Make all of the CHAIN_OF_TRUST options be under a single menu and add a
comment for the rest, so the resulting config file reads more clearly.
Remove duplicate CHAIN_OF_TRUST options from
board/congatec/common/Kconfig.  Remove duplicate NXP_ESBC config
questions and move to arch/Kconfig.nxp.

Signed-off-by: Tom Rini <tr...@konsulko.com>
---
 arch/Kconfig.nxp                          | 30 +++++++++++------
 arch/arm/cpu/armv7/ls102xa/Kconfig        |  6 ----
 arch/arm/cpu/armv8/fsl-layerscape/Kconfig | 15 +++------
 arch/powerpc/cpu/mpc85xx/Kconfig          |  6 ----
 board/congatec/common/Kconfig             | 41 -----------------------
 5 files changed, 24 insertions(+), 74 deletions(-)

diff --git a/arch/Kconfig.nxp b/arch/Kconfig.nxp
index 1e26f1dc5372..f72c513aa6a8 100644
--- a/arch/Kconfig.nxp
+++ b/arch/Kconfig.nxp
@@ -1,7 +1,13 @@
-config CHAIN_OF_TRUST
+config NXP_ESBC
+       bool "NXP ESBC (secure boot) functionality"
+       help
+         Enable Freescale Secure Boot feature. Normally selected by defconfig.
+         If unsure, do not change.
+
+menu "Chain of trust / secure boot options"
        depends on !FIT_SIGNATURE && NXP_ESBC
-       imply CMD_BLOB
-       imply CMD_HASH if ARM
+
+config CHAIN_OF_TRUST
        select FSL_CAAM
        select FSL_SEC_MON
        select SPL_BOARD_INIT if (ARM && SPL)
@@ -11,12 +17,12 @@ config CHAIN_OF_TRUST
        select ENV_IS_NOWHERE
        select CMD_EXT4 if ARM
        select CMD_EXT4_WRITE if ARM
-       bool
-       default y
+       imply CMD_BLOB
+       imply CMD_HASH if ARM
+       def_bool y
 
 config CMD_ESBC_VALIDATE
        bool "Enable the 'esbc_validate' and 'esbc_halt' commands"
-       depends on CHAIN_OF_TRUST
        default y
        help
          This option enables two commands used for secure booting:
@@ -35,15 +41,14 @@ config ESBC_ADDR_64BIT
 
 config SYS_FSL_SFP_BE
        def_bool y
-       depends on CHAIN_OF_TRUST && (PPC || FSL_LSCH2 || ARCH_LS1021A)
+       depends on PPC || FSL_LSCH2 || ARCH_LS1021A
 
 config SYS_FSL_SFP_LE
        def_bool y
-       depends on CHAIN_OF_TRUST && !SYS_FSL_SFP_BE
+       depends on !SYS_FSL_SFP_BE
 
 choice
        prompt "SFP IP revision"
-       depends on CHAIN_OF_TRUST
        default SYS_FSL_SFP_VER_3_0 if PPC
        default SYS_FSL_SFP_VER_3_4
 
@@ -60,11 +65,14 @@ endchoice
 
 config SYS_FSL_SRK_LE
        def_bool y
-       depends on CHAIN_OF_TRUST && ARM
+       depends on ARM
 
 config KEY_REVOCATION
        def_bool y
-       depends on CHAIN_OF_TRUST
+
+endmenu
+
+comment "Other functionality shared between NXP SoCs"
 
 config DEEP_SLEEP
        bool "Enable SoC deep sleep feature"
diff --git a/arch/arm/cpu/armv7/ls102xa/Kconfig 
b/arch/arm/cpu/armv7/ls102xa/Kconfig
index c496e6439199..a901360fa7d8 100644
--- a/arch/arm/cpu/armv7/ls102xa/Kconfig
+++ b/arch/arm/cpu/armv7/ls102xa/Kconfig
@@ -41,12 +41,6 @@ config MAX_CPUS
          cores, count the reserved ports. This will allocate enough memory
          in spin table to properly handle all cores.
 
-config NXP_ESBC
-       bool    "NXP_ESBC"
-       help
-               Enable Freescale Secure Boot feature. Normally selected
-               by defconfig. If unsure, do not change.
-
 config SYS_CCI400_OFFSET
        hex "Offset for CCI400 base"
        depends on SYS_FSL_HAS_CCI400
diff --git a/arch/arm/cpu/armv8/fsl-layerscape/Kconfig 
b/arch/arm/cpu/armv8/fsl-layerscape/Kconfig
index 7f08733a35b6..602b624dca52 100644
--- a/arch/arm/cpu/armv8/fsl-layerscape/Kconfig
+++ b/arch/arm/cpu/armv8/fsl-layerscape/Kconfig
@@ -26,7 +26,7 @@ config ARCH_LS1012A
 config ARCH_LS1028A
        bool
        select ARMV8_SET_SMPEN
-       select ESBC_HDR_LS
+       select ESBC_HDR_LS if CHAIN_OF_TRUST
        select FSL_LAYERSCAPE
        select FSL_LSCH3
        select GICV3
@@ -139,7 +139,7 @@ config ARCH_LS1088A
        bool
        select ARMV8_SET_SMPEN
        select ARM_ERRATA_855873 if !TFABOOT
-       select ESBC_HDR_LS
+       select ESBC_HDR_LS if CHAIN_OF_TRUST
        select FSL_IFC
        select FSL_LAYERSCAPE
        select FSL_LSCH3
@@ -189,7 +189,7 @@ config ARCH_LS2080A
        select ARM_ERRATA_828024
        select ARM_ERRATA_829520
        select ARM_ERRATA_833471
-       select ESBC_HDR_LS
+       select ESBC_HDR_LS if CHAIN_OF_TRUST
        select FSL_IFC
        select FSL_LAYERSCAPE
        select FSL_LSCH3
@@ -242,7 +242,7 @@ config ARCH_LS2080A
 config ARCH_LX2162A
        bool
        select ARMV8_SET_SMPEN
-       select ESBC_HDR_LS
+       select ESBC_HDR_LS if CHAIN_OF_TRUST
        select FSL_DDR_BIST
        select FSL_DDR_INTERACTIVE
        select FSL_LAYERSCAPE
@@ -281,7 +281,7 @@ config ARCH_LX2162A
 config ARCH_LX2160A
        bool
        select ARMV8_SET_SMPEN
-       select ESBC_HDR_LS
+       select ESBC_HDR_LS if CHAIN_OF_TRUST
        select FSL_DDR_BIST
        select FSL_DDR_INTERACTIVE
        select FSL_LAYERSCAPE
@@ -461,11 +461,6 @@ config EMC2305
         Enable the EMC2305 fan controller for configuration of fan
         speed.
 
-config NXP_ESBC
-       bool "NXP_ESBC"
-       help
-               Enable Freescale Secure Boot feature
-
 config QSPI_AHB_INIT
        bool "Init the QSPI AHB bus"
        help
diff --git a/arch/powerpc/cpu/mpc85xx/Kconfig b/arch/powerpc/cpu/mpc85xx/Kconfig
index 0ef5e730bdc2..e7003d3b647e 100644
--- a/arch/powerpc/cpu/mpc85xx/Kconfig
+++ b/arch/powerpc/cpu/mpc85xx/Kconfig
@@ -827,12 +827,6 @@ config FSL_LAW
 config HETROGENOUS_CLUSTERS
        bool
 
-config NXP_ESBC
-       bool    "NXP_ESBC"
-       help
-               Enable Freescale Secure Boot feature. Normally selected
-               by defconfig. If unsure, do not change.
-
 config MAX_CPUS
        int "Maximum number of CPUs permitted for MPC85xx"
        default 12 if ARCH_T4240
diff --git a/board/congatec/common/Kconfig b/board/congatec/common/Kconfig
index d4a238de99bc..a1f2139219b1 100644
--- a/board/congatec/common/Kconfig
+++ b/board/congatec/common/Kconfig
@@ -1,44 +1,3 @@
-if !ARCH_IMX8M && !ARCH_IMX8
-
-config CHAIN_OF_TRUST
-       depends on !FIT_SIGNATURE && SECURE_BOOT
-       imply CMD_BLOB
-       imply CMD_HASH if ARM
-       select FSL_CAAM
-       select SPL_BOARD_INIT if (ARM && SPL)
-       select SHA_HW_ACCEL
-       select SHA_PROG_HW_ACCEL
-       select ENV_IS_NOWHERE
-       select CMD_EXT4 if ARM
-       select CMD_EXT4_WRITE if ARM
-       bool
-       default y
-
-config CMD_ESBC_VALIDATE
-       bool "Enable the 'esbc_validate' and 'esbc_halt' commands"
-       default y if CHAIN_OF_TRUST
-       help
-         This option enables two commands used for secure booting:
-
-           esbc_validate - validate signature using RSA verification
-           esbc_halt - put the core in spin loop (Secure Boot Only)
-
-endif
-
-config VOL_MONITOR_LTC3882_READ
-       depends on VID
-       bool "Enable the LTC3882 voltage monitor read"
-       help
-        This option enables LTC3882 voltage monitor read
-        functionality. It is used by common VID driver.
-
-config VOL_MONITOR_LTC3882_SET
-       depends on VID
-       bool "Enable the LTC3882 voltage monitor set"
-       help
-        This option enables LTC3882 voltage monitor set
-        functionality. It is used by common VID driver.
-
 config USB_TCPC
        bool "USB Typec port controller simple driver"
        help
-- 
2.25.1

Reply via email to