366ceeef0f
This patch passes the correct flag to vboot to enable SIMD crypto acceleration on arm64 devices. This uses a core part of the ISA and should thus be supported on all arm64 SoCs -- so we normally always want it enabled, but there should still be a Kconfig in case a SoC wants to use the hwcrypto interface for its own (off-CPU) crypto acceleration engine instead. (You could also disable it to save a small amount of code size at the cost of speed, if necessary.) Change-Id: I3820bd6b7505202b7edb6768385ce5deb18777a4 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/80710 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Yu-Ping Wu <yupingso@google.com>
65 lines
1.9 KiB
Plaintext
65 lines
1.9 KiB
Plaintext
# SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
config VBOOT_LIB
|
|
bool "Compile verified boot (vboot) library"
|
|
default y if CHROMEOS
|
|
default n
|
|
help
|
|
This option enables compiling and building vboot libraries vboot_fw and tlcl.
|
|
|
|
if VBOOT_LIB
|
|
|
|
config VBOOT_CBFS_INTEGRATION
|
|
bool "Enable vboot and CBFS integration"
|
|
default n
|
|
depends on CBFS_VERIFICATION
|
|
help
|
|
Say yes to request reboot on CBFS file hash mismatch in non-recovery mode.
|
|
|
|
config VBOOT_TPM2_MODE
|
|
bool "TPM2 Mode"
|
|
default y
|
|
help
|
|
This option enables TPM 2.0 support in vboot. Disabling it allows using TPM 1.2.
|
|
|
|
config VBOOT_X86_SHA_EXT
|
|
bool "x86 SHA Extension"
|
|
default y if CHROMEOS
|
|
default n
|
|
depends on ARCH_X86
|
|
help
|
|
This option enables SHA256 implementation using x86 SHA processor extension
|
|
instructions: sha256msg1, sha256msg2, sha256rnds2.
|
|
|
|
config VBOOT_X86_RSA_ACCELERATION
|
|
bool "Use SSE2 instructions for RSA signature verification"
|
|
default y if CHROMEOS
|
|
default n
|
|
depends on ARCH_X86
|
|
help
|
|
Use paddq, pmuludq, psrlq, punpckldq and punpcklqdq SSE2
|
|
instructions to accelerate the modulus exponentiation which
|
|
is part of the RSA signature verification process.
|
|
|
|
config VBOOT_SHA_ARMV8_CE
|
|
bool "SHA256 implementation using ARMv8 Crypto Extension"
|
|
default y if CHROMEOS
|
|
default n
|
|
depends on ARCH_ARM64
|
|
help
|
|
This option enables SHA256 implementation using ARMv8 Crypto Extension.
|
|
|
|
config VBOOT_ARM64_RSA_ACCELERATION
|
|
bool "Use arm64 SIMD instructions to accelerate RSA signature verification"
|
|
default y
|
|
depends on ARCH_ARM64
|
|
help
|
|
Use arm64 SIMD instructions (NEON) to parallelize two multiplications
|
|
in the modulus exponentiation algorithm, which speeds up RSA signature
|
|
verification in vboot. This is supported on all arm64 CPUs so you'd
|
|
generally always want this enabled, unless your SoC is overriding
|
|
vboot's hwcrypto API with its own crypto accelerator IP instead (or
|
|
you're trying really hard to save on code size).
|
|
|
|
endif
|