(subst $(spc),$(comma),$(sort \
 		rmu.bin \
 		,$(1)),COREBOOT,COREBOOT FW_MAIN_A FW_MAIN_B)))
 CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID))
 CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE))
 CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK))
 CONFIG_VBOOT_FIRMWARE_PRIVKEY := $(call strip_quotes,$(CONFIG_VBOOT_FIRMWARE_PRIVKEY))
 CONFIG_VBOOT_KERNEL_KEY := $(call strip_quotes,$(CONFIG_VBOOT_KERNEL_KEY))
 CONFIG_VBOOT_FWID_MODEL := $(call strip_quotes,$(CONFIG_VBOOT_FWID_MODEL))
 CONFIG_VBOOT_FWID_VERSION := $(call strip_quotes,$(CONFIG_VBOOT_FWID_VERSION))
 # bool-to-mask(var, value)
 # return "value" if var is "y", 0 otherwise
 bool-to-mask = $(if $(filter y,$(1)),$(2),0)
 GBB_FLAGS := $(call int-add, \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY),0x1) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_LOAD_OPTION_ROMS),0x2) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS),0x4) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON),0x8) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB),0x10) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK),0x20) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM),0x40) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_LEGACY),0x80) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FAFT_KEY_OVERIDE),0x100) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC),0x200) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY),0x400) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC),0x800) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN),0x1000) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP),0x2000) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_SERIAL),0x4000) \
 	)
 ifneq ($(CONFIG_GBB_BMPFV_FILE),)
 $(obj)/gbb.sizetmp: $(obj)/coreboot.rom
 	$(CBFSTOOL) $< read -r GBB -f $@
 $(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) $(obj)/gbb.sizetmp
 	@printf "    CREATE GBB (with BMPFV)\n"
 	$(FUTILITY) gbb_utility -c 0x100,0x1000,$(call int-subtract,$(call file-size,$(obj)/gbb.sizetmp) 0x2180),0x1000 $@.tmp
 	mv $@.tmp $@
 else
 $(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY)
 	@printf "    CREATE GBB (without BMPFV)\n"
 	$(FUTILITY) gbb_utility -c 0x100,0x1000,0,0x1000 $@.tmp
 	mv $@.tmp $@
 endif
 $(obj)/gbb.region: $(obj)/gbb.stub
 	@printf "    SETUP GBB\n"
 	cp $< $@.tmp
 	$(FUTILITY) gbb_utility -s \
 		--hwid="$(CONFIG_GBB_HWID)" \
 		--rootkey="$(CONFIG_VBOOT_ROOT_KEY)" \
 		--recoverykey="$(CONFIG_VBOOT_RECOVERY_KEY)" \
 		--flags=$(GBB_FLAGS) \
 		$@.tmp
 ifneq ($(CONFIG_GBB_BMPFV_FILE),)
 	$(FUTILITY) gbb_utility -s \
 		--bmpfv="$(CONFIG_GBB_BMPFV_FILE)" \
 		$@.tmp
 endif
 	mv $@.tmp $@
 $(obj)/fwid.region:
 	printf "$(CONFIG_VBOOT_FWID_MODEL)$(CONFIG_VBOOT_FWID_VERSION)\0" > $@
 build_complete:: $(obj)/gbb.region $(obj)/fwid.region
 	@printf "    WRITE GBB\n"
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region
 ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),)
 build_complete::
 	printf "\0" > $(obj)/shared_data.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region
 endif
 # Extract FW_MAIN_? region and minimize it if the last file is empty, so it
 # doesn't contain this empty file (that can have a significant size),
 # improving a lot on hash times due to a smaller amount of data loaded from
 # firmware storage.
 # When passing the minimized image to vbutil_firmware, its length is recorded
 # in the keyblock, and coreboot's vboot code clips the region_device to match,
 # which prevents any potential extension attacks.
 $(obj)/FW_MAIN_%.bin: $(obj)/coreboot.rom
 	$(CBFSTOOL) $< read -r $(basename $(notdir $@)) -f $@.tmp
 	$(CBFSTOOL) $(obj)/coreboot.rom print -k -r $(basename $(notdir $@)) | \
 		tail -1 | \
 		sed "s,^(empty)[[:space:]]\(0x[0-9a-f]*\)\tnull\t.*$$,\1," \
 		> $@.tmp.size
 	if [ -n "$$(cat $@.tmp.size)" ] && [ $$( printf "%d" $$(cat $@.tmp.size)) -gt 0 ]; then \
 		head -c $$( printf "%d" $$(cat $@.tmp.size)) $@.tmp > $@.tmp2 && \
 		mv $@.tmp2 $@; \
 	else \
 		mv $@.tmp $@; \
 	fi
 $(obj)/VBLOCK_%.bin: $(obj)/FW_MAIN_%.bin $(FUTILITY)
 	$(FUTILITY) vbutil_firmware \
 		--vblock $@ \
 		--keyblock "$(CONFIG_VBOOT_KEYBLOCK)" \
 		--signprivate "$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)" \
 		--version $(CONFIG_VBOOT_KEYBLOCK_VERSION) \
 		--fv $< \
 		--kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \
 		--flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS)
 files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin
 endif # CONFIG_VBOOT
--- a/src/vboot/bootmode.c
+++ b/src/vboot/bootmode.c
@ -75,7 +75,7 @@ BOOT_STATE_INIT_ENTRY(BS_DEV_INIT, BS_ON_EXIT,
 static int vboot_possibly_executed(void)
 {
 	if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK)) {
-		if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_SEPARATE_VERSTAGE))
+		if (ENV_BOOTBLOCK && IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE))
 			return 0;
 		return 1;
 	}
@ -141,6 +141,23 @@ int vboot_recovery_mode_enabled(void)
 	return !!vboot_check_recovery_request();
 }
 int __attribute__((weak)) clear_recovery_mode_switch(void)
 {
 	// Weak implementation. Nothing to do.
 	return 0;
 }
 int __attribute__((weak)) get_sw_write_protect_state(void)
 {
 	// Can be implemented by a platform / mainboard
 	return 0;
 }
 void __attribute__((weak)) log_recovery_mode_switch(void)
 {
 	// Weak implementation. Nothing to do.
 }
 int __attribute__((weak)) get_recovery_mode_retrain_switch(void)
 {
 	return 0;
--- a/src/vboot/vboot_handoff.c
+++ b/src/vboot/vboot_handoff.c
@ -83,11 +83,11 @@ static void fill_vboot_handoff(struct vboot_handoff *vboot_handoff,
 		vb_sd->flags |= VBSD_LF_DEV_SWITCH_ON;
 	}
 	/* TODO: Set these in depthcharge */
-	if (!IS_ENABLED(CONFIG_PHYSICAL_DEV_SWITCH))
+	if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH))
 		vb_sd->flags |= VBSD_HONOR_VIRT_DEV_SWITCH;
-	if (IS_ENABLED(CONFIG_EC_SOFTWARE_SYNC))
+	if (IS_ENABLED(CONFIG_VBOOT_EC_SOFTWARE_SYNC))
 		vb_sd->flags |= VBSD_EC_SOFTWARE_SYNC;
-	if (!IS_ENABLED(CONFIG_PHYSICAL_REC_SWITCH))
+	if (!IS_ENABLED(CONFIG_VBOOT_PHYSICAL_REC_SWITCH))
 		vb_sd->flags |= VBSD_BOOT_REC_SWITCH_VIRTUAL;
 	if (IS_ENABLED(CONFIG_VBOOT_EC_SLOW_UPDATE))
 		vb_sd->flags |= VBSD_EC_SLOW_UPDATE;
--- a/src/vboot/vboot_loader.c
+++ b/src/vboot/vboot_loader.c
@ -29,11 +29,11 @@
 _Static_assert(IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK) +
 	       IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE) == 1,
 	       "vboot must either start in bootblock or romstage (not both!)");
-_Static_assert(!IS_ENABLED(CONFIG_SEPARATE_VERSTAGE) ||
+_Static_assert(!IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE) ||
 	       IS_ENABLED(CONFIG_VBOOT_STARTS_IN_BOOTBLOCK),
 	       "stand-alone verstage must start in (i.e. after) bootblock");
-_Static_assert(!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) ||
+_Static_assert(!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE) ||
-	       IS_ENABLED(CONFIG_SEPARATE_VERSTAGE),
+	       IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE),
 	       "return from verstage only makes sense for separate verstages");
 /* The stage loading code is compiled and entered from multiple stages. The
@ -42,7 +42,7 @@ _Static_assert(!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE) ||
 static int verification_should_run(void)
 {
-	if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE))
+	if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE))
 		return ENV_VERSTAGE;
 	else if (IS_ENABLED(CONFIG_VBOOT_STARTS_IN_ROMSTAGE))
 		return ENV_ROMSTAGE;
@ -54,7 +54,7 @@ static int verification_should_run(void)
 static int verstage_should_load(void)
 {
-	if (IS_ENABLED(CONFIG_SEPARATE_VERSTAGE))
+	if (IS_ENABLED(CONFIG_VBOOT_SEPARATE_VERSTAGE))
 		return ENV_BOOTBLOCK;
 	else
 		return 0;
@ -87,7 +87,7 @@ int vb2_logic_executed(void)
 static void vboot_prepare(void)
 {
 	if (verification_should_run()) {
-		/* Note: this path is not used for RETURN_FROM_VERSTAGE */
+		/* Note: this path is not used for VBOOT_RETURN_FROM_VERSTAGE */
 		verstage_main();
 		car_set_var(vboot_executed, 1);
 		vb2_save_recovery_reason_vbnv();
@ -130,7 +130,7 @@ static void vboot_prepare(void)
 		/* This is not actually possible to hit this condition at
 		 * runtime, but this provides a hint to the compiler for dead
 		 * code elimination below. */
-		if (!IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE))
+		if (!IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE))
 			return;
 		car_set_var(vboot_executed, 1);
--- a/src/vboot/vboot_logic.c
+++ b/src/vboot/vboot_logic.c
@ -329,7 +329,7 @@ void verstage_main(void)
 	antirollback_read_space_firmware(&ctx);
 	timestamp_add_now(TS_END_TPMINIT);
-	if (IS_ENABLED(CONFIG_PHYSICAL_DEV_SWITCH) &&
+	if (IS_ENABLED(CONFIG_VBOOT_PHYSICAL_DEV_SWITCH) &&
 	    get_developer_mode_switch())
 		ctx.flags |= VB2_CONTEXT_FORCE_DEVELOPER_MODE;
@ -339,10 +339,11 @@ void verstage_main(void)
 			ctx.flags |= VB2_DISABLE_DEVELOPER_MODE;
 	}
-	if (IS_ENABLED(CONFIG_WIPEOUT_SUPPORTED) && get_wipeout_mode_switch())
+	if (IS_ENABLED(CONFIG_VBOOT_WIPEOUT_SUPPORTED) &&
 	    get_wipeout_mode_switch())
 		ctx.flags |= VB2_CONTEXT_FORCE_WIPEOUT_MODE;
-	if (IS_ENABLED(CONFIG_LID_SWITCH) && !get_lid_switch())
+	if (IS_ENABLED(CONFIG_VBOOT_LID_SWITCH) && !get_lid_switch())
 		ctx.flags |= VB2_CONTEXT_NOFAIL_BOOT;
 	/* Do early init (set up secdata and NVRAM, load GBB) */
--- a/src/vboot/verstage.c
+++ b/src/vboot/verstage.c
@ -30,7 +30,7 @@ void main(void)
 	exception_init();
 	verstage_mainboard_init();
-	if (IS_ENABLED(CONFIG_RETURN_FROM_VERSTAGE)) {
+	if (IS_ENABLED(CONFIG_VBOOT_RETURN_FROM_VERSTAGE)) {
 		verstage_main();
 	} else {
 		run_romstage();
--- a/src/vendorcode/google/chromeos/Kconfig
+++ b/src/vendorcode/google/chromeos/Kconfig
@ -59,24 +59,6 @@ config CHROMEOS_RAMOOPS_RAM_SIZE
 	default 0x00100000
 	depends on CHROMEOS_RAMOOPS
 config EC_SOFTWARE_SYNC
 	bool "Enable EC software sync"
 	default y if EC_GOOGLE_CHROMEEC
 	default n
 	depends on VBOOT
 	help
 	  EC software sync is a mechanism where the AP helps the EC verify its
 	  firmware similar to how vboot verifies the main system firmware. This
 	  option selects whether depthcharge should support EC software sync.
 config VBOOT_EC_SLOW_UPDATE
 	bool "EC is slow to update"
 	default n
 	depends on EC_SOFTWARE_SYNC
 	help
 	  Whether the EC (or PD) is slow to update and needs to display a
 	  screen that informs the user the update is happening.
 config NO_TPM_RESUME
 	bool
 	default n
@ -85,55 +67,12 @@ config NO_TPM_RESUME
 	  boards, booting Windows will break if the TPM resume command
 	  is sent during an S3 resume.
 config PHYSICAL_DEV_SWITCH
 	bool
 	default n
 	help
 	  Whether this platform has a physical developer switch. Note that this
 	  disables virtual dev switch functionality (through secdata). Operation
 	  where both a physical pin and the virtual switch get sampled is not
 	  supported by coreboot.
 config PHYSICAL_REC_SWITCH
 	bool
 	default n
 	help
 	  Whether this platform has a physical recovery switch
 config LID_SWITCH
 	bool "Lid switch is present"
 	default n
 	help
 	  Whether this platform has a lid switch
 config WIPEOUT_SUPPORTED
 	bool "User is able to request factory reset"
 	default n
 	help
 	  When this option is enabled, the firmware provides the ability to
 	  signal the application the need for factory reset (a.k.a. wipe
 	  out) of the device
 config HAVE_REGULATORY_DOMAIN
 	bool "Add regulatory domain methods"
 	default n
 	help
 	 This option is needed to add ACPI regulatory domain methods
 config CHROMEOS_FWID_MODEL
 	string "Chrome OS Firmware ID model"
 	default "$(CONFIG_MAINBOARD_VENDOR)_$(CONFIG_MAINBOARD_PART_NUMBER)"
 	help
 	  This is the first part of the FWID written to various regions of a
 	  Chrome OS firmware image to identify its version.
 config CHROMEOS_FWID_VERSION
 	string "Chrome OS Firmware ID version"
 	default "$(KERNELVERSION)"
 	help
 	  This is the second part of the FWID written to various regions of a
 	  Chrome OS firmware image to identify its version.
 config CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME
 	bool
 	default y
@ -148,108 +87,5 @@ config CHROMEOS_DISABLE_PLATFORM_HIERARCHY_ON_RESUME
 	  on normal boot as well as resume and coreboot is only involved
 	  in the resume piece w.r.t. the platform hierarchy.
 menu "GBB configuration"
 config GBB_HWID
 	string "Hardware ID"
 	default "NOCONF HWID"
 config GBB_BMPFV_FILE
 	string "Path to bmpfv image"
 	default ""
 config GBB_FLAG_DEV_SCREEN_SHORT_DELAY
 	bool "Reduce dev screen delay"
 	default n
 config GBB_FLAG_LOAD_OPTION_ROMS
 	bool "Load option ROMs"
 	default n
 config GBB_FLAG_ENABLE_ALTERNATE_OS
 	bool "Allow booting a non-Chrome OS kernel if dev switch is on"
 	default n
 config GBB_FLAG_FORCE_DEV_SWITCH_ON
 	bool "Force dev switch on"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_USB
 	bool "Allow booting from USB in dev mode even if dev_boot_usb=0"
 	default y
 config GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK
 	bool "Disable firmware rollback protection"
 	default y
 config GBB_FLAG_ENTER_TRIGGERS_TONORM
 	bool "Return to normal boot with Enter"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_LEGACY
 	bool "Allow booting to legacy in dev mode even if dev_boot_legacy=0"
 	default n
 config GBB_FLAG_FAFT_KEY_OVERIDE
 	bool "Allow booting using alternative keys for FAFT servo testing"
 	default n
 config GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC
 	bool "Disable EC software sync"
 	default n
 config GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY
 	bool "Default to booting to legacy in dev mode"
 	default n
 config GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC
 	bool "Disable PD software sync"
 	default n
 config GBB_FLAG_DISABLE_LID_SHUTDOWN
 	bool "Disable shutdown on closed lid"
 	default n
 config GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP
 	bool "Allow fastboot even if dev_boot_fastboot_full_cap=0"
 	default n
 config GBB_FLAG_ENABLE_SERIAL
 	bool "Tell vboot to enable serial console"
 	default n
 endmenu # GBB
 menu "Vboot Keys"
 config VBOOT_ROOT_KEY
 	string "Root key (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/root_key.vbpubk"
 config VBOOT_RECOVERY_KEY
 	string "Recovery key (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/recovery_key.vbpubk"
 config VBOOT_FIRMWARE_PRIVKEY
 	string "Firmware key (private)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/firmware_data_key.vbprivk"
 config VBOOT_KERNEL_KEY
 	string "Kernel subkey (public)"
 	default "$(VBOOT_SOURCE)/tests/devkeys/kernel_subkey.vbpubk"
 config VBOOT_KEYBLOCK
 	string "Keyblock to use for the RW regions"
 	default "$(VBOOT_SOURCE)/tests/devkeys/firmware.keyblock"
 config VBOOT_KEYBLOCK_VERSION
 	int "Keyblock version number"
 	default 1
 config VBOOT_KEYBLOCK_PREAMBLE_FLAGS
 	hex "Keyblock preamble flags"
 	default 0x0
 endmenu # Keys
 endif # CHROMEOS
 endmenu
--- a/src/vendorcode/google/chromeos/Makefile.inc
+++ b/src/vendorcode/google/chromeos/Makefile.inc
@ -13,11 +13,6 @@
 ## GNU General Public License for more details.
 ##
 bootblock-y += chromeos.c
 verstage-y += chromeos.c
 romstage-y += chromeos.c
 ramstage-y += chromeos.c
 ramstage-$(CONFIG_ELOG) += elog.c
 ramstage-$(CONFIG_HAVE_ACPI_TABLES) += gnvs.c
 ramstage-$(CONFIG_HAVE_ACPI_TABLES) += acpi.c
@ -31,114 +26,3 @@ ifeq ($(CONFIG_ARCH_MIPS),)
 bootblock-y += watchdog.c
 ramstage-y += watchdog.c
 endif
 CONFIG_GBB_HWID := $(call strip_quotes,$(CONFIG_GBB_HWID))
 CONFIG_GBB_BMPFV_FILE := $(call strip_quotes,$(CONFIG_GBB_BMPFV_FILE))
 CONFIG_VBOOT_KEYBLOCK := $(call strip_quotes,$(CONFIG_VBOOT_KEYBLOCK))
 CONFIG_VBOOT_FIRMWARE_PRIVKEY := $(call strip_quotes,$(CONFIG_VBOOT_FIRMWARE_PRIVKEY))
 CONFIG_VBOOT_KERNEL_KEY := $(call strip_quotes,$(CONFIG_VBOOT_KERNEL_KEY))
 CONFIG_CHROMEOS_FWID_MODEL := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_MODEL))
 CONFIG_CHROMEOS_FWID_VERSION := $(call strip_quotes,$(CONFIG_CHROMEOS_FWID_VERSION))
 # bool-to-mask(var, value)
 # return "value" if var is "y", 0 otherwise
 bool-to-mask = $(if $(filter y,$(1)),$(2),0)
 GBB_FLAGS := $(call int-add, \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DEV_SCREEN_SHORT_DELAY),0x1) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_LOAD_OPTION_ROMS),0x2) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_ALTERNATE_OS),0x4) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_SWITCH_ON),0x8) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_USB),0x10) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK),0x20) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENTER_TRIGGERS_TONORM),0x40) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_LEGACY),0x80) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FAFT_KEY_OVERIDE),0x100) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC),0x200) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY),0x400) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC),0x800) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_DISABLE_LID_SHUTDOWN),0x1000) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP),0x2000) \
 	$(call bool-to-mask,$(CONFIG_GBB_FLAG_ENABLE_SERIAL),0x4000) \
 	)
 ifneq ($(CONFIG_GBB_BMPFV_FILE),)
 $(obj)/gbb.sizetmp: $(obj)/coreboot.rom
 	$(CBFSTOOL) $< read -r GBB -f $@
 $(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY) $(obj)/gbb.sizetmp
 	@printf "    CREATE GBB (with BMPFV)\n"
 	$(FUTILITY) gbb_utility -c 0x100,0x1000,$(call int-subtract,$(call file-size,$(obj)/gbb.sizetmp) 0x2180),0x1000 $@.tmp
 	mv $@.tmp $@
 else
 $(obj)/gbb.stub: $(obj)/coreboot.rom $(FUTILITY)
 	@printf "    CREATE GBB (without BMPFV)\n"
 	$(FUTILITY) gbb_utility -c 0x100,0x1000,0,0x1000 $@.tmp
 	mv $@.tmp $@
 endif
 $(obj)/gbb.region: $(obj)/gbb.stub
 	@printf "    SETUP GBB\n"
 	cp $< $@.tmp
 	$(FUTILITY) gbb_utility -s \
 		--hwid="$(CONFIG_GBB_HWID)" \
 		--rootkey="$(CONFIG_VBOOT_ROOT_KEY)" \
 		--recoverykey="$(CONFIG_VBOOT_RECOVERY_KEY)" \
 		--flags=$(GBB_FLAGS) \
 		$@.tmp
 ifneq ($(CONFIG_GBB_BMPFV_FILE),)
 	$(FUTILITY) gbb_utility -s \
 		--bmpfv="$(CONFIG_GBB_BMPFV_FILE)" \
 		$@.tmp
 endif
 	mv $@.tmp $@
 $(obj)/fwid.region:
 	printf "$(CONFIG_CHROMEOS_FWID_MODEL)$(CONFIG_CHROMEOS_FWID_VERSION)\0" > $@
 build_complete:: $(obj)/gbb.region $(obj)/fwid.region
 	@printf "    WRITE GBB\n"
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r GBB -i 0 -f $(obj)/gbb.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RO_FRID -i 0 -f $(obj)/fwid.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_A -i 0 -f $(obj)/fwid.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r RW_FWID_B -i 0 -f $(obj)/fwid.region
 ifneq ($(shell grep "SHARED_DATA" "$(CONFIG_FMDFILE)"),)
 build_complete::
 	printf "\0" > $(obj)/shared_data.region
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r SHARED_DATA -i 0 -f $(obj)/shared_data.region
 endif
 # Extract FW_MAIN_? region and minimize it if the last file is empty, so it
 # doesn't contain this empty file (that can have a significant size),
 # improving a lot on hash times due to a smaller amount of data loaded from
 # firmware storage.
 # When passing the minimized image to vbutil_firmware, its length is recorded
 # in the keyblock, and coreboot's vboot code clips the region_device to match,
 # which prevents any potential extension attacks.
 $(obj)/FW_MAIN_%.bin: $(obj)/coreboot.rom
 	$(CBFSTOOL) $< read -r $(basename $(notdir $@)) -f $@.tmp
 	$(CBFSTOOL) $(obj)/coreboot.rom print -k -r $(basename $(notdir $@)) | \
 		tail -1 | \
 		sed "s,^(empty)[[:space:]]\(0x[0-9a-f]*\)\tnull\t.*$$,\1," \
 		> $@.tmp.size
 	if [ -n "$$(cat $@.tmp.size)" ] && [ $$( printf "%d" $$(cat $@.tmp.size)) -gt 0 ]; then \
 		head -c $$( printf "%d" $$(cat $@.tmp.size)) $@.tmp > $@.tmp2 && \
 		mv $@.tmp2 $@; \
 	else \
 		mv $@.tmp $@; \
 	fi
 $(obj)/VBLOCK_%.bin: $(obj)/FW_MAIN_%.bin $(FUTILITY)
 	$(FUTILITY) vbutil_firmware \
 		--vblock $@ \
 		--keyblock "$(CONFIG_VBOOT_KEYBLOCK)" \
 		--signprivate "$(CONFIG_VBOOT_FIRMWARE_PRIVKEY)" \
 		--version $(CONFIG_VBOOT_KEYBLOCK_VERSION) \
 		--fv $< \
 		--kernelkey "$(CONFIG_VBOOT_KERNEL_KEY)" \
 		--flags $(CONFIG_VBOOT_KEYBLOCK_PREAMBLE_FLAGS)
 files_added:: $(obj)/VBLOCK_A.bin $(obj)/VBLOCK_B.bin
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_A -f $(obj)/VBLOCK_A.bin
 	$(CBFSTOOL) $(obj)/coreboot.rom write -u -r VBLOCK_B -f $(obj)/VBLOCK_B.bin
--- a/src/vendorcode/google/chromeos/chromeos.c
+++ b/src/vendorcode/google/chromeos/chromeos.c
@ -1,35 +0,0 @@
 /*
 * This file is part of the coreboot project.
 *
 * Copyright (C) 2011 The ChromiumOS Authors.  All rights reserved.
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; version 2 of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */
 #include <stddef.h>
 #include <string.h>
 #include "chromeos.h"
 int __attribute__((weak)) clear_recovery_mode_switch(void)
 {
 	// Weak implementation. Nothing to do.
 	return 0;
 }
 int __attribute__((weak)) get_sw_write_protect_state(void)
 {
 	// Can be implemented by a platform / mainboard
 	return 0;
 }
 void __attribute__((weak)) log_recovery_mode_switch(void)
 {
 	// Weak implementation. Nothing to do.
 }