From ea5cc8544a1a4526d174898dcd46d90bb2157b39 Mon Sep 17 00:00:00 2001
From: Thierry Laurion <insurgo@riseup.net>
Date: Thu, 14 May 2026 15:01:08 -0400
Subject: [PATCH 01/14] initrd/bin/tpmr.sh: fix TPM1 auth failure detection and
 defend lock recovery
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

TPM1 auth errors from tpmtotp use TPM_GetErrMsg() which returns English
strings ('Authentication failed (Incorrect Password)', 'Defend lock
running') — but the grep patterns lacked 'defend', causing defend lock
to be treated as a non-auth error (DIE instead of retry).

- Add 'defend' to all auth detection grep patterns (catches TPM_DEFEND_LOCK_RUNNING)
- tpm1_reset: detect 'defend lock' after forceclear, cycle physical
  presence (disable/enable) to clear the lock, retry takeown

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 doc/tpm.md         | 96 +++++++++++++++++++++++++++++++++++++++++++++-
 initrd/bin/tpmr.sh | 55 +++++++++++++++++++++-----
 2 files changed, 139 insertions(+), 12 deletions(-)

diff --git a/doc/tpm.md b/doc/tpm.md
index 90f7ec064..f20bf0f8f 100644
--- a/doc/tpm.md
+++ b/doc/tpm.md
@@ -10,8 +10,35 @@ See also: [architecture.md](architecture.md), [boot-process.md](boot-process.md)
 ## tpmr — unified TPM abstraction
 
 `initrd/bin/tpmr.sh` is a shell script wrapper that presents a single interface
-over both TPM 1.2 (`tpm` / `trousers`) and TPM 2.0 (`tpm2-tools`). All Heads
-scripts call `tpmr.sh` rather than invoking `tpm` or `tpm2` directly.
+over both TPM 1.2 and TPM 2.0. All Heads scripts call `tpmr.sh` rather than
+invoking TPM tools directly.
+
+### Boot chain and TPM tool selection
+
+```text
+initrd/init  (PID 1)
+  └─ CONFIG_BOOTSCRIPT → /bin/gui-init.sh          [board config]
+       ├─ source /etc/functions.sh                   [shared TPM helpers]
+       ├─ source /etc/gui_functions.sh               [whiptail wrappers]
+       └─ calls initrd/bin/tpmr.sh                   [TPM abstraction]
+            ├─ TPM1: calls `tpm` (tpmtotp util/tpm)  [CONFIG_TPM2_TOOLS != y]
+            │          modules/tpmtotp → output: totp hotp qrenc util/tpm
+            │
+            └─ TPM2: calls tpm2_* (tpm2-tools)       [CONFIG_TPM2_TOOLS=y]
+                       modules/tpm2-tss + modules/tpm2-tools
+```
+
+TPM1 support comes exclusively from the `tpmtotp` module (`modules/tpmtotp`),
+which builds `util/tpm` as part of its outputs. This binary is installed to
+the initrd as `tpm` and supports subcommands such as `physicalpresence`,
+`forceclear`, `takeown -pwdo`, `counter_create`, `counter_increment`, etc.
+
+TPM2 support comes from `modules/tpm2-tss` (TSS software stack) and
+`modules/tpm2-tools` (command-line tools like `tpm2_nvdefine`,
+`tpm2_getcap`, `tpm2_nvincrement`).
+
+Both TPM1 and TPM2 boards may also enable `CONFIG_TPMTOTP=y` for the
+`totp` and `hotp` utilities, which are independent of the TPM version.
 
 ### PCR sizes
 
@@ -398,3 +425,68 @@ To verify that a new board's coreboot config matches the expected RoT:
 | Auth sessions | Not used | Required for policy-based unseal |
 | `kexec_finalize` | No-op | Extends PCRs, then `tpm2 shutdown` |
 | `startsession` | No-op | Creates encryption session |
+
+### TPM1 auth retry and error detection
+
+`_tpm_auth_retry()` in `initrd/bin/tpmr.sh` provides shared retry logic for
+both TPM1 and TPM2 operations that need authorization. On auth failure
+(wrong passphrase), the passphrase cache is shredded and the user is
+re-prompted up to 3 times before giving up.
+
+Auth failure is detected by grepping the command output for known error
+patterns.  TPM1 (tpmtotp) errors go to stdout via `printf()` with
+`TPM_GetErrMsg()` strings.  TPM2 (tpm2-tools) errors go to stderr via
+`LOG_ERR()` and may include raw TPM response codes.
+
+| Pattern | Type | TPM version | Example error |
+| --- | --- | --- | --- |
+| `authorization|auth|bad|permission` | English words | TPM1+TPM2 | `TPM_AUTHFAIL`, `bad passphrase` |
+| `defend` | English word | TPM1 | `Defend lock running` |
+| `0x98e|0x149` | Hex codes | TPM2 | `TPM2_RC_AUTH_FAIL`, `TPM2_RC_NV_AUTHORIZATION` |
+
+### TPM1 reset defend lock
+
+`TPM_DEFEND_LOCK_RUNNING` (`tpm_error.h`: `TPM_BASE + TPM_NON_FATAL + 3`)
+is a standard TPM 1.2 error raised when the TPM's dictionary-attack
+protection is active. After too many failed authorization attempts, the
+TPM enters a time-out period and refuses all authorization operations —
+including `tpm takeown` even after a successful `tpm forceclear`
+(forceclear clears the owner but not the dictionary attack counter on
+some implementations).
+
+tpmtotp's `tpm takeown` outputs:
+```
+Error Defend lock running from TPM_TakeOwnership
+```
+
+`tpm1_reset()` in `initrd/bin/tpmr.sh` detects "defend lock" in the
+`takeown` output and cycles physical presence (`physicaldisable` /
+`physicalenable` / `physicalpresence` / `physicalsetdeactivated`) to
+reset the TPM state machine and clear the lock on chips that honour
+software presence.  `TPM_ResetLockValue` (in tpmtotp's `util/resetlockvalue.c`)
+exists but requires owner auth — after forceclear there is no owner,
+so it cannot be used.
+
+If the cycling also fails, only a full AC power cycle (not just reboot)
+will clear the defend lock.  The timeout duration is chip-specific and
+not documented in the tpmtotp source.
+
+### TPM1 physical presence
+
+TPM1.2 forceclear requires physical presence to be asserted. The
+`tpm1_reset()` function does this with `tpm physicalpresence -s` (software
+presence). On some platforms (e.g., Dell OptiPlex, some Infineon TPMs),
+software physical presence may not work — the TPM firmware only accepts
+hardware-asserted presence (GPIO set by BIOS). In that case, `forceclear`
+returns success but may not fully reset the TPM, or `takeown` may fail
+with unexpected errors.
+
+When software physical presence fails, the LOG shows:
+```
+tpm1_reset: unable to set physical presence
+```
+
+This is logged but not fatal — `tpm forceclear` is still attempted.
+If the TPM firmware ignores software physical presence, the reset fails
+and the user must use the platform's hardware TPM reset mechanism
+(typically a BIOS option or jumper).
diff --git a/initrd/bin/tpmr.sh b/initrd/bin/tpmr.sh
index 46f4581d8..4c2a874a3 100755
--- a/initrd/bin/tpmr.sh
+++ b/initrd/bin/tpmr.sh
@@ -354,7 +354,7 @@ tpm2_counter_inc() {
 		rm -f "$tmp_err_file"
 		shred -n 10 -z -u /tmp/secret/tpm_owner_passphrase 2>/dev/null || true
 		DEBUG "tpm2_counter_inc attempt $attempt failed. Stderr: $tmp_err_content"
-		if ! echo "$tmp_err_content" | grep -qiE 'authorization|auth|bad|permission|0x98e|0x149'; then
+		if ! echo "$tmp_err_content" | grep -qiE 'authorization|auth|bad|permission|defend|0x98e|0x149'; then
 			DIE "Can't increment TPM counter for $index, access denied."
 		fi
 		WARN "Authentication failed, retrying..."
@@ -370,16 +370,26 @@ tpm2_counter_inc() {
 # Caching: prompt_tpm_owner_password reuses cached passphrase if available.
 # On auth failure the cache is shredded; next prompt will ask the user.
 #
+# Error stream selection:
+#   TPM1 (tpmtotp):   errors go to stdout via printf() — capture stdout+stderr
+#   TPM2 (tpm2-tools): errors go to stderr via LOG_ERR() — capture stderr only
+#
+# Auth detection grep patterns:
+#   English words  — TPM1 (TPM_GetErrMsg returns "Authentication failed...")
+#                  — TPM2 (tpm2-tools LOG_ERR returns "TPM2_RC_AUTH_FAIL...")
+#   defend         — TPM1 "Defend lock running" (TPM_DEFEND_LOCK_RUNNING)
+#   0x98e, 0x149  — TPM2 raw hex codes (TPM2_RC_AUTH_FAIL, TPM2_RC_NV_AUTHORIZATION)
+#
 # Usage: _tpm_auth_retry <label> <error_stream> <tpm_type> <pw_flag> <cmd...>
 #   <label>:        short name for debug (e.g. "counter_create")
-#   <error_stream>: "stdout" (TPM1) or "stderr" (TPM2)
+#   <error_stream>: "stdout" (TPM1: tpmtotp printf) or "stderr" (TPM2: tpm2-tools LOG_ERR)
 #   <tpm_type>:    "tpm1" or "tpm2"
 #   <pw_flag>:     passphrase flag for TPM1 (-pwdo or -pwdc), ignored for TPM2
 #   <cmd...>:       the tpm command and its non-auth arguments
 #
 # Exit codes:
 #   0: success
-#   1: non-auth error (e.g., "out of resources" 0x15) — caller should check
+#   1: non-auth error (e.g., TPM1 "out of resources" 0x15) — caller should check
 _tpm_auth_retry() {
 	local label="$1" error_stream="$2" tpm_type="$3" pw_flag="$4"
 	shift 4
@@ -417,7 +427,7 @@ _tpm_auth_retry() {
 		DEBUG "_tpm_auth_retry $label attempt $attempt failed: $out_content"
 		rm -f "$tmp_file"
 		shred -n 10 -z -u /tmp/secret/tpm_owner_passphrase 2>/dev/null || true
-		if echo "$out_content" | grep -qiE 'authorization|auth|bad|permission'; then
+		if echo "$out_content" | grep -qiE 'authorization|auth|bad|permission|defend|0x98e|0x149'; then
 			WARN "$label failed (bad passphrase?). Retrying..."
 		else
 			# Non-auth error (e.g., out of resources 0x15)
@@ -641,7 +651,7 @@ tpm2_seal() {
 		rm -f "$tmp_err_file"
 		DEBUG "Failed attempt $attempt to write sealed secret to NVRAM from tpm2_seal. Stderr: $tmp_err_content"
 		shred -n 10 -z -u /tmp/secret/tpm_owner_passphrase 2>/dev/null || true
-		if echo "$tmp_err_content" | grep -qiE 'authorization|auth|bad|permission'; then
+		if echo "$tmp_err_content" | grep -qiE 'authorization|auth|bad|permission|defend|0x98e|0x149'; then
 			if [ "$attempt" -ge 3 ]; then
 				DIE "Unable to write sealed secret to TPM NVRAM after 3 attempts. Reset the TPM and try again."
 			fi
@@ -759,7 +769,7 @@ tpm1_seal() {
 			rm -f "$tmp_def_out"
 			DEBUG "tpm1_seal nv_definespace failed (attempt $attempt): $def_out_content"
 			# If auth failure, retry after re-prompt; otherwise bail out.
-			if echo "$def_out_content" | grep -qiE 'authorization|auth|bad|permission'; then
+			if echo "$def_out_content" | grep -qiE 'authorization|auth|bad|permission|defend'; then
 				shred -n 10 -z -u /tmp/secret/tpm_owner_passphrase 2>/dev/null || true
 				WARN "nv_definespace failed (bad passphrase?). Retrying..."
 				continue
@@ -788,7 +798,7 @@ tpm1_seal() {
 		fi
 		DEBUG "tpm1_seal nv_writevalue(post-define) output: $tmp_out_content"
 		shred -n 10 -z -u /tmp/secret/tpm_owner_passphrase 2>/dev/null || true
-		if echo "$tmp_out_content" | grep -qiE 'authorization|auth|bad|permission'; then
+		if echo "$tmp_out_content" | grep -qiE 'authorization|auth|bad|permission|defend'; then
 			if [ "$attempt" -ge 3 ]; then
 				DIE "Unable to write sealed secret to TPM NVRAM after 3 attempts"
 			fi
@@ -1075,9 +1085,34 @@ tpm1_reset() {
 	DO_WITH_DEBUG tpm physicalenable >/dev/null 2>&1 || LOG "tpm1_reset: unable to physicalenable after clear"
 
 	# 3. Take ownership with the new TPM owner passphrase.
-	if ! DO_WITH_DEBUG --mask-position 3 tpm takeown -pwdo "$tpm_owner_passphrase" >/dev/null 2>&1; then
-		LOG "tpm1_reset: tpm takeown failed after forceclear"
-		return 1
+	# TPM_DEFEND_LOCK_RUNNING is a standard TPM 1.2 error raised after
+	# too many failed authorization attempts (see tpm_error.h).  The TPM
+	# enters a time-out period and refuses all authorization operations —
+	# including takeown, even after a successful forceclear (forceclear
+	# clears the owner but not the dictionary attack counter on some
+	# implementations).  
+	# TPM_ResetLockValue requires owner auth, which does not exist after
+	# forceclear, so we cannot call it.  Cycle physical presence
+	# (physicaldisable + physicalenable) to reset the TPM state machine
+	# on chips that honour software presence.  If the lock persists,
+	# only a full AC power cycle (not just reboot) will clear it.
+	local takeown_rc takeown_out
+	takeown_out="$(DO_WITH_DEBUG --mask-position 3 tpm takeown -pwdo "$tpm_owner_passphrase" 2>&1)" && takeown_rc=0 || takeown_rc=$?
+	if [ $takeown_rc -ne 0 ]; then
+		if echo "$takeown_out" | grep -qi "defend lock"; then
+			LOG "tpm1_reset: defend lock detected after forceclear — cycling physical presence to clear"
+			DO_WITH_DEBUG tpm physicaldisable >/dev/null 2>&1 || true
+			DO_WITH_DEBUG tpm physicalenable >/dev/null 2>&1 || true
+			DO_WITH_DEBUG tpm physicalpresence -s >/dev/null 2>&1 || true
+			DO_WITH_DEBUG tpm physicalsetdeactivated -c >/dev/null 2>&1 || true
+			if ! DO_WITH_DEBUG --mask-position 3 tpm takeown -pwdo "$tpm_owner_passphrase" >/dev/null 2>&1; then
+				LOG "tpm1_reset: tpm takeown still failed after defend lock recovery"
+				return 1
+			fi
+		else
+			LOG "tpm1_reset: tpm takeown failed after forceclear"
+			return 1
+		fi
 	fi
 
 	# 4. Leave TPM enabled, present, and not deactivated.

From d147c2beae52bd51834b26dbcb5bb6b0e62262d6 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 06:01:39 -0400
Subject: [PATCH 02/14] add m900_tower board

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 .circleci/config.yml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 8196c8d63..801498e58 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -535,8 +535,27 @@ workflows:
 
       # ── coreboot 25.09 boards (alphabetical) ───────────────────────────────
       - build:
+<<<<<<< HEAD
           name: EOL_optiplex-7010_9010-hotp-maximized
           target: EOL_optiplex-7010_9010-hotp-maximized
+=======
+          name: EOL_m900_tower-hotp-maximized
+          target: EOL_m900_tower-hotp-maximized
+          subcommand: ""
+          requires:
+            - EOL_t480-hotp-maximized
+
+      - build:
+          name: EOL_m900_tower-maximized
+          target: EOL_m900_tower-maximized
+          subcommand: ""
+          requires:
+            - EOL_t480-hotp-maximized
+
+      - build:
+          name: EOL_x220-hotp-maximized
+          target: EOL_x220-hotp-maximized
+>>>>>>> 42015cef (add m900_tower board)
           subcommand: ""
           requires:
             - EOL_t480-hotp-maximized

From aa0015e2193269ff7c0e3cc0cdcf4148bb45ba47 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:51:15 -0400
Subject: [PATCH 03/14] add the script to download, deguard and reduce the
 intel ME blob

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/m900_download_clean_deguard_me.sh | 165 +++++++++++++++++++
 1 file changed, 165 insertions(+)
 create mode 100755 blobs/m900/m900_download_clean_deguard_me.sh

diff --git a/blobs/m900/m900_download_clean_deguard_me.sh b/blobs/m900/m900_download_clean_deguard_me.sh
new file mode 100755
index 000000000..a1f679d76
--- /dev/null
+++ b/blobs/m900/m900_download_clean_deguard_me.sh
@@ -0,0 +1,165 @@
+#!/usr/bin/env bash
+
+# These variables are all for the deguard tool.
+# They would need to be changed if using the tool for other devices with different ME version...
+ME_delta="optiplex_3050"
+ME_version="11.6.0.1126"
+ME_sku="2M"
+ME_pch="H"
+
+
+# Integrity checks for the vendor provided ME blob...
+DL_HASH="de26085e1fbfaaa0302ec73dba411a5fd25fe13ae07e69a2287754ada6a7a196"
+
+# ...and the cleaned and deguarded version from that blob.
+DEGUARDED_ME_BIN_HASH="9c3eff6be017b36c819a0df3c1f6537bb26b6f3d5780787f60b91cedc789f0f0"
+
+
+function usage() {
+	echo -n \
+		"Usage: $(basename "$0") -m <me_cleaner>(optional) path_to_output_directory
+Download Intel ME firmware from ASRock, neutralize and shrink keeping the MFS.
+
+"
+}
+
+function chk_sha256sum() {
+	sha256_hash="$1"
+	filename="$2"
+	echo "$sha256_hash" "$filename" "$(pwd)"
+	sha256sum "$filename"
+	if ! echo "${sha256_hash} ${filename}" | sha256sum --check; then
+		echo "ERROR: SHA256 checksum for ${filename} doesn't match."
+		exit 1
+	fi
+}
+
+function chk_exists_and_matches() {
+	if [[ -f "$1" ]]; then
+		if echo "${2} ${1}" | sha256sum --check; then
+			echo "SKIPPING: SHA256 checksum for $1 matches."
+			[[ "$3" = ME ]] && me_exists="y"
+		fi
+		echo "$1 exists but checksum doesn't match. Continuing..."
+	fi
+}
+
+function download_and_clean() {
+	me_cleaner="$(realpath "${1}")"
+	me_output="$(realpath "${2}")"
+
+	# Download and unpack the Dell installer into a temporary directory and
+	# extract the deguardable Intel ME blob.
+	pushd "$(mktemp -d)" || exit
+
+	# Download the installer that contains the ME blob
+	me_installer_filename="H110M-DGS(7.30)ROM.zip"
+	user_agent="Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
+	curl -A "$user_agent" -s -O "https://download.asrock.com/BIOS/1151/${me_installer_filename}"
+	chk_sha256sum "$DL_HASH" "$me_installer_filename"
+
+	# Unpack the ME blob.
+	unzip "$me_installer_filename" || exit
+
+	extracted_me_filename="H11MDGS7.30"
+
+	# Deactivate, partially neuter and shrink Intel ME. Note that this doesn't include
+	# --soft-disable to set the "ME Disable" or "ME Disable B" (e.g.,
+	# High Assurance Program) bits, as they are defined within the Flash
+	# Descriptor.
+	# However, the HAP bit must be enabled to make the deguarded ME work. We only clean the ME in this function.
+	# For ME 11.x this means we must keep the rbe, bup, kernel and syslib modules.
+	# https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F#me-versions-from-11x-skylake-1
+	# Furthermore, deguard requires keeping the MFS, the HAP bit set, and we cannot relocate the FTPR partition.
+	# Some more general info on shrinking:
+	# https://github.com/corna/me_cleaner/wiki/External-flashing#neutralize-and-shrink-intel-me-useful-only-for-coreboot
+
+	# MFS is needed for deguard so we whitelist it here and also do not relocate the FTPR partition
+	python "$me_cleaner" --whitelist MFS -t -M "$me_output" "${extracted_me_filename}"
+	rm -rf ./*
+	popd || exit
+}
+
+function deguard() {
+	me_input="$(realpath "${1}")"
+	me_output="$(realpath "${2}")"
+
+	# Download the deguard tool into a temporary directory and apply the patch to the cleaned ME blob.
+	pushd "$(mktemp -d)" || exit
+	git clone https://github.com/coreboot/deguard
+	pushd deguard || exit
+	git checkout 0ed3e4ff824fc42f71ee22907d0594ded38ba7b2
+
+	python ./finalimage.py \
+		--delta "data/delta/$ME_delta" \
+		--version "$ME_version" \
+		--pch "$ME_pch" \
+		--sku "$ME_sku" \
+		--fake-fpfs data/fpfs/zero \
+		--input "$me_input" \
+		--output "$me_output"
+
+	popd || exit
+	#Cleanup
+	rm -rf ./*
+	popd || exit
+}
+
+
+function usage_err() {
+	echo "$1"
+	usage
+	exit 1
+}
+
+function parse_params() {
+	while getopts ":m:" opt; do
+		case $opt in
+		m)
+			if [[ -x "$OPTARG" ]]; then
+				me_cleaner="$OPTARG"
+			fi
+			;;
+		?)
+			usage_err "Invalid Option: -$OPTARG"
+			;;
+		esac
+	done
+
+	if [[ -z "${me_cleaner}" ]]; then
+		if [[ -z "${COREBOOT_DIR}" ]]; then
+			usage_err "ERROR: me_cleaner.py not found. Set path with -m parameter or define the COREBOOT_DIR variable."
+		else
+			me_cleaner="${COREBOOT_DIR}/util/me_cleaner/me_cleaner.py"
+		fi
+	fi
+	echo "Using me_cleaner from ${me_cleaner}"
+
+	shift $(($OPTIND - 1))
+	output_dir="$(realpath "${1:-./}")"
+	if [[ ! -d "${output_dir}" ]]; then
+		usage_err "No valid output dir found"
+	fi
+	me_cleaned="${output_dir}/me_cleaned.bin"
+	me_deguarded="${output_dir}/m900_me.bin"
+	echo "Writing cleaned and deguarded ME to ${me_deguarded}"
+}
+
+
+if [[ "${BASH_SOURCE[0]}" == "$0" ]]; then
+	if [[ "${1:-}" == "--help" ]]; then
+		usage
+		exit 0
+	fi
+
+	parse_params "$@"
+	chk_exists_and_matches "$me_deguarded" "$DEGUARDED_ME_BIN_HASH" ME
+
+	if [[ -z "$me_exists" ]]; then
+		download_and_clean "$me_cleaner" "$me_cleaned"
+		deguard "$me_cleaned" "$me_deguarded"
+		rm -f "$me_cleaned"
+	fi
+	
+	chk_sha256sum "$DEGUARDED_ME_BIN_HASH" "$me_deguarded"
+fi

From afb8c319d815aeaca028ebe7267a470c6f8cd503 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:52:40 -0400
Subject: [PATCH 04/14] add ifd and gbe blobs for the m900_tower board

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/m900_tower_gbe.bin | Bin 0 -> 8192 bytes
 blobs/m900/m900_tower_ifd.bin | Bin 0 -> 4096 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 blobs/m900/m900_tower_gbe.bin
 create mode 100644 blobs/m900/m900_tower_ifd.bin

diff --git a/blobs/m900/m900_tower_gbe.bin b/blobs/m900/m900_tower_gbe.bin
new file mode 100644
index 0000000000000000000000000000000000000000..268e6a3a27d5026ca9d9eea6fb6f9a384ddc81cf
GIT binary patch
literal 8192
zcmeIyv1-CV7zgnG8Es-nOSD8Bgj(q6kUT&k(4h{+r7z&>TihUy(!sHNr+`CgN^z)e
z9s2@(gihT=uHO}lXeJjI{~sj(yDxVM`9XrO?A?4T&zK>`fHqPeAu!T;g#Xf&r%sH9
zOoN|h$-nW=RUTz;dGz{swj<f9(HnVoiwm^dc5o(#LRwXBYVW&UC>fI_c3H7DD<@NU
zKFSZ%+w^KNzg+761<(zVN|rxsaQwP#m+^Cq780CDRwZ4@P|}xdN(SpZU8h>b=sYI4
zdx=qz>zgNXM1kWG7~BsXRr~<i*%5HAcN#LC1;rja6xdhbc>XqgQwmUk0u-PC1t>rP
a3Q&Lo6rcbFC_n)UP=Epypa2C9A@B<TuB(~=

literal 0
HcmV?d00001

diff --git a/blobs/m900/m900_tower_ifd.bin b/blobs/m900/m900_tower_ifd.bin
new file mode 100644
index 0000000000000000000000000000000000000000..5a6a01e8a4a97c0e023eb912cad1bd54ab575288
GIT binary patch
literal 4096
zcmeHKy-LGS6#i~wFzsMsEgC`a4%Wq`b{6bladGGp5D{8I_pVN6a#aWM3494B>D0IA
zBQ!%rhrsom+&h@qE-DV;9=PY+eCIFcJ6WPsUe2Bq-@y{RN^sh8_L280^@j60jIfWd
z4WTG!O$bz=ZZQ883z=t%rW$lS&&$e6Dnha#{Lf+F9uQgQFN%Ny7Q-Rz=_K#?9+&wG
zxr;C!bVyEzE|;eJ`X0Cwm<(w!HUn0DRy|f&p~G#CT;O%1hlD|v{sA76ntD&uR09Pa
z&VN2;m>ZKEiU2WLT692fmhA(xi|Qs}*HIL0Q)6dY)Ob@>_@ou?fbrEW1(59ctUH*s
z8~?V)pMDrTVLe`rA9)HZmI2FvWxz6E8L$jk1}p=Xfs!#W?SyE`rkoD69mx<~*_ESR
iZRJY{SGsbmW$aMfvB~>r>%211GNB)wGR*Ot89o6}of*9V

literal 0
HcmV?d00001


From 90aeafa26a4d136e62c8ec8c87dd9fd540192c87 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:53:28 -0400
Subject: [PATCH 05/14] add m900_tower board information including caveats

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/README.md | 54 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 blobs/m900/README.md

diff --git a/blobs/m900/README.md b/blobs/m900/README.md
new file mode 100644
index 000000000..aa4339f7d
--- /dev/null
+++ b/blobs/m900/README.md
@@ -0,0 +1,54 @@
+# m900_tower Blobs
+
+The following blobs are needed:
+
+* `ifd.bin`
+* `gbe.bin`
+* `me.bin`
+
+## me.bin: automatically extract, deactivate, partially neuter and deguard
+
+download_clean_deguard_me.sh : Download vulnerable ME from ASRock, verify checksum, extract ME, deactivate ME and paritally neuter it, then apply the deguard patch and place it into me.bin.
+For the technical details please read the documentation in the script itself, as removing modules is limited on the platform.
+
+The ME blob dumped in this directory comes from the following link: https://download.asrock.com/BIOS/1151/H110M-DGS(7.30)ROM.zip
+
+
+This provides ME version 11.6.0.1126. In this version CVE-2017-5705 has not yet been fixed.
+See https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html
+Therefore, Bootguard can be disabled by deguard with a patched ME.
+
+As specified in the first link, this ME can be deployed to:
+
+* m900_tower/SFF
+* optiplex_3050
+* m900_tiny
+
+
+## ifd.bin and gbe.bin
+
+Both blobs were taken from my donor board.
+
+The GBE MAC address was forged to: `00:DE:AD:C0:FF:EE`
+IFD blob was unlocked using iftool. Moreover, to be sure, the HAP bit was set by altmedisable. 
+The IFD layot was changed: the bios region was expanded to take space after reducing the me blob. 
+
+## Integrity
+
+Sha256sums: `blobs/m900/hashes.txt`
+
+# CAVEATS for the board:
+
+> This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
+> This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
+> Also it can be used to extract FDE keys from a TPM.
+> The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576
+> Make sure you understand the implications of the attack for your threat model before using this board.
+
+# Documentation
+
+A guide on how to flash this board (both the Heads rom) can be found here:
+https://osresearch.net/m900_tower-maximized-flashing/ #TODO
+
+The upstream port for the board can be found here: https://review.coreboot.org/c/coreboot/+/74187
+

From a150ccb3bc86e1eccf8452dcea44cc752a584eb3 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:54:11 -0400
Subject: [PATCH 06/14] add hashes of the blobs and .gitignore file

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/hashes.txt | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 blobs/m900/hashes.txt

diff --git a/blobs/m900/hashes.txt b/blobs/m900/hashes.txt
new file mode 100644
index 000000000..1b4d7438a
--- /dev/null
+++ b/blobs/m900/hashes.txt
@@ -0,0 +1,5 @@
+#m900:
+9c3eff6be017b36c819a0df3c1f6537bb26b6f3d5780787f60b91cedc789f0f0  m900_me.bin
+9508980f92b6b6d270c7f53fd8d4fbf90f37465dff6506d5b3c0675c85f48ffe  m900_tower_gbe.bin
+6d085dfd05f4c945e2745568ab8b1412ea2514a68b463aa05fa1fedec6e429dd  m900_tower_ifd.bin
+

From 2926342f073aacd0f3d0d3af830de78610ab0c7b Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:55:14 -0400
Subject: [PATCH 07/14] add the .gitignore file

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/.gitignore | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 blobs/m900/.gitignore

diff --git a/blobs/m900/.gitignore b/blobs/m900/.gitignore
new file mode 100644
index 000000000..b5f076e22
--- /dev/null
+++ b/blobs/m900/.gitignore
@@ -0,0 +1,3 @@
+me.bin
+m900_me.bin
+

From 12055486620d0bbd7f4999da2d8934d9e89d43ba Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:56:17 -0400
Subject: [PATCH 08/14] add the board config for  m900_tower hotp variant

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 .../EOL_m900_tower-hotp-maximized.config      | 87 +++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config

diff --git a/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config b/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config
new file mode 100644
index 000000000..faf4b824f
--- /dev/null
+++ b/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config
@@ -0,0 +1,87 @@
+# WARNING: This system remains perpetually vulnerable to Spectre v2 (CVE-2017-5715). Mitigations and microcode updates previously applied are now known to be ineffective due to QSB-107 and related CVEs. If Spectre v2 is a concern in your threat model, consider migrating to a platform with ongoing microcode support. Proper OPSEC for Memory Use MUST be followed:https://www.anarsec.guide/posts/qubes/#appendix-opsec-for-memory-use
+# Configuration for a m900_tiny running Qubes 4.3 and other Linux Based OSes (through kexec)
+# CAVEATS:
+# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
+# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
+# Also it can be used to extract FDE keys from a TPM.
+# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576
+# Make sure you understand the implications of the attack for your threat model before using this board.
+# Includes
+# - Deactivated+partially neutered+deguarded ME and expanded consequent IFD BIOS regions
+# - More details can be found in the script under blobs/m900_tiny/m900_tiny_download_clean_deguard_me.sh
+# - Forged GBE MAC address to 00:DE:AD:C0:FF:EE
+# - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
+
+export CONFIG_COREBOOT=y
+export CONFIG_COREBOOT_VERSION=25.09
+export CONFIG_LINUX_VERSION=6.1.8
+
+CONFIG_COREBOOT_CONFIG=config/coreboot-m900-maximized.config
+CONFIG_LINUX_CONFIG=config/linux-m900.config
+
+
+#Additional hardware support
+CONFIG_LINUX_USB=y
+CONFIG_LINUX_E1000E=y
+CONFIG_MOBILE_TETHERING=y
+
+#Additional features
+export CONFIG_USB_KEYBOARD_REQUIRED=y
+
+CONFIG_CRYPTSETUP2=y
+CONFIG_FLASHPROG=y
+CONFIG_FLASHTOOLS=y
+CONFIG_GPG2=y
+CONFIG_KEXEC=y
+CONFIG_UTIL_LINUX=y
+CONFIG_LVM2=y
+CONFIG_MBEDTLS=y
+CONFIG_PCIUTILS=y
+
+#platform locking finalization (PR0)
+CONFIG_IO386=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
+#Remote attestation support
+#TPM based requirements
+export CONFIG_TPM=y
+CONFIG_POPT=y
+CONFIG_QRENCODE=y
+CONFIG_TPMTOTP=y
+#HOTP based remote attestation for supported USB Security dongle
+#With/Without TPM support
+CONFIG_HOTPKEY=y
+export CONFIG_AUTO_BOOT_TIMEOUT=5
+
+#Nitrokey Storage admin tool
+CONFIG_NKSTORECLI=n
+
+#GUI Support
+#Console based Whiptail support(Console based, no FB):
+#CONFIG_SLANG=y
+#CONFIG_NEWT=y
+#FBWhiptail based (Graphical):
+CONFIG_CAIRO=y
+CONFIG_FBWHIPTAIL=y
+
+#Additional tools:
+#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E)
+CONFIG_DROPBEAR=y
+
+#Enable DEBUG output
+export CONFIG_DEBUG_OUTPUT=n
+export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=n
+#Enable TPM2 pcap output under /tmp
+export CONFIG_TPM2_CAPTURE_PCAP=n
+#Enable quiet mode: technical information logged under /tmp/debug.log
+export CONFIG_QUIET_MODE=y
+export CONFIG_BOOTSCRIPT=/bin/gui-init.sh
+export CONFIG_BOOT_REQ_HASH=n
+export CONFIG_BOOT_REQ_ROLLBACK=n
+export CONFIG_BOOT_KERNEL_ADD=""
+export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
+export CONFIG_BOARD_NAME="Thinkcentre m900-hotp-maximized"
+export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
+
+BOARD_TARGETS := m900_me_blobs

From a3214d324a12987aa93408cb1d970022c4ce90a3 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:56:43 -0400
Subject: [PATCH 09/14] add the board config for m900_tower maximized variant

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 .../EOL_m900_tower-maximized.config           | 85 +++++++++++++++++++
 1 file changed, 85 insertions(+)
 create mode 100644 boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config

diff --git a/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config b/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config
new file mode 100644
index 000000000..74f59400f
--- /dev/null
+++ b/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config
@@ -0,0 +1,85 @@
+# WARNING: This system remains perpetually vulnerable to Spectre v2 (CVE-2017-5715). Mitigations and microcode updates previously applied are now known to be ineffective due to QSB-107 and related CVEs. If Spectre v2 is a concern in your threat model, consider migrating to a platform with ongoing microcode support. Proper OPSEC for Memory Use MUST be followed:https://www.anarsec.guide/posts/qubes/#appendix-opsec-for-memory-use
+# Configuration for a m900_tiny running Qubes 4.3 and other Linux Based OSes (through kexec)
+# CAVEATS:
+# This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
+# This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
+# Also it can be used to extract FDE keys from a TPM.
+# The related coreboot issue contains more information: https://ticket.coreboot.org/issues/576
+# Make sure you understand the implications of the attack for your threat model before using this board.
+# Includes
+# - Deactivated+partially neutered+deguarded ME and expanded consequent IFD BIOS regions
+# - More details can be found in the script under blobs/m900_tiny/m900_tiny_download_clean_deguard_me.sh
+# - Forged GBE MAC address to 00:DE:AD:C0:FF:EE
+# - DOES NOT INCLUDE Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
+
+export CONFIG_COREBOOT=y
+export CONFIG_COREBOOT_VERSION=25.09
+export CONFIG_LINUX_VERSION=6.1.8
+
+CONFIG_COREBOOT_CONFIG=config/coreboot-m900-maximized.config
+CONFIG_LINUX_CONFIG=config/linux-m900.config
+
+#Additional hardware support
+CONFIG_LINUX_USB=y
+CONFIG_LINUX_E1000E=y
+CONFIG_MOBILE_TETHERING=y
+
+#Additional features
+export CONFIG_USB_KEYBOARD_REQUIRED=y
+
+CONFIG_CRYPTSETUP2=y
+CONFIG_FLASHPROG=y
+CONFIG_FLASHTOOLS=y
+CONFIG_GPG2=y
+CONFIG_KEXEC=y
+CONFIG_UTIL_LINUX=y
+CONFIG_LVM2=y
+CONFIG_MBEDTLS=y
+CONFIG_PCIUTILS=y
+
+#platform locking finalization (PR0)
+CONFIG_IO386=y
+export CONFIG_FINALIZE_PLATFORM_LOCKING=y
+
+
+#Remote attestation support
+#TPM based requirements
+export CONFIG_TPM=y
+CONFIG_POPT=y
+CONFIG_QRENCODE=y
+CONFIG_TPMTOTP=y
+#HOTP based remote attestation for supported USB Security dongle
+#With/Without TPM support
+#CONFIG_HOTPKEY=y
+
+#Nitrokey Storage admin tool
+CONFIG_NKSTORECLI=n
+
+#GUI Support
+#Console based Whiptail support(Console based, no FB):
+#CONFIG_SLANG=y
+#CONFIG_NEWT=y
+#FBWhiptail based (Graphical):
+CONFIG_CAIRO=y
+CONFIG_FBWHIPTAIL=y
+
+#Additional tools:
+#SSH server (requires ethernet drivers, eg: CONFIG_LINUX_E1000E)
+CONFIG_DROPBEAR=y
+
+#Enable DEBUG output
+export CONFIG_DEBUG_OUTPUT=n
+export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=n
+#Enable TPM2 pcap output under /tmp
+export CONFIG_TPM2_CAPTURE_PCAP=n
+#Enable quiet mode: technical information logged under /tmp/debug.log
+export CONFIG_QUIET_MODE=y
+export CONFIG_BOOTSCRIPT=/bin/gui-init.sh
+export CONFIG_BOOT_REQ_HASH=n
+export CONFIG_BOOT_REQ_ROLLBACK=n
+export CONFIG_BOOT_KERNEL_ADD=""
+export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
+export CONFIG_BOARD_NAME="Thinkcentre m900-maximized"
+export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
+
+BOARD_TARGETS := m900_me_blobs

From d45181e9ff2a477118e2a64bef1c5144d71eb741 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:57:23 -0400
Subject: [PATCH 10/14] add the coreboot config for m900_tower board

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 config/coreboot-m900-maximized.config | 945 ++++++++++++++++++++++++++
 1 file changed, 945 insertions(+)
 create mode 100644 config/coreboot-m900-maximized.config

diff --git a/config/coreboot-m900-maximized.config b/config/coreboot-m900-maximized.config
new file mode 100644
index 000000000..d63bd6c35
--- /dev/null
+++ b/config/coreboot-m900-maximized.config
@@ -0,0 +1,945 @@
+#
+# Automatically generated file; DO NOT EDIT.
+# coreboot configuration
+#
+
+#
+# General setup
+#
+CONFIG_LOCALVERSION=""
+CONFIG_CBFS_PREFIX="fallback"
+CONFIG_COMPILER_GCC=y
+# CONFIG_COMPILER_LLVM_CLANG is not set
+# CONFIG_ANY_TOOLCHAIN is not set
+# CONFIG_CCACHE is not set
+# CONFIG_LTO is not set
+# CONFIG_IWYU is not set
+# CONFIG_FMD_GENPARSER is not set
+# CONFIG_UTIL_GENPARSER is not set
+CONFIG_OPTION_BACKEND_NONE=y
+# CONFIG_USE_OPTION_TABLE is not set
+# CONFIG_USE_CBFS_FILE_OPTION_BACKEND is not set
+CONFIG_COMPRESS_RAMSTAGE_LZMA=y
+# CONFIG_COMPRESS_RAMSTAGE_LZ4 is not set
+# CONFIG_COMPRESS_RAMSTAGE_ZSTD is not set
+CONFIG_SEPARATE_ROMSTAGE=y
+CONFIG_INCLUDE_CONFIG_FILE=y
+CONFIG_COLLECT_TIMESTAMPS=y
+# CONFIG_TIMESTAMPS_ON_CONSOLE is not set
+CONFIG_USE_BLOBS=y
+# CONFIG_USE_AMD_BLOBS is not set
+# CONFIG_USE_QC_BLOBS is not set
+# CONFIG_COVERAGE is not set
+# CONFIG_UBSAN is not set
+CONFIG_HAVE_ASAN_IN_RAMSTAGE=y
+# CONFIG_ASAN is not set
+# CONFIG_NO_STAGE_CACHE is not set
+CONFIG_TSEG_STAGE_CACHE=y
+# CONFIG_UPDATE_IMAGE is not set
+CONFIG_BOOTSPLASH_IMAGE=y
+CONFIG_BOOTSPLASH_FILE="@BRAND_DIR@/bootsplash.jpg"
+CONFIG_BOOTSPLASH_CONVERT=y
+CONFIG_BOOTSPLASH_CONVERT_QUALITY=90
+# CONFIG_BOOTSPLASH_CONVERT_RESIZE is not set
+# CONFIG_BOOTSPLASH_CONVERT_COLORSWAP is not set
+
+#
+# Software Bill Of Materials (SBOM)
+#
+# CONFIG_SBOM is not set
+# end of Software Bill Of Materials (SBOM)
+# end of General setup
+
+#
+# Mainboard
+#
+
+#
+# Important: Run 'make distclean' before switching boards
+#
+# CONFIG_VENDOR_51NB is not set
+# CONFIG_VENDOR_ACER is not set
+# CONFIG_VENDOR_AMD is not set
+# CONFIG_VENDOR_AOOSTAR is not set
+# CONFIG_VENDOR_AOPEN is not set
+# CONFIG_VENDOR_APPLE is not set
+# CONFIG_VENDOR_ARM is not set
+# CONFIG_VENDOR_ASROCK is not set
+# CONFIG_VENDOR_ASUS is not set
+# CONFIG_VENDOR_BIOSTAR is not set
+# CONFIG_VENDOR_BOSTENTECH is not set
+# CONFIG_VENDOR_BYTEDANCE is not set
+# CONFIG_VENDOR_CAVIUM is not set
+# CONFIG_VENDOR_CLEVO is not set
+# CONFIG_VENDOR_COMPULAB is not set
+# CONFIG_VENDOR_CWWK is not set
+# CONFIG_VENDOR_DELL is not set
+# CONFIG_VENDOR_EMULATION is not set
+# CONFIG_VENDOR_ERYING is not set
+# CONFIG_VENDOR_EXAMPLE is not set
+# CONFIG_VENDOR_FACEBOOK is not set
+# CONFIG_VENDOR_FOXCONN is not set
+# CONFIG_VENDOR_FRAMEWORK is not set
+# CONFIG_VENDOR_GETAC is not set
+# CONFIG_VENDOR_GIGABYTE is not set
+# CONFIG_VENDOR_GOOGLE is not set
+# CONFIG_VENDOR_HARDKERNEL is not set
+# CONFIG_VENDOR_HP is not set
+# CONFIG_VENDOR_IBASE is not set
+# CONFIG_VENDOR_IBM is not set
+# CONFIG_VENDOR_INTEL is not set
+# CONFIG_VENDOR_INVENTEC is not set
+# CONFIG_VENDOR_KONTRON is not set
+# CONFIG_VENDOR_LATTEPANDA is not set
+CONFIG_VENDOR_LENOVO=y
+# CONFIG_VENDOR_LIBRETREND is not set
+# CONFIG_VENDOR_MITAC_COMPUTING is not set
+# CONFIG_VENDOR_MSI is not set
+# CONFIG_VENDOR_NOVACUSTOM is not set
+# CONFIG_VENDOR_OCP is not set
+# CONFIG_VENDOR_OPENCELLULAR is not set
+# CONFIG_VENDOR_PACKARDBELL is not set
+# CONFIG_VENDOR_PCENGINES is not set
+# CONFIG_VENDOR_PINE64 is not set
+# CONFIG_VENDOR_PORTWELL is not set
+# CONFIG_VENDOR_PRODRIVE is not set
+# CONFIG_VENDOR_PROTECTLI is not set
+# CONFIG_VENDOR_PURISM is not set
+# CONFIG_VENDOR_QOTOM is not set
+# CONFIG_VENDOR_RAPTOR_CS is not set
+# CONFIG_VENDOR_RAZER is not set
+# CONFIG_VENDOR_RODA is not set
+# CONFIG_VENDOR_SAMSUNG is not set
+# CONFIG_VENDOR_SAPPHIRE is not set
+# CONFIG_VENDOR_SIEMENS is not set
+# CONFIG_VENDOR_SIFIVE is not set
+# CONFIG_VENDOR_STARLABS is not set
+# CONFIG_VENDOR_SUPERMICRO is not set
+# CONFIG_VENDOR_SYSTEM76 is not set
+# CONFIG_VENDOR_TI is not set
+# CONFIG_VENDOR_TOPTON is not set
+# CONFIG_VENDOR_UP is not set
+# CONFIG_VENDOR_VIA is not set
+CONFIG_BOARD_SPECIFIC_OPTIONS=y
+CONFIG_MAINBOARD_FAMILY="M900"
+CONFIG_MAINBOARD_PART_NUMBER="M900"
+CONFIG_MAINBOARD_VERSION="1.0"
+CONFIG_MAINBOARD_DIR="lenovo/m900"
+CONFIG_VGA_BIOS_ID="8086,0406"
+CONFIG_DIMM_MAX=4
+CONFIG_DIMM_SPD_SIZE=512
+CONFIG_FMDFILE=""
+# CONFIG_NO_POST is not set
+CONFIG_MAINBOARD_VENDOR="LENOVO"
+CONFIG_CBFS_SIZE=0xEEC000
+CONFIG_CONSOLE_SERIAL=y
+CONFIG_LINEAR_FRAMEBUFFER_MAX_HEIGHT=2160
+CONFIG_LINEAR_FRAMEBUFFER_MAX_WIDTH=3840
+CONFIG_MAX_CPUS=16
+CONFIG_ONBOARD_VGA_IS_PRIMARY=y
+CONFIG_POST_DEVICE=y
+CONFIG_POST_IO=y
+CONFIG_UART_FOR_CONSOLE=0
+CONFIG_OVERRIDE_DEVICETREE=""
+CONFIG_DEVICETREE="devicetree.cb"
+# CONFIG_VBOOT is not set
+# CONFIG_VGA_BIOS is not set
+CONFIG_PCIEXP_ASPM=y
+CONFIG_PCIEXP_L1_SUB_STATE=y
+CONFIG_PCIEXP_CLK_PM=y
+CONFIG_MAINBOARD_SMBIOS_MANUFACTURER="LENOVO"
+CONFIG_ECAM_MMCONF_BASE_ADDRESS=0xe0000000
+CONFIG_ECAM_MMCONF_BUS_NUMBER=256
+CONFIG_MEMLAYOUT_LD_FILE="src/arch/x86/memlayout.ld"
+# CONFIG_FATAL_ASSERTS is not set
+CONFIG_INTEL_GMA_VBT_FILE="src/mainboard/$(MAINBOARDDIR)/data.vbt"
+CONFIG_DISABLE_HECI1_AT_PRE_BOOT=y
+CONFIG_PRERAM_CBMEM_CONSOLE_SIZE=0xc00
+CONFIG_MAINBOARD_SMBIOS_PRODUCT_NAME="M900"
+# CONFIG_CONSOLE_POST is not set
+CONFIG_FSP_FD_PATH="3rdparty/fsp/KabylakeFspBinPkg/Fsp.fd"
+CONFIG_MAX_SOCKET=1
+CONFIG_CMOS_DEFAULT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.default"
+CONFIG_CMOS_LAYOUT_FILE="src/mainboard/$(MAINBOARDDIR)/cmos.layout"
+CONFIG_USE_PM_ACPI_TIMER=y
+CONFIG_BOOT_DEVICE_SPI_FLASH_BUS=0
+CONFIG_TPM_PIRQ=0x0
+CONFIG_DCACHE_RAM_BASE=0xfef00000
+CONFIG_DCACHE_RAM_SIZE=0x40000
+CONFIG_C_ENV_BOOTBLOCK_SIZE=0x40000
+CONFIG_DCACHE_BSP_STACK_SIZE=0x4000
+CONFIG_MAX_ACPI_TABLE_SIZE_KB=144
+CONFIG_HAVE_INTEL_FIRMWARE=y
+CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000
+# CONFIG_DRIVERS_INTEL_WIFI is not set
+CONFIG_IFD_BIN_PATH="@BLOB_DIR@/m900/m900_tower_ifd.bin"
+CONFIG_ME_BIN_PATH="@BLOB_DIR@/m900/m900_me.bin"
+CONFIG_GBE_BIN_PATH="@BLOB_DIR@/m900/m900_tower_gbe.bin"
+CONFIG_MAINBOARD_SUPPORTS_SKYLAKE_CPU=y
+CONFIG_CONSOLE_CBMEM_BUFFER_SIZE=0x80000
+# CONFIG_INTEL_OC_MAILBOX_ENABLE_UNDERVOLTING is not set
+CONFIG_CARDBUS_PLUGIN_SUPPORT=y
+CONFIG_SPI_FLASH_DONT_INCLUDE_ALL_DRIVERS=y
+CONFIG_USE_LEGACY_8254_TIMER=y
+# CONFIG_DEBUG_SMI is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_SGX_ENABLE is not set
+CONFIG_HAVE_IFD_BIN=y
+CONFIG_PCIEXP_HOTPLUG_BUSES=8
+CONFIG_PCIEXP_HOTPLUG_MEM=0x800000
+CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM=0x10000000
+# CONFIG_BOARD_LENOVO_THINKPAD_T440P is not set
+# CONFIG_BOARD_LENOVO_THINKPAD_W541 is not set
+# CONFIG_BOARD_LENOVO_L520 is not set
+# CONFIG_BOARD_LENOVO_M720Q is not set
+# CONFIG_BOARD_LENOVO_M920Q is not set
+CONFIG_BOARD_LENOVO_M900=y
+# CONFIG_BOARD_LENOVO_THINKCENTRE_M900_TINY is not set
+# CONFIG_BOARD_LENOVO_S230U is not set
+# CONFIG_BOARD_LENOVO_T470S is not set
+# CONFIG_BOARD_LENOVO_T480 is not set
+# CONFIG_BOARD_LENOVO_T480S is not set
+# CONFIG_BOARD_LENOVO_T580 is not set
+# CONFIG_BOARD_LENOVO_X280 is not set
+# CONFIG_BOARD_LENOVO_T400 is not set
+# CONFIG_BOARD_LENOVO_T500 is not set
+# CONFIG_BOARD_LENOVO_R400 is not set
+# CONFIG_BOARD_LENOVO_R500 is not set
+# CONFIG_BOARD_LENOVO_W500 is not set
+# CONFIG_BOARD_LENOVO_T410 is not set
+# CONFIG_BOARD_LENOVO_T420 is not set
+# CONFIG_BOARD_LENOVO_T420S is not set
+# CONFIG_BOARD_LENOVO_T430S is not set
+# CONFIG_BOARD_LENOVO_T431S is not set
+# CONFIG_BOARD_LENOVO_T520 is not set
+# CONFIG_BOARD_LENOVO_W520 is not set
+# CONFIG_BOARD_LENOVO_T530 is not set
+# CONFIG_BOARD_LENOVO_W530 is not set
+# CONFIG_BOARD_LENOVO_T430 is not set
+# CONFIG_BOARD_LENOVO_T60 is not set
+# CONFIG_BOARD_LENOVO_Z61T is not set
+# CONFIG_BOARD_LENOVO_R60 is not set
+# CONFIG_BOARD_LENOVO_THINKCENTRE_A58 is not set
+# CONFIG_BOARD_LENOVO_THINKCENTRE_M710S is not set
+# CONFIG_BOARD_LENOVO_X131E is not set
+# CONFIG_BOARD_LENOVO_X1_CARBON_GEN1 is not set
+# CONFIG_BOARD_LENOVO_X200 is not set
+# CONFIG_BOARD_LENOVO_X301 is not set
+# CONFIG_BOARD_LENOVO_X201 is not set
+# CONFIG_BOARD_LENOVO_X220 is not set
+# CONFIG_BOARD_LENOVO_X220I is not set
+# CONFIG_BOARD_LENOVO_X1 is not set
+# CONFIG_BOARD_LENOVO_X230 is not set
+# CONFIG_BOARD_LENOVO_X230T is not set
+# CONFIG_BOARD_LENOVO_X230S is not set
+# CONFIG_BOARD_LENOVO_X230_EDP is not set
+# CONFIG_BOARD_LENOVO_X60 is not set
+CONFIG_PS2K_EISAID="PNP0303"
+CONFIG_PS2M_EISAID="PNP0F13"
+CONFIG_GFX_GMA_PANEL_1_PORT="eDP"
+CONFIG_TTYS0_BAUD=115200
+# CONFIG_SOC_INTEL_CSE_SEND_EOP_EARLY is not set
+CONFIG_POWER_STATE_DEFAULT_ON_AFTER_FAILURE=y
+CONFIG_D3COLD_SUPPORT=y
+CONFIG_GFX_GMA_PANEL_1_ON_EDP=y
+CONFIG_DRIVERS_UART_8250IO=y
+CONFIG_PC_CMOS_BASE_PORT_BANK1=0x72
+CONFIG_HEAP_SIZE=0x100000
+# CONFIG_BOOTMEDIA_SMM_BWP is not set
+# CONFIG_DRIVERS_EFI_FW_INFO is not set
+# CONFIG_TCG_OPAL_S3_UNLOCK is not set
+CONFIG_TPM_MEASURED_BOOT=y
+CONFIG_LINUX_COMMAND_LINE="quiet loglevel=2"
+CONFIG_BOARD_ROMSIZE_KB_16384=y
+# CONFIG_COREBOOT_ROMSIZE_KB_256 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_512 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_1024 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_2048 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_4096 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_5120 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_6144 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_8192 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_10240 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_12288 is not set
+CONFIG_COREBOOT_ROMSIZE_KB_16384=y
+# CONFIG_COREBOOT_ROMSIZE_KB_24576 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_32768 is not set
+# CONFIG_COREBOOT_ROMSIZE_KB_65536 is not set
+CONFIG_COREBOOT_ROMSIZE_KB=16384
+CONFIG_ROM_SIZE=0x01000000
+CONFIG_HAVE_POWER_STATE_AFTER_FAILURE=y
+CONFIG_HAVE_POWER_STATE_PREVIOUS_AFTER_FAILURE=y
+# CONFIG_POWER_STATE_OFF_AFTER_FAILURE is not set
+CONFIG_POWER_STATE_ON_AFTER_FAILURE=y
+# CONFIG_POWER_STATE_PREVIOUS_AFTER_FAILURE is not set
+CONFIG_MAINBOARD_POWER_FAILURE_STATE=1
+# end of Mainboard
+
+#
+# Chipset
+#
+
+#
+# SoC
+#
+CONFIG_CHIPSET_DEVICETREE="soc/intel/skylake/chipset.cb"
+CONFIG_FSP_M_FILE="$(obj)/Fsp_M.fd"
+CONFIG_FSP_S_FILE="$(obj)/Fsp_S.fd"
+CONFIG_CBFS_MCACHE_SIZE=0x4000
+CONFIG_ROMSTAGE_ADDR=0x2000000
+CONFIG_VERSTAGE_ADDR=0x2000000
+CONFIG_SMM_TSEG_SIZE=0x800000
+CONFIG_SMM_RESERVED_SIZE=0x200000
+CONFIG_SMM_MODULE_STACK_SIZE=0x800
+CONFIG_ACPI_BERT_SIZE=0x0
+CONFIG_DRIVERS_I2C_DESIGNWARE_CLOCK_MHZ=120
+CONFIG_CPU_PT_ROM_MAP_GB=512
+CONFIG_PRERAM_CBFS_CACHE_SIZE=0x4000
+CONFIG_DOMAIN_RESOURCE_32BIT_LIMIT=0xe0000000
+CONFIG_ACPI_CPU_STRING="CP%02X"
+CONFIG_STACK_SIZE=0x2000
+CONFIG_IFD_CHIPSET="sklkbl"
+CONFIG_IED_REGION_SIZE=0x400000
+CONFIG_MAX_ROOT_PORTS=24
+CONFIG_PCR_BASE_ADDRESS=0xfd000000
+CONFIG_CPU_BCLK_MHZ=100
+CONFIG_SOC_INTEL_COMMON_BLOCK_GSPI_CLOCK_MHZ=120
+CONFIG_CPU_XTAL_HZ=24000000
+CONFIG_SOC_INTEL_COMMON_BLOCK_GSPI_MAX=2
+CONFIG_SOC_INTEL_I2C_DEV_MAX=6
+# CONFIG_ENABLE_SATA_TEST_MODE is not set
+CONFIG_SOC_INTEL_COMMON_LPSS_UART_CLK_M_VAL=0x30
+CONFIG_SOC_INTEL_COMMON_LPSS_UART_CLK_N_VAL=0xc35
+CONFIG_FSP_HEADER_PATH="3rdparty/fsp/KabylakeFspBinPkg/Include/"
+CONFIG_SOC_INTEL_COMMON_DEBUG_CONSENT=0
+CONFIG_INTEL_GMA_BCLV_OFFSET=0xc8254
+CONFIG_INTEL_GMA_BCLV_WIDTH=16
+CONFIG_INTEL_GMA_BCLM_OFFSET=0xc8256
+CONFIG_INTEL_GMA_BCLM_WIDTH=16
+CONFIG_FSP_PUBLISH_MBP_HOB=y
+CONFIG_FSP_STATUS_GLOBAL_RESET=0x40000003
+CONFIG_MAX_HECI_DEVICES=5
+CONFIG_BOOTBLOCK_IN_CBFS=y
+CONFIG_HAVE_PAM0_REGISTER=y
+CONFIG_INTEL_TXT_BIOSACM_ALIGNMENT=0x40000
+CONFIG_CPU_INTEL_NUM_FIT_ENTRIES=10
+CONFIG_SOC_INTEL_GFX_FRAMEBUFFER_OFFSET=0x0
+CONFIG_PCIE_LTR_MAX_SNOOP_LATENCY=0x1003
+CONFIG_PCIE_LTR_MAX_NO_SNOOP_LATENCY=0x1003
+CONFIG_SOC_PHYSICAL_ADDRESS_WIDTH=0
+CONFIG_DEBUG_STACK_OVERFLOW_BREAKPOINTS=y
+CONFIG_RAMSTAGE_CBFS_CACHE_SIZE=0x4000
+CONFIG_CBFS_CACHE_ALIGN=8
+CONFIG_SOC_INTEL_COMMON_SKYLAKE_BASE=y
+CONFIG_SOC_INTEL_SKYLAKE=y
+CONFIG_SKYLAKE_SOC_PCH_H=y
+CONFIG_MAINBOARD_SUPPORTS_KABYLAKE_CPU=y
+CONFIG_MAINBOARD_SUPPORTS_COFFEELAKE_CPU=y
+# CONFIG_ALWAYS_ALLOW_ABOVE_4G_ALLOCATION is not set
+CONFIG_FSP_T_LOCATION=0xfffe0000
+CONFIG_SOC_INTEL_COMMON_BLOCK_P2SB=y
+CONFIG_FIXED_SMBUS_IO_BASE=0xefa0
+CONFIG_UART_BITBANG_TX_DELAY_MS=5
+CONFIG_SOC_INTEL_COMMON=y
+
+#
+# Intel SoC Common Code for IP blocks
+#
+CONFIG_SOC_INTEL_COMMON_BLOCK=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ACPI=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ACPI_GPIO=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ACPI_LPIT=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ACPI_PEP=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ACPI_CPPC=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_CHIP_CONFIG=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_CPU=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_CPU_MPINIT=y
+CONFIG_USE_FSP_FEATURE_PROGRAM_ON_APS=y
+# CONFIG_USE_COREBOOT_MP_INIT is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_CPU_SMMRELOCATE=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_CAR=y
+CONFIG_INTEL_CAR_NEM_ENHANCED=y
+# CONFIG_USE_INTEL_FSP_MP_INIT is not set
+CONFIG_CPU_SUPPORTS_PM_TIMER_EMULATION=y
+CONFIG_HAVE_HYPERTHREADING=y
+CONFIG_FSP_HYPERTHREADING=y
+# CONFIG_INTEL_KEYLOCKER is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_MAX is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_256MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_128MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_64MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_32MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_16MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_8MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_4MB is not set
+# CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_2MB is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_PRMRR_SIZE_0MB=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_CSE=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_HECI1_DISABLE_USING_PCR=y
+CONFIG_SOC_INTEL_CSE_FMAP_NAME="SI_ME"
+CONFIG_SOC_INTEL_CSE_RW_CBFS_NAME="me_rw"
+CONFIG_SOC_INTEL_CSE_RW_VERSION_CBFS_NAME="me_rw.version"
+CONFIG_SOC_INTEL_CSE_RW_FILE=""
+CONFIG_SOC_INTEL_CSE_RW_VERSION=""
+CONFIG_SOC_INTEL_CSE_IOM_CBFS_NAME="cse_iom"
+CONFIG_SOC_INTEL_CSE_IOM_CBFS_FILE=""
+CONFIG_SOC_INTEL_CSE_NPHY_CBFS_NAME="cse_nphy"
+CONFIG_SOC_INTEL_CSE_NPHY_CBFS_FILE=""
+CONFIG_CSE_RESET_CLEAR_EC_AP_IDLE_FLAG=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_DSP=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_FAST_SPI=y
+# CONFIG_FAST_SPI_DISABLE_WRITE_STATUS is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_GPIO=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_GPIO_ITSS_POL_CFG=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_GPIO_PADCFG_PADTOL=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_GPIO_DUAL_ROUTE_SUPPORT=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_GPMR=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_GRAPHICS=y
+CONFIG_SOC_INTEL_GFX_HAVE_DDI_A_BIFURCATION=y
+# CONFIG_SOC_INTEL_DISABLE_IGD is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_GSPI=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_HDA=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_HDA_VERB=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_I2C=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_ITSS=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_LPC=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_LPC_MIRROR_TO_GPMR=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_LPSS=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_BASE_P2SB=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_PCIE=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_PCR=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_PMC=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_PMC_DISCOVERABLE=y
+CONFIG_PMC_GLOBAL_RESET_ENABLE_LOCK=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_POWER_LIMIT=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_RTC=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SATA=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SCS=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SGX=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SGX_LOCK_MEMORY=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMBUS=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_TCO=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_TCO_ENABLE_THROUGH_SMBUS=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMM=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_IO_TRAP=y
+# CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_TCO_ENABLE is not set
+CONFIG_SOC_INTEL_COMMON_BLOCK_SMM_S5_DELAY_MS=0
+CONFIG_SOC_INTEL_COMMON_BLOCK_SPI=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_SA=y
+CONFIG_SA_ENABLE_DPR=y
+CONFIG_HAVE_CAPID_A_REGISTER=y
+CONFIG_HAVE_BDSM_BGSM_REGISTER=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_THERMAL=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_THERMAL_PCI_DEV=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_TIMER=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_UART=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_XDCI=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI=y
+CONFIG_SOC_INTEL_COMMON_BLOCK_XHCI_ELOG=y
+
+#
+# Intel SoC Common Code for features
+#
+CONFIG_SOC_INTEL_COMMON_FEATURE=y
+CONFIG_SOC_INTEL_COMMON_FEATURE_GSPI_DEVFN=y
+CONFIG_SOC_INTEL_COMMON_FEATURE_I2C_DEVFN=y
+CONFIG_SOC_INTEL_COMMON_FEATURE_UART_DEVICES=y
+
+#
+# Intel SoC Common PCH Code
+#
+CONFIG_SOC_INTEL_COMMON_PCH_CLIENT=y
+CONFIG_SOC_INTEL_COMMON_PCH_BASE=y
+CONFIG_SOC_INTEL_COMMON_PCH_LOCKDOWN=y
+CONFIG_PCH_SPECIFIC_BASE_OPTIONS=y
+CONFIG_PCH_SPECIFIC_DISCRETE_OPTIONS=y
+CONFIG_PCH_SPECIFIC_CLIENT_OPTIONS=y
+
+#
+# Intel SoC Common coreboot stages and non-IP blocks
+#
+CONFIG_SOC_INTEL_COMMON_BASECODE=y
+CONFIG_SOC_INTEL_COMMON_RESET=y
+CONFIG_SOC_INTEL_COMMON_ACPI_WAKE_SOURCE=y
+CONFIG_PAVP=y
+# CONFIG_MMA is not set
+CONFIG_SOC_INTEL_COMMON_NHLT=y
+# CONFIG_SOC_INTEL_DEBUG_CONSENT is not set
+
+#
+# CPU
+#
+CONFIG_CPU_INTEL_FIRMWARE_INTERFACE_TABLE=y
+CONFIG_CPU_INTEL_COMMON=y
+CONFIG_ENABLE_VMX=y
+CONFIG_SET_IA32_FC_LOCK_BIT=y
+CONFIG_SET_MSR_AESNI_LOCK_BIT=y
+CONFIG_CPU_INTEL_COMMON_SMM=y
+CONFIG_PARALLEL_MP=y
+CONFIG_PARALLEL_MP_AP_WORK=y
+CONFIG_XAPIC_ONLY=y
+# CONFIG_X2APIC_ONLY is not set
+# CONFIG_X2APIC_RUNTIME is not set
+# CONFIG_X2APIC_LATE_WORKAROUND is not set
+CONFIG_UDELAY_TSC=y
+CONFIG_TSC_MONOTONIC_TIMER=y
+CONFIG_TSC_SYNC_MFENCE=y
+CONFIG_HAVE_SMI_HANDLER=y
+CONFIG_SMM_TSEG=y
+CONFIG_SMM_OPAL_S3_STATE_SMRAM_SIZE=0x0
+CONFIG_SMM_PCI_RESOURCE_STORE_NUM_SLOTS=8
+CONFIG_AP_STACK_SIZE=0x800
+CONFIG_SMP=y
+CONFIG_SSE=y
+CONFIG_SSE2=y
+CONFIG_SUPPORT_CPU_UCODE_IN_CBFS=y
+CONFIG_USE_CPU_MICROCODE_CBFS_BINS=y
+CONFIG_CPU_MICROCODE_CBFS_DEFAULT_BINS=y
+# CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS is not set
+# CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_HEADER is not set
+# CONFIG_CPU_MICROCODE_CBFS_NONE is not set
+
+#
+# Northbridge
+#
+
+#
+# Southbridge
+#
+CONFIG_PCIEXP_HOTPLUG=y
+CONFIG_INTEL_DESCRIPTOR_MODE_REQUIRED=y
+CONFIG_PCIEXP_COMMON_CLOCK=y
+CONFIG_SOUTHBRIDGE_INTEL_COMMON_SMBUS=y
+CONFIG_INTEL_DESCRIPTOR_MODE_CAPABLE=y
+# CONFIG_VALIDATE_INTEL_DESCRIPTOR is not set
+CONFIG_FIXED_RCBA_MMIO_BASE=0xfed1c000
+CONFIG_RCBA_LENGTH=0x4000
+
+#
+# Super I/O
+#
+CONFIG_SUPERIO_NUVOTON_COMMON_PRE_RAM=y
+CONFIG_SUPERIO_NUVOTON_NCT6687D=y
+
+#
+# Embedded Controllers
+#
+
+#
+# Intel Firmware
+#
+CONFIG_HAVE_ME_BIN=y
+# CONFIG_STITCH_ME_BIN is not set
+# CONFIG_CHECK_ME is not set
+# CONFIG_ME_REGION_ALLOW_CPU_READ_ACCESS is not set
+# CONFIG_USE_ME_CLEANER is not set
+CONFIG_MAINBOARD_USES_IFD_GBE_REGION=y
+CONFIG_HAVE_GBE_BIN=y
+# CONFIG_DO_NOT_TOUCH_DESCRIPTOR_REGION is not set
+# CONFIG_LOCK_MANAGEMENT_ENGINE is not set
+CONFIG_UNLOCK_FLASH_REGIONS=y
+CONFIG_ACPI_FNKEY_GEN_SCANCODE=0
+CONFIG_UDK_BASE=y
+CONFIG_UDK_2017_BINDING=y
+CONFIG_UDK_2013_VERSION=2013
+CONFIG_UDK_2017_VERSION=2017
+CONFIG_UDK_202005_VERSION=202005
+CONFIG_UDK_202111_VERSION=202111
+CONFIG_UDK_202302_VERSION=202302
+CONFIG_UDK_202305_VERSION=202305
+CONFIG_UDK_VERSION=2017
+CONFIG_ARCH_X86=y
+CONFIG_ARCH_BOOTBLOCK_X86_32=y
+CONFIG_ARCH_VERSTAGE_X86_32=y
+CONFIG_ARCH_ROMSTAGE_X86_32=y
+CONFIG_ARCH_POSTCAR_X86_32=y
+CONFIG_ARCH_RAMSTAGE_X86_32=y
+CONFIG_ARCH_ALL_STAGES_X86_32=y
+CONFIG_RESERVED_PHYSICAL_ADDRESS_BITS_SUPPORT=y
+CONFIG_X86_TOP4G_BOOTMEDIA_MAP=y
+CONFIG_POSTRAM_CBFS_CACHE_IN_BSS=y
+CONFIG_PC80_SYSTEM=y
+CONFIG_HAVE_CMOS_DEFAULT=y
+CONFIG_POSTCAR_STAGE=y
+CONFIG_BOOTBLOCK_SIMPLE=y
+# CONFIG_BOOTBLOCK_NORMAL is not set
+CONFIG_COLLECT_TIMESTAMPS_TSC=y
+CONFIG_HAVE_CF9_RESET=y
+CONFIG_DEBUG_HW_BREAKPOINTS=y
+CONFIG_DEBUG_NULL_DEREF_BREAKPOINTS=y
+# CONFIG_DUMP_SMBIOS_TYPE17 is not set
+CONFIG_X86_BOOTBLOCK_EXTRA_PROGRAM_SZ=0
+CONFIG_DEFAULT_EBDA_LOWMEM=0x100000
+CONFIG_DEFAULT_EBDA_SEGMENT=0xF600
+CONFIG_DEFAULT_EBDA_SIZE=0x400
+CONFIG_IOAPIC=y
+# end of Chipset
+
+#
+# Devices
+#
+CONFIG_HAVE_VGA_TEXT_FRAMEBUFFER=y
+CONFIG_HAVE_LINEAR_FRAMEBUFFER=y
+CONFIG_HAVE_FSP_GOP=y
+CONFIG_MAINBOARD_HAS_LIBGFXINIT=y
+CONFIG_MAINBOARD_USE_LIBGFXINIT=y
+# CONFIG_VGA_ROM_RUN is not set
+# CONFIG_RUN_FSP_GOP is not set
+# CONFIG_NO_GFX_INIT is not set
+CONFIG_NO_EARLY_GFX_INIT=y
+
+#
+# Display
+#
+# CONFIG_VGA_TEXT_FRAMEBUFFER is not set
+CONFIG_GENERIC_LINEAR_FRAMEBUFFER=y
+CONFIG_LINEAR_FRAMEBUFFER=y
+CONFIG_BOOTSPLASH=y
+CONFIG_DEFAULT_SCREEN_ROTATION_NONE=y
+# CONFIG_DEFAULT_SCREEN_ROTATION_90 is not set
+# CONFIG_DEFAULT_SCREEN_ROTATION_180 is not set
+# CONFIG_DEFAULT_SCREEN_ROTATION_270 is not set
+CONFIG_DEFAULT_SCREEN_ROTATION_INT=0
+# end of Display
+
+CONFIG_PCI=y
+CONFIG_ECAM_MMCONF_SUPPORT=y
+CONFIG_PCIX_PLUGIN_SUPPORT=y
+CONFIG_AZALIA_HDA_CODEC_SUPPORT=y
+CONFIG_AZALIA_USE_LEGACY_VERB_TABLE=y
+CONFIG_PCIEXP_PLUGIN_SUPPORT=y
+CONFIG_ECAM_MMCONF_LENGTH=0x10000000
+CONFIG_PCI_ALLOW_BUS_MASTER=y
+CONFIG_PCI_SET_BUS_MASTER_PCI_BRIDGES=y
+CONFIG_PCI_ALLOW_BUS_MASTER_ANY_DEVICE=y
+# CONFIG_PCIEXP_SUPPORT_RESIZABLE_BARS is not set
+# CONFIG_PCIEXP_LANE_ERR_STAT_CLEAR is not set
+CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM_ABOVE_4G=y
+# CONFIG_PCIEXP_HOTPLUG_PREFETCH_MEM_BELOW_4G is not set
+CONFIG_PCIEXP_HOTPLUG_IO=0x800
+# CONFIG_EARLY_PCI_BRIDGE is not set
+CONFIG_SUBSYSTEM_VENDOR_ID=0x0000
+CONFIG_SUBSYSTEM_DEVICE_ID=0x0000
+CONFIG_INTEL_GMA_HAVE_VBT=y
+CONFIG_INTEL_GMA_ADD_VBT=y
+# CONFIG_SOFTWARE_I2C is not set
+CONFIG_I2C_TRANSFER_TIMEOUT_US=500000
+CONFIG_RESOURCE_ALLOCATION_TOP_DOWN=y
+CONFIG_DRAM_SUPPORT_DDR4=y
+CONFIG_DRAM_SUPPORT_DDR3=y
+# end of Devices
+
+#
+# Generic Drivers
+#
+CONFIG_CRB_TPM_BASE_ADDRESS=0xfed40000
+# CONFIG_DRIVERS_EFI_VARIABLE_STORE is not set
+# CONFIG_ELOG is not set
+# CONFIG_DRIVERS_HWID_DMI is not set
+CONFIG_CACHE_MRC_SETTINGS=y
+CONFIG_MRC_SETTINGS_PROTECT=y
+# CONFIG_DRIVERS_OPTION_CFR is not set
+# CONFIG_SMMSTORE is not set
+CONFIG_SPI_FLASH=y
+CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP=y
+CONFIG_BOOT_DEVICE_SPI_FLASH_RW_NOMMAP_EARLY=y
+# CONFIG_SPI_FLASH_NO_FAST_READ is not set
+CONFIG_TPM_INIT_RAMSTAGE=y
+# CONFIG_TPM_PPI is not set
+CONFIG_DRIVERS_UART=y
+# CONFIG_DRIVERS_UART_OXPCIE is not set
+# CONFIG_VPD is not set
+# CONFIG_DRIVERS_EMULATION_QEMU_FW_CFG is not set
+# CONFIG_DRIVERS_GENERIC_CBFS_SERIAL is not set
+# CONFIG_DRIVERS_GENERIC_CBFS_UUID is not set
+# CONFIG_DRIVERS_GENESYSLOGIC_GL9750 is not set
+# CONFIG_DRIVERS_GENESYSLOGIC_GL9755 is not set
+# CONFIG_DRIVERS_GENESYSLOGIC_GL9763E is not set
+CONFIG_DRIVERS_I2C_DESIGNWARE=y
+# CONFIG_DRIVERS_I2C_MAX98396 is not set
+CONFIG_FSP_USE_REPO=y
+# CONFIG_DISPLAY_HOBS is not set
+# CONFIG_DISPLAY_UPD_DATA is not set
+CONFIG_PLATFORM_USES_FSP2_0=y
+CONFIG_PLATFORM_USES_FSP2_X86_32=y
+CONFIG_HAVE_INTEL_FSP_REPO=y
+CONFIG_ADD_FSP_BINARIES=y
+CONFIG_FSP_S_CBFS="fsps.bin"
+CONFIG_FSP_M_CBFS="fspm.bin"
+CONFIG_FSP_FULL_FD=y
+CONFIG_FSP_T_RESERVED_SIZE=0x0
+CONFIG_FSP_M_XIP=y
+CONFIG_FSP_COMPRESS_FSP_S_LZ4=y
+CONFIG_SOC_INTEL_COMMON_FSP_RESET=y
+CONFIG_USE_FSP_NOTIFY_PHASE_POST_PCI_ENUM=y
+CONFIG_USE_FSP_NOTIFY_PHASE_READY_TO_BOOT=y
+CONFIG_USE_FSP_NOTIFY_PHASE_END_OF_FIRMWARE=y
+# CONFIG_DISPLAY_FSP_TIMESTAMPS is not set
+# CONFIG_BUILDING_WITH_DEBUG_FSP is not set
+CONFIG_FSP_VGA_MODE12_BPP=0x0
+CONFIG_INTEL_INT15=y
+CONFIG_INTEL_GMA_ACPI=y
+CONFIG_VBT_CBFS_COMPRESSION_LZMA=y
+# CONFIG_VBT_CBFS_COMPRESSION_LZ4 is not set
+# CONFIG_VBT_CBFS_COMPRESSION_NONE is not set
+CONFIG_VBT_CBFS_COMPRESSION_ALGORITHM="lzma"
+CONFIG_GFX_GMA=y
+CONFIG_GFX_GMA_DYN_CPU=y
+CONFIG_GFX_GMA_GENERATION="Skylake"
+CONFIG_GFX_GMA_PCH="Sunrise_Point"
+CONFIG_GFX_GMA_PANEL_2_PORT="Disabled"
+CONFIG_GFX_GMA_ANALOG_I2C_PORT="PCH_DAC"
+CONFIG_DRIVERS_INTEL_OC_MAILBOX=y
+# CONFIG_DRIVERS_NXP_UWB_SR1XX is not set
+CONFIG_DRIVERS_PS2_KEYBOARD=y
+CONFIG_DRIVERS_MC146818=y
+CONFIG_USE_PC_CMOS_ALTCENTURY=y
+CONFIG_PC_CMOS_BASE_PORT_BANK0=0x70
+CONFIG_MEMORY_MAPPED_TPM=y
+CONFIG_TPM_TIS_BASE_ADDRESS=0xfed40000
+# CONFIG_DRIVERS_SIL_3114 is not set
+CONFIG_DRIVERS_USB_ACPI=y
+CONFIG_DRIVERS_WIFI_GENERIC=y
+CONFIG_DRIVERS_MTK_WIFI=y
+# end of Generic Drivers
+
+#
+# Security
+#
+
+#
+# CBFS verification
+#
+# CONFIG_CBFS_VERIFICATION is not set
+# end of CBFS verification
+
+#
+# Verified Boot (vboot)
+#
+CONFIG_VBOOT_LIB=y
+# end of Verified Boot (vboot)
+
+#
+# Trusted Platform Module
+#
+CONFIG_TPM1=y
+# CONFIG_TPM2 is not set
+CONFIG_TPM=y
+CONFIG_MAINBOARD_HAS_TPM1=y
+# CONFIG_TPM_DEACTIVATE is not set
+# CONFIG_DEBUG_TPM is not set
+# CONFIG_TPM_MEASURE_MRC_CACHE is not set
+# CONFIG_TPM_LOG_CB is not set
+CONFIG_TPM_LOG_TPM1=y
+# CONFIG_TPM_LOG_TPM2 is not set
+CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA=""
+CONFIG_PCR_BOOT_MODE=1
+CONFIG_PCR_HWID=1
+CONFIG_PCR_SRTM=2
+CONFIG_PCR_FW_VER=10
+CONFIG_PCR_RUNTIME_DATA=3
+# end of Trusted Platform Module
+
+#
+# TCG storage
+#
+# end of TCG storage
+
+#
+# Memory initialization
+#
+CONFIG_PLATFORM_HAS_DRAM_CLEAR=y
+# CONFIG_SECURITY_CLEAR_DRAM_ON_REGULAR_BOOT is not set
+# end of Memory initialization
+
+# CONFIG_INTEL_TXT is not set
+# CONFIG_STM is not set
+# CONFIG_INTEL_CBNT_SUPPORT is not set
+CONFIG_BOOTMEDIA_LOCK_NONE=y
+# CONFIG_BOOTMEDIA_LOCK_CHIP is not set
+CONFIG_SOC_INTEL_COMMON_SPI_LOCKDOWN_SMM=y
+CONFIG_SPI_FLASH_SMM=y
+CONFIG_BOOTMEDIA_LOCK_CONTROLLER=y
+CONFIG_BOOTMEDIA_LOCK_WHOLE_RO=y
+# CONFIG_INTEL_CHIPSET_LOCKDOWN is not set
+# end of Security
+
+CONFIG_ACPI_HAVE_PCAT_8259=y
+CONFIG_ACPI_INTEL_HARDWARE_SLEEP_VALUES=y
+CONFIG_ACPI_SOC_NVS=y
+CONFIG_ACPI_CUSTOM_MADT=y
+CONFIG_ACPI_NO_CUSTOM_MADT=y
+CONFIG_ACPI_COMMON_MADT_LAPIC=y
+CONFIG_ACPI_COMMON_MADT_IOAPIC=y
+CONFIG_HAVE_ACPI_TABLES=y
+CONFIG_ACPI_LPIT=y
+CONFIG_BOOT_DEVICE_SPI_FLASH=y
+CONFIG_BOOT_DEVICE_MEMORY_MAPPED=y
+CONFIG_BOOT_DEVICE_SUPPORTS_WRITES=y
+CONFIG_RTC=y
+
+#
+# Console
+#
+CONFIG_BOOTBLOCK_CONSOLE=y
+CONFIG_POSTCAR_CONSOLE=y
+CONFIG_SQUELCH_EARLY_SMP=y
+
+#
+# I/O mapped, 8250-compatible
+#
+CONFIG_TTYS0_BASE=0x3f8
+
+#
+# Serial port base address = 0x3f8
+#
+# CONFIG_CONSOLE_SERIAL_921600 is not set
+# CONFIG_CONSOLE_SERIAL_460800 is not set
+# CONFIG_CONSOLE_SERIAL_230400 is not set
+CONFIG_CONSOLE_SERIAL_115200=y
+# CONFIG_CONSOLE_SERIAL_57600 is not set
+# CONFIG_CONSOLE_SERIAL_38400 is not set
+# CONFIG_CONSOLE_SERIAL_19200 is not set
+# CONFIG_CONSOLE_SERIAL_9600 is not set
+CONFIG_TTYS0_LCS=3
+# CONFIG_SPKMODEM is not set
+# CONFIG_CONSOLE_NE2K is not set
+CONFIG_CONSOLE_CBMEM=y
+# CONFIG_CONSOLE_SPI_FLASH is not set
+# CONFIG_CONSOLE_I2C_SMBUS is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_8 is not set
+CONFIG_DEFAULT_CONSOLE_LOGLEVEL_7=y
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_6 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_5 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_4 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_3 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_2 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_1 is not set
+# CONFIG_DEFAULT_CONSOLE_LOGLEVEL_0 is not set
+CONFIG_DEFAULT_CONSOLE_LOGLEVEL=7
+CONFIG_CONSOLE_USE_LOGLEVEL_PREFIX=y
+CONFIG_CONSOLE_USE_ANSI_ESCAPES=y
+# CONFIG_CMOS_POST is not set
+CONFIG_POST_DEVICE_NONE=y
+# CONFIG_POST_DEVICE_LPC is not set
+# CONFIG_POST_DEVICE_PCI_PCIE is not set
+CONFIG_POST_IO_PORT=0x80
+CONFIG_HWBASE_DEBUG_CB=y
+# end of Console
+
+CONFIG_ACPI_S1_NOT_SUPPORTED=y
+CONFIG_HAVE_ACPI_RESUME=y
+CONFIG_RESUME_PATH_SAME_AS_BOOT=y
+CONFIG_HAVE_MONOTONIC_TIMER=y
+CONFIG_HAVE_OPTION_TABLE=y
+CONFIG_ACPI_NHLT=y
+
+#
+# System tables
+#
+CONFIG_GENERATE_SMBIOS_TABLES=y
+CONFIG_BIOS_VENDOR="coreboot"
+CONFIG_MAINBOARD_SERIAL_NUMBER="123456789"
+# end of System tables
+
+#
+# Payload
+#
+# CONFIG_PAYLOAD_NONE is not set
+# CONFIG_PAYLOAD_ELF is not set
+# CONFIG_PAYLOAD_FLAT_BINARY is not set
+# CONFIG_PAYLOAD_BOOTBOOT is not set
+# CONFIG_PAYLOAD_FILO is not set
+# CONFIG_PAYLOAD_GRUB2 is not set
+# CONFIG_PAYLOAD_SEAGRUB is not set
+# CONFIG_PAYLOAD_LINUXBOOT is not set
+# CONFIG_PAYLOAD_SEABIOS is not set
+# CONFIG_PAYLOAD_UBOOT is not set
+# CONFIG_PAYLOAD_EDK2 is not set
+CONFIG_PAYLOAD_LINUX=y
+CONFIG_PAYLOAD_FILE="@BOARD_BUILD_DIR@/bzImage"
+# CONFIG_PXE is not set
+CONFIG_LINUX_INITRD="@BOARD_BUILD_DIR@/initrd.cpio.xz"
+# CONFIG_COMPRESSED_PAYLOAD_NONE is not set
+CONFIG_COMPRESSED_PAYLOAD_LZMA=y
+# CONFIG_COMPRESSED_PAYLOAD_ZSTD is not set
+# CONFIG_COMPRESSED_PAYLOAD_LZ4 is not set
+CONFIG_COMPRESS_SECONDARY_PAYLOAD=y
+
+#
+# Secondary Payloads
+#
+# CONFIG_COREINFO_SECONDARY_PAYLOAD is not set
+# CONFIG_GRUB2_SECONDARY_PAYLOAD is not set
+# CONFIG_MEMTEST_SECONDARY_PAYLOAD is not set
+# CONFIG_NVRAMCUI_SECONDARY_PAYLOAD is not set
+# CONFIG_SEABIOS_SECONDARY_PAYLOAD is not set
+# CONFIG_TINT_SECONDARY_PAYLOAD is not set
+# CONFIG_COREDOOM_SECONDARY_PAYLOAD is not set
+# end of Secondary Payloads
+# end of Payload
+
+#
+# Debugging
+#
+
+#
+# CPU Debug Settings
+#
+# CONFIG_DISPLAY_MTRRS is not set
+
+#
+# Vendorcode Debug Settings
+#
+
+#
+# BLOB Debug Settings
+#
+# CONFIG_DISPLAY_FSP_CALLS_AND_STATUS is not set
+# CONFIG_DISPLAY_FSP_HEADER is not set
+# CONFIG_VERIFY_HOBS is not set
+# CONFIG_DISPLAY_FSP_VERSION_INFO is not set
+CONFIG_HAVE_GPIO_SNAPSHOT_VERIFY_SUPPORT=y
+# CONFIG_CHECK_GPIO_CONFIG_CHANGES is not set
+
+#
+# General Debug Settings
+#
+# CONFIG_GDB_STUB is not set
+CONFIG_HAVE_DEBUG_GPIO=y
+# CONFIG_DEBUG_GPIO is not set
+# CONFIG_DEBUG_CBFS is not set
+CONFIG_HAVE_DEBUG_SMBUS=y
+# CONFIG_DEBUG_SMBUS is not set
+# CONFIG_DEBUG_MALLOC is not set
+# CONFIG_DEBUG_CONSOLE_INIT is not set
+# CONFIG_DEBUG_SPI_FLASH is not set
+# CONFIG_DEBUG_BOOT_STATE is not set
+# CONFIG_DEBUG_ADA_CODE is not set
+CONFIG_HAVE_EM100_SUPPORT=y
+# CONFIG_EM100 is not set
+# CONFIG_DEBUG_ACPICA_COMPATIBLE is not set
+# end of Debugging
+
+CONFIG_RAMSTAGE_ADA=y
+CONFIG_RAMSTAGE_LIBHWBASE=y
+CONFIG_HWBASE_DYNAMIC_MMIO=y
+CONFIG_HWBASE_DEFAULT_MMCONF=0xe0000000
+CONFIG_HWBASE_DIRECT_PCIDEV=y
+CONFIG_DECOMPRESS_OFAST=y
+
+#
+# Boot Logo Configuration
+#
+# CONFIG_BMP_LOGO is not set
+CONFIG_PLATFORM_POST_RENDER_DELAY_SEC=5
+CONFIG_PLATFORM_OFF_MODE_CHARGING_INDICATOR_LOGO_PATH="3rdparty/blobs/mainboard/$(MAINBOARDDIR)/off_mode_charging.bmp"
+# CONFIG_FRAMEBUFFER_SPLASH_TEXT is not set
+# end of Boot Logo Configuration
+
+CONFIG_WARNINGS_ARE_ERRORS=y
+CONFIG_MAX_REBOOT_CNT=3
+CONFIG_RELOCATABLE_MODULES=y
+CONFIG_GENERIC_GPIO_LIB=y
+CONFIG_HAVE_BOOTBLOCK=y
+CONFIG_HAVE_ROMSTAGE=y
+CONFIG_HAVE_RAMSTAGE=y

From e1603700eec44ee15e8f49ccdd9491f5530bd20f Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:58:35 -0400
Subject: [PATCH 11/14] add target mk file to download, deguard, and reduce the
 ME blob for m900_tower board

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 targets/m900_me_blobs.mk | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 targets/m900_me_blobs.mk

diff --git a/targets/m900_me_blobs.mk b/targets/m900_me_blobs.mk
new file mode 100644
index 000000000..fc1d6c584
--- /dev/null
+++ b/targets/m900_me_blobs.mk
@@ -0,0 +1,16 @@
+# Targets for downloading m900 ME blob, neutering it down to BUP+ROMP region and deactivating ME.
+
+# m900-*-maximized boards require of you initially call one of the
+#  following to have gbe.bin ifd.bin and me.bin
+#  - blobs/m900/download_clean_me.sh
+#     To download Lenovo original ME binary, neuter+deactivate ME
+
+# Make the Coreboot build depend on the following 3rd party blobs:
+$(build)/coreboot-$(CONFIG_COREBOOT_VERSION)/$(BOARD)/.build: \
+    $(pwd)/blobs/m900/m900_me.bin
+
+
+$(pwd)/blobs/m900/m900_me.bin:
+	$(pwd)/blobs/m900/m900_download_clean_deguard_me.sh \
+		-m $(pwd)/blobs/utils/me_cleaner/me_cleaner.py $(pwd)/blobs/m900
+

From b3d44eadfc51a5d4f0683b29feb1c2bf7e4dca31 Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 07:59:06 -0400
Subject: [PATCH 12/14] add the linux config for the m900_tower board

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 config/linux-m900.config | 3182 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 3182 insertions(+)
 create mode 100644 config/linux-m900.config

diff --git a/config/linux-m900.config b/config/linux-m900.config
new file mode 100644
index 000000000..57c8271ba
--- /dev/null
+++ b/config/linux-m900.config
@@ -0,0 +1,3182 @@
+#
+# Automatically generated file; DO NOT EDIT.
+# Linux/x86 6.1.8 Kernel Configuration
+#
+CONFIG_CC_VERSION_TEXT="x86_64-linux-musl-gcc (GCC) 8.3.0"
+CONFIG_CC_IS_GCC=y
+CONFIG_GCC_VERSION=80300
+CONFIG_CLANG_VERSION=0
+CONFIG_AS_IS_GNU=y
+CONFIG_AS_VERSION=23200
+CONFIG_LD_IS_BFD=y
+CONFIG_LD_VERSION=23200
+CONFIG_LLD_VERSION=0
+CONFIG_CC_CAN_LINK=y
+CONFIG_CC_CAN_LINK_STATIC=y
+CONFIG_CC_HAS_ASM_INLINE=y
+CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
+CONFIG_PAHOLE_VERSION=0
+CONFIG_IRQ_WORK=y
+CONFIG_BUILDTIME_TABLE_SORT=y
+CONFIG_THREAD_INFO_IN_TASK=y
+
+#
+# General setup
+#
+CONFIG_INIT_ENV_ARG_LIMIT=32
+# CONFIG_COMPILE_TEST is not set
+# CONFIG_WERROR is not set
+CONFIG_LOCALVERSION="-@BRAND_NAME@"
+# CONFIG_LOCALVERSION_AUTO is not set
+CONFIG_BUILD_SALT=""
+CONFIG_HAVE_KERNEL_GZIP=y
+CONFIG_HAVE_KERNEL_BZIP2=y
+CONFIG_HAVE_KERNEL_LZMA=y
+CONFIG_HAVE_KERNEL_XZ=y
+CONFIG_HAVE_KERNEL_LZO=y
+CONFIG_HAVE_KERNEL_LZ4=y
+CONFIG_HAVE_KERNEL_ZSTD=y
+# CONFIG_KERNEL_GZIP is not set
+# CONFIG_KERNEL_BZIP2 is not set
+# CONFIG_KERNEL_LZMA is not set
+CONFIG_KERNEL_XZ=y
+# CONFIG_KERNEL_LZO is not set
+# CONFIG_KERNEL_LZ4 is not set
+# CONFIG_KERNEL_ZSTD is not set
+CONFIG_DEFAULT_INIT=""
+CONFIG_DEFAULT_HOSTNAME="(none)"
+# CONFIG_SYSVIPC is not set
+# CONFIG_POSIX_MQUEUE is not set
+# CONFIG_WATCH_QUEUE is not set
+# CONFIG_CROSS_MEMORY_ATTACH is not set
+# CONFIG_USELIB is not set
+# CONFIG_AUDIT is not set
+CONFIG_HAVE_ARCH_AUDITSYSCALL=y
+
+#
+# IRQ subsystem
+#
+CONFIG_GENERIC_IRQ_PROBE=y
+CONFIG_GENERIC_IRQ_SHOW=y
+CONFIG_GENERIC_IRQ_EFFECTIVE_AFF_MASK=y
+CONFIG_GENERIC_PENDING_IRQ=y
+CONFIG_GENERIC_IRQ_MIGRATION=y
+CONFIG_HARDIRQS_SW_RESEND=y
+CONFIG_IRQ_DOMAIN=y
+CONFIG_IRQ_DOMAIN_HIERARCHY=y
+CONFIG_GENERIC_MSI_IRQ=y
+CONFIG_GENERIC_MSI_IRQ_DOMAIN=y
+CONFIG_IRQ_MSI_IOMMU=y
+CONFIG_GENERIC_IRQ_MATRIX_ALLOCATOR=y
+CONFIG_GENERIC_IRQ_RESERVATION_MODE=y
+CONFIG_IRQ_FORCED_THREADING=y
+CONFIG_SPARSE_IRQ=y
+# end of IRQ subsystem
+
+CONFIG_CLOCKSOURCE_WATCHDOG=y
+CONFIG_ARCH_CLOCKSOURCE_INIT=y
+CONFIG_CLOCKSOURCE_VALIDATE_LAST_CYCLE=y
+CONFIG_GENERIC_TIME_VSYSCALL=y
+CONFIG_GENERIC_CLOCKEVENTS=y
+CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
+CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
+CONFIG_GENERIC_CMOS_UPDATE=y
+CONFIG_HAVE_POSIX_CPU_TIMERS_TASK_WORK=y
+CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y
+CONFIG_CONTEXT_TRACKING=y
+CONFIG_CONTEXT_TRACKING_IDLE=y
+
+#
+# Timers subsystem
+#
+CONFIG_TICK_ONESHOT=y
+CONFIG_NO_HZ_COMMON=y
+# CONFIG_HZ_PERIODIC is not set
+CONFIG_NO_HZ_IDLE=y
+# CONFIG_NO_HZ_FULL is not set
+# CONFIG_NO_HZ is not set
+# CONFIG_HIGH_RES_TIMERS is not set
+CONFIG_CLOCKSOURCE_WATCHDOG_MAX_SKEW_US=100
+# end of Timers subsystem
+
+CONFIG_BPF=y
+CONFIG_HAVE_EBPF_JIT=y
+CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y
+
+#
+# BPF subsystem
+#
+# CONFIG_BPF_SYSCALL is not set
+# CONFIG_BPF_JIT is not set
+# end of BPF subsystem
+
+CONFIG_PREEMPT_NONE_BUILD=y
+CONFIG_PREEMPT_NONE=y
+# CONFIG_PREEMPT_VOLUNTARY is not set
+# CONFIG_PREEMPT is not set
+# CONFIG_PREEMPT_DYNAMIC is not set
+# CONFIG_SCHED_CORE is not set
+
+#
+# CPU/Task time and stats accounting
+#
+CONFIG_TICK_CPU_ACCOUNTING=y
+# CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
+# CONFIG_IRQ_TIME_ACCOUNTING is not set
+# CONFIG_PSI is not set
+# end of CPU/Task time and stats accounting
+
+# CONFIG_CPU_ISOLATION is not set
+
+#
+# RCU Subsystem
+#
+CONFIG_TREE_RCU=y
+# CONFIG_RCU_EXPERT is not set
+CONFIG_SRCU=y
+CONFIG_TREE_SRCU=y
+CONFIG_RCU_STALL_COMMON=y
+CONFIG_RCU_NEED_SEGCBLIST=y
+# end of RCU Subsystem
+
+# CONFIG_IKCONFIG is not set
+# CONFIG_IKHEADERS is not set
+CONFIG_LOG_BUF_SHIFT=18
+CONFIG_LOG_CPU_MAX_BUF_SHIFT=12
+CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13
+CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
+
+#
+# Scheduler features
+#
+# CONFIG_UCLAMP_TASK is not set
+# end of Scheduler features
+
+CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
+CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
+CONFIG_CC_HAS_INT128=y
+CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
+CONFIG_GCC11_NO_ARRAY_BOUNDS=y
+CONFIG_GCC12_NO_ARRAY_BOUNDS=y
+CONFIG_ARCH_SUPPORTS_INT128=y
+# CONFIG_CGROUPS is not set
+# CONFIG_CHECKPOINT_RESTORE is not set
+# CONFIG_SCHED_AUTOGROUP is not set
+# CONFIG_SYSFS_DEPRECATED is not set
+# CONFIG_RELAY is not set
+CONFIG_BLK_DEV_INITRD=y
+CONFIG_INITRAMFS_SOURCE="@BLOB_DIR@/dev.cpio"
+CONFIG_INITRAMFS_ROOT_UID=0
+CONFIG_INITRAMFS_ROOT_GID=0
+# CONFIG_RD_GZIP is not set
+# CONFIG_RD_BZIP2 is not set
+# CONFIG_RD_LZMA is not set
+CONFIG_RD_XZ=y
+# CONFIG_RD_LZO is not set
+# CONFIG_RD_LZ4 is not set
+# CONFIG_RD_ZSTD is not set
+CONFIG_INITRAMFS_COMPRESSION_XZ=y
+# CONFIG_INITRAMFS_COMPRESSION_NONE is not set
+# CONFIG_BOOT_CONFIG is not set
+# CONFIG_INITRAMFS_PRESERVE_MTIME is not set
+# CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE is not set
+CONFIG_CC_OPTIMIZE_FOR_SIZE=y
+CONFIG_LD_ORPHAN_WARN=y
+CONFIG_SYSCTL=y
+CONFIG_SYSCTL_EXCEPTION_TRACE=y
+CONFIG_HAVE_PCSPKR_PLATFORM=y
+CONFIG_EXPERT=y
+# CONFIG_MULTIUSER is not set
+# CONFIG_SGETMASK_SYSCALL is not set
+# CONFIG_SYSFS_SYSCALL is not set
+# CONFIG_FHANDLE is not set
+CONFIG_POSIX_TIMERS=y
+CONFIG_PRINTK=y
+CONFIG_BUG=y
+CONFIG_PCSPKR_PLATFORM=y
+# CONFIG_BASE_FULL is not set
+CONFIG_FUTEX=y
+CONFIG_FUTEX_PI=y
+CONFIG_EPOLL=y
+# CONFIG_SIGNALFD is not set
+# CONFIG_TIMERFD is not set
+# CONFIG_EVENTFD is not set
+CONFIG_SHMEM=y
+# CONFIG_AIO is not set
+CONFIG_IO_URING=y
+# CONFIG_ADVISE_SYSCALLS is not set
+CONFIG_MEMBARRIER=y
+# CONFIG_KALLSYMS is not set
+CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y
+CONFIG_KCMP=y
+# CONFIG_RSEQ is not set
+CONFIG_EMBEDDED=y
+CONFIG_HAVE_PERF_EVENTS=y
+# CONFIG_PC104 is not set
+
+#
+# Kernel Performance Events And Counters
+#
+CONFIG_PERF_EVENTS=y
+# CONFIG_DEBUG_PERF_USE_VMALLOC is not set
+# end of Kernel Performance Events And Counters
+
+# CONFIG_PROFILING is not set
+# end of General setup
+
+CONFIG_64BIT=y
+CONFIG_X86_64=y
+CONFIG_X86=y
+CONFIG_INSTRUCTION_DECODER=y
+CONFIG_OUTPUT_FORMAT="elf64-x86-64"
+CONFIG_LOCKDEP_SUPPORT=y
+CONFIG_STACKTRACE_SUPPORT=y
+CONFIG_MMU=y
+CONFIG_ARCH_MMAP_RND_BITS_MIN=28
+CONFIG_ARCH_MMAP_RND_BITS_MAX=32
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16
+CONFIG_GENERIC_ISA_DMA=y
+CONFIG_GENERIC_BUG=y
+CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y
+CONFIG_ARCH_MAY_HAVE_PC_FDC=y
+CONFIG_GENERIC_CALIBRATE_DELAY=y
+CONFIG_ARCH_HAS_CPU_RELAX=y
+CONFIG_ARCH_HIBERNATION_POSSIBLE=y
+CONFIG_ARCH_NR_GPIO=1024
+CONFIG_ARCH_SUSPEND_POSSIBLE=y
+CONFIG_AUDIT_ARCH=y
+CONFIG_HAVE_INTEL_TXT=y
+CONFIG_X86_64_SMP=y
+CONFIG_ARCH_SUPPORTS_UPROBES=y
+CONFIG_FIX_EARLYCON_MEM=y
+CONFIG_PGTABLE_LEVELS=4
+CONFIG_CC_HAS_SANE_STACKPROTECTOR=y
+
+#
+# Processor type and features
+#
+CONFIG_SMP=y
+CONFIG_X86_FEATURE_NAMES=y
+# CONFIG_X86_MPPARSE is not set
+# CONFIG_GOLDFISH is not set
+# CONFIG_X86_CPU_RESCTRL is not set
+# CONFIG_X86_EXTENDED_PLATFORM is not set
+# CONFIG_X86_INTEL_LPSS is not set
+# CONFIG_X86_AMD_PLATFORM_DEVICE is not set
+CONFIG_IOSF_MBI=y
+CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y
+CONFIG_SCHED_OMIT_FRAME_POINTER=y
+# CONFIG_HYPERVISOR_GUEST is not set
+# CONFIG_MK8 is not set
+# CONFIG_MPSC is not set
+CONFIG_MCORE2=y
+# CONFIG_MATOM is not set
+# CONFIG_GENERIC_CPU is not set
+CONFIG_X86_INTERNODE_CACHE_SHIFT=6
+CONFIG_X86_L1_CACHE_SHIFT=6
+CONFIG_X86_INTEL_USERCOPY=y
+CONFIG_X86_USE_PPRO_CHECKSUM=y
+CONFIG_X86_P6_NOP=y
+CONFIG_X86_TSC=y
+CONFIG_X86_CMPXCHG64=y
+CONFIG_X86_CMOV=y
+CONFIG_X86_MINIMUM_CPU_FAMILY=64
+CONFIG_X86_DEBUGCTLMSR=y
+CONFIG_IA32_FEAT_CTL=y
+CONFIG_X86_VMX_FEATURE_NAMES=y
+CONFIG_PROCESSOR_SELECT=y
+CONFIG_CPU_SUP_INTEL=y
+# CONFIG_CPU_SUP_AMD is not set
+# CONFIG_CPU_SUP_HYGON is not set
+# CONFIG_CPU_SUP_CENTAUR is not set
+# CONFIG_CPU_SUP_ZHAOXIN is not set
+CONFIG_HPET_TIMER=y
+CONFIG_HPET_EMULATE_RTC=y
+CONFIG_DMI=y
+CONFIG_BOOT_VESA_SUPPORT=y
+# CONFIG_MAXSMP is not set
+CONFIG_NR_CPUS_RANGE_BEGIN=2
+CONFIG_NR_CPUS_RANGE_END=512
+CONFIG_NR_CPUS_DEFAULT=64
+CONFIG_NR_CPUS=32
+CONFIG_SCHED_CLUSTER=y
+CONFIG_SCHED_SMT=y
+CONFIG_SCHED_MC=y
+CONFIG_SCHED_MC_PRIO=y
+CONFIG_X86_LOCAL_APIC=y
+CONFIG_X86_IO_APIC=y
+# CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
+CONFIG_X86_MCE=y
+# CONFIG_X86_MCELOG_LEGACY is not set
+CONFIG_X86_MCE_INTEL=y
+CONFIG_X86_MCE_THRESHOLD=y
+
+#
+# Performance monitoring
+#
+# CONFIG_PERF_EVENTS_INTEL_UNCORE is not set
+# CONFIG_PERF_EVENTS_INTEL_RAPL is not set
+# CONFIG_PERF_EVENTS_INTEL_CSTATE is not set
+# end of Performance monitoring
+
+# CONFIG_X86_VSYSCALL_EMULATION is not set
+CONFIG_X86_IOPL_IOPERM=y
+# CONFIG_MICROCODE is not set
+# CONFIG_X86_MSR is not set
+# CONFIG_X86_CPUID is not set
+# CONFIG_X86_5LEVEL is not set
+CONFIG_X86_DIRECT_GBPAGES=y
+# CONFIG_NUMA is not set
+CONFIG_ARCH_SPARSEMEM_ENABLE=y
+CONFIG_ARCH_SPARSEMEM_DEFAULT=y
+CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
+CONFIG_X86_PMEM_LEGACY_DEVICE=y
+CONFIG_X86_PMEM_LEGACY=y
+# CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
+# CONFIG_MTRR is not set
+CONFIG_X86_UMIP=y
+CONFIG_CC_HAS_IBT=y
+# CONFIG_X86_KERNEL_IBT is not set
+# CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS is not set
+CONFIG_X86_INTEL_TSX_MODE_OFF=y
+# CONFIG_X86_INTEL_TSX_MODE_ON is not set
+# CONFIG_X86_INTEL_TSX_MODE_AUTO is not set
+CONFIG_EFI=y
+# CONFIG_EFI_STUB is not set
+# CONFIG_HZ_100 is not set
+CONFIG_HZ_250=y
+# CONFIG_HZ_300 is not set
+# CONFIG_HZ_1000 is not set
+CONFIG_HZ=250
+CONFIG_KEXEC=y
+CONFIG_KEXEC_FILE=y
+CONFIG_ARCH_HAS_KEXEC_PURGATORY=y
+# CONFIG_KEXEC_SIG is not set
+# CONFIG_CRASH_DUMP is not set
+CONFIG_PHYSICAL_START=0x1000000
+CONFIG_RELOCATABLE=y
+CONFIG_RANDOMIZE_BASE=y
+CONFIG_X86_NEED_RELOCS=y
+CONFIG_PHYSICAL_ALIGN=0x1000000
+CONFIG_DYNAMIC_MEMORY_LAYOUT=y
+CONFIG_RANDOMIZE_MEMORY=y
+CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0x0
+CONFIG_HOTPLUG_CPU=y
+# CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set
+# CONFIG_DEBUG_HOTPLUG_CPU0 is not set
+# CONFIG_LEGACY_VSYSCALL_XONLY is not set
+CONFIG_LEGACY_VSYSCALL_NONE=y
+# CONFIG_CMDLINE_BOOL is not set
+# CONFIG_MODIFY_LDT_SYSCALL is not set
+# CONFIG_STRICT_SIGALTSTACK_SIZE is not set
+CONFIG_HAVE_LIVEPATCH=y
+# end of Processor type and features
+
+CONFIG_CC_HAS_RETURN_THUNK=y
+CONFIG_SPECULATION_MITIGATIONS=y
+CONFIG_PAGE_TABLE_ISOLATION=y
+CONFIG_RETPOLINE=y
+CONFIG_RETHUNK=y
+CONFIG_CPU_IBRS_ENTRY=y
+CONFIG_ARCH_HAS_ADD_PAGES=y
+CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
+
+#
+# Power management and ACPI options
+#
+# CONFIG_SUSPEND is not set
+# CONFIG_PM is not set
+# CONFIG_ENERGY_MODEL is not set
+CONFIG_ARCH_SUPPORTS_ACPI=y
+CONFIG_ACPI=y
+CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y
+CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y
+CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y
+# CONFIG_ACPI_DEBUGGER is not set
+CONFIG_ACPI_SPCR_TABLE=y
+# CONFIG_ACPI_FPDT is not set
+CONFIG_ACPI_LPIT=y
+CONFIG_ACPI_REV_OVERRIDE_POSSIBLE=y
+# CONFIG_ACPI_EC_DEBUGFS is not set
+CONFIG_ACPI_AC=y
+CONFIG_ACPI_BATTERY=y
+CONFIG_ACPI_BUTTON=y
+CONFIG_ACPI_FAN=y
+# CONFIG_ACPI_DOCK is not set
+CONFIG_ACPI_CPU_FREQ_PSS=y
+CONFIG_ACPI_PROCESSOR_CSTATE=y
+CONFIG_ACPI_PROCESSOR_IDLE=y
+CONFIG_ACPI_CPPC_LIB=y
+CONFIG_ACPI_PROCESSOR=y
+CONFIG_ACPI_HOTPLUG_CPU=y
+# CONFIG_ACPI_PROCESSOR_AGGREGATOR is not set
+CONFIG_ACPI_THERMAL=y
+CONFIG_ACPI_CUSTOM_DSDT_FILE=""
+CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y
+CONFIG_ACPI_TABLE_UPGRADE=y
+# CONFIG_ACPI_DEBUG is not set
+# CONFIG_ACPI_PCI_SLOT is not set
+CONFIG_ACPI_CONTAINER=y
+CONFIG_ACPI_HOTPLUG_IOAPIC=y
+# CONFIG_ACPI_SBS is not set
+# CONFIG_ACPI_HED is not set
+# CONFIG_ACPI_BGRT is not set
+# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
+# CONFIG_ACPI_NFIT is not set
+CONFIG_HAVE_ACPI_APEI=y
+CONFIG_HAVE_ACPI_APEI_NMI=y
+# CONFIG_ACPI_APEI is not set
+# CONFIG_ACPI_DPTF is not set
+# CONFIG_ACPI_CONFIGFS is not set
+# CONFIG_ACPI_PFRUT is not set
+CONFIG_ACPI_PCC=y
+# CONFIG_PMIC_OPREGION is not set
+CONFIG_ACPI_PRMT=y
+CONFIG_X86_PM_TIMER=y
+
+#
+# CPU Frequency scaling
+#
+CONFIG_CPU_FREQ=y
+CONFIG_CPU_FREQ_GOV_ATTR_SET=y
+# CONFIG_CPU_FREQ_STAT is not set
+CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
+# CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set
+# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set
+# CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL is not set
+CONFIG_CPU_FREQ_GOV_PERFORMANCE=y
+# CONFIG_CPU_FREQ_GOV_POWERSAVE is not set
+# CONFIG_CPU_FREQ_GOV_USERSPACE is not set
+# CONFIG_CPU_FREQ_GOV_ONDEMAND is not set
+# CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set
+CONFIG_CPU_FREQ_GOV_SCHEDUTIL=y
+
+#
+# CPU frequency scaling drivers
+#
+CONFIG_X86_INTEL_PSTATE=y
+# CONFIG_X86_PCC_CPUFREQ is not set
+# CONFIG_X86_AMD_PSTATE is not set
+# CONFIG_X86_AMD_PSTATE_UT is not set
+# CONFIG_X86_ACPI_CPUFREQ is not set
+# CONFIG_X86_SPEEDSTEP_CENTRINO is not set
+# CONFIG_X86_P4_CLOCKMOD is not set
+
+#
+# shared options
+#
+# end of CPU Frequency scaling
+
+#
+# CPU Idle
+#
+CONFIG_CPU_IDLE=y
+# CONFIG_CPU_IDLE_GOV_LADDER is not set
+CONFIG_CPU_IDLE_GOV_MENU=y
+# CONFIG_CPU_IDLE_GOV_TEO is not set
+# end of CPU Idle
+
+# CONFIG_INTEL_IDLE is not set
+# end of Power management and ACPI options
+
+#
+# Bus options (PCI etc.)
+#
+CONFIG_PCI_DIRECT=y
+# CONFIG_PCI_MMCONFIG is not set
+# CONFIG_PCI_CNB20LE_QUIRK is not set
+# CONFIG_ISA_BUS is not set
+CONFIG_ISA_DMA_API=y
+# end of Bus options (PCI etc.)
+
+#
+# Binary Emulations
+#
+# CONFIG_IA32_EMULATION is not set
+# CONFIG_X86_X32_ABI is not set
+# end of Binary Emulations
+
+CONFIG_HAVE_KVM=y
+# CONFIG_VIRTUALIZATION is not set
+CONFIG_AS_AVX512=y
+CONFIG_AS_SHA1_NI=y
+CONFIG_AS_SHA256_NI=y
+CONFIG_AS_TPAUSE=y
+
+#
+# General architecture-dependent options
+#
+CONFIG_CRASH_CORE=y
+CONFIG_KEXEC_CORE=y
+CONFIG_HOTPLUG_SMT=y
+CONFIG_GENERIC_ENTRY=y
+# CONFIG_KPROBES is not set
+CONFIG_JUMP_LABEL=y
+# CONFIG_STATIC_KEYS_SELFTEST is not set
+# CONFIG_STATIC_CALL_SELFTEST is not set
+CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
+CONFIG_ARCH_USE_BUILTIN_BSWAP=y
+CONFIG_HAVE_IOREMAP_PROT=y
+CONFIG_HAVE_KPROBES=y
+CONFIG_HAVE_KRETPROBES=y
+CONFIG_HAVE_OPTPROBES=y
+CONFIG_HAVE_KPROBES_ON_FTRACE=y
+CONFIG_ARCH_CORRECT_STACKTRACE_ON_KRETPROBE=y
+CONFIG_HAVE_FUNCTION_ERROR_INJECTION=y
+CONFIG_HAVE_NMI=y
+CONFIG_TRACE_IRQFLAGS_SUPPORT=y
+CONFIG_TRACE_IRQFLAGS_NMI_SUPPORT=y
+CONFIG_HAVE_ARCH_TRACEHOOK=y
+CONFIG_HAVE_DMA_CONTIGUOUS=y
+CONFIG_GENERIC_SMP_IDLE_THREAD=y
+CONFIG_ARCH_HAS_FORTIFY_SOURCE=y
+CONFIG_ARCH_HAS_SET_MEMORY=y
+CONFIG_ARCH_HAS_SET_DIRECT_MAP=y
+CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y
+CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y
+CONFIG_ARCH_WANTS_NO_INSTR=y
+CONFIG_HAVE_ASM_MODVERSIONS=y
+CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
+CONFIG_HAVE_RSEQ=y
+CONFIG_HAVE_RUST=y
+CONFIG_HAVE_FUNCTION_ARG_ACCESS_API=y
+CONFIG_HAVE_HW_BREAKPOINT=y
+CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
+CONFIG_HAVE_USER_RETURN_NOTIFIER=y
+CONFIG_HAVE_PERF_EVENTS_NMI=y
+CONFIG_HAVE_HARDLOCKUP_DETECTOR_PERF=y
+CONFIG_HAVE_PERF_REGS=y
+CONFIG_HAVE_PERF_USER_STACK_DUMP=y
+CONFIG_HAVE_ARCH_JUMP_LABEL=y
+CONFIG_HAVE_ARCH_JUMP_LABEL_RELATIVE=y
+CONFIG_MMU_GATHER_MERGE_VMAS=y
+CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
+CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
+CONFIG_HAVE_CMPXCHG_LOCAL=y
+CONFIG_HAVE_CMPXCHG_DOUBLE=y
+CONFIG_HAVE_ARCH_SECCOMP=y
+CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
+# CONFIG_SECCOMP is not set
+CONFIG_HAVE_ARCH_STACKLEAK=y
+CONFIG_HAVE_STACKPROTECTOR=y
+CONFIG_STACKPROTECTOR=y
+CONFIG_STACKPROTECTOR_STRONG=y
+CONFIG_ARCH_SUPPORTS_LTO_CLANG=y
+CONFIG_ARCH_SUPPORTS_LTO_CLANG_THIN=y
+CONFIG_LTO_NONE=y
+CONFIG_ARCH_SUPPORTS_CFI_CLANG=y
+CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y
+CONFIG_HAVE_CONTEXT_TRACKING_USER=y
+CONFIG_HAVE_CONTEXT_TRACKING_USER_OFFSTACK=y
+CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
+CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
+CONFIG_HAVE_MOVE_PUD=y
+CONFIG_HAVE_MOVE_PMD=y
+CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
+CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD=y
+CONFIG_HAVE_ARCH_HUGE_VMAP=y
+CONFIG_HAVE_ARCH_HUGE_VMALLOC=y
+CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
+CONFIG_HAVE_ARCH_SOFT_DIRTY=y
+CONFIG_HAVE_MOD_ARCH_SPECIFIC=y
+CONFIG_MODULES_USE_ELF_RELA=y
+CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
+CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=y
+CONFIG_SOFTIRQ_ON_OWN_STACK=y
+CONFIG_ARCH_HAS_ELF_RANDOMIZE=y
+CONFIG_HAVE_ARCH_MMAP_RND_BITS=y
+CONFIG_HAVE_EXIT_THREAD=y
+CONFIG_ARCH_MMAP_RND_BITS=28
+CONFIG_PAGE_SIZE_LESS_THAN_64KB=y
+CONFIG_PAGE_SIZE_LESS_THAN_256KB=y
+CONFIG_HAVE_OBJTOOL=y
+CONFIG_HAVE_JUMP_LABEL_HACK=y
+CONFIG_HAVE_NOINSTR_HACK=y
+CONFIG_HAVE_NOINSTR_VALIDATION=y
+CONFIG_HAVE_UACCESS_VALIDATION=y
+CONFIG_HAVE_STACK_VALIDATION=y
+CONFIG_HAVE_RELIABLE_STACKTRACE=y
+# CONFIG_COMPAT_32BIT_TIME is not set
+CONFIG_HAVE_ARCH_VMAP_STACK=y
+CONFIG_VMAP_STACK=y
+CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y
+CONFIG_RANDOMIZE_KSTACK_OFFSET=y
+# CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is not set
+CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y
+CONFIG_STRICT_KERNEL_RWX=y
+CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y
+CONFIG_STRICT_MODULE_RWX=y
+CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y
+CONFIG_ARCH_USE_MEMREMAP_PROT=y
+CONFIG_ARCH_HAS_MEM_ENCRYPT=y
+CONFIG_HAVE_STATIC_CALL=y
+CONFIG_HAVE_STATIC_CALL_INLINE=y
+CONFIG_HAVE_PREEMPT_DYNAMIC=y
+CONFIG_HAVE_PREEMPT_DYNAMIC_CALL=y
+CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y
+CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
+CONFIG_ARCH_SUPPORTS_PAGE_TABLE_CHECK=y
+CONFIG_ARCH_HAS_ELFCORE_COMPAT=y
+CONFIG_ARCH_HAS_PARANOID_L1D_FLUSH=y
+CONFIG_DYNAMIC_SIGFRAME=y
+CONFIG_ARCH_HAS_NONLEAF_PMD_YOUNG=y
+
+#
+# GCOV-based kernel profiling
+#
+CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
+# end of GCOV-based kernel profiling
+
+CONFIG_HAVE_GCC_PLUGINS=y
+CONFIG_GCC_PLUGINS=y
+# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
+# end of General architecture-dependent options
+
+CONFIG_RT_MUTEXES=y
+CONFIG_BASE_SMALL=1
+CONFIG_MODULES=y
+# CONFIG_MODULE_FORCE_LOAD is not set
+# CONFIG_MODULE_UNLOAD is not set
+# CONFIG_MODVERSIONS is not set
+# CONFIG_MODULE_SRCVERSION_ALL is not set
+# CONFIG_MODULE_SIG is not set
+CONFIG_MODULE_COMPRESS_NONE=y
+# CONFIG_MODULE_COMPRESS_GZIP is not set
+# CONFIG_MODULE_COMPRESS_XZ is not set
+# CONFIG_MODULE_COMPRESS_ZSTD is not set
+# CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set
+CONFIG_MODPROBE_PATH="/sbin/modprobe"
+CONFIG_TRIM_UNUSED_KSYMS=y
+CONFIG_UNUSED_KSYMS_WHITELIST=""
+CONFIG_MODULES_TREE_LOOKUP=y
+CONFIG_BLOCK=y
+CONFIG_BLOCK_LEGACY_AUTOLOAD=y
+CONFIG_BLK_DEV_BSG_COMMON=y
+CONFIG_BLK_DEV_BSGLIB=y
+# CONFIG_BLK_DEV_INTEGRITY is not set
+# CONFIG_BLK_DEV_ZONED is not set
+# CONFIG_BLK_WBT is not set
+# CONFIG_BLK_SED_OPAL is not set
+# CONFIG_BLK_INLINE_ENCRYPTION is not set
+
+#
+# Partition Types
+#
+# CONFIG_PARTITION_ADVANCED is not set
+CONFIG_MSDOS_PARTITION=y
+CONFIG_EFI_PARTITION=y
+# end of Partition Types
+
+CONFIG_BLK_MQ_PCI=y
+CONFIG_BLOCK_HOLDER_DEPRECATED=y
+CONFIG_BLK_MQ_STACKING=y
+
+#
+# IO Schedulers
+#
+CONFIG_MQ_IOSCHED_DEADLINE=y
+# CONFIG_MQ_IOSCHED_KYBER is not set
+# CONFIG_IOSCHED_BFQ is not set
+# end of IO Schedulers
+
+CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
+CONFIG_INLINE_READ_UNLOCK=y
+CONFIG_INLINE_READ_UNLOCK_IRQ=y
+CONFIG_INLINE_WRITE_UNLOCK=y
+CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
+CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y
+CONFIG_MUTEX_SPIN_ON_OWNER=y
+CONFIG_RWSEM_SPIN_ON_OWNER=y
+CONFIG_LOCK_SPIN_ON_OWNER=y
+CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y
+CONFIG_QUEUED_SPINLOCKS=y
+CONFIG_ARCH_USE_QUEUED_RWLOCKS=y
+CONFIG_QUEUED_RWLOCKS=y
+CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y
+CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE=y
+CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y
+
+#
+# Executable file formats
+#
+CONFIG_BINFMT_ELF=y
+CONFIG_ELFCORE=y
+CONFIG_BINFMT_SCRIPT=y
+# CONFIG_BINFMT_MISC is not set
+# CONFIG_COREDUMP is not set
+# end of Executable file formats
+
+#
+# Memory Management options
+#
+# CONFIG_SWAP is not set
+
+#
+# SLAB allocator options
+#
+# CONFIG_SLAB is not set
+CONFIG_SLUB=y
+# CONFIG_SLOB is not set
+CONFIG_SLAB_MERGE_DEFAULT=y
+# CONFIG_SLAB_FREELIST_RANDOM is not set
+# CONFIG_SLAB_FREELIST_HARDENED is not set
+# CONFIG_SLUB_STATS is not set
+CONFIG_SLUB_CPU_PARTIAL=y
+# end of SLAB allocator options
+
+# CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set
+# CONFIG_COMPAT_BRK is not set
+CONFIG_SPARSEMEM=y
+CONFIG_SPARSEMEM_EXTREME=y
+CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
+CONFIG_SPARSEMEM_VMEMMAP=y
+CONFIG_HAVE_FAST_GUP=y
+CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
+# CONFIG_MEMORY_HOTPLUG is not set
+CONFIG_SPLIT_PTLOCK_CPUS=4
+CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
+# CONFIG_COMPACTION is not set
+# CONFIG_PAGE_REPORTING is not set
+CONFIG_PHYS_ADDR_T_64BIT=y
+CONFIG_MMU_NOTIFIER=y
+# CONFIG_KSM is not set
+CONFIG_DEFAULT_MMAP_MIN_ADDR=65536
+CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y
+# CONFIG_MEMORY_FAILURE is not set
+CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
+CONFIG_ARCH_WANTS_THP_SWAP=y
+# CONFIG_TRANSPARENT_HUGEPAGE is not set
+CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
+CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
+CONFIG_HAVE_SETUP_PER_CPU_AREA=y
+# CONFIG_CMA is not set
+CONFIG_GENERIC_EARLY_IOREMAP=y
+# CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
+# CONFIG_IDLE_PAGE_TRACKING is not set
+CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
+CONFIG_ARCH_HAS_CURRENT_STACK_POINTER=y
+CONFIG_ARCH_HAS_PTE_DEVMAP=y
+CONFIG_ARCH_HAS_ZONE_DMA_SET=y
+# CONFIG_ZONE_DMA is not set
+CONFIG_ZONE_DMA32=y
+# CONFIG_VM_EVENT_COUNTERS is not set
+# CONFIG_PERCPU_STATS is not set
+
+#
+# GUP_TEST needs to have DEBUG_FS enabled
+#
+CONFIG_ARCH_HAS_PTE_SPECIAL=y
+# CONFIG_USERFAULTFD is not set
+# CONFIG_LRU_GEN is not set
+
+#
+# Data Access Monitoring
+#
+# CONFIG_DAMON is not set
+# end of Data Access Monitoring
+# end of Memory Management options
+
+CONFIG_NET=y
+
+#
+# Networking options
+#
+CONFIG_PACKET=y
+# CONFIG_PACKET_DIAG is not set
+CONFIG_UNIX=y
+CONFIG_UNIX_SCM=y
+CONFIG_AF_UNIX_OOB=y
+# CONFIG_UNIX_DIAG is not set
+# CONFIG_TLS is not set
+# CONFIG_XFRM_USER is not set
+# CONFIG_NET_KEY is not set
+CONFIG_INET=y
+# CONFIG_IP_MULTICAST is not set
+# CONFIG_IP_ADVANCED_ROUTER is not set
+# CONFIG_IP_PNP is not set
+# CONFIG_NET_IPIP is not set
+# CONFIG_NET_IPGRE_DEMUX is not set
+CONFIG_SYN_COOKIES=y
+# CONFIG_NET_IPVTI is not set
+# CONFIG_NET_FOU is not set
+# CONFIG_INET_AH is not set
+# CONFIG_INET_ESP is not set
+# CONFIG_INET_IPCOMP is not set
+CONFIG_INET_TABLE_PERTURB_ORDER=16
+# CONFIG_INET_DIAG is not set
+# CONFIG_TCP_CONG_ADVANCED is not set
+CONFIG_TCP_CONG_CUBIC=y
+CONFIG_DEFAULT_TCP_CONG="cubic"
+# CONFIG_TCP_MD5SIG is not set
+# CONFIG_IPV6 is not set
+# CONFIG_MPTCP is not set
+# CONFIG_NETWORK_SECMARK is not set
+# CONFIG_NETWORK_PHY_TIMESTAMPING is not set
+# CONFIG_NETFILTER is not set
+# CONFIG_BPFILTER is not set
+# CONFIG_IP_DCCP is not set
+# CONFIG_IP_SCTP is not set
+# CONFIG_RDS is not set
+# CONFIG_TIPC is not set
+# CONFIG_ATM is not set
+# CONFIG_L2TP is not set
+# CONFIG_BRIDGE is not set
+# CONFIG_NET_DSA is not set
+# CONFIG_VLAN_8021Q is not set
+# CONFIG_LLC2 is not set
+# CONFIG_ATALK is not set
+# CONFIG_X25 is not set
+# CONFIG_LAPB is not set
+# CONFIG_PHONET is not set
+# CONFIG_IEEE802154 is not set
+# CONFIG_NET_SCHED is not set
+# CONFIG_DCB is not set
+# CONFIG_BATMAN_ADV is not set
+# CONFIG_OPENVSWITCH is not set
+# CONFIG_VSOCKETS is not set
+# CONFIG_NETLINK_DIAG is not set
+# CONFIG_MPLS is not set
+# CONFIG_NET_NSH is not set
+# CONFIG_HSR is not set
+# CONFIG_NET_SWITCHDEV is not set
+# CONFIG_NET_L3_MASTER_DEV is not set
+# CONFIG_QRTR is not set
+# CONFIG_NET_NCSI is not set
+CONFIG_PCPU_DEV_REFCNT=y
+CONFIG_RPS=y
+CONFIG_RFS_ACCEL=y
+CONFIG_SOCK_RX_QUEUE_MAPPING=y
+CONFIG_XPS=y
+CONFIG_NET_RX_BUSY_POLL=y
+CONFIG_BQL=y
+CONFIG_NET_FLOW_LIMIT=y
+
+#
+# Network testing
+#
+# CONFIG_NET_PKTGEN is not set
+# end of Network testing
+# end of Networking options
+
+# CONFIG_HAMRADIO is not set
+# CONFIG_CAN is not set
+# CONFIG_BT is not set
+# CONFIG_AF_RXRPC is not set
+# CONFIG_AF_KCM is not set
+# CONFIG_MCTP is not set
+# CONFIG_WIRELESS is not set
+# CONFIG_RFKILL is not set
+# CONFIG_NET_9P is not set
+# CONFIG_CAIF is not set
+# CONFIG_CEPH_LIB is not set
+# CONFIG_NFC is not set
+# CONFIG_PSAMPLE is not set
+# CONFIG_NET_IFE is not set
+# CONFIG_LWTUNNEL is not set
+# CONFIG_FAILOVER is not set
+CONFIG_ETHTOOL_NETLINK=y
+
+#
+# Device Drivers
+#
+CONFIG_HAVE_EISA=y
+# CONFIG_EISA is not set
+CONFIG_HAVE_PCI=y
+CONFIG_PCI=y
+CONFIG_PCI_DOMAINS=y
+# CONFIG_PCIEPORTBUS is not set
+CONFIG_PCIEASPM=y
+CONFIG_PCIEASPM_DEFAULT=y
+# CONFIG_PCIEASPM_POWERSAVE is not set
+# CONFIG_PCIEASPM_POWER_SUPERSAVE is not set
+# CONFIG_PCIEASPM_PERFORMANCE is not set
+# CONFIG_PCIE_PTM is not set
+CONFIG_PCI_MSI=y
+CONFIG_PCI_MSI_IRQ_DOMAIN=y
+CONFIG_PCI_QUIRKS=y
+# CONFIG_PCI_DEBUG is not set
+# CONFIG_PCI_STUB is not set
+CONFIG_PCI_ATS=y
+CONFIG_PCI_LOCKLESS_CONFIG=y
+# CONFIG_PCI_IOV is not set
+CONFIG_PCI_PRI=y
+CONFIG_PCI_PASID=y
+CONFIG_PCI_LABEL=y
+# CONFIG_PCIE_BUS_TUNE_OFF is not set
+CONFIG_PCIE_BUS_DEFAULT=y
+# CONFIG_PCIE_BUS_SAFE is not set
+# CONFIG_PCIE_BUS_PERFORMANCE is not set
+# CONFIG_PCIE_BUS_PEER2PEER is not set
+CONFIG_VGA_ARB=y
+CONFIG_VGA_ARB_MAX_GPUS=16
+# CONFIG_HOTPLUG_PCI is not set
+
+#
+# PCI controller drivers
+#
+# CONFIG_VMD is not set
+
+#
+# DesignWare PCI Core Support
+#
+# CONFIG_PCIE_DW_PLAT_HOST is not set
+# CONFIG_PCI_MESON is not set
+# end of DesignWare PCI Core Support
+
+#
+# Mobiveil PCIe Core Support
+#
+# end of Mobiveil PCIe Core Support
+
+#
+# Cadence PCIe controllers support
+#
+# end of Cadence PCIe controllers support
+# end of PCI controller drivers
+
+#
+# PCI Endpoint
+#
+# CONFIG_PCI_ENDPOINT is not set
+# end of PCI Endpoint
+
+#
+# PCI switch controller drivers
+#
+# CONFIG_PCI_SW_SWITCHTEC is not set
+# end of PCI switch controller drivers
+
+# CONFIG_CXL_BUS is not set
+# CONFIG_PCCARD is not set
+# CONFIG_RAPIDIO is not set
+
+#
+# Generic Driver Options
+#
+# CONFIG_UEVENT_HELPER is not set
+CONFIG_DEVTMPFS=y
+CONFIG_DEVTMPFS_MOUNT=y
+# CONFIG_DEVTMPFS_SAFE is not set
+# CONFIG_STANDALONE is not set
+CONFIG_PREVENT_FIRMWARE_BUILD=y
+
+#
+# Firmware loader
+#
+CONFIG_FW_LOADER=y
+CONFIG_EXTRA_FIRMWARE=""
+# CONFIG_FW_LOADER_USER_HELPER is not set
+# CONFIG_FW_LOADER_COMPRESS is not set
+# CONFIG_FW_UPLOAD is not set
+# end of Firmware loader
+
+# CONFIG_ALLOW_DEV_COREDUMP is not set
+# CONFIG_DEBUG_DRIVER is not set
+# CONFIG_DEBUG_DEVRES is not set
+# CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set
+# CONFIG_TEST_ASYNC_DRIVER_PROBE is not set
+CONFIG_GENERIC_CPU_AUTOPROBE=y
+CONFIG_GENERIC_CPU_VULNERABILITIES=y
+CONFIG_REGMAP=y
+CONFIG_REGMAP_MMIO=y
+CONFIG_DMA_SHARED_BUFFER=y
+# CONFIG_DMA_FENCE_TRACE is not set
+# end of Generic Driver Options
+
+#
+# Bus devices
+#
+# CONFIG_MHI_BUS is not set
+# CONFIG_MHI_BUS_EP is not set
+# end of Bus devices
+
+# CONFIG_CONNECTOR is not set
+
+#
+# Firmware Drivers
+#
+
+#
+# ARM System Control and Management Interface Protocol
+#
+# end of ARM System Control and Management Interface Protocol
+
+# CONFIG_EDD is not set
+# CONFIG_FIRMWARE_MEMMAP is not set
+# CONFIG_DMIID is not set
+# CONFIG_DMI_SYSFS is not set
+CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y
+# CONFIG_ISCSI_IBFT is not set
+# CONFIG_FW_CFG_SYSFS is not set
+CONFIG_SYSFB=y
+CONFIG_SYSFB_SIMPLEFB=y
+# CONFIG_GOOGLE_FIRMWARE is not set
+
+#
+# EFI (Extensible Firmware Interface) Support
+#
+CONFIG_EFI_ESRT=y
+CONFIG_EFI_RUNTIME_MAP=y
+# CONFIG_EFI_FAKE_MEMMAP is not set
+CONFIG_EFI_RUNTIME_WRAPPERS=y
+# CONFIG_EFI_BOOTLOADER_CONTROL is not set
+# CONFIG_EFI_CAPSULE_LOADER is not set
+# CONFIG_EFI_TEST is not set
+# CONFIG_EFI_RCI2_TABLE is not set
+# CONFIG_EFI_DISABLE_PCI_DMA is not set
+CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y
+# CONFIG_EFI_DISABLE_RUNTIME is not set
+# CONFIG_EFI_COCO_SECRET is not set
+# end of EFI (Extensible Firmware Interface) Support
+
+#
+# Tegra firmware driver
+#
+# end of Tegra firmware driver
+# end of Firmware Drivers
+
+# CONFIG_GNSS is not set
+# CONFIG_MTD is not set
+# CONFIG_OF is not set
+CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
+# CONFIG_PARPORT is not set
+CONFIG_PNP=y
+# CONFIG_PNP_DEBUG_MESSAGES is not set
+
+#
+# Protocols
+#
+CONFIG_PNPACPI=y
+CONFIG_BLK_DEV=y
+# CONFIG_BLK_DEV_NULL_BLK is not set
+# CONFIG_BLK_DEV_FD is not set
+CONFIG_CDROM=y
+# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set
+CONFIG_BLK_DEV_LOOP=y
+CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
+# CONFIG_BLK_DEV_DRBD is not set
+# CONFIG_BLK_DEV_NBD is not set
+CONFIG_BLK_DEV_RAM=y
+CONFIG_BLK_DEV_RAM_COUNT=16
+CONFIG_BLK_DEV_RAM_SIZE=65536
+# CONFIG_CDROM_PKTCDVD is not set
+# CONFIG_ATA_OVER_ETH is not set
+# CONFIG_BLK_DEV_RBD is not set
+# CONFIG_BLK_DEV_UBLK is not set
+
+#
+# NVME Support
+#
+CONFIG_NVME_CORE=y
+CONFIG_BLK_DEV_NVME=y
+# CONFIG_NVME_MULTIPATH is not set
+# CONFIG_NVME_VERBOSE_ERRORS is not set
+# CONFIG_NVME_FC is not set
+# CONFIG_NVME_TCP is not set
+# CONFIG_NVME_AUTH is not set
+# end of NVME Support
+
+#
+# Misc devices
+#
+# CONFIG_DUMMY_IRQ is not set
+# CONFIG_IBM_ASM is not set
+# CONFIG_PHANTOM is not set
+# CONFIG_TIFM_CORE is not set
+# CONFIG_ENCLOSURE_SERVICES is not set
+# CONFIG_HP_ILO is not set
+# CONFIG_SRAM is not set
+# CONFIG_DW_XDATA_PCIE is not set
+# CONFIG_PCI_ENDPOINT_TEST is not set
+# CONFIG_XILINX_SDFEC is not set
+# CONFIG_C2PORT is not set
+
+#
+# EEPROM support
+#
+# CONFIG_EEPROM_93CX6 is not set
+# end of EEPROM support
+
+# CONFIG_CB710_CORE is not set
+
+#
+# Texas Instruments shared transport line discipline
+#
+# end of Texas Instruments shared transport line discipline
+
+#
+# Altera FPGA firmware download module (requires I2C)
+#
+CONFIG_INTEL_MEI=m
+CONFIG_INTEL_MEI_ME=m
+CONFIG_INTEL_MEI_TXE=m
+# CONFIG_VMWARE_VMCI is not set
+# CONFIG_GENWQE is not set
+# CONFIG_ECHO is not set
+# CONFIG_BCM_VK is not set
+# CONFIG_MISC_ALCOR_PCI is not set
+# CONFIG_MISC_RTSX_PCI is not set
+# CONFIG_MISC_RTSX_USB is not set
+# CONFIG_HABANA_AI is not set
+# CONFIG_UACCE is not set
+# CONFIG_PVPANIC is not set
+# end of Misc devices
+
+#
+# SCSI device support
+#
+CONFIG_SCSI_MOD=y
+# CONFIG_RAID_ATTRS is not set
+CONFIG_SCSI_COMMON=y
+CONFIG_SCSI=y
+CONFIG_SCSI_DMA=y
+# CONFIG_SCSI_PROC_FS is not set
+
+#
+# SCSI support type (disk, tape, CD-ROM)
+#
+CONFIG_BLK_DEV_SD=y
+# CONFIG_CHR_DEV_ST is not set
+CONFIG_BLK_DEV_SR=y
+CONFIG_CHR_DEV_SG=y
+CONFIG_BLK_DEV_BSG=y
+# CONFIG_CHR_DEV_SCH is not set
+# CONFIG_SCSI_CONSTANTS is not set
+# CONFIG_SCSI_LOGGING is not set
+CONFIG_SCSI_SCAN_ASYNC=y
+
+#
+# SCSI Transports
+#
+# CONFIG_SCSI_SPI_ATTRS is not set
+# CONFIG_SCSI_FC_ATTRS is not set
+CONFIG_SCSI_ISCSI_ATTRS=y
+# CONFIG_SCSI_SAS_ATTRS is not set
+# CONFIG_SCSI_SAS_LIBSAS is not set
+# CONFIG_SCSI_SRP_ATTRS is not set
+# end of SCSI Transports
+
+CONFIG_SCSI_LOWLEVEL=y
+CONFIG_ISCSI_TCP=y
+# CONFIG_ISCSI_BOOT_SYSFS is not set
+# CONFIG_SCSI_CXGB3_ISCSI is not set
+# CONFIG_SCSI_CXGB4_ISCSI is not set
+# CONFIG_SCSI_BNX2_ISCSI is not set
+# CONFIG_BE2ISCSI is not set
+# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
+# CONFIG_SCSI_HPSA is not set
+# CONFIG_SCSI_3W_9XXX is not set
+# CONFIG_SCSI_3W_SAS is not set
+# CONFIG_SCSI_ACARD is not set
+# CONFIG_SCSI_AACRAID is not set
+# CONFIG_SCSI_AIC7XXX is not set
+# CONFIG_SCSI_AIC79XX is not set
+# CONFIG_SCSI_AIC94XX is not set
+# CONFIG_SCSI_MVSAS is not set
+# CONFIG_SCSI_MVUMI is not set
+# CONFIG_SCSI_ADVANSYS is not set
+# CONFIG_SCSI_ARCMSR is not set
+# CONFIG_SCSI_ESAS2R is not set
+# CONFIG_MEGARAID_NEWGEN is not set
+# CONFIG_MEGARAID_LEGACY is not set
+# CONFIG_MEGARAID_SAS is not set
+# CONFIG_SCSI_MPT3SAS is not set
+# CONFIG_SCSI_MPT2SAS is not set
+# CONFIG_SCSI_MPI3MR is not set
+# CONFIG_SCSI_SMARTPQI is not set
+# CONFIG_SCSI_HPTIOP is not set
+# CONFIG_SCSI_BUSLOGIC is not set
+# CONFIG_SCSI_MYRB is not set
+# CONFIG_SCSI_MYRS is not set
+# CONFIG_VMWARE_PVSCSI is not set
+# CONFIG_SCSI_SNIC is not set
+# CONFIG_SCSI_DMX3191D is not set
+# CONFIG_SCSI_FDOMAIN_PCI is not set
+# CONFIG_SCSI_ISCI is not set
+# CONFIG_SCSI_IPS is not set
+# CONFIG_SCSI_INITIO is not set
+# CONFIG_SCSI_INIA100 is not set
+# CONFIG_SCSI_STEX is not set
+# CONFIG_SCSI_SYM53C8XX_2 is not set
+# CONFIG_SCSI_IPR is not set
+# CONFIG_SCSI_QLOGIC_1280 is not set
+# CONFIG_SCSI_QLA_ISCSI is not set
+# CONFIG_SCSI_DC395x is not set
+# CONFIG_SCSI_AM53C974 is not set
+# CONFIG_SCSI_WD719X is not set
+# CONFIG_SCSI_DEBUG is not set
+# CONFIG_SCSI_PMCRAID is not set
+# CONFIG_SCSI_PM8001 is not set
+# CONFIG_SCSI_DH is not set
+# end of SCSI device support
+
+CONFIG_ATA=y
+CONFIG_SATA_HOST=y
+CONFIG_PATA_TIMINGS=y
+# CONFIG_ATA_VERBOSE_ERROR is not set
+CONFIG_ATA_FORCE=y
+CONFIG_ATA_ACPI=y
+CONFIG_SATA_PMP=y
+
+#
+# Controllers with non-SFF native interface
+#
+CONFIG_SATA_AHCI=y
+CONFIG_SATA_MOBILE_LPM_POLICY=0
+# CONFIG_SATA_AHCI_PLATFORM is not set
+# CONFIG_AHCI_DWC is not set
+# CONFIG_SATA_INIC162X is not set
+# CONFIG_SATA_ACARD_AHCI is not set
+# CONFIG_SATA_SIL24 is not set
+# CONFIG_ATA_SFF is not set
+CONFIG_MD=y
+# CONFIG_BLK_DEV_MD is not set
+# CONFIG_BCACHE is not set
+CONFIG_BLK_DEV_DM_BUILTIN=y
+CONFIG_BLK_DEV_DM=y
+# CONFIG_DM_DEBUG is not set
+CONFIG_DM_BUFIO=y
+# CONFIG_DM_DEBUG_BLOCK_MANAGER_LOCKING is not set
+CONFIG_DM_BIO_PRISON=y
+CONFIG_DM_PERSISTENT_DATA=y
+# CONFIG_DM_UNSTRIPED is not set
+CONFIG_DM_CRYPT=y
+CONFIG_DM_SNAPSHOT=y
+CONFIG_DM_THIN_PROVISIONING=y
+# CONFIG_DM_CACHE is not set
+# CONFIG_DM_WRITECACHE is not set
+# CONFIG_DM_EBS is not set
+# CONFIG_DM_ERA is not set
+# CONFIG_DM_CLONE is not set
+# CONFIG_DM_MIRROR is not set
+# CONFIG_DM_RAID is not set
+# CONFIG_DM_ZERO is not set
+# CONFIG_DM_MULTIPATH is not set
+# CONFIG_DM_DELAY is not set
+# CONFIG_DM_DUST is not set
+# CONFIG_DM_INIT is not set
+# CONFIG_DM_UEVENT is not set
+# CONFIG_DM_FLAKEY is not set
+CONFIG_DM_VERITY=y
+# CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG is not set
+CONFIG_DM_VERITY_FEC=y
+# CONFIG_DM_SWITCH is not set
+# CONFIG_DM_LOG_WRITES is not set
+# CONFIG_DM_INTEGRITY is not set
+# CONFIG_TARGET_CORE is not set
+# CONFIG_FUSION is not set
+
+#
+# IEEE 1394 (FireWire) support
+#
+# CONFIG_FIREWIRE is not set
+# CONFIG_FIREWIRE_NOSY is not set
+# end of IEEE 1394 (FireWire) support
+
+# CONFIG_MACINTOSH_DRIVERS is not set
+CONFIG_NETDEVICES=y
+CONFIG_MII=m
+CONFIG_NET_CORE=y
+# CONFIG_BONDING is not set
+# CONFIG_DUMMY is not set
+# CONFIG_WIREGUARD is not set
+# CONFIG_EQUALIZER is not set
+# CONFIG_NET_FC is not set
+# CONFIG_NET_TEAM is not set
+# CONFIG_MACVLAN is not set
+# CONFIG_IPVLAN is not set
+# CONFIG_VXLAN is not set
+# CONFIG_GENEVE is not set
+# CONFIG_BAREUDP is not set
+# CONFIG_GTP is not set
+# CONFIG_MACSEC is not set
+# CONFIG_NETCONSOLE is not set
+# CONFIG_TUN is not set
+# CONFIG_TUN_VNET_CROSS_LE is not set
+# CONFIG_VETH is not set
+# CONFIG_NLMON is not set
+# CONFIG_ARCNET is not set
+CONFIG_ETHERNET=y
+# CONFIG_NET_VENDOR_3COM is not set
+# CONFIG_NET_VENDOR_ADAPTEC is not set
+# CONFIG_NET_VENDOR_AGERE is not set
+# CONFIG_NET_VENDOR_ALACRITECH is not set
+# CONFIG_NET_VENDOR_ALTEON is not set
+# CONFIG_ALTERA_TSE is not set
+# CONFIG_NET_VENDOR_AMAZON is not set
+# CONFIG_NET_VENDOR_AMD is not set
+# CONFIG_NET_VENDOR_AQUANTIA is not set
+# CONFIG_NET_VENDOR_ARC is not set
+# CONFIG_NET_VENDOR_ASIX is not set
+# CONFIG_NET_VENDOR_ATHEROS is not set
+# CONFIG_CX_ECAT is not set
+# CONFIG_NET_VENDOR_BROADCOM is not set
+# CONFIG_NET_VENDOR_CADENCE is not set
+# CONFIG_NET_VENDOR_CAVIUM is not set
+# CONFIG_NET_VENDOR_CHELSIO is not set
+# CONFIG_NET_VENDOR_CISCO is not set
+# CONFIG_NET_VENDOR_CORTINA is not set
+# CONFIG_NET_VENDOR_DAVICOM is not set
+# CONFIG_DNET is not set
+# CONFIG_NET_VENDOR_DEC is not set
+# CONFIG_NET_VENDOR_DLINK is not set
+# CONFIG_NET_VENDOR_EMULEX is not set
+# CONFIG_NET_VENDOR_ENGLEDER is not set
+# CONFIG_NET_VENDOR_EZCHIP is not set
+# CONFIG_NET_VENDOR_FUNGIBLE is not set
+# CONFIG_NET_VENDOR_GOOGLE is not set
+# CONFIG_NET_VENDOR_HUAWEI is not set
+# CONFIG_NET_VENDOR_I825XX is not set
+CONFIG_NET_VENDOR_INTEL=y
+# CONFIG_E100 is not set
+CONFIG_E1000=m
+CONFIG_E1000E=m
+CONFIG_E1000E_HWTS=y
+# CONFIG_IGB is not set
+# CONFIG_IGBVF is not set
+# CONFIG_IXGB is not set
+# CONFIG_IXGBE is not set
+# CONFIG_IXGBEVF is not set
+# CONFIG_I40E is not set
+# CONFIG_I40EVF is not set
+# CONFIG_ICE is not set
+# CONFIG_FM10K is not set
+# CONFIG_IGC is not set
+# CONFIG_NET_VENDOR_WANGXUN is not set
+# CONFIG_JME is not set
+# CONFIG_NET_VENDOR_LITEX is not set
+# CONFIG_NET_VENDOR_MARVELL is not set
+# CONFIG_NET_VENDOR_MELLANOX is not set
+# CONFIG_NET_VENDOR_MICREL is not set
+# CONFIG_NET_VENDOR_MICROCHIP is not set
+# CONFIG_NET_VENDOR_MICROSEMI is not set
+# CONFIG_NET_VENDOR_MICROSOFT is not set
+# CONFIG_NET_VENDOR_MYRI is not set
+# CONFIG_FEALNX is not set
+# CONFIG_NET_VENDOR_NI is not set
+# CONFIG_NET_VENDOR_NATSEMI is not set
+# CONFIG_NET_VENDOR_NETERION is not set
+# CONFIG_NET_VENDOR_NETRONOME is not set
+# CONFIG_NET_VENDOR_NVIDIA is not set
+# CONFIG_NET_VENDOR_OKI is not set
+# CONFIG_ETHOC is not set
+# CONFIG_NET_VENDOR_PACKET_ENGINES is not set
+# CONFIG_NET_VENDOR_PENSANDO is not set
+# CONFIG_NET_VENDOR_QLOGIC is not set
+# CONFIG_NET_VENDOR_BROCADE is not set
+# CONFIG_NET_VENDOR_QUALCOMM is not set
+# CONFIG_NET_VENDOR_RDC is not set
+# CONFIG_NET_VENDOR_REALTEK is not set
+# CONFIG_NET_VENDOR_RENESAS is not set
+# CONFIG_NET_VENDOR_ROCKER is not set
+# CONFIG_NET_VENDOR_SAMSUNG is not set
+# CONFIG_NET_VENDOR_SEEQ is not set
+# CONFIG_NET_VENDOR_SILAN is not set
+# CONFIG_NET_VENDOR_SIS is not set
+# CONFIG_NET_VENDOR_SOLARFLARE is not set
+# CONFIG_NET_VENDOR_SMSC is not set
+# CONFIG_NET_VENDOR_SOCIONEXT is not set
+# CONFIG_NET_VENDOR_STMICRO is not set
+# CONFIG_NET_VENDOR_SUN is not set
+# CONFIG_NET_VENDOR_SYNOPSYS is not set
+# CONFIG_NET_VENDOR_TEHUTI is not set
+# CONFIG_NET_VENDOR_TI is not set
+# CONFIG_NET_VENDOR_VERTEXCOM is not set
+# CONFIG_NET_VENDOR_VIA is not set
+# CONFIG_NET_VENDOR_WIZNET is not set
+# CONFIG_NET_VENDOR_XILINX is not set
+# CONFIG_FDDI is not set
+# CONFIG_HIPPI is not set
+# CONFIG_NET_SB1000 is not set
+# CONFIG_PHYLIB is not set
+# CONFIG_PSE_CONTROLLER is not set
+# CONFIG_MDIO_DEVICE is not set
+
+#
+# PCS device drivers
+#
+# end of PCS device drivers
+
+# CONFIG_PPP is not set
+# CONFIG_SLIP is not set
+CONFIG_USB_NET_DRIVERS=m
+# CONFIG_USB_CATC is not set
+# CONFIG_USB_KAWETH is not set
+# CONFIG_USB_PEGASUS is not set
+# CONFIG_USB_RTL8150 is not set
+# CONFIG_USB_RTL8152 is not set
+# CONFIG_USB_LAN78XX is not set
+CONFIG_USB_USBNET=m
+# CONFIG_USB_NET_AX8817X is not set
+# CONFIG_USB_NET_AX88179_178A is not set
+CONFIG_USB_NET_CDCETHER=m
+CONFIG_USB_NET_CDC_EEM=m
+CONFIG_USB_NET_CDC_NCM=m
+# CONFIG_USB_NET_HUAWEI_CDC_NCM is not set
+# CONFIG_USB_NET_CDC_MBIM is not set
+# CONFIG_USB_NET_DM9601 is not set
+# CONFIG_USB_NET_SR9700 is not set
+# CONFIG_USB_NET_SR9800 is not set
+# CONFIG_USB_NET_SMSC75XX is not set
+# CONFIG_USB_NET_SMSC95XX is not set
+# CONFIG_USB_NET_GL620A is not set
+# CONFIG_USB_NET_NET1080 is not set
+# CONFIG_USB_NET_PLUSB is not set
+# CONFIG_USB_NET_MCS7830 is not set
+# CONFIG_USB_NET_RNDIS_HOST is not set
+CONFIG_USB_NET_CDC_SUBSET=m
+# CONFIG_USB_ALI_M5632 is not set
+# CONFIG_USB_AN2720 is not set
+# CONFIG_USB_BELKIN is not set
+# CONFIG_USB_ARMLINUX is not set
+# CONFIG_USB_EPSON2888 is not set
+# CONFIG_USB_KC2190 is not set
+# CONFIG_USB_NET_ZAURUS is not set
+# CONFIG_USB_NET_CX82310_ETH is not set
+# CONFIG_USB_NET_KALMIA is not set
+# CONFIG_USB_NET_QMI_WWAN is not set
+# CONFIG_USB_NET_INT51X1 is not set
+# CONFIG_USB_IPHETH is not set
+# CONFIG_USB_SIERRA_NET is not set
+# CONFIG_USB_VL600 is not set
+# CONFIG_USB_NET_CH9200 is not set
+# CONFIG_USB_NET_AQC111 is not set
+CONFIG_USB_RTL8153_ECM=m
+# CONFIG_WLAN is not set
+# CONFIG_WAN is not set
+
+#
+# Wireless WAN
+#
+# CONFIG_WWAN is not set
+# end of Wireless WAN
+
+# CONFIG_VMXNET3 is not set
+# CONFIG_FUJITSU_ES is not set
+# CONFIG_NET_FAILOVER is not set
+# CONFIG_ISDN is not set
+
+#
+# Input device support
+#
+CONFIG_INPUT=y
+# CONFIG_INPUT_FF_MEMLESS is not set
+# CONFIG_INPUT_SPARSEKMAP is not set
+# CONFIG_INPUT_MATRIXKMAP is not set
+CONFIG_INPUT_VIVALDIFMAP=y
+
+#
+# Userland interfaces
+#
+CONFIG_INPUT_MOUSEDEV=y
+# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
+CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
+CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
+# CONFIG_INPUT_JOYDEV is not set
+# CONFIG_INPUT_EVDEV is not set
+# CONFIG_INPUT_EVBUG is not set
+
+#
+# Input Device Drivers
+#
+CONFIG_INPUT_KEYBOARD=y
+CONFIG_KEYBOARD_ATKBD=y
+# CONFIG_KEYBOARD_LKKBD is not set
+# CONFIG_KEYBOARD_NEWTON is not set
+# CONFIG_KEYBOARD_OPENCORES is not set
+# CONFIG_KEYBOARD_SAMSUNG is not set
+# CONFIG_KEYBOARD_STOWAWAY is not set
+# CONFIG_KEYBOARD_SUNKBD is not set
+# CONFIG_KEYBOARD_XTKBD is not set
+CONFIG_INPUT_MOUSE=y
+CONFIG_MOUSE_PS2=y
+# CONFIG_MOUSE_PS2_ALPS is not set
+# CONFIG_MOUSE_PS2_BYD is not set
+# CONFIG_MOUSE_PS2_LOGIPS2PP is not set
+CONFIG_MOUSE_PS2_SYNAPTICS=y
+# CONFIG_MOUSE_PS2_CYPRESS is not set
+# CONFIG_MOUSE_PS2_LIFEBOOK is not set
+# CONFIG_MOUSE_PS2_TRACKPOINT is not set
+# CONFIG_MOUSE_PS2_ELANTECH is not set
+# CONFIG_MOUSE_PS2_SENTELIC is not set
+# CONFIG_MOUSE_PS2_TOUCHKIT is not set
+# CONFIG_MOUSE_PS2_FOCALTECH is not set
+# CONFIG_MOUSE_SERIAL is not set
+# CONFIG_MOUSE_APPLETOUCH is not set
+# CONFIG_MOUSE_BCM5974 is not set
+# CONFIG_MOUSE_VSXXXAA is not set
+# CONFIG_MOUSE_SYNAPTICS_USB is not set
+# CONFIG_INPUT_JOYSTICK is not set
+# CONFIG_INPUT_TABLET is not set
+# CONFIG_INPUT_TOUCHSCREEN is not set
+# CONFIG_INPUT_MISC is not set
+# CONFIG_RMI4_CORE is not set
+
+#
+# Hardware I/O ports
+#
+CONFIG_SERIO=y
+CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
+CONFIG_SERIO_I8042=y
+# CONFIG_SERIO_SERPORT is not set
+# CONFIG_SERIO_CT82C710 is not set
+# CONFIG_SERIO_PCIPS2 is not set
+CONFIG_SERIO_LIBPS2=y
+# CONFIG_SERIO_RAW is not set
+# CONFIG_SERIO_ALTERA_PS2 is not set
+# CONFIG_SERIO_PS2MULT is not set
+# CONFIG_SERIO_ARC_PS2 is not set
+# CONFIG_USERIO is not set
+# CONFIG_GAMEPORT is not set
+# end of Hardware I/O ports
+# end of Input device support
+
+#
+# Character devices
+#
+CONFIG_TTY=y
+CONFIG_VT=y
+CONFIG_CONSOLE_TRANSLATIONS=y
+CONFIG_VT_CONSOLE=y
+CONFIG_HW_CONSOLE=y
+CONFIG_VT_HW_CONSOLE_BINDING=y
+CONFIG_UNIX98_PTYS=y
+# CONFIG_LEGACY_PTYS is not set
+CONFIG_LDISC_AUTOLOAD=y
+
+#
+# Serial drivers
+#
+CONFIG_SERIAL_8250=y
+# CONFIG_SERIAL_8250_DEPRECATED_OPTIONS is not set
+# CONFIG_SERIAL_8250_PNP is not set
+# CONFIG_SERIAL_8250_16550A_VARIANTS is not set
+# CONFIG_SERIAL_8250_FINTEK is not set
+# CONFIG_SERIAL_8250_CONSOLE is not set
+# CONFIG_SERIAL_8250_PCI is not set
+CONFIG_SERIAL_8250_NR_UARTS=4
+CONFIG_SERIAL_8250_RUNTIME_UARTS=4
+# CONFIG_SERIAL_8250_EXTENDED is not set
+# CONFIG_SERIAL_8250_DW is not set
+# CONFIG_SERIAL_8250_RT288X is not set
+# CONFIG_SERIAL_8250_LPSS is not set
+# CONFIG_SERIAL_8250_MID is not set
+# CONFIG_SERIAL_8250_PERICOM is not set
+
+#
+# Non-8250 serial port support
+#
+# CONFIG_SERIAL_UARTLITE is not set
+CONFIG_SERIAL_CORE=y
+# CONFIG_SERIAL_JSM is not set
+# CONFIG_SERIAL_LANTIQ is not set
+# CONFIG_SERIAL_SCCNXP is not set
+# CONFIG_SERIAL_ALTERA_JTAGUART is not set
+# CONFIG_SERIAL_ALTERA_UART is not set
+# CONFIG_SERIAL_ARC is not set
+# CONFIG_SERIAL_RP2 is not set
+# CONFIG_SERIAL_FSL_LPUART is not set
+# CONFIG_SERIAL_FSL_LINFLEXUART is not set
+# CONFIG_SERIAL_SPRD is not set
+# end of Serial drivers
+
+# CONFIG_SERIAL_NONSTANDARD is not set
+# CONFIG_N_GSM is not set
+# CONFIG_NOZOMI is not set
+# CONFIG_NULL_TTY is not set
+# CONFIG_SERIAL_DEV_BUS is not set
+CONFIG_TTY_PRINTK=y
+CONFIG_TTY_PRINTK_LEVEL=6
+# CONFIG_VIRTIO_CONSOLE is not set
+# CONFIG_IPMI_HANDLER is not set
+CONFIG_HW_RANDOM=y
+# CONFIG_HW_RANDOM_TIMERIOMEM is not set
+CONFIG_HW_RANDOM_INTEL=y
+# CONFIG_HW_RANDOM_AMD is not set
+# CONFIG_HW_RANDOM_BA431 is not set
+# CONFIG_HW_RANDOM_VIA is not set
+# CONFIG_HW_RANDOM_XIPHERA is not set
+# CONFIG_APPLICOM is not set
+# CONFIG_MWAVE is not set
+CONFIG_DEVMEM=y
+# CONFIG_NVRAM is not set
+CONFIG_DEVPORT=y
+# CONFIG_HPET is not set
+# CONFIG_HANGCHECK_TIMER is not set
+CONFIG_TCG_TPM=y
+# CONFIG_HW_RANDOM_TPM is not set
+CONFIG_TCG_TIS_CORE=y
+CONFIG_TCG_TIS=y
+# CONFIG_TCG_NSC is not set
+# CONFIG_TCG_ATMEL is not set
+# CONFIG_TCG_INFINEON is not set
+# CONFIG_TCG_CRB is not set
+# CONFIG_TCG_VTPM_PROXY is not set
+# CONFIG_TELCLOCK is not set
+# CONFIG_XILLYBUS is not set
+# CONFIG_XILLYUSB is not set
+CONFIG_RANDOM_TRUST_CPU=y
+# CONFIG_RANDOM_TRUST_BOOTLOADER is not set
+# end of Character devices
+
+#
+# I2C support
+#
+# CONFIG_I2C is not set
+# end of I2C support
+
+# CONFIG_I3C is not set
+# CONFIG_SPI is not set
+# CONFIG_SPMI is not set
+# CONFIG_HSI is not set
+# CONFIG_PPS is not set
+
+#
+# PTP clock support
+#
+# CONFIG_PTP_1588_CLOCK is not set
+CONFIG_PTP_1588_CLOCK_OPTIONAL=y
+
+#
+# Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
+#
+# end of PTP clock support
+
+# CONFIG_PINCTRL is not set
+# CONFIG_GPIOLIB is not set
+# CONFIG_W1 is not set
+# CONFIG_POWER_RESET is not set
+CONFIG_POWER_SUPPLY=y
+# CONFIG_POWER_SUPPLY_DEBUG is not set
+# CONFIG_PDA_POWER is not set
+# CONFIG_TEST_POWER is not set
+# CONFIG_BATTERY_DS2780 is not set
+# CONFIG_BATTERY_DS2781 is not set
+# CONFIG_BATTERY_SAMSUNG_SDI is not set
+# CONFIG_BATTERY_BQ27XXX is not set
+# CONFIG_CHARGER_MAX8903 is not set
+# CONFIG_BATTERY_GOLDFISH is not set
+# CONFIG_HWMON is not set
+CONFIG_THERMAL=y
+# CONFIG_THERMAL_NETLINK is not set
+# CONFIG_THERMAL_STATISTICS is not set
+CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0
+# CONFIG_THERMAL_WRITABLE_TRIPS is not set
+CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
+# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
+# CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set
+# CONFIG_THERMAL_GOV_FAIR_SHARE is not set
+CONFIG_THERMAL_GOV_STEP_WISE=y
+# CONFIG_THERMAL_GOV_BANG_BANG is not set
+# CONFIG_THERMAL_GOV_USER_SPACE is not set
+# CONFIG_THERMAL_EMULATION is not set
+
+#
+# Intel thermal drivers
+#
+# CONFIG_INTEL_POWERCLAMP is not set
+CONFIG_X86_THERMAL_VECTOR=y
+# CONFIG_X86_PKG_TEMP_THERMAL is not set
+# CONFIG_INTEL_SOC_DTS_THERMAL is not set
+
+#
+# ACPI INT340X thermal drivers
+#
+# CONFIG_INT340X_THERMAL is not set
+# end of ACPI INT340X thermal drivers
+
+# CONFIG_INTEL_PCH_THERMAL is not set
+# CONFIG_INTEL_TCC_COOLING is not set
+# CONFIG_INTEL_MENLOW is not set
+# CONFIG_INTEL_HFI_THERMAL is not set
+# end of Intel thermal drivers
+
+# CONFIG_WATCHDOG is not set
+CONFIG_SSB_POSSIBLE=y
+# CONFIG_SSB is not set
+CONFIG_BCMA_POSSIBLE=y
+# CONFIG_BCMA is not set
+
+#
+# Multifunction device drivers
+#
+# CONFIG_MFD_MADERA is not set
+# CONFIG_MFD_DLN2 is not set
+# CONFIG_HTC_PASIC3 is not set
+# CONFIG_MFD_INTEL_QUARK_I2C_GPIO is not set
+# CONFIG_LPC_ICH is not set
+# CONFIG_LPC_SCH is not set
+# CONFIG_MFD_INTEL_LPSS_ACPI is not set
+# CONFIG_MFD_INTEL_LPSS_PCI is not set
+# CONFIG_MFD_INTEL_PMC_BXT is not set
+# CONFIG_MFD_JANZ_CMODIO is not set
+# CONFIG_MFD_KEMPLD is not set
+# CONFIG_MFD_MT6397 is not set
+# CONFIG_MFD_VIPERBOARD is not set
+# CONFIG_MFD_RDC321X is not set
+# CONFIG_MFD_SM501 is not set
+CONFIG_MFD_SYSCON=y
+# CONFIG_MFD_TI_AM335X_TSCADC is not set
+# CONFIG_MFD_TQMX86 is not set
+# CONFIG_MFD_VX855 is not set
+# end of Multifunction device drivers
+
+# CONFIG_REGULATOR is not set
+# CONFIG_RC_CORE is not set
+
+#
+# CEC support
+#
+# CONFIG_MEDIA_CEC_SUPPORT is not set
+# end of CEC support
+
+# CONFIG_MEDIA_SUPPORT is not set
+
+#
+# Graphics support
+#
+CONFIG_APERTURE_HELPERS=y
+# CONFIG_AGP is not set
+# CONFIG_VGA_SWITCHEROO is not set
+# CONFIG_DRM is not set
+# CONFIG_DRM_DEBUG_MODESET_LOCK is not set
+
+#
+# ARM devices
+#
+# end of ARM devices
+
+CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y
+
+#
+# Frame buffer Devices
+#
+CONFIG_FB_CMDLINE=y
+CONFIG_FB_NOTIFY=y
+CONFIG_FB=y
+# CONFIG_FIRMWARE_EDID is not set
+CONFIG_FB_CFB_FILLRECT=y
+CONFIG_FB_CFB_COPYAREA=y
+CONFIG_FB_CFB_IMAGEBLIT=y
+# CONFIG_FB_FOREIGN_ENDIAN is not set
+# CONFIG_FB_MODE_HELPERS is not set
+# CONFIG_FB_TILEBLITTING is not set
+
+#
+# Frame buffer hardware drivers
+#
+# CONFIG_FB_CIRRUS is not set
+# CONFIG_FB_PM2 is not set
+# CONFIG_FB_CYBER2000 is not set
+# CONFIG_FB_ARC is not set
+# CONFIG_FB_ASILIANT is not set
+# CONFIG_FB_IMSTT is not set
+# CONFIG_FB_VGA16 is not set
+# CONFIG_FB_VESA is not set
+CONFIG_FB_EFI=y
+# CONFIG_FB_N411 is not set
+# CONFIG_FB_HGA is not set
+# CONFIG_FB_OPENCORES is not set
+# CONFIG_FB_S1D13XXX is not set
+# CONFIG_FB_NVIDIA is not set
+# CONFIG_FB_RIVA is not set
+# CONFIG_FB_I740 is not set
+# CONFIG_FB_LE80578 is not set
+# CONFIG_FB_MATROX is not set
+# CONFIG_FB_RADEON is not set
+# CONFIG_FB_ATY128 is not set
+# CONFIG_FB_ATY is not set
+# CONFIG_FB_S3 is not set
+# CONFIG_FB_SAVAGE is not set
+# CONFIG_FB_SIS is not set
+# CONFIG_FB_NEOMAGIC is not set
+# CONFIG_FB_KYRO is not set
+# CONFIG_FB_3DFX is not set
+# CONFIG_FB_VOODOO1 is not set
+# CONFIG_FB_VT8623 is not set
+# CONFIG_FB_TRIDENT is not set
+# CONFIG_FB_ARK is not set
+# CONFIG_FB_PM3 is not set
+# CONFIG_FB_CARMINE is not set
+# CONFIG_FB_SMSCUFX is not set
+# CONFIG_FB_UDL is not set
+# CONFIG_FB_IBM_GXT4500 is not set
+# CONFIG_FB_VIRTUAL is not set
+# CONFIG_FB_METRONOME is not set
+# CONFIG_FB_MB862XX is not set
+# CONFIG_FB_SIMPLE is not set
+# CONFIG_FB_SM712 is not set
+# end of Frame buffer Devices
+
+#
+# Backlight & LCD device support
+#
+# CONFIG_LCD_CLASS_DEVICE is not set
+CONFIG_BACKLIGHT_CLASS_DEVICE=y
+# CONFIG_BACKLIGHT_APPLE is not set
+# CONFIG_BACKLIGHT_QCOM_WLED is not set
+# CONFIG_BACKLIGHT_SAHARA is not set
+# end of Backlight & LCD device support
+
+#
+# Console display driver support
+#
+CONFIG_VGA_CONSOLE=y
+CONFIG_DUMMY_CONSOLE=y
+CONFIG_DUMMY_CONSOLE_COLUMNS=80
+CONFIG_DUMMY_CONSOLE_ROWS=25
+CONFIG_FRAMEBUFFER_CONSOLE=y
+CONFIG_FRAMEBUFFER_CONSOLE_LEGACY_ACCELERATION=y
+CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y
+# CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set
+# CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set
+# end of Console display driver support
+
+# CONFIG_LOGO is not set
+# end of Graphics support
+
+# CONFIG_SOUND is not set
+
+#
+# HID support
+#
+CONFIG_HID=y
+# CONFIG_HID_BATTERY_STRENGTH is not set
+# CONFIG_HIDRAW is not set
+# CONFIG_UHID is not set
+CONFIG_HID_GENERIC=y
+
+#
+# Special HID drivers
+#
+# CONFIG_HID_A4TECH is not set
+# CONFIG_HID_ACCUTOUCH is not set
+# CONFIG_HID_ACRUX is not set
+# CONFIG_HID_APPLEIR is not set
+# CONFIG_HID_AUREAL is not set
+# CONFIG_HID_BELKIN is not set
+# CONFIG_HID_BETOP_FF is not set
+# CONFIG_HID_CHERRY is not set
+# CONFIG_HID_CHICONY is not set
+# CONFIG_HID_COUGAR is not set
+# CONFIG_HID_MACALLY is not set
+# CONFIG_HID_CMEDIA is not set
+# CONFIG_HID_CREATIVE_SB0540 is not set
+# CONFIG_HID_CYPRESS is not set
+# CONFIG_HID_DRAGONRISE is not set
+# CONFIG_HID_EMS_FF is not set
+# CONFIG_HID_ELECOM is not set
+# CONFIG_HID_ELO is not set
+# CONFIG_HID_EZKEY is not set
+# CONFIG_HID_GEMBIRD is not set
+# CONFIG_HID_GFRM is not set
+# CONFIG_HID_GLORIOUS is not set
+# CONFIG_HID_HOLTEK is not set
+# CONFIG_HID_VIVALDI is not set
+# CONFIG_HID_KEYTOUCH is not set
+# CONFIG_HID_KYE is not set
+# CONFIG_HID_UCLOGIC is not set
+# CONFIG_HID_WALTOP is not set
+# CONFIG_HID_VIEWSONIC is not set
+# CONFIG_HID_VRC2 is not set
+# CONFIG_HID_XIAOMI is not set
+# CONFIG_HID_GYRATION is not set
+# CONFIG_HID_ICADE is not set
+# CONFIG_HID_ITE is not set
+# CONFIG_HID_JABRA is not set
+# CONFIG_HID_TWINHAN is not set
+# CONFIG_HID_KENSINGTON is not set
+# CONFIG_HID_LCPOWER is not set
+# CONFIG_HID_LENOVO is not set
+# CONFIG_HID_LETSKETCH is not set
+# CONFIG_HID_MAGICMOUSE is not set
+# CONFIG_HID_MALTRON is not set
+# CONFIG_HID_MAYFLASH is not set
+# CONFIG_HID_MEGAWORLD_FF is not set
+# CONFIG_HID_REDRAGON is not set
+# CONFIG_HID_MICROSOFT is not set
+# CONFIG_HID_MONTEREY is not set
+# CONFIG_HID_MULTITOUCH is not set
+# CONFIG_HID_NTI is not set
+# CONFIG_HID_NTRIG is not set
+# CONFIG_HID_ORTEK is not set
+# CONFIG_HID_PANTHERLORD is not set
+# CONFIG_HID_PENMOUNT is not set
+# CONFIG_HID_PETALYNX is not set
+# CONFIG_HID_PICOLCD is not set
+# CONFIG_HID_PLANTRONICS is not set
+# CONFIG_HID_PXRC is not set
+# CONFIG_HID_RAZER is not set
+# CONFIG_HID_PRIMAX is not set
+# CONFIG_HID_RETRODE is not set
+# CONFIG_HID_ROCCAT is not set
+# CONFIG_HID_SAITEK is not set
+# CONFIG_HID_SAMSUNG is not set
+# CONFIG_HID_SEMITEK is not set
+# CONFIG_HID_SIGMAMICRO is not set
+# CONFIG_HID_SPEEDLINK is not set
+# CONFIG_HID_STEAM is not set
+# CONFIG_HID_STEELSERIES is not set
+# CONFIG_HID_SUNPLUS is not set
+# CONFIG_HID_RMI is not set
+# CONFIG_HID_GREENASIA is not set
+# CONFIG_HID_SMARTJOYPLUS is not set
+# CONFIG_HID_TIVO is not set
+# CONFIG_HID_TOPSEED is not set
+# CONFIG_HID_TOPRE is not set
+# CONFIG_HID_THRUSTMASTER is not set
+# CONFIG_HID_UDRAW_PS3 is not set
+# CONFIG_HID_WACOM is not set
+# CONFIG_HID_XINMO is not set
+# CONFIG_HID_ZEROPLUS is not set
+# CONFIG_HID_ZYDACRON is not set
+# CONFIG_HID_SENSOR_HUB is not set
+# CONFIG_HID_ALPS is not set
+# end of Special HID drivers
+
+#
+# USB HID support
+#
+CONFIG_USB_HID=m
+# CONFIG_HID_PID is not set
+# CONFIG_USB_HIDDEV is not set
+
+#
+# USB HID Boot Protocol drivers
+#
+# CONFIG_USB_KBD is not set
+# CONFIG_USB_MOUSE is not set
+# end of USB HID Boot Protocol drivers
+# end of USB HID support
+
+#
+# Intel ISH HID support
+#
+# CONFIG_INTEL_ISH_HID is not set
+# end of Intel ISH HID support
+
+#
+# AMD SFH HID Support
+#
+# CONFIG_AMD_SFH_HID is not set
+# end of AMD SFH HID Support
+# end of HID support
+
+CONFIG_USB_OHCI_LITTLE_ENDIAN=y
+CONFIG_USB_SUPPORT=y
+CONFIG_USB_COMMON=y
+# CONFIG_USB_ULPI_BUS is not set
+CONFIG_USB_ARCH_HAS_HCD=y
+CONFIG_USB=y
+CONFIG_USB_PCI=y
+# CONFIG_USB_ANNOUNCE_NEW_DEVICES is not set
+
+#
+# Miscellaneous USB options
+#
+CONFIG_USB_DEFAULT_PERSIST=y
+# CONFIG_USB_FEW_INIT_RETRIES is not set
+# CONFIG_USB_DYNAMIC_MINORS is not set
+# CONFIG_USB_OTG_PRODUCTLIST is not set
+# CONFIG_USB_OTG_DISABLE_EXTERNAL_HUB is not set
+CONFIG_USB_AUTOSUSPEND_DELAY=2
+# CONFIG_USB_MON is not set
+
+#
+# USB Host Controller Drivers
+#
+# CONFIG_USB_C67X00_HCD is not set
+CONFIG_USB_XHCI_HCD=m
+# CONFIG_USB_XHCI_DBGCAP is not set
+CONFIG_USB_XHCI_PCI=m
+# CONFIG_USB_XHCI_PCI_RENESAS is not set
+CONFIG_USB_XHCI_PLATFORM=m
+CONFIG_USB_EHCI_HCD=m
+# CONFIG_USB_EHCI_ROOT_HUB_TT is not set
+CONFIG_USB_EHCI_TT_NEWSCHED=y
+CONFIG_USB_EHCI_PCI=m
+# CONFIG_USB_EHCI_FSL is not set
+CONFIG_USB_EHCI_HCD_PLATFORM=m
+# CONFIG_USB_OXU210HP_HCD is not set
+# CONFIG_USB_ISP116X_HCD is not set
+# CONFIG_USB_FOTG210_HCD is not set
+CONFIG_USB_OHCI_HCD=m
+CONFIG_USB_OHCI_HCD_PCI=m
+# CONFIG_USB_OHCI_HCD_PLATFORM is not set
+# CONFIG_USB_UHCI_HCD is not set
+# CONFIG_USB_SL811_HCD is not set
+# CONFIG_USB_R8A66597_HCD is not set
+# CONFIG_USB_HCD_TEST_MODE is not set
+
+#
+# USB Device Class drivers
+#
+# CONFIG_USB_ACM is not set
+# CONFIG_USB_PRINTER is not set
+# CONFIG_USB_WDM is not set
+# CONFIG_USB_TMC is not set
+
+#
+# NOTE: USB_STORAGE depends on SCSI but BLK_DEV_SD may
+#
+
+#
+# also be needed; see USB_STORAGE Help for more info
+#
+CONFIG_USB_STORAGE=m
+# CONFIG_USB_STORAGE_DEBUG is not set
+# CONFIG_USB_STORAGE_REALTEK is not set
+# CONFIG_USB_STORAGE_DATAFAB is not set
+# CONFIG_USB_STORAGE_FREECOM is not set
+# CONFIG_USB_STORAGE_ISD200 is not set
+# CONFIG_USB_STORAGE_USBAT is not set
+# CONFIG_USB_STORAGE_SDDR09 is not set
+# CONFIG_USB_STORAGE_SDDR55 is not set
+# CONFIG_USB_STORAGE_JUMPSHOT is not set
+# CONFIG_USB_STORAGE_ALAUDA is not set
+# CONFIG_USB_STORAGE_ONETOUCH is not set
+# CONFIG_USB_STORAGE_KARMA is not set
+# CONFIG_USB_STORAGE_CYPRESS_ATACB is not set
+# CONFIG_USB_STORAGE_ENE_UB6250 is not set
+# CONFIG_USB_UAS is not set
+
+#
+# USB Imaging devices
+#
+# CONFIG_USB_MDC800 is not set
+# CONFIG_USB_MICROTEK is not set
+# CONFIG_USBIP_CORE is not set
+# CONFIG_USB_CDNS_SUPPORT is not set
+# CONFIG_USB_MUSB_HDRC is not set
+# CONFIG_USB_DWC3 is not set
+# CONFIG_USB_DWC2 is not set
+# CONFIG_USB_CHIPIDEA is not set
+# CONFIG_USB_ISP1760 is not set
+
+#
+# USB port drivers
+#
+# CONFIG_USB_SERIAL is not set
+
+#
+# USB Miscellaneous drivers
+#
+# CONFIG_USB_EMI62 is not set
+# CONFIG_USB_EMI26 is not set
+# CONFIG_USB_ADUTUX is not set
+# CONFIG_USB_SEVSEG is not set
+# CONFIG_USB_LEGOTOWER is not set
+# CONFIG_USB_LCD is not set
+# CONFIG_USB_CYPRESS_CY7C63 is not set
+# CONFIG_USB_CYTHERM is not set
+# CONFIG_USB_IDMOUSE is not set
+# CONFIG_USB_FTDI_ELAN is not set
+# CONFIG_USB_APPLEDISPLAY is not set
+# CONFIG_APPLE_MFI_FASTCHARGE is not set
+# CONFIG_USB_SISUSBVGA is not set
+# CONFIG_USB_LD is not set
+# CONFIG_USB_TRANCEVIBRATOR is not set
+# CONFIG_USB_IOWARRIOR is not set
+# CONFIG_USB_TEST is not set
+# CONFIG_USB_EHSET_TEST_FIXTURE is not set
+# CONFIG_USB_ISIGHTFW is not set
+# CONFIG_USB_YUREX is not set
+# CONFIG_USB_EZUSB_FX2 is not set
+# CONFIG_USB_LINK_LAYER_TEST is not set
+# CONFIG_USB_CHAOSKEY is not set
+
+#
+# USB Physical Layer drivers
+#
+# CONFIG_NOP_USB_XCEIV is not set
+# end of USB Physical Layer drivers
+
+# CONFIG_USB_GADGET is not set
+# CONFIG_TYPEC is not set
+# CONFIG_USB_ROLE_SWITCH is not set
+CONFIG_MMC=m
+CONFIG_MMC_BLOCK=m
+CONFIG_MMC_BLOCK_MINORS=8
+# CONFIG_SDIO_UART is not set
+# CONFIG_MMC_TEST is not set
+
+#
+# MMC/SD/SDIO Host Controller Drivers
+#
+# CONFIG_MMC_DEBUG is not set
+CONFIG_MMC_SDHCI=m
+# CONFIG_MMC_SDHCI_PCI is not set
+# CONFIG_MMC_SDHCI_ACPI is not set
+# CONFIG_MMC_SDHCI_PLTFM is not set
+# CONFIG_MMC_WBSD is not set
+# CONFIG_MMC_TIFM_SD is not set
+# CONFIG_MMC_CB710 is not set
+# CONFIG_MMC_VIA_SDMMC is not set
+# CONFIG_MMC_VUB300 is not set
+# CONFIG_MMC_USHC is not set
+# CONFIG_MMC_USDHI6ROL0 is not set
+CONFIG_MMC_CQHCI=m
+# CONFIG_MMC_HSQ is not set
+# CONFIG_MMC_TOSHIBA_PCI is not set
+# CONFIG_MMC_MTK is not set
+# CONFIG_SCSI_UFSHCD is not set
+# CONFIG_MEMSTICK is not set
+# CONFIG_NEW_LEDS is not set
+# CONFIG_ACCESSIBILITY is not set
+# CONFIG_INFINIBAND is not set
+CONFIG_EDAC_ATOMIC_SCRUB=y
+CONFIG_EDAC_SUPPORT=y
+CONFIG_RTC_LIB=y
+CONFIG_RTC_MC146818_LIB=y
+CONFIG_RTC_CLASS=y
+CONFIG_RTC_HCTOSYS=y
+CONFIG_RTC_HCTOSYS_DEVICE="rtc0"
+CONFIG_RTC_SYSTOHC=y
+CONFIG_RTC_SYSTOHC_DEVICE="rtc0"
+# CONFIG_RTC_DEBUG is not set
+CONFIG_RTC_NVMEM=y
+
+#
+# RTC interfaces
+#
+CONFIG_RTC_INTF_SYSFS=y
+CONFIG_RTC_INTF_PROC=y
+CONFIG_RTC_INTF_DEV=y
+# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set
+# CONFIG_RTC_DRV_TEST is not set
+
+#
+# I2C RTC drivers
+#
+
+#
+# SPI RTC drivers
+#
+
+#
+# SPI and I2C RTC drivers
+#
+
+#
+# Platform RTC drivers
+#
+CONFIG_RTC_DRV_CMOS=y
+# CONFIG_RTC_DRV_DS1286 is not set
+# CONFIG_RTC_DRV_DS1511 is not set
+# CONFIG_RTC_DRV_DS1553 is not set
+# CONFIG_RTC_DRV_DS1685_FAMILY is not set
+# CONFIG_RTC_DRV_DS1742 is not set
+# CONFIG_RTC_DRV_DS2404 is not set
+# CONFIG_RTC_DRV_STK17TA8 is not set
+# CONFIG_RTC_DRV_M48T86 is not set
+# CONFIG_RTC_DRV_M48T35 is not set
+# CONFIG_RTC_DRV_M48T59 is not set
+# CONFIG_RTC_DRV_MSM6242 is not set
+# CONFIG_RTC_DRV_BQ4802 is not set
+# CONFIG_RTC_DRV_RP5C01 is not set
+# CONFIG_RTC_DRV_V3020 is not set
+
+#
+# on-CPU RTC drivers
+#
+# CONFIG_RTC_DRV_FTRTC010 is not set
+
+#
+# HID Sensor RTC drivers
+#
+# CONFIG_RTC_DRV_GOLDFISH is not set
+# CONFIG_DMADEVICES is not set
+
+#
+# DMABUF options
+#
+CONFIG_SYNC_FILE=y
+# CONFIG_DMABUF_MOVE_NOTIFY is not set
+# CONFIG_DMABUF_DEBUG is not set
+# CONFIG_DMABUF_SELFTESTS is not set
+# CONFIG_DMABUF_HEAPS is not set
+# CONFIG_DMABUF_SYSFS_STATS is not set
+# end of DMABUF options
+
+# CONFIG_AUXDISPLAY is not set
+# CONFIG_UIO is not set
+# CONFIG_VFIO is not set
+# CONFIG_VIRT_DRIVERS is not set
+# CONFIG_VIRTIO_MENU is not set
+# CONFIG_VDPA is not set
+# CONFIG_VHOST_MENU is not set
+
+#
+# Microsoft Hyper-V guest support
+#
+# end of Microsoft Hyper-V guest support
+
+# CONFIG_GREYBUS is not set
+# CONFIG_COMEDI is not set
+# CONFIG_STAGING is not set
+# CONFIG_CHROME_PLATFORMS is not set
+# CONFIG_MELLANOX_PLATFORM is not set
+# CONFIG_SURFACE_PLATFORMS is not set
+CONFIG_X86_PLATFORM_DEVICES=y
+# CONFIG_ACPI_WMI is not set
+# CONFIG_ACERHDF is not set
+# CONFIG_ACER_WIRELESS is not set
+# CONFIG_AMD_PMF is not set
+# CONFIG_AMD_PMC is not set
+# CONFIG_ADV_SWBUTTON is not set
+# CONFIG_APPLE_GMUX is not set
+# CONFIG_ASUS_LAPTOP is not set
+# CONFIG_ASUS_WIRELESS is not set
+# CONFIG_X86_PLATFORM_DRIVERS_DELL is not set
+# CONFIG_FUJITSU_LAPTOP is not set
+# CONFIG_FUJITSU_TABLET is not set
+# CONFIG_GPD_POCKET_FAN is not set
+# CONFIG_HP_ACCEL is not set
+# CONFIG_WIRELESS_HOTKEY is not set
+# CONFIG_IBM_RTL is not set
+# CONFIG_SENSORS_HDAPS is not set
+# CONFIG_INTEL_SAR_INT1092 is not set
+# CONFIG_INTEL_PMC_CORE is not set
+
+#
+# Intel Speed Select Technology interface support
+#
+# CONFIG_INTEL_SPEED_SELECT_INTERFACE is not set
+# end of Intel Speed Select Technology interface support
+
+#
+# Intel Uncore Frequency Control
+#
+# CONFIG_INTEL_UNCORE_FREQ_CONTROL is not set
+# end of Intel Uncore Frequency Control
+
+# CONFIG_INTEL_PUNIT_IPC is not set
+# CONFIG_INTEL_RST is not set
+# CONFIG_INTEL_SMARTCONNECT is not set
+# CONFIG_INTEL_TURBO_MAX_3 is not set
+# CONFIG_INTEL_VSEC is not set
+# CONFIG_SAMSUNG_LAPTOP is not set
+# CONFIG_SAMSUNG_Q10 is not set
+# CONFIG_TOSHIBA_BT_RFKILL is not set
+# CONFIG_TOSHIBA_HAPS is not set
+# CONFIG_ACPI_CMPC is not set
+# CONFIG_PANASONIC_LAPTOP is not set
+# CONFIG_TOPSTAR_LAPTOP is not set
+# CONFIG_INTEL_IPS is not set
+# CONFIG_INTEL_SCU_PCI is not set
+# CONFIG_INTEL_SCU_PLATFORM is not set
+# CONFIG_SIEMENS_SIMATIC_IPC is not set
+# CONFIG_WINMATE_FM07_KEYS is not set
+# CONFIG_P2SB is not set
+CONFIG_HAVE_CLK=y
+CONFIG_HAVE_CLK_PREPARE=y
+CONFIG_COMMON_CLK=y
+# CONFIG_XILINX_VCU is not set
+# CONFIG_HWSPINLOCK is not set
+
+#
+# Clock Source drivers
+#
+CONFIG_CLKEVT_I8253=y
+CONFIG_I8253_LOCK=y
+CONFIG_CLKBLD_I8253=y
+# end of Clock Source drivers
+
+CONFIG_MAILBOX=y
+CONFIG_PCC=y
+# CONFIG_ALTERA_MBOX is not set
+CONFIG_IOMMU_IOVA=y
+CONFIG_IOASID=y
+CONFIG_IOMMU_API=y
+CONFIG_IOMMU_SUPPORT=y
+
+#
+# Generic IOMMU Pagetable Support
+#
+# end of Generic IOMMU Pagetable Support
+
+# CONFIG_IOMMU_DEFAULT_DMA_STRICT is not set
+CONFIG_IOMMU_DEFAULT_DMA_LAZY=y
+# CONFIG_IOMMU_DEFAULT_PASSTHROUGH is not set
+CONFIG_IOMMU_DMA=y
+CONFIG_IOMMU_SVA=y
+# CONFIG_AMD_IOMMU is not set
+CONFIG_DMAR_TABLE=y
+CONFIG_INTEL_IOMMU=y
+CONFIG_INTEL_IOMMU_SVM=y
+CONFIG_INTEL_IOMMU_DEFAULT_ON=y
+CONFIG_INTEL_IOMMU_FLOPPY_WA=y
+# CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON is not set
+# CONFIG_IRQ_REMAP is not set
+
+#
+# Remoteproc drivers
+#
+# CONFIG_REMOTEPROC is not set
+# end of Remoteproc drivers
+
+#
+# Rpmsg drivers
+#
+# CONFIG_RPMSG_QCOM_GLINK_RPM is not set
+# CONFIG_RPMSG_VIRTIO is not set
+# end of Rpmsg drivers
+
+# CONFIG_SOUNDWIRE is not set
+
+#
+# SOC (System On Chip) specific Drivers
+#
+
+#
+# Amlogic SoC drivers
+#
+# end of Amlogic SoC drivers
+
+#
+# Broadcom SoC drivers
+#
+# end of Broadcom SoC drivers
+
+#
+# NXP/Freescale QorIQ SoC drivers
+#
+# end of NXP/Freescale QorIQ SoC drivers
+
+#
+# fujitsu SoC drivers
+#
+# end of fujitsu SoC drivers
+
+#
+# i.MX SoC drivers
+#
+# end of i.MX SoC drivers
+
+#
+# Enable LiteX SoC Builder specific drivers
+#
+# end of Enable LiteX SoC Builder specific drivers
+
+#
+# Qualcomm SoC drivers
+#
+# end of Qualcomm SoC drivers
+
+# CONFIG_SOC_TI is not set
+
+#
+# Xilinx SoC drivers
+#
+# end of Xilinx SoC drivers
+# end of SOC (System On Chip) specific Drivers
+
+# CONFIG_PM_DEVFREQ is not set
+# CONFIG_EXTCON is not set
+# CONFIG_MEMORY is not set
+# CONFIG_IIO is not set
+# CONFIG_NTB is not set
+# CONFIG_PWM is not set
+
+#
+# IRQ chip support
+#
+# end of IRQ chip support
+
+# CONFIG_IPACK_BUS is not set
+# CONFIG_RESET_CONTROLLER is not set
+
+#
+# PHY Subsystem
+#
+CONFIG_GENERIC_PHY=y
+# CONFIG_USB_LGM_PHY is not set
+# CONFIG_PHY_CAN_TRANSCEIVER is not set
+
+#
+# PHY drivers for Broadcom platforms
+#
+# CONFIG_BCM_KONA_USB2_PHY is not set
+# end of PHY drivers for Broadcom platforms
+
+# CONFIG_PHY_PXA_28NM_HSIC is not set
+# CONFIG_PHY_PXA_28NM_USB2 is not set
+# CONFIG_PHY_INTEL_LGM_EMMC is not set
+# end of PHY Subsystem
+
+# CONFIG_POWERCAP is not set
+# CONFIG_MCB is not set
+
+#
+# Performance monitor support
+#
+# end of Performance monitor support
+
+# CONFIG_RAS is not set
+# CONFIG_USB4 is not set
+
+#
+# Android
+#
+# CONFIG_ANDROID_BINDER_IPC is not set
+# end of Android
+
+CONFIG_LIBNVDIMM=y
+# CONFIG_BLK_DEV_PMEM is not set
+# CONFIG_BTT is not set
+# CONFIG_DAX is not set
+CONFIG_NVMEM=y
+# CONFIG_NVMEM_SYSFS is not set
+# CONFIG_NVMEM_RMEM is not set
+
+#
+# HW tracing support
+#
+# CONFIG_STM is not set
+# CONFIG_INTEL_TH is not set
+# end of HW tracing support
+
+# CONFIG_FPGA is not set
+# CONFIG_SIOX is not set
+# CONFIG_SLIMBUS is not set
+# CONFIG_INTERCONNECT is not set
+# CONFIG_COUNTER is not set
+# CONFIG_PECI is not set
+# CONFIG_HTE is not set
+# end of Device Drivers
+
+#
+# File systems
+#
+CONFIG_DCACHE_WORD_ACCESS=y
+# CONFIG_VALIDATE_FS_PARSER is not set
+CONFIG_FS_IOMAP=y
+# CONFIG_EXT2_FS is not set
+# CONFIG_EXT3_FS is not set
+CONFIG_EXT4_FS=y
+CONFIG_EXT4_USE_FOR_EXT2=y
+# CONFIG_EXT4_FS_POSIX_ACL is not set
+# CONFIG_EXT4_FS_SECURITY is not set
+# CONFIG_EXT4_DEBUG is not set
+CONFIG_JBD2=y
+# CONFIG_JBD2_DEBUG is not set
+CONFIG_FS_MBCACHE=y
+# CONFIG_REISERFS_FS is not set
+# CONFIG_JFS_FS is not set
+# CONFIG_XFS_FS is not set
+# CONFIG_GFS2_FS is not set
+# CONFIG_BTRFS_FS is not set
+# CONFIG_NILFS2_FS is not set
+# CONFIG_F2FS_FS is not set
+# CONFIG_EXPORTFS_BLOCK_OPS is not set
+CONFIG_FILE_LOCKING=y
+# CONFIG_FS_ENCRYPTION is not set
+# CONFIG_FS_VERITY is not set
+# CONFIG_DNOTIFY is not set
+# CONFIG_INOTIFY_USER is not set
+# CONFIG_FANOTIFY is not set
+# CONFIG_QUOTA is not set
+# CONFIG_AUTOFS4_FS is not set
+# CONFIG_AUTOFS_FS is not set
+# CONFIG_FUSE_FS is not set
+# CONFIG_OVERLAY_FS is not set
+
+#
+# Caches
+#
+# CONFIG_FSCACHE is not set
+# end of Caches
+
+#
+# CD-ROM/DVD Filesystems
+#
+CONFIG_ISO9660_FS=y
+CONFIG_JOLIET=y
+# CONFIG_ZISOFS is not set
+# CONFIG_UDF_FS is not set
+# end of CD-ROM/DVD Filesystems
+
+#
+# DOS/FAT/EXFAT/NT Filesystems
+#
+CONFIG_FAT_FS=y
+CONFIG_MSDOS_FS=y
+CONFIG_VFAT_FS=y
+CONFIG_FAT_DEFAULT_CODEPAGE=437
+CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
+# CONFIG_FAT_DEFAULT_UTF8 is not set
+CONFIG_EXFAT_FS=y
+CONFIG_EXFAT_DEFAULT_IOCHARSET="utf8"
+# CONFIG_NTFS_FS is not set
+# CONFIG_NTFS3_FS is not set
+# end of DOS/FAT/EXFAT/NT Filesystems
+
+#
+# Pseudo filesystems
+#
+CONFIG_PROC_FS=y
+# CONFIG_PROC_KCORE is not set
+CONFIG_PROC_SYSCTL=y
+# CONFIG_PROC_PAGE_MONITOR is not set
+# CONFIG_PROC_CHILDREN is not set
+CONFIG_PROC_PID_ARCH_STATUS=y
+CONFIG_KERNFS=y
+CONFIG_SYSFS=y
+# CONFIG_TMPFS is not set
+# CONFIG_HUGETLBFS is not set
+CONFIG_ARCH_WANT_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y
+CONFIG_ARCH_HAS_GIGANTIC_PAGE=y
+# CONFIG_CONFIGFS_FS is not set
+# CONFIG_EFIVAR_FS is not set
+# end of Pseudo filesystems
+
+# CONFIG_MISC_FILESYSTEMS is not set
+CONFIG_NETWORK_FILESYSTEMS=y
+# CONFIG_CEPH_FS is not set
+# CONFIG_CIFS is not set
+# CONFIG_CODA_FS is not set
+# CONFIG_AFS_FS is not set
+CONFIG_NLS=y
+CONFIG_NLS_DEFAULT="utf8"
+CONFIG_NLS_CODEPAGE_437=y
+# CONFIG_NLS_CODEPAGE_737 is not set
+# CONFIG_NLS_CODEPAGE_775 is not set
+# CONFIG_NLS_CODEPAGE_850 is not set
+# CONFIG_NLS_CODEPAGE_852 is not set
+# CONFIG_NLS_CODEPAGE_855 is not set
+# CONFIG_NLS_CODEPAGE_857 is not set
+# CONFIG_NLS_CODEPAGE_860 is not set
+# CONFIG_NLS_CODEPAGE_861 is not set
+# CONFIG_NLS_CODEPAGE_862 is not set
+# CONFIG_NLS_CODEPAGE_863 is not set
+# CONFIG_NLS_CODEPAGE_864 is not set
+# CONFIG_NLS_CODEPAGE_865 is not set
+# CONFIG_NLS_CODEPAGE_866 is not set
+# CONFIG_NLS_CODEPAGE_869 is not set
+# CONFIG_NLS_CODEPAGE_936 is not set
+# CONFIG_NLS_CODEPAGE_950 is not set
+# CONFIG_NLS_CODEPAGE_932 is not set
+# CONFIG_NLS_CODEPAGE_949 is not set
+# CONFIG_NLS_CODEPAGE_874 is not set
+# CONFIG_NLS_ISO8859_8 is not set
+# CONFIG_NLS_CODEPAGE_1250 is not set
+# CONFIG_NLS_CODEPAGE_1251 is not set
+# CONFIG_NLS_ASCII is not set
+CONFIG_NLS_ISO8859_1=y
+# CONFIG_NLS_ISO8859_2 is not set
+# CONFIG_NLS_ISO8859_3 is not set
+# CONFIG_NLS_ISO8859_4 is not set
+# CONFIG_NLS_ISO8859_5 is not set
+# CONFIG_NLS_ISO8859_6 is not set
+# CONFIG_NLS_ISO8859_7 is not set
+# CONFIG_NLS_ISO8859_9 is not set
+# CONFIG_NLS_ISO8859_13 is not set
+# CONFIG_NLS_ISO8859_14 is not set
+# CONFIG_NLS_ISO8859_15 is not set
+# CONFIG_NLS_KOI8_R is not set
+# CONFIG_NLS_KOI8_U is not set
+# CONFIG_NLS_MAC_ROMAN is not set
+# CONFIG_NLS_MAC_CELTIC is not set
+# CONFIG_NLS_MAC_CENTEURO is not set
+# CONFIG_NLS_MAC_CROATIAN is not set
+# CONFIG_NLS_MAC_CYRILLIC is not set
+# CONFIG_NLS_MAC_GAELIC is not set
+# CONFIG_NLS_MAC_GREEK is not set
+# CONFIG_NLS_MAC_ICELAND is not set
+# CONFIG_NLS_MAC_INUIT is not set
+# CONFIG_NLS_MAC_ROMANIAN is not set
+# CONFIG_NLS_MAC_TURKISH is not set
+CONFIG_NLS_UTF8=y
+# CONFIG_UNICODE is not set
+CONFIG_IO_WQ=y
+# end of File systems
+
+#
+# Security options
+#
+# CONFIG_KEYS is not set
+# CONFIG_SECURITY_DMESG_RESTRICT is not set
+CONFIG_SECURITYFS=y
+# CONFIG_INTEL_TXT is not set
+CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
+CONFIG_HARDENED_USERCOPY=y
+# CONFIG_FORTIFY_SOURCE is not set
+# CONFIG_STATIC_USERMODEHELPER is not set
+# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set
+CONFIG_DEFAULT_SECURITY_DAC=y
+CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,bpf"
+
+#
+# Kernel hardening options
+#
+
+#
+# Memory initialization
+#
+CONFIG_INIT_STACK_NONE=y
+# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
+# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
+# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set
+# CONFIG_GCC_PLUGIN_STACKLEAK is not set
+# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
+# end of Memory initialization
+
+CONFIG_RANDSTRUCT_NONE=y
+# CONFIG_RANDSTRUCT_FULL is not set
+# CONFIG_RANDSTRUCT_PERFORMANCE is not set
+# end of Kernel hardening options
+# end of Security options
+
+CONFIG_CRYPTO=y
+
+#
+# Crypto core or helper
+#
+CONFIG_CRYPTO_ALGAPI=y
+CONFIG_CRYPTO_ALGAPI2=y
+CONFIG_CRYPTO_AEAD=y
+CONFIG_CRYPTO_AEAD2=y
+CONFIG_CRYPTO_SKCIPHER=y
+CONFIG_CRYPTO_SKCIPHER2=y
+CONFIG_CRYPTO_HASH=y
+CONFIG_CRYPTO_HASH2=y
+CONFIG_CRYPTO_RNG=y
+CONFIG_CRYPTO_RNG2=y
+CONFIG_CRYPTO_AKCIPHER2=y
+CONFIG_CRYPTO_KPP2=y
+CONFIG_CRYPTO_ACOMP2=y
+CONFIG_CRYPTO_MANAGER=y
+CONFIG_CRYPTO_MANAGER2=y
+CONFIG_CRYPTO_USER=y
+CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y
+CONFIG_CRYPTO_NULL=y
+CONFIG_CRYPTO_NULL2=y
+# CONFIG_CRYPTO_PCRYPT is not set
+CONFIG_CRYPTO_CRYPTD=y
+CONFIG_CRYPTO_AUTHENC=y
+# CONFIG_CRYPTO_TEST is not set
+CONFIG_CRYPTO_SIMD=y
+# end of Crypto core or helper
+
+#
+# Public-key cryptography
+#
+# CONFIG_CRYPTO_RSA is not set
+# CONFIG_CRYPTO_DH is not set
+# CONFIG_CRYPTO_ECDH is not set
+# CONFIG_CRYPTO_ECDSA is not set
+# CONFIG_CRYPTO_ECRDSA is not set
+# CONFIG_CRYPTO_SM2 is not set
+# CONFIG_CRYPTO_CURVE25519 is not set
+# end of Public-key cryptography
+
+#
+# Block ciphers
+#
+CONFIG_CRYPTO_AES=y
+# CONFIG_CRYPTO_AES_TI is not set
+# CONFIG_CRYPTO_ARIA is not set
+# CONFIG_CRYPTO_BLOWFISH is not set
+# CONFIG_CRYPTO_CAMELLIA is not set
+# CONFIG_CRYPTO_CAST5 is not set
+# CONFIG_CRYPTO_CAST6 is not set
+# CONFIG_CRYPTO_DES is not set
+# CONFIG_CRYPTO_FCRYPT is not set
+# CONFIG_CRYPTO_SERPENT is not set
+# CONFIG_CRYPTO_SM4_GENERIC is not set
+# CONFIG_CRYPTO_TWOFISH is not set
+# end of Block ciphers
+
+#
+# Length-preserving ciphers and modes
+#
+# CONFIG_CRYPTO_ADIANTUM is not set
+# CONFIG_CRYPTO_CHACHA20 is not set
+CONFIG_CRYPTO_CBC=y
+# CONFIG_CRYPTO_CFB is not set
+# CONFIG_CRYPTO_CTR is not set
+# CONFIG_CRYPTO_CTS is not set
+CONFIG_CRYPTO_ECB=y
+# CONFIG_CRYPTO_HCTR2 is not set
+# CONFIG_CRYPTO_KEYWRAP is not set
+# CONFIG_CRYPTO_LRW is not set
+# CONFIG_CRYPTO_OFB is not set
+# CONFIG_CRYPTO_PCBC is not set
+CONFIG_CRYPTO_XTS=y
+# end of Length-preserving ciphers and modes
+
+#
+# AEAD (authenticated encryption with associated data) ciphers
+#
+# CONFIG_CRYPTO_AEGIS128 is not set
+# CONFIG_CRYPTO_CHACHA20POLY1305 is not set
+# CONFIG_CRYPTO_CCM is not set
+# CONFIG_CRYPTO_GCM is not set
+# CONFIG_CRYPTO_SEQIV is not set
+# CONFIG_CRYPTO_ECHAINIV is not set
+CONFIG_CRYPTO_ESSIV=y
+# end of AEAD (authenticated encryption with associated data) ciphers
+
+#
+# Hashes, digests, and MACs
+#
+# CONFIG_CRYPTO_BLAKE2B is not set
+# CONFIG_CRYPTO_CMAC is not set
+# CONFIG_CRYPTO_GHASH is not set
+CONFIG_CRYPTO_HMAC=y
+# CONFIG_CRYPTO_MD4 is not set
+CONFIG_CRYPTO_MD5=y
+# CONFIG_CRYPTO_MICHAEL_MIC is not set
+# CONFIG_CRYPTO_POLY1305 is not set
+# CONFIG_CRYPTO_RMD160 is not set
+CONFIG_CRYPTO_SHA1=y
+CONFIG_CRYPTO_SHA256=y
+CONFIG_CRYPTO_SHA512=y
+# CONFIG_CRYPTO_SHA3 is not set
+# CONFIG_CRYPTO_SM3_GENERIC is not set
+# CONFIG_CRYPTO_STREEBOG is not set
+# CONFIG_CRYPTO_VMAC is not set
+# CONFIG_CRYPTO_WP512 is not set
+# CONFIG_CRYPTO_XCBC is not set
+# CONFIG_CRYPTO_XXHASH is not set
+# end of Hashes, digests, and MACs
+
+#
+# CRCs (cyclic redundancy checks)
+#
+CONFIG_CRYPTO_CRC32C=y
+# CONFIG_CRYPTO_CRC32 is not set
+# CONFIG_CRYPTO_CRCT10DIF is not set
+# end of CRCs (cyclic redundancy checks)
+
+#
+# Compression
+#
+# CONFIG_CRYPTO_DEFLATE is not set
+# CONFIG_CRYPTO_LZO is not set
+# CONFIG_CRYPTO_842 is not set
+# CONFIG_CRYPTO_LZ4 is not set
+# CONFIG_CRYPTO_LZ4HC is not set
+# CONFIG_CRYPTO_ZSTD is not set
+# end of Compression
+
+#
+# Random number generation
+#
+# CONFIG_CRYPTO_ANSI_CPRNG is not set
+# CONFIG_CRYPTO_DRBG_MENU is not set
+# CONFIG_CRYPTO_JITTERENTROPY is not set
+# end of Random number generation
+
+#
+# Userspace interface
+#
+CONFIG_CRYPTO_USER_API=y
+CONFIG_CRYPTO_USER_API_HASH=y
+CONFIG_CRYPTO_USER_API_SKCIPHER=y
+CONFIG_CRYPTO_USER_API_RNG=y
+CONFIG_CRYPTO_USER_API_AEAD=y
+# CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set
+# CONFIG_CRYPTO_STATS is not set
+# end of Userspace interface
+
+CONFIG_CRYPTO_HASH_INFO=y
+
+#
+# Accelerated Cryptographic Algorithms for CPU (x86)
+#
+# CONFIG_CRYPTO_CURVE25519_X86 is not set
+CONFIG_CRYPTO_AES_NI_INTEL=y
+# CONFIG_CRYPTO_BLOWFISH_X86_64 is not set
+# CONFIG_CRYPTO_CAMELLIA_X86_64 is not set
+# CONFIG_CRYPTO_CAMELLIA_AESNI_AVX_X86_64 is not set
+# CONFIG_CRYPTO_CAMELLIA_AESNI_AVX2_X86_64 is not set
+# CONFIG_CRYPTO_CAST5_AVX_X86_64 is not set
+# CONFIG_CRYPTO_CAST6_AVX_X86_64 is not set
+# CONFIG_CRYPTO_DES3_EDE_X86_64 is not set
+# CONFIG_CRYPTO_SERPENT_SSE2_X86_64 is not set
+# CONFIG_CRYPTO_SERPENT_AVX_X86_64 is not set
+# CONFIG_CRYPTO_SERPENT_AVX2_X86_64 is not set
+# CONFIG_CRYPTO_SM4_AESNI_AVX_X86_64 is not set
+# CONFIG_CRYPTO_SM4_AESNI_AVX2_X86_64 is not set
+# CONFIG_CRYPTO_TWOFISH_X86_64 is not set
+# CONFIG_CRYPTO_TWOFISH_X86_64_3WAY is not set
+# CONFIG_CRYPTO_TWOFISH_AVX_X86_64 is not set
+# CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64 is not set
+# CONFIG_CRYPTO_CHACHA20_X86_64 is not set
+# CONFIG_CRYPTO_AEGIS128_AESNI_SSE2 is not set
+# CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set
+# CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set
+# CONFIG_CRYPTO_BLAKE2S_X86 is not set
+# CONFIG_CRYPTO_POLYVAL_CLMUL_NI is not set
+# CONFIG_CRYPTO_POLY1305_X86_64 is not set
+CONFIG_CRYPTO_SHA1_SSSE3=y
+CONFIG_CRYPTO_SHA256_SSSE3=y
+CONFIG_CRYPTO_SHA512_SSSE3=y
+# CONFIG_CRYPTO_SM3_AVX_X86_64 is not set
+# CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL is not set
+CONFIG_CRYPTO_CRC32C_INTEL=y
+# CONFIG_CRYPTO_CRC32_PCLMUL is not set
+# end of Accelerated Cryptographic Algorithms for CPU (x86)
+
+# CONFIG_CRYPTO_HW is not set
+
+#
+# Certificates for signature checking
+#
+# end of Certificates for signature checking
+
+#
+# Library routines
+#
+# CONFIG_PACKING is not set
+CONFIG_BITREVERSE=y
+CONFIG_GENERIC_STRNCPY_FROM_USER=y
+CONFIG_GENERIC_STRNLEN_USER=y
+CONFIG_GENERIC_NET_UTILS=y
+# CONFIG_CORDIC is not set
+# CONFIG_PRIME_NUMBERS is not set
+CONFIG_RATIONAL=y
+CONFIG_GENERIC_PCI_IOMAP=y
+CONFIG_GENERIC_IOMAP=y
+CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
+CONFIG_ARCH_HAS_FAST_MULTIPLIER=y
+CONFIG_ARCH_USE_SYM_ANNOTATIONS=y
+
+#
+# Crypto library routines
+#
+CONFIG_CRYPTO_LIB_UTILS=y
+CONFIG_CRYPTO_LIB_AES=y
+CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y
+# CONFIG_CRYPTO_LIB_CHACHA is not set
+# CONFIG_CRYPTO_LIB_CURVE25519 is not set
+CONFIG_CRYPTO_LIB_POLY1305_RSIZE=11
+# CONFIG_CRYPTO_LIB_POLY1305 is not set
+# CONFIG_CRYPTO_LIB_CHACHA20POLY1305 is not set
+CONFIG_CRYPTO_LIB_SHA1=y
+CONFIG_CRYPTO_LIB_SHA256=y
+# end of Crypto library routines
+
+# CONFIG_CRC_CCITT is not set
+CONFIG_CRC16=y
+# CONFIG_CRC_T10DIF is not set
+# CONFIG_CRC64_ROCKSOFT is not set
+# CONFIG_CRC_ITU_T is not set
+CONFIG_CRC32=y
+# CONFIG_CRC32_SELFTEST is not set
+CONFIG_CRC32_SLICEBY8=y
+# CONFIG_CRC32_SLICEBY4 is not set
+# CONFIG_CRC32_SARWATE is not set
+# CONFIG_CRC32_BIT is not set
+# CONFIG_CRC64 is not set
+# CONFIG_CRC4 is not set
+# CONFIG_CRC7 is not set
+CONFIG_LIBCRC32C=y
+# CONFIG_CRC8 is not set
+# CONFIG_RANDOM32_SELFTEST is not set
+CONFIG_XZ_DEC=y
+CONFIG_XZ_DEC_X86=y
+# CONFIG_XZ_DEC_POWERPC is not set
+# CONFIG_XZ_DEC_IA64 is not set
+# CONFIG_XZ_DEC_ARM is not set
+# CONFIG_XZ_DEC_ARMTHUMB is not set
+# CONFIG_XZ_DEC_SPARC is not set
+# CONFIG_XZ_DEC_MICROLZMA is not set
+CONFIG_XZ_DEC_BCJ=y
+# CONFIG_XZ_DEC_TEST is not set
+CONFIG_DECOMPRESS_XZ=y
+CONFIG_GENERIC_ALLOCATOR=y
+CONFIG_REED_SOLOMON=y
+CONFIG_REED_SOLOMON_DEC8=y
+CONFIG_INTERVAL_TREE=y
+CONFIG_HAS_IOMEM=y
+CONFIG_HAS_IOPORT_MAP=y
+CONFIG_HAS_DMA=y
+CONFIG_DMA_OPS=y
+CONFIG_NEED_SG_DMA_LENGTH=y
+CONFIG_NEED_DMA_MAP_STATE=y
+CONFIG_ARCH_DMA_ADDR_T_64BIT=y
+CONFIG_SWIOTLB=y
+# CONFIG_DMA_API_DEBUG is not set
+CONFIG_SGL_ALLOC=y
+# CONFIG_FORCE_NR_CPUS is not set
+CONFIG_CPU_RMAP=y
+CONFIG_DQL=y
+CONFIG_GLOB=y
+# CONFIG_GLOB_SELFTEST is not set
+CONFIG_NLATTR=y
+# CONFIG_IRQ_POLL is not set
+CONFIG_UCS2_STRING=y
+CONFIG_HAVE_GENERIC_VDSO=y
+CONFIG_GENERIC_GETTIMEOFDAY=y
+CONFIG_GENERIC_VDSO_TIME_NS=y
+CONFIG_FONT_SUPPORT=y
+# CONFIG_FONTS is not set
+CONFIG_FONT_8x8=y
+CONFIG_FONT_8x16=y
+CONFIG_SG_POOL=y
+CONFIG_ARCH_HAS_PMEM_API=y
+CONFIG_MEMREGION=y
+CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y
+CONFIG_ARCH_HAS_COPY_MC=y
+CONFIG_ARCH_STACKWALK=y
+CONFIG_SBITMAP=y
+# end of Library routines
+
+#
+# Kernel hacking
+#
+
+#
+# printk and dmesg options
+#
+CONFIG_PRINTK_TIME=y
+# CONFIG_PRINTK_CALLER is not set
+# CONFIG_STACKTRACE_BUILD_ID is not set
+CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7
+CONFIG_CONSOLE_LOGLEVEL_QUIET=4
+CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4
+CONFIG_BOOT_PRINTK_DELAY=y
+# CONFIG_DYNAMIC_DEBUG is not set
+# CONFIG_DYNAMIC_DEBUG_CORE is not set
+CONFIG_SYMBOLIC_ERRNAME=y
+# CONFIG_DEBUG_BUGVERBOSE is not set
+# end of printk and dmesg options
+
+CONFIG_DEBUG_KERNEL=y
+# CONFIG_DEBUG_MISC is not set
+
+#
+# Compile-time checks and compiler options
+#
+CONFIG_AS_HAS_NON_CONST_LEB128=y
+CONFIG_DEBUG_INFO_NONE=y
+# CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is not set
+# CONFIG_DEBUG_INFO_DWARF4 is not set
+# CONFIG_DEBUG_INFO_DWARF5 is not set
+CONFIG_FRAME_WARN=1024
+# CONFIG_STRIP_ASM_SYMS is not set
+# CONFIG_READABLE_ASM is not set
+# CONFIG_HEADERS_INSTALL is not set
+# CONFIG_DEBUG_SECTION_MISMATCH is not set
+CONFIG_SECTION_MISMATCH_WARN_ONLY=y
+# CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B is not set
+CONFIG_OBJTOOL=y
+# CONFIG_VMLINUX_MAP is not set
+# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
+# end of Compile-time checks and compiler options
+
+#
+# Generic Kernel Debugging Instruments
+#
+CONFIG_MAGIC_SYSRQ=y
+CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1
+CONFIG_MAGIC_SYSRQ_SERIAL=y
+CONFIG_MAGIC_SYSRQ_SERIAL_SEQUENCE=""
+# CONFIG_DEBUG_FS is not set
+CONFIG_HAVE_ARCH_KGDB=y
+# CONFIG_KGDB is not set
+CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
+# CONFIG_UBSAN is not set
+CONFIG_HAVE_ARCH_KCSAN=y
+# end of Generic Kernel Debugging Instruments
+
+#
+# Networking Debugging
+#
+# CONFIG_NET_DEV_REFCNT_TRACKER is not set
+# CONFIG_NET_NS_REFCNT_TRACKER is not set
+# CONFIG_DEBUG_NET is not set
+# end of Networking Debugging
+
+#
+# Memory Debugging
+#
+# CONFIG_PAGE_EXTENSION is not set
+# CONFIG_DEBUG_PAGEALLOC is not set
+# CONFIG_SLUB_DEBUG is not set
+# CONFIG_PAGE_OWNER is not set
+# CONFIG_PAGE_TABLE_CHECK is not set
+# CONFIG_PAGE_POISONING is not set
+# CONFIG_DEBUG_RODATA_TEST is not set
+CONFIG_ARCH_HAS_DEBUG_WX=y
+# CONFIG_DEBUG_WX is not set
+CONFIG_GENERIC_PTDUMP=y
+# CONFIG_DEBUG_OBJECTS is not set
+CONFIG_HAVE_DEBUG_KMEMLEAK=y
+# CONFIG_DEBUG_KMEMLEAK is not set
+# CONFIG_DEBUG_STACK_USAGE is not set
+# CONFIG_SCHED_STACK_END_CHECK is not set
+CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y
+# CONFIG_DEBUG_VM is not set
+# CONFIG_DEBUG_VM_PGTABLE is not set
+CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y
+# CONFIG_DEBUG_VIRTUAL is not set
+# CONFIG_DEBUG_MEMORY_INIT is not set
+# CONFIG_DEBUG_PER_CPU_MAPS is not set
+CONFIG_ARCH_SUPPORTS_KMAP_LOCAL_FORCE_MAP=y
+# CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP is not set
+CONFIG_HAVE_ARCH_KASAN=y
+CONFIG_HAVE_ARCH_KASAN_VMALLOC=y
+CONFIG_CC_HAS_KASAN_GENERIC=y
+CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y
+# CONFIG_KASAN is not set
+CONFIG_HAVE_ARCH_KFENCE=y
+# CONFIG_KFENCE is not set
+CONFIG_HAVE_ARCH_KMSAN=y
+# end of Memory Debugging
+
+# CONFIG_DEBUG_SHIRQ is not set
+
+#
+# Debug Oops, Lockups and Hangs
+#
+# CONFIG_PANIC_ON_OOPS is not set
+CONFIG_PANIC_ON_OOPS_VALUE=0
+CONFIG_PANIC_TIMEOUT=0
+CONFIG_LOCKUP_DETECTOR=y
+CONFIG_SOFTLOCKUP_DETECTOR=y
+# CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
+CONFIG_HARDLOCKUP_DETECTOR_PERF=y
+CONFIG_HARDLOCKUP_CHECK_TIMESTAMP=y
+CONFIG_HARDLOCKUP_DETECTOR=y
+# CONFIG_BOOTPARAM_HARDLOCKUP_PANIC is not set
+CONFIG_DETECT_HUNG_TASK=y
+CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120
+# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
+CONFIG_WQ_WATCHDOG=y
+# CONFIG_TEST_LOCKUP is not set
+# end of Debug Oops, Lockups and Hangs
+
+#
+# Scheduler Debugging
+#
+# CONFIG_SCHED_DEBUG is not set
+# CONFIG_SCHEDSTATS is not set
+# end of Scheduler Debugging
+
+# CONFIG_DEBUG_TIMEKEEPING is not set
+
+#
+# Lock Debugging (spinlocks, mutexes, etc...)
+#
+CONFIG_LOCK_DEBUGGING_SUPPORT=y
+# CONFIG_PROVE_LOCKING is not set
+# CONFIG_LOCK_STAT is not set
+# CONFIG_DEBUG_RT_MUTEXES is not set
+# CONFIG_DEBUG_SPINLOCK is not set
+# CONFIG_DEBUG_MUTEXES is not set
+# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
+# CONFIG_DEBUG_RWSEMS is not set
+# CONFIG_DEBUG_LOCK_ALLOC is not set
+# CONFIG_DEBUG_ATOMIC_SLEEP is not set
+# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
+# CONFIG_LOCK_TORTURE_TEST is not set
+# CONFIG_WW_MUTEX_SELFTEST is not set
+# CONFIG_SCF_TORTURE_TEST is not set
+# CONFIG_CSD_LOCK_WAIT_DEBUG is not set
+# end of Lock Debugging (spinlocks, mutexes, etc...)
+
+# CONFIG_DEBUG_IRQFLAGS is not set
+# CONFIG_STACKTRACE is not set
+# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set
+# CONFIG_DEBUG_KOBJECT is not set
+
+#
+# Debug kernel data structures
+#
+# CONFIG_DEBUG_LIST is not set
+# CONFIG_DEBUG_PLIST is not set
+# CONFIG_DEBUG_SG is not set
+# CONFIG_DEBUG_NOTIFIERS is not set
+# CONFIG_BUG_ON_DATA_CORRUPTION is not set
+# CONFIG_DEBUG_MAPLE_TREE is not set
+# end of Debug kernel data structures
+
+# CONFIG_DEBUG_CREDENTIALS is not set
+
+#
+# RCU Debugging
+#
+# CONFIG_RCU_SCALE_TEST is not set
+# CONFIG_RCU_TORTURE_TEST is not set
+# CONFIG_RCU_REF_SCALE_TEST is not set
+CONFIG_RCU_CPU_STALL_TIMEOUT=21
+CONFIG_RCU_EXP_CPU_STALL_TIMEOUT=0
+# CONFIG_RCU_TRACE is not set
+# CONFIG_RCU_EQS_DEBUG is not set
+# end of RCU Debugging
+
+# CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set
+# CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set
+# CONFIG_LATENCYTOP is not set
+CONFIG_USER_STACKTRACE_SUPPORT=y
+CONFIG_HAVE_RETHOOK=y
+CONFIG_HAVE_FUNCTION_TRACER=y
+CONFIG_HAVE_DYNAMIC_FTRACE=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS=y
+CONFIG_HAVE_DYNAMIC_FTRACE_NO_PATCHABLE=y
+CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
+CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
+CONFIG_HAVE_FENTRY=y
+CONFIG_HAVE_OBJTOOL_MCOUNT=y
+CONFIG_HAVE_C_RECORDMCOUNT=y
+CONFIG_HAVE_BUILDTIME_MCOUNT_SORT=y
+CONFIG_TRACING_SUPPORT=y
+# CONFIG_FTRACE is not set
+# CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set
+# CONFIG_SAMPLES is not set
+CONFIG_HAVE_SAMPLE_FTRACE_DIRECT=y
+CONFIG_HAVE_SAMPLE_FTRACE_DIRECT_MULTI=y
+CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
+# CONFIG_STRICT_DEVMEM is not set
+
+#
+# x86 Debugging
+#
+# CONFIG_X86_VERBOSE_BOOTUP is not set
+CONFIG_EARLY_PRINTK=y
+# CONFIG_EARLY_PRINTK_DBGP is not set
+# CONFIG_EARLY_PRINTK_USB_XDBC is not set
+# CONFIG_EFI_PGT_DUMP is not set
+# CONFIG_DEBUG_TLBFLUSH is not set
+CONFIG_HAVE_MMIOTRACE_SUPPORT=y
+# CONFIG_X86_DECODER_SELFTEST is not set
+# CONFIG_IO_DELAY_0X80 is not set
+CONFIG_IO_DELAY_0XED=y
+# CONFIG_IO_DELAY_UDELAY is not set
+# CONFIG_IO_DELAY_NONE is not set
+# CONFIG_CPA_DEBUG is not set
+# CONFIG_DEBUG_ENTRY is not set
+# CONFIG_DEBUG_NMI_SELFTEST is not set
+# CONFIG_X86_DEBUG_FPU is not set
+# CONFIG_PUNIT_ATOM_DEBUG is not set
+CONFIG_UNWINDER_ORC=y
+# CONFIG_UNWINDER_FRAME_POINTER is not set
+# CONFIG_UNWINDER_GUESS is not set
+# end of x86 Debugging
+
+#
+# Kernel Testing and Coverage
+#
+# CONFIG_KUNIT is not set
+# CONFIG_NOTIFIER_ERROR_INJECTION is not set
+# CONFIG_FAULT_INJECTION is not set
+CONFIG_ARCH_HAS_KCOV=y
+CONFIG_CC_HAS_SANCOV_TRACE_PC=y
+# CONFIG_KCOV is not set
+# CONFIG_RUNTIME_TESTING_MENU is not set
+CONFIG_ARCH_USE_MEMTEST=y
+# CONFIG_MEMTEST is not set
+# end of Kernel Testing and Coverage
+
+#
+# Rust hacking
+#
+# end of Rust hacking
+# end of Kernel hacking

From 94bbbbf0eb733bda56bd65580a0516f276161fdd Mon Sep 17 00:00:00 2001
From: notgivenby <notgivenby@gmail.com>
Date: Fri, 8 May 2026 13:41:08 -0400
Subject: [PATCH 13/14] add m900 hotp and maximized into circle ci

Signed-off-by: notgivenby <notgivenby@gmail.com>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 .circleci/config.yml                  | 9 ++-------
 blobs/m900/README.md                  | 2 +-
 config/coreboot-m900-maximized.config | 2 +-
 3 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 801498e58..0ff4569bc 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -535,10 +535,6 @@ workflows:
 
       # ── coreboot 25.09 boards (alphabetical) ───────────────────────────────
       - build:
-<<<<<<< HEAD
-          name: EOL_optiplex-7010_9010-hotp-maximized
-          target: EOL_optiplex-7010_9010-hotp-maximized
-=======
           name: EOL_m900_tower-hotp-maximized
           target: EOL_m900_tower-hotp-maximized
           subcommand: ""
@@ -553,9 +549,8 @@ workflows:
             - EOL_t480-hotp-maximized
 
       - build:
-          name: EOL_x220-hotp-maximized
-          target: EOL_x220-hotp-maximized
->>>>>>> 42015cef (add m900_tower board)
+          name: EOL_optiplex-7010_9010-hotp-maximized
+          target: EOL_optiplex-7010_9010-hotp-maximized
           subcommand: ""
           requires:
             - EOL_t480-hotp-maximized
diff --git a/blobs/m900/README.md b/blobs/m900/README.md
index aa4339f7d..6ad7fcc60 100644
--- a/blobs/m900/README.md
+++ b/blobs/m900/README.md
@@ -29,7 +29,7 @@ As specified in the first link, this ME can be deployed to:
 
 Both blobs were taken from my donor board.
 
-The GBE MAC address was forged to: `00:DE:AD:C0:FF:EE`
+The GBE MAC address was forged to: `00:DE:AD:C0:FF:EE`. Unfourtunatly, after disabling the ME the onboard ethernet stop working. This was tested on coreboot and is true for heads too. So, PCI ethernet or usb/ethernet adapter is needed. 
 IFD blob was unlocked using iftool. Moreover, to be sure, the HAP bit was set by altmedisable. 
 The IFD layot was changed: the bios region was expanded to take space after reducing the me blob. 
 
diff --git a/config/coreboot-m900-maximized.config b/config/coreboot-m900-maximized.config
index d63bd6c35..fb09158ab 100644
--- a/config/coreboot-m900-maximized.config
+++ b/config/coreboot-m900-maximized.config
@@ -171,7 +171,7 @@ CONFIG_DCACHE_BSP_STACK_SIZE=0x4000
 CONFIG_MAX_ACPI_TABLE_SIZE_KB=144
 CONFIG_HAVE_INTEL_FIRMWARE=y
 CONFIG_MRC_SETTINGS_CACHE_SIZE=0x10000
-# CONFIG_DRIVERS_INTEL_WIFI is not set
+CONFIG_DRIVERS_INTEL_WIFI=y
 CONFIG_IFD_BIN_PATH="@BLOB_DIR@/m900/m900_tower_ifd.bin"
 CONFIG_ME_BIN_PATH="@BLOB_DIR@/m900/m900_me.bin"
 CONFIG_GBE_BIN_PATH="@BLOB_DIR@/m900/m900_tower_gbe.bin"

From 6919d44e0dd2759a5a479e78c7b58ff58a7198a6 Mon Sep 17 00:00:00 2001
From: Thierry Laurion <insurgo@riseup.net>
Date: Thu, 14 May 2026 15:50:53 -0400
Subject: [PATCH 14/14] =?UTF-8?q?EOL=5Fm900=5Ftower-*:=20fix=20review=20co?=
 =?UTF-8?q?mments=20=E2=80=94=20typos,=20blob=20names,=20board=20name?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- blobs/m900/README.md: fix blob filenames, spelling (paritally->partially,
  Unfourtunatly->Unfortunately, layot->layout)
- blobs/m900/m900_download_clean_deguard_me.sh: fix Dell->ASRock comment
- boards/EOL_m900_tower-*: fix m900_tiny->m900_tower, fix ME script path,
  add 'tower' to CONFIG_BOARD_NAME
- targets/m900_me_blobs.mk: rewrite header with accurate instructions

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 blobs/m900/.gitignore                         |  2 +-
 blobs/m900/README.md                          | 21 +++++++++----------
 blobs/m900/m900_download_clean_deguard_me.sh  | 11 ++++++++--
 .../EOL_m900_tower-hotp-maximized.config      |  6 +++---
 .../EOL_m900_tower-maximized.config           |  6 +++---
 targets/m900_me_blobs.mk                      | 15 ++++++++-----
 6 files changed, 36 insertions(+), 25 deletions(-)

diff --git a/blobs/m900/.gitignore b/blobs/m900/.gitignore
index b5f076e22..90178e05a 100644
--- a/blobs/m900/.gitignore
+++ b/blobs/m900/.gitignore
@@ -1,3 +1,3 @@
-me.bin
 m900_me.bin
+me_cleaned.bin
 
diff --git a/blobs/m900/README.md b/blobs/m900/README.md
index 6ad7fcc60..fe1cbfce9 100644
--- a/blobs/m900/README.md
+++ b/blobs/m900/README.md
@@ -2,13 +2,13 @@
 
 The following blobs are needed:
 
-* `ifd.bin`
-* `gbe.bin`
-* `me.bin`
+* `m900_tower_ifd.bin`
+* `m900_tower_gbe.bin`
+* `m900_me.bin`
 
-## me.bin: automatically extract, deactivate, partially neuter and deguard
+## m900_me.bin: automatically extract, deactivate, partially neuter and deguard
 
-download_clean_deguard_me.sh : Download vulnerable ME from ASRock, verify checksum, extract ME, deactivate ME and paritally neuter it, then apply the deguard patch and place it into me.bin.
+`m900_download_clean_deguard_me.sh`: Download vulnerable ME from ASRock, verify checksum, extract ME, deactivate ME and partially neuter it, then apply the deguard patch and place it into m900_me.bin.
 For the technical details please read the documentation in the script itself, as removing modules is limited on the platform.
 
 The ME blob dumped in this directory comes from the following link: https://download.asrock.com/BIOS/1151/H110M-DGS(7.30)ROM.zip
@@ -27,11 +27,11 @@ As specified in the first link, this ME can be deployed to:
 
 ## ifd.bin and gbe.bin
 
-Both blobs were taken from my donor board.
+Both blobs are from a production unit of this platform.
 
-The GBE MAC address was forged to: `00:DE:AD:C0:FF:EE`. Unfourtunatly, after disabling the ME the onboard ethernet stop working. This was tested on coreboot and is true for heads too. So, PCI ethernet or usb/ethernet adapter is needed. 
-IFD blob was unlocked using iftool. Moreover, to be sure, the HAP bit was set by altmedisable. 
-The IFD layot was changed: the bios region was expanded to take space after reducing the me blob. 
+The GBE MAC address was forged to: `00:DE:AD:C0:FF:EE`. Unfortunately, after disabling the ME the onboard ethernet stops working. This was tested on coreboot and is true for heads too. So, PCI ethernet or usb/ethernet adapter is needed. 
+IFD blob was unlocked using ifdtool. Moreover, to be sure, the HAP bit was set by altmedisable. 
+The IFD layout was changed: the bios region was expanded to take space after reducing the me blob. 
 
 ## Integrity
 
@@ -47,8 +47,7 @@ Sha256sums: `blobs/m900/hashes.txt`
 
 # Documentation
 
-A guide on how to flash this board (both the Heads rom) can be found here:
-https://osresearch.net/m900_tower-maximized-flashing/ #TODO
+A guide on how to flash this board can be found at https://osresearch.net/m900_tower-maximized-flashing/ (pending: the page needs to be created).
 
 The upstream port for the board can be found here: https://review.coreboot.org/c/coreboot/+/74187
 
diff --git a/blobs/m900/m900_download_clean_deguard_me.sh b/blobs/m900/m900_download_clean_deguard_me.sh
index a1f679d76..b95faf113 100755
--- a/blobs/m900/m900_download_clean_deguard_me.sh
+++ b/blobs/m900/m900_download_clean_deguard_me.sh
@@ -39,6 +39,7 @@ function chk_exists_and_matches() {
 		if echo "${2} ${1}" | sha256sum --check; then
 			echo "SKIPPING: SHA256 checksum for $1 matches."
 			[[ "$3" = ME ]] && me_exists="y"
+			return 0
 		fi
 		echo "$1 exists but checksum doesn't match. Continuing..."
 	fi
@@ -48,7 +49,7 @@ function download_and_clean() {
 	me_cleaner="$(realpath "${1}")"
 	me_output="$(realpath "${2}")"
 
-	# Download and unpack the Dell installer into a temporary directory and
+	# Download and unpack the ASRock BIOS zip (compatible ME for this Lenovo platform) and
 	# extract the deguardable Intel ME blob.
 	pushd "$(mktemp -d)" || exit
 
@@ -116,8 +117,14 @@ function parse_params() {
 	while getopts ":m:" opt; do
 		case $opt in
 		m)
-			if [[ -x "$OPTARG" ]]; then
+			if [[ -f "$OPTARG" ]] && [[ ! -x "$OPTARG" ]]; then
+				# me_cleaner is a Python script — passed to python interpreter,
+				# not executed directly.  Only require readability, not +x.
 				me_cleaner="$OPTARG"
+			elif [[ -x "$OPTARG" ]]; then
+				me_cleaner="$OPTARG"
+			else
+				usage_err "-m path '$OPTARG' does not exist or is not readable"
 			fi
 			;;
 		?)
diff --git a/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config b/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config
index faf4b824f..cfc9d52b4 100644
--- a/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config
+++ b/boards/EOL_m900_tower-hotp-maximized/EOL_m900_tower-hotp-maximized.config
@@ -1,5 +1,5 @@
 # WARNING: This system remains perpetually vulnerable to Spectre v2 (CVE-2017-5715). Mitigations and microcode updates previously applied are now known to be ineffective due to QSB-107 and related CVEs. If Spectre v2 is a concern in your threat model, consider migrating to a platform with ongoing microcode support. Proper OPSEC for Memory Use MUST be followed:https://www.anarsec.guide/posts/qubes/#appendix-opsec-for-memory-use
-# Configuration for a m900_tiny running Qubes 4.3 and other Linux Based OSes (through kexec)
+# Configuration for a m900_tower running Qubes 4.3 and other Linux Based OSes (through kexec)
 # CAVEATS:
 # This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
 # This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
@@ -8,7 +8,7 @@
 # Make sure you understand the implications of the attack for your threat model before using this board.
 # Includes
 # - Deactivated+partially neutered+deguarded ME and expanded consequent IFD BIOS regions
-# - More details can be found in the script under blobs/m900_tiny/m900_tiny_download_clean_deguard_me.sh
+# - More details can be found in the script under blobs/m900/m900_download_clean_deguard_me.sh
 # - Forged GBE MAC address to 00:DE:AD:C0:FF:EE
 # - Includes Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
 
@@ -81,7 +81,7 @@ export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
 export CONFIG_BOOT_KERNEL_ADD=""
 export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
-export CONFIG_BOARD_NAME="Thinkcentre m900-hotp-maximized"
+export CONFIG_BOARD_NAME="Thinkcentre m900_tower-hotp-maximized"
 export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
 
 BOARD_TARGETS := m900_me_blobs
diff --git a/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config b/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config
index 74f59400f..68f77588f 100644
--- a/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config
+++ b/boards/EOL_m900_tower-maximized/EOL_m900_tower-maximized.config
@@ -1,5 +1,5 @@
 # WARNING: This system remains perpetually vulnerable to Spectre v2 (CVE-2017-5715). Mitigations and microcode updates previously applied are now known to be ineffective due to QSB-107 and related CVEs. If Spectre v2 is a concern in your threat model, consider migrating to a platform with ongoing microcode support. Proper OPSEC for Memory Use MUST be followed:https://www.anarsec.guide/posts/qubes/#appendix-opsec-for-memory-use
-# Configuration for a m900_tiny running Qubes 4.3 and other Linux Based OSes (through kexec)
+# Configuration for a m900_tower running Qubes 4.3 and other Linux Based OSes (through kexec)
 # CAVEATS:
 # This board is vulnerable to a TPM reset attack, i.e. the PCRs are reset while the system is running.
 # This attack can be used to bypass measured boot when an attacker succeeds at modifying the SPI flash.
@@ -8,7 +8,7 @@
 # Make sure you understand the implications of the attack for your threat model before using this board.
 # Includes
 # - Deactivated+partially neutered+deguarded ME and expanded consequent IFD BIOS regions
-# - More details can be found in the script under blobs/m900_tiny/m900_tiny_download_clean_deguard_me.sh
+# - More details can be found in the script under blobs/m900/m900_download_clean_deguard_me.sh
 # - Forged GBE MAC address to 00:DE:AD:C0:FF:EE
 # - DOES NOT INCLUDE Nitrokey/Librem Key HOTP Security dongle remote attestation (in addition to TOTP remote attestation through Qr Code)
 
@@ -79,7 +79,7 @@ export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
 export CONFIG_BOOT_KERNEL_ADD=""
 export CONFIG_BOOT_KERNEL_REMOVE="intel_iommu=on intel_iommu=igfx_off"
-export CONFIG_BOARD_NAME="Thinkcentre m900-maximized"
+export CONFIG_BOARD_NAME="Thinkcentre m900_tower-maximized"
 export CONFIG_FLASH_OPTIONS="flashprog --progress --programmer internal"
 
 BOARD_TARGETS := m900_me_blobs
diff --git a/targets/m900_me_blobs.mk b/targets/m900_me_blobs.mk
index fc1d6c584..c207b42d2 100644
--- a/targets/m900_me_blobs.mk
+++ b/targets/m900_me_blobs.mk
@@ -1,9 +1,14 @@
 # Targets for downloading m900 ME blob, neutering it down to BUP+ROMP region and deactivating ME.
-
-# m900-*-maximized boards require of you initially call one of the
-#  following to have gbe.bin ifd.bin and me.bin
-#  - blobs/m900/download_clean_me.sh
-#     To download Lenovo original ME binary, neuter+deactivate ME
+#
+# m900-*-maximized boards require you to initially call:
+#  make blobs/m900/m900_me.bin
+# which runs blobs/m900/m900_download_clean_deguard_me.sh to:
+#  1. Download the ASRock H110M-DGS BIOS zip containing ME 11.6.0.1126
+#  2. Extract, partially neuter and deguard the ME firmware
+#  3. Place the result into blobs/m900/m900_me.bin
+#
+# The IFD (m900_tower_ifd.bin) and GBE (m900_tower_gbe.bin) blobs are
+# taken from a donor board and committed to the repo directly.
 
 # Make the Coreboot build depend on the following 3rd party blobs:
 $(build)/coreboot-$(CONFIG_COREBOOT_VERSION)/$(BOARD)/.build: \