194 lines
6.8 KiB
Plaintext
194 lines
6.8 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
#
|
|
# TPM device configuration
|
|
#
|
|
|
|
menuconfig TCG_TPM
|
|
tristate "TPM Hardware Support"
|
|
depends on HAS_IOMEM
|
|
imply SECURITYFS
|
|
select CRYPTO
|
|
select CRYPTO_HASH_INFO
|
|
help
|
|
If you have a TPM security chip in your system, which
|
|
implements the Trusted Computing Group's specification,
|
|
say Yes and it will be accessible from within Linux. For
|
|
more information see <http://www.trustedcomputinggroup.org>.
|
|
An implementation of the Trusted Software Stack (TSS), the
|
|
userspace enablement piece of the specification, can be
|
|
obtained at: <http://sourceforge.net/projects/trousers>. To
|
|
compile this driver as a module, choose M here; the module
|
|
will be called tpm. If unsure, say N.
|
|
Notes:
|
|
1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
|
|
and CONFIG_PNPACPI.
|
|
2) Without ACPI enabled, the BIOS event log won't be accessible,
|
|
which is required to validate the PCR 0-7 values.
|
|
|
|
if TCG_TPM
|
|
|
|
config HW_RANDOM_TPM
|
|
bool "TPM HW Random Number Generator support"
|
|
depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
|
|
default y
|
|
help
|
|
This setting exposes the TPM's Random Number Generator as a hwrng
|
|
device. This allows the kernel to collect randomness from the TPM at
|
|
boot, and provides the TPM randomines in /dev/hwrng.
|
|
|
|
If unsure, say Y.
|
|
|
|
config TCG_TIS_CORE
|
|
tristate
|
|
help
|
|
TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
|
|
into the TPM kernel APIs. Physical layers will register against it.
|
|
|
|
config TCG_TIS
|
|
tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
|
|
depends on X86 || OF
|
|
select TCG_TIS_CORE
|
|
help
|
|
If you have a TPM security chip that is compliant with the
|
|
TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
|
|
specification (TPM2.0) say Yes and it will be accessible from
|
|
within Linux. To compile this driver as a module, choose M here;
|
|
the module will be called tpm_tis.
|
|
|
|
config TCG_TIS_SPI
|
|
tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
|
|
depends on SPI
|
|
select TCG_TIS_CORE
|
|
help
|
|
If you have a TPM security chip which is connected to a regular,
|
|
non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
|
|
TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
|
|
specification (TPM2.0) say Yes and it will be accessible from
|
|
within Linux. To compile this driver as a module, choose M here;
|
|
the module will be called tpm_tis_spi.
|
|
|
|
config TCG_TIS_SPI_CR50
|
|
bool "Cr50 SPI Interface"
|
|
depends on TCG_TIS_SPI
|
|
help
|
|
If you have a H1 secure module running Cr50 firmware on SPI bus,
|
|
say Yes and it will be accessible from within Linux.
|
|
|
|
config TCG_TIS_SYNQUACER
|
|
tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
|
|
depends on ARCH_SYNQUACER
|
|
select TCG_TIS_CORE
|
|
help
|
|
If you have a TPM security chip that is compliant with the
|
|
TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
|
|
specification (TPM2.0) say Yes and it will be accessible from
|
|
within Linux on Socionext SynQuacer platform.
|
|
To compile this driver as a module, choose M here;
|
|
the module will be called tpm_tis_synquacer.
|
|
|
|
config TCG_TIS_I2C_ATMEL
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
|
|
depends on I2C
|
|
help
|
|
If you have an Atmel I2C TPM security chip say Yes and it will be
|
|
accessible from within Linux.
|
|
To compile this driver as a module, choose M here; the module will
|
|
be called tpm_tis_i2c_atmel.
|
|
|
|
config TCG_TIS_I2C_INFINEON
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
|
|
depends on I2C
|
|
help
|
|
If you have a TPM security chip that is compliant with the
|
|
TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
|
|
Specification 0.20 say Yes and it will be accessible from within
|
|
Linux.
|
|
To compile this driver as a module, choose M here; the module
|
|
will be called tpm_i2c_infineon.
|
|
|
|
config TCG_TIS_I2C_NUVOTON
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
|
|
depends on I2C
|
|
help
|
|
If you have a TPM security chip with an I2C interface from
|
|
Nuvoton Technology Corp. say Yes and it will be accessible
|
|
from within Linux.
|
|
To compile this driver as a module, choose M here; the module
|
|
will be called tpm_i2c_nuvoton.
|
|
|
|
config TCG_NSC
|
|
tristate "National Semiconductor TPM Interface"
|
|
depends on X86
|
|
help
|
|
If you have a TPM security chip from National Semiconductor
|
|
say Yes and it will be accessible from within Linux. To
|
|
compile this driver as a module, choose M here; the module
|
|
will be called tpm_nsc.
|
|
|
|
config TCG_ATMEL
|
|
tristate "Atmel TPM Interface"
|
|
depends on PPC64 || HAS_IOPORT_MAP
|
|
help
|
|
If you have a TPM security chip from Atmel say Yes and it
|
|
will be accessible from within Linux. To compile this driver
|
|
as a module, choose M here; the module will be called tpm_atmel.
|
|
|
|
config TCG_INFINEON
|
|
tristate "Infineon Technologies TPM Interface"
|
|
depends on PNP
|
|
help
|
|
If you have a TPM security chip from Infineon Technologies
|
|
(either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
|
|
will be accessible from within Linux.
|
|
To compile this driver as a module, choose M here; the module
|
|
will be called tpm_infineon.
|
|
Further information on this driver and the supported hardware
|
|
can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
|
|
|
|
config TCG_IBMVTPM
|
|
tristate "IBM VTPM Interface"
|
|
depends on PPC_PSERIES
|
|
help
|
|
If you have IBM virtual TPM (VTPM) support say Yes and it
|
|
will be accessible from within Linux. To compile this driver
|
|
as a module, choose M here; the module will be called tpm_ibmvtpm.
|
|
|
|
config TCG_XEN
|
|
tristate "XEN TPM Interface"
|
|
depends on TCG_TPM && XEN
|
|
select XEN_XENBUS_FRONTEND
|
|
help
|
|
If you want to make TPM support available to a Xen user domain,
|
|
say Yes and it will be accessible from within Linux. See
|
|
the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
|
|
the Xen source repository for more details.
|
|
To compile this driver as a module, choose M here; the module
|
|
will be called xen-tpmfront.
|
|
|
|
config TCG_CRB
|
|
tristate "TPM 2.0 CRB Interface"
|
|
depends on ACPI
|
|
help
|
|
If you have a TPM security chip that is compliant with the
|
|
TCG CRB 2.0 TPM specification say Yes and it will be accessible
|
|
from within Linux. To compile this driver as a module, choose
|
|
M here; the module will be called tpm_crb.
|
|
|
|
config TCG_VTPM_PROXY
|
|
tristate "VTPM Proxy Interface"
|
|
depends on TCG_TPM
|
|
help
|
|
This driver proxies for an emulated TPM (vTPM) running in userspace.
|
|
A device /dev/vtpmx is provided that creates a device pair
|
|
/dev/vtpmX and a server-side file descriptor on which the vTPM
|
|
can receive commands.
|
|
|
|
config TCG_FTPM_TEE
|
|
tristate "TEE based fTPM Interface"
|
|
depends on TEE && OPTEE
|
|
help
|
|
This driver proxies for firmware TPM running in TEE.
|
|
|
|
source "drivers/char/tpm/st33zp24/Kconfig"
|
|
endif # TCG_TPM
|