2019-05-19 20:07:45 +08:00
|
|
|
# SPDX-License-Identifier: GPL-2.0-only
|
2005-04-17 06:20:36 +08:00
|
|
|
#
|
|
|
|
# TPM device configuration
|
|
|
|
#
|
|
|
|
|
2007-07-16 14:39:31 +08:00
|
|
|
menuconfig TCG_TPM
|
2005-04-17 06:20:36 +08:00
|
|
|
tristate "TPM Hardware Support"
|
2007-07-16 14:39:31 +08:00
|
|
|
depends on HAS_IOMEM
|
2018-09-04 03:51:51 +08:00
|
|
|
imply SECURITYFS
|
2017-03-01 05:12:55 +08:00
|
|
|
select CRYPTO
|
2017-01-30 17:59:41 +08:00
|
|
|
select CRYPTO_HASH_INFO
|
2005-04-17 06:20:36 +08:00
|
|
|
---help---
|
|
|
|
If you have a TPM security chip in your system, which
|
|
|
|
implements the Trusted Computing Group's specification,
|
|
|
|
say Yes and it will be accessible from within Linux. For
|
|
|
|
more information see <http://www.trustedcomputinggroup.org>.
|
|
|
|
An implementation of the Trusted Software Stack (TSS), the
|
|
|
|
userspace enablement piece of the specification, can be
|
|
|
|
obtained at: <http://sourceforge.net/projects/trousers>. To
|
|
|
|
compile this driver as a module, choose M here; the module
|
|
|
|
will be called tpm. If unsure, say N.
|
2010-05-14 04:37:54 +08:00
|
|
|
Notes:
|
|
|
|
1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
|
2010-05-07 07:19:29 +08:00
|
|
|
and CONFIG_PNPACPI.
|
2010-05-14 04:37:54 +08:00
|
|
|
2) Without ACPI enabled, the BIOS event log won't be accessible,
|
|
|
|
which is required to validate the PCR 0-7 values.
|
2005-04-17 06:20:36 +08:00
|
|
|
|
2007-07-16 14:39:31 +08:00
|
|
|
if TCG_TPM
|
|
|
|
|
2017-11-17 21:24:03 +08:00
|
|
|
config HW_RANDOM_TPM
|
|
|
|
bool "TPM HW Random Number Generator support"
|
|
|
|
depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
|
|
|
|
default y
|
|
|
|
---help---
|
|
|
|
This setting exposes the TPM's Random Number Generator as a hwrng
|
|
|
|
device. This allows the kernel to collect randomness from the TPM at
|
|
|
|
boot, and provides the TPM randomines in /dev/hwrng.
|
|
|
|
|
|
|
|
If unsure, say Y.
|
|
|
|
|
2016-05-19 06:35:52 +08:00
|
|
|
config TCG_TIS_CORE
|
|
|
|
tristate
|
|
|
|
---help---
|
|
|
|
TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
|
|
|
|
into the TPM kernel APIs. Physical layers will register against it.
|
|
|
|
|
2006-04-22 17:38:03 +08:00
|
|
|
config TCG_TIS
|
2015-03-15 07:54:43 +08:00
|
|
|
tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
|
2016-11-08 06:44:31 +08:00
|
|
|
depends on X86 || OF
|
2016-05-19 06:35:52 +08:00
|
|
|
select TCG_TIS_CORE
|
2006-04-22 17:38:03 +08:00
|
|
|
---help---
|
|
|
|
If you have a TPM security chip that is compliant with the
|
2015-03-15 07:54:43 +08:00
|
|
|
TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
|
|
|
|
specification (TPM2.0) say Yes and it will be accessible from
|
|
|
|
within Linux. To compile this driver as a module, choose M here;
|
|
|
|
the module will be called tpm_tis.
|
2006-04-22 17:38:03 +08:00
|
|
|
|
2016-05-19 06:35:53 +08:00
|
|
|
config TCG_TIS_SPI
|
|
|
|
tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
|
|
|
|
depends on SPI
|
|
|
|
select TCG_TIS_CORE
|
|
|
|
---help---
|
|
|
|
If you have a TPM security chip which is connected to a regular,
|
|
|
|
non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
|
|
|
|
TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
|
|
|
|
specification (TPM2.0) say Yes and it will be accessible from
|
|
|
|
within Linux. To compile this driver as a module, choose M here;
|
|
|
|
the module will be called tpm_tis_spi.
|
|
|
|
|
2019-09-21 02:32:38 +08:00
|
|
|
config TCG_TIS_SPI_CR50
|
|
|
|
bool "Cr50 SPI Interface"
|
|
|
|
depends on TCG_TIS_SPI
|
|
|
|
help
|
|
|
|
If you have a H1 secure module running Cr50 firmware on SPI bus,
|
|
|
|
say Yes and it will be accessible from within Linux.
|
|
|
|
|
2013-10-07 02:43:36 +08:00
|
|
|
config TCG_TIS_I2C_ATMEL
|
|
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
|
|
|
|
depends on I2C
|
|
|
|
---help---
|
|
|
|
If you have an Atmel I2C TPM security chip say Yes and it will be
|
|
|
|
accessible from within Linux.
|
|
|
|
To compile this driver as a module, choose M here; the module will
|
|
|
|
be called tpm_tis_i2c_atmel.
|
|
|
|
|
2012-08-07 17:42:32 +08:00
|
|
|
config TCG_TIS_I2C_INFINEON
|
|
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
|
|
|
|
depends on I2C
|
|
|
|
---help---
|
|
|
|
If you have a TPM security chip that is compliant with the
|
|
|
|
TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
|
|
|
|
Specification 0.20 say Yes and it will be accessible from within
|
|
|
|
Linux.
|
|
|
|
To compile this driver as a module, choose M here; the module
|
2013-10-22 07:12:15 +08:00
|
|
|
will be called tpm_i2c_infineon.
|
2012-08-07 17:42:32 +08:00
|
|
|
|
2013-10-07 02:43:13 +08:00
|
|
|
config TCG_TIS_I2C_NUVOTON
|
|
|
|
tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
|
|
|
|
depends on I2C
|
|
|
|
---help---
|
|
|
|
If you have a TPM security chip with an I2C interface from
|
|
|
|
Nuvoton Technology Corp. say Yes and it will be accessible
|
|
|
|
from within Linux.
|
|
|
|
To compile this driver as a module, choose M here; the module
|
|
|
|
will be called tpm_i2c_nuvoton.
|
|
|
|
|
2005-04-17 06:20:36 +08:00
|
|
|
config TCG_NSC
|
|
|
|
tristate "National Semiconductor TPM Interface"
|
2011-11-01 19:42:58 +08:00
|
|
|
depends on X86
|
2005-04-17 06:20:36 +08:00
|
|
|
---help---
|
2007-05-09 13:12:20 +08:00
|
|
|
If you have a TPM security chip from National Semiconductor
|
2005-04-17 06:20:36 +08:00
|
|
|
say Yes and it will be accessible from within Linux. To
|
|
|
|
compile this driver as a module, choose M here; the module
|
|
|
|
will be called tpm_nsc.
|
|
|
|
|
|
|
|
config TCG_ATMEL
|
|
|
|
tristate "Atmel TPM Interface"
|
2014-04-08 06:39:19 +08:00
|
|
|
depends on PPC64 || HAS_IOPORT_MAP
|
2005-04-17 06:20:36 +08:00
|
|
|
---help---
|
|
|
|
If you have a TPM security chip from Atmel say Yes and it
|
|
|
|
will be accessible from within Linux. To compile this driver
|
|
|
|
as a module, choose M here; the module will be called tpm_atmel.
|
|
|
|
|
2005-07-28 02:45:12 +08:00
|
|
|
config TCG_INFINEON
|
2005-08-06 02:59:33 +08:00
|
|
|
tristate "Infineon Technologies TPM Interface"
|
2008-04-29 16:03:25 +08:00
|
|
|
depends on PNP
|
2005-07-28 02:45:12 +08:00
|
|
|
---help---
|
|
|
|
If you have a TPM security chip from Infineon Technologies
|
2005-08-06 02:59:33 +08:00
|
|
|
(either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
|
|
|
|
will be accessible from within Linux.
|
|
|
|
To compile this driver as a module, choose M here; the module
|
2005-07-28 02:45:12 +08:00
|
|
|
will be called tpm_infineon.
|
|
|
|
Further information on this driver and the supported hardware
|
2010-10-18 17:03:14 +08:00
|
|
|
can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
|
2005-07-28 02:45:12 +08:00
|
|
|
|
2012-08-23 05:17:43 +08:00
|
|
|
config TCG_IBMVTPM
|
|
|
|
tristate "IBM VTPM Interface"
|
2013-02-12 03:36:44 +08:00
|
|
|
depends on PPC_PSERIES
|
2012-08-23 05:17:43 +08:00
|
|
|
---help---
|
|
|
|
If you have IBM virtual TPM (VTPM) support say Yes and it
|
|
|
|
will be accessible from within Linux. To compile this driver
|
|
|
|
as a module, choose M here; the module will be called tpm_ibmvtpm.
|
|
|
|
|
2013-07-31 01:29:47 +08:00
|
|
|
config TCG_XEN
|
|
|
|
tristate "XEN TPM Interface"
|
|
|
|
depends on TCG_TPM && XEN
|
2013-08-30 21:02:27 +08:00
|
|
|
select XEN_XENBUS_FRONTEND
|
2013-07-31 01:29:47 +08:00
|
|
|
---help---
|
|
|
|
If you want to make TPM support available to a Xen user domain,
|
|
|
|
say Yes and it will be accessible from within Linux. See
|
|
|
|
the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
|
|
|
|
the Xen source repository for more details.
|
|
|
|
To compile this driver as a module, choose M here; the module
|
|
|
|
will be called xen-tpmfront.
|
|
|
|
|
2014-12-13 03:46:39 +08:00
|
|
|
config TCG_CRB
|
|
|
|
tristate "TPM 2.0 CRB Interface"
|
2017-03-24 17:55:45 +08:00
|
|
|
depends on ACPI
|
2014-12-13 03:46:39 +08:00
|
|
|
---help---
|
|
|
|
If you have a TPM security chip that is compliant with the
|
|
|
|
TCG CRB 2.0 TPM specification say Yes and it will be accessible
|
|
|
|
from within Linux. To compile this driver as a module, choose
|
|
|
|
M here; the module will be called tpm_crb.
|
|
|
|
|
2016-04-19 01:26:15 +08:00
|
|
|
config TCG_VTPM_PROXY
|
|
|
|
tristate "VTPM Proxy Interface"
|
|
|
|
depends on TCG_TPM
|
|
|
|
---help---
|
|
|
|
This driver proxies for an emulated TPM (vTPM) running in userspace.
|
|
|
|
A device /dev/vtpmx is provided that creates a device pair
|
|
|
|
/dev/vtpmX and a server-side file descriptor on which the vTPM
|
|
|
|
can receive commands.
|
|
|
|
|
2019-07-06 04:47:45 +08:00
|
|
|
config TCG_FTPM_TEE
|
|
|
|
tristate "TEE based fTPM Interface"
|
|
|
|
depends on TEE && OPTEE
|
|
|
|
help
|
|
|
|
This driver proxies for firmware TPM running in TEE.
|
2016-04-19 01:26:15 +08:00
|
|
|
|
2015-03-08 18:17:14 +08:00
|
|
|
source "drivers/char/tpm/st33zp24/Kconfig"
|
2007-07-16 14:39:31 +08:00
|
|
|
endif # TCG_TPM
|