# SPDX-FileCopyrightText: 2013 Stefano Babic <stefano.babic@swupdate.org>
#
# SPDX-License-Identifier: GPL-2.0-only

#
# For a description of the syntax of this configuration file,
# see scripts/kbuild/config-language.txt.
#

mainmenu "SWUpdate Configuration"

config HAVE_LINUX
	bool
	option env="HAVE_LINUX"

config HAVE_FREEBSD
	bool
	option env="HAVE_FREEBSD"

config HAVE_LUA
	bool
	option env="HAVE_LUA"

config HAVE_LIBCONFIG
	bool
	option env="HAVE_LIBCONFIG"

config HAVE_LIBARCHIVE
	bool
	option env="HAVE_LIBARCHIVE"

config HAVE_LIBCURL
	bool
	option env="HAVE_LIBCURL"

config HAVE_LIBFDISK
	bool
	option env="HAVE_LIBFDISK"

config HAVE_LIBBLKID
	bool
	option env="HAVE_LIBBLKID"

config HAVE_LIBGPIOD
	bool
	option env="HAVE_LIBGPIOD"

config HAVE_LIBMTD
	bool
	option env="HAVE_LIBMTD"

config HAVE_LIBUBI
	bool
	option env="HAVE_LIBUBI"

config HAVE_LIBUBOOTENV
	bool
	option env="HAVE_LIBUBOOTENV"

config HAVE_LIBEBGENV
       bool
       option env="HAVE_LIBEBGENV"

config HAVE_LIBTEGRABOOT_TOOLS
       bool
       option env="HAVE_LIBTEGRABOOT_TOOLS"

config HAVE_LIBEXT2FS
	bool
	option env="HAVE_LIBEXT2FS"

config HAVE_LIBBTRFS
	bool
	option env="HAVE_LIBBTRFS"

config HAVE_LIBZEROMQ
	bool
	option env="HAVE_LIBZEROMQ"

config HAVE_ZLIB
	bool
	option env="HAVE_ZLIB"

config HAVE_ZSTD
	bool
	option env="HAVE_ZSTD"

config HAVE_LIBSSL
	bool
	option env="HAVE_LIBSSL"

config HAVE_LIBSYSTEMD
	bool
	option env="HAVE_LIBSYSTEMD"

config HAVE_LIBCRYPTO
	bool
	option env="HAVE_LIBCRYPTO"

config HAVE_WOLFSSL
	bool
	option env="HAVE_WOLFSSL"

config HAVE_MBEDTLS
	bool
	option env="HAVE_MBEDTLS"

config HAVE_P11KIT
	bool
	option env="HAVE_P11KIT"

config HAVE_LIBWEBSOCKETS
	bool
	option env="HAVE_LIBWEBSOCKETS"

config HAVE_LIBRSYNC
	bool
	option env="HAVE_LIBRSYNC"

config HAVE_URIPARSER
	bool
	option env="HAVE_URIPARSER"

config HAVE_ZCK
	bool
	option env="HAVE_ZCK"

menu "SWUpdate Settings"

menu "General Configuration"

config CURL
	bool
	default n

config CURL_SSL
	bool
	default n

config DISKFORMAT
	bool
	default n

config SYSTEMD
	bool "enable systemd support"
	depends on HAVE_LINUX
	depends on HAVE_LIBSYSTEMD
	default n
	help
	  Enable support for systemd's start-up completion
	  notification and socket-based activation features.

comment "systemd support needs libsystemd"
	depends on !HAVE_LIBSYSTEMD && HAVE_LINUX

config DEFAULT_CONFIG_FILE
	string "File with default settings"
	default "/etc/swupdate.cfg"
	help
	  SWUpdate may get its default configuration settings
	  from the specified file (if present). Users may
	  override the default configuration with the -f
	  option switch.

config SCRIPTS
	bool "enable pre and postinstall scripts"
	default y
	help
	  Enabling this option, the installer will run
	  pre- and postinstall scripts, if they are present
	  in the image. For security reason, this option
	  can be switched off.

config HW_COMPATIBILITY
	bool "check for hardware / software compatibility"
	default n
	help
	  If enabled, check if the hardware revision
	  supports the software version. Detecting the hardware
	  revision is very board specific, and it cannot be generalized.
	  For this reason, the software expects that the detected
	  version is written into a file by a previous software.

config HW_COMPATIBILITY_FILE
	string "File with detected hardware revisions"
	depends on HW_COMPATIBILITY
	default "/etc/hwrevision"
	help
	  File where to read the detected hardware revsion
	  that must be compared with the software version.
	  The file has simple entries (one per line) in the
	  format of "major.minor".

config SW_VERSIONS_FILE
	string "File with detected software version"
	default "/etc/sw-versions"
	help
	  This is an optional file that is scanned at the
	  beginning to read the installed versions of
	  all sw-components. Each entry in the file is
	  a pair of "name version".
	  In sw-description,  an image can have the
	  optional attributes:
		"name" : key for searching in SW_VERSIONS_FILE
		"version" : version contained in the .swu
		"install-if-different" : if set, the version
			is compared with the one in SW_VERSIONS_FILE.
	  The image is installed only if there is a version mismatch.
	  This reduces the risk in case of components that are not
	  safe to update, such as the bootloader. Updating it is a risk,
	  but in some cases it is required to do it. Having a check,
	  the risky-component is not always updated.

menu "Socket Paths"

config SOCKET_CTRL_PATH
	string "SWUpdate control socket path"
	help
	  Path to SWUpdate's IPC socket.

config SOCKET_PROGRESS_PATH
	string "SWUpdate progress socket path"
	help
	  Path to the socket progress information is sent to.

endmenu

config MTD
	bool "MTD support"
	default y
	depends on HAVE_LINUX
	depends on HAVE_LIBMTD
	help
	  Enable MTD support.

comment "MTD support needs libmtd"
	depends on !HAVE_LIBMTD && HAVE_LINUX

config LUA
	bool "lua"
	default y
	depends on HAVE_LUA
	help
	  Enable Lua interpreter.

comment "Lua support needs a Lua interpreter"
	depends on !HAVE_LUA

config LUAPKG
	string "Lua pkg-config name"
	default "lua"
	depends on LUA
	help
	  Which pkg-config package supplies the Lua API.

# These are auto-selected by other options

config FEATURE_SYSLOG
	bool #No description makes it a hidden option
	default n
	#help
	#  This option is auto-selected when you select any applet which may
	#  send its output to syslog. You do not need to select it manually.

endmenu

menu 'Build Options'

config CROSS_COMPILE
	string "Cross Compiler prefix"
	default ""
	help
	  If you want to build swupdate with a cross compiler, then you
	  will need to set this to the cross-compiler prefix, for example,
	  "i386-uclibc-".

	  Native builds leave this empty.

config SYSROOT
	string "Path to sysroot"
	default ""
	help
	  If you want to build swupdate with a cross compiler, then you
	  might also need to specify where /usr/include and /usr/lib
	  will be found.

	  For example, swupdate can be built against an installed
	  Android NDK, platform version 9, for ARM ABI with

	  CONFIG_SYSROOT=/opt/android-ndk/platforms/android-9/arch-arm

	  Native builds leave this empty.

config EXTRA_CFLAGS
	string "Additional CFLAGS"
	default ""
	help
	  Additional CFLAGS to pass to the compiler verbatim.

config EXTRA_LDFLAGS
	string "Additional LDFLAGS"
	default ""
	help
	  Additional LDFLAGS to pass to the linker verbatim.

config EXTRA_LDLIBS
	string "Additional LDLIBS"
	default ""
	help
	  Additional LDLIBS to pass to the linker with -l.

endmenu

menu 'Debugging Options'

config DEBUG
	bool "Build SWUpdate with extra Debugging symbols"
	default n
	help
	  Say Y here if you wish to examine swupdate internals while applets are
	  running. This increases the size of the binary considerably, and
	  should only be used when doing development. If you are doing
	  development and want to debug swupdate, answer Y.

	  Most people should answer N.

config DEBUG_PESSIMIZE
	bool "Disable compiler optimizations"
	default n
	depends on DEBUG
	help
	  The compiler's optimization of source code can eliminate and reorder
	  code, resulting in an executable that's hard to understand when
	  stepping through it with a debugger. This switches it off, resulting
	  in a much bigger executable that more closely matches the source
	  code.

config WERROR
	bool "Abort compilation on any warning"
	default n
	help
	  Selecting this will add -Werror to gcc command line.

	  Most people should answer N.

config NOCLEANUP
	bool "Do not remove temporary files after execution"
	default n
	help
	  After each run, temporary files are removed from the directory
	  pointed to by the environment variable TMPDIR (/tmp as fallback
	  if unset) to restart in a clean state. For debugging purposes, it
	  helps to check the consistency of the files extracted by SWUpdate.
	  For production, answer N.

endmenu

endmenu

comment "Bootloader support"

source bootloader/Config.in


comment Interfaces

config DOWNLOAD
	bool "Enable image downloading"
	default n
	depends on HAVE_LIBCURL
	select CHANNEL_CURL
	select JSON
	help
	  Enable update from image URL using libcurl. The stream is sent via IPC
	  to the installer as it is done for other interfaces.

comment "Image downloading support needs libcurl"
	depends on !HAVE_LIBCURL

config DOWNLOAD_SSL
	bool "Enable SSL support for image downloading"
	default n
	depends on DOWNLOAD
	select CHANNEL_CURL_SSL
	help
	  Enable SSL support in channels using libcurl.

config CHANNEL_CURL
	bool
	depends on HAVE_LIBCURL
	select CURL

source suricatta/Config.in

source mongoose/Config.in

comment Security

choice
	prompt "SSL implementation to use"
	default SSL_IMPL_OPENSSL
	help
	  Select SSL implementation for hashing, verifying and decrypting images.

	config SSL_IMPL_NONE
		bool "None"

	config SSL_IMPL_OPENSSL
		bool "OpenSSL"
		depends on HAVE_LIBSSL

	config SSL_IMPL_WOLFSSL
		bool "wolfSSL (with OpenSSL compatibility layer)"
		depends on HAVE_WOLFSSL
		select CMS_IGNORE_CERTIFICATE_PURPOSE if SIGALG_CMS
		select CMS_SKIP_UNKNOWN_SIGNERS if SIGALG_CMS

	config SSL_IMPL_MBEDTLS
		bool "mbedTLS"
		depends on HAVE_MBEDTLS
endchoice


config CHANNEL_CURL_SSL
	bool
	depends on CHANNEL_CURL
	select CURL_SSL

config HASH_VERIFY
	bool "Allow to add sha256 hash to each image"
	depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL || SSL_IMPL_MBEDTLS
	help
	  Allow to add a sha256 hash to an artifact.
	  This is automatically set in case of Signed Image

comment "Hash checking needs an SSL implementation"
	depends on !SSL_IMPL_OPENSSL && !SSL_IMPL_WOLFSSL && !SSL_IMPL_MBEDTLS

config SIGNED_IMAGES
	bool "Enable verification of signed images"
	depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL || SSL_IMPL_MBEDTLS
	select HASH_VERIFY
comment "Image signature verification needs an SSL implementation"
	depends on !SSL_IMPL_OPENSSL && !SSL_IMPL_WOLFSSL && !SSL_IMPL_MBEDTLS

choice
	prompt "Signature verification algorithm"
	depends on SIGNED_IMAGES
	default SIGALG_RAWRSA
	help
	  Select if the signature algorithm for signed images is a raw RSA signature
	  (following PKCS#1.5) or if it uses Cryptographic Message Syntax (CMS) with
	  OpenSSL/LibreSSL or PKCS#7 with wolfSSL.
	  wolfSSL's PKCS#7 implementation can only deal with one signature and cannot
	  deal with X509 purposes.

	config SIGALG_RAWRSA
		bool "RSA PKCS#1.5"

	config SIGALG_RSAPSS
		bool "RSA PSS"

	config SIGALG_CMS
		bool "Cryptographic Message Syntax (CMS) / PKCS#7"
		depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL

	config SIGALG_GPG
		bool "GPG signing"
endchoice

menu "CMS / PKCS#7 signature verification options"
	depends on SIGALG_CMS

config CMS_IGNORE_EXPIRED_CERTIFICATE
	bool "Ignore expired certificates"
	depends on SIGALG_CMS

config CMS_IGNORE_CERTIFICATE_PURPOSE
	bool "Ignore X.509 certificate purpose"
	depends on SIGALG_CMS

config CMS_SKIP_UNKNOWN_SIGNERS
	bool "Ignore unverifiable signatures if known signer verifies"
	depends on SIGALG_CMS
endmenu


config ENCRYPTED_IMAGES
	bool "Images can be encrypted with a symmetric key"
	depends on SSL_IMPL_OPENSSL || SSL_IMPL_WOLFSSL || SSL_IMPL_MBEDTLS
comment "Image encryption needs an SSL implementation"
	depends on !SSL_IMPL_OPENSSL && !SSL_IMPL_WOLFSSL && !SSL_IMPL_MBEDTLS

config ENCRYPTED_SW_DESCRIPTION
	bool "Even sw-description is encrypted"
	depends on ENCRYPTED_IMAGES
	help
	  sw-description is not encrypted as default, but it is encrypted
	  if this is set. It is a compile time option, and mix of plain and
	  encrypted sw-descriptions is not possible.

config ENCRYPTED_IMAGES_HARDEN_LOGGING
	bool "Harden logging for encrypted images"
	default n
	depends on ENCRYPTED_IMAGES
	help
	  This option addresses a theoretical weakness of the AES-CBC encryption in
	  combination with streamed images. An adversary can target each 16-byte
	  block of encrypted data within an image and decrypt it, if they can apply a
	  huge amount of manipulated firmware updates and observe the logged
	  messages. On average, 2048 update attempts are needed for each block.
	  Select if this scenario poses a risk. If set, log messages related to a
	  hash mismatch and errors in the decryption finalization (padding) of a
	  streamed image are suppressed.

config PKCS11
	bool "Enable PKCS#11 cryptographic operations"
	default n
	depends on HAVE_WOLFSSL && HAVE_P11KIT && ENCRYPTED_IMAGES
	help
	  Enable using PKCS#11 for AES decryption instead of having the plain
	  key available in a file. This is implemented with wolfSSL independent
	  from the SSL implementation and replaces the plain key method.

comment "Compressors (zlib always on)"

config GUNZIP
	bool
	depends on HAVE_ZLIB
	default y

config ZSTD
	bool "Zstd compression support"
	depends on HAVE_ZSTD

comment Parsers
source parser/Config.in

comment Handlers
source handlers/Config.in

comment Containers
source containers/Config.in
