Kconfig (7382B)
1# SPDX-License-Identifier: GPL-2.0-only 2# 3# TPM device configuration 4# 5 6menuconfig TCG_TPM 7 tristate "TPM Hardware Support" 8 depends on HAS_IOMEM 9 imply SECURITYFS 10 select CRYPTO 11 select CRYPTO_HASH_INFO 12 help 13 If you have a TPM security chip in your system, which 14 implements the Trusted Computing Group's specification, 15 say Yes and it will be accessible from within Linux. For 16 more information see <http://www.trustedcomputinggroup.org>. 17 An implementation of the Trusted Software Stack (TSS), the 18 userspace enablement piece of the specification, can be 19 obtained at: <http://sourceforge.net/projects/trousers>. To 20 compile this driver as a module, choose M here; the module 21 will be called tpm. If unsure, say N. 22 Notes: 23 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 24 and CONFIG_PNPACPI. 25 2) Without ACPI enabled, the BIOS event log won't be accessible, 26 which is required to validate the PCR 0-7 values. 27 28if TCG_TPM 29 30config HW_RANDOM_TPM 31 bool "TPM HW Random Number Generator support" 32 depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 33 default y 34 help 35 This setting exposes the TPM's Random Number Generator as a hwrng 36 device. This allows the kernel to collect randomness from the TPM at 37 boot, and provides the TPM randomines in /dev/hwrng. 38 39 If unsure, say Y. 40 41config TCG_TIS_CORE 42 tristate 43 help 44 TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 45 into the TPM kernel APIs. Physical layers will register against it. 46 47config TCG_TIS 48 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 49 depends on X86 || OF 50 select TCG_TIS_CORE 51 help 52 If you have a TPM security chip that is compliant with the 53 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 54 specification (TPM2.0) say Yes and it will be accessible from 55 within Linux. To compile this driver as a module, choose M here; 56 the module will be called tpm_tis. 57 58config TCG_TIS_SPI 59 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 60 depends on SPI 61 select TCG_TIS_CORE 62 help 63 If you have a TPM security chip which is connected to a regular, 64 non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 65 TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 66 specification (TPM2.0) say Yes and it will be accessible from 67 within Linux. To compile this driver as a module, choose M here; 68 the module will be called tpm_tis_spi. 69 70config TCG_TIS_SPI_CR50 71 bool "Cr50 SPI Interface" 72 depends on TCG_TIS_SPI 73 help 74 If you have a H1 secure module running Cr50 firmware on SPI bus, 75 say Yes and it will be accessible from within Linux. 76 77config TCG_TIS_SYNQUACER 78 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)" 79 depends on ARCH_SYNQUACER || COMPILE_TEST 80 select TCG_TIS_CORE 81 help 82 If you have a TPM security chip that is compliant with the 83 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 84 specification (TPM2.0) say Yes and it will be accessible from 85 within Linux on Socionext SynQuacer platform. 86 To compile this driver as a module, choose M here; 87 the module will be called tpm_tis_synquacer. 88 89config TCG_TIS_I2C_CR50 90 tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)" 91 depends on I2C 92 help 93 This is a driver for the Google cr50 I2C TPM interface which is a 94 custom microcontroller and requires a custom i2c protocol interface 95 to handle the limitations of the hardware. To compile this driver 96 as a module, choose M here; the module will be called tcg_tis_i2c_cr50. 97 98config TCG_TIS_I2C_ATMEL 99 tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 100 depends on I2C 101 help 102 If you have an Atmel I2C TPM security chip say Yes and it will be 103 accessible from within Linux. 104 To compile this driver as a module, choose M here; the module will 105 be called tpm_tis_i2c_atmel. 106 107config TCG_TIS_I2C_INFINEON 108 tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 109 depends on I2C 110 help 111 If you have a TPM security chip that is compliant with the 112 TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 113 Specification 0.20 say Yes and it will be accessible from within 114 Linux. 115 To compile this driver as a module, choose M here; the module 116 will be called tpm_i2c_infineon. 117 118config TCG_TIS_I2C_NUVOTON 119 tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 120 depends on I2C 121 help 122 If you have a TPM security chip with an I2C interface from 123 Nuvoton Technology Corp. say Yes and it will be accessible 124 from within Linux. 125 To compile this driver as a module, choose M here; the module 126 will be called tpm_i2c_nuvoton. 127 128config TCG_NSC 129 tristate "National Semiconductor TPM Interface" 130 depends on X86 131 help 132 If you have a TPM security chip from National Semiconductor 133 say Yes and it will be accessible from within Linux. To 134 compile this driver as a module, choose M here; the module 135 will be called tpm_nsc. 136 137config TCG_ATMEL 138 tristate "Atmel TPM Interface" 139 depends on PPC64 || HAS_IOPORT_MAP 140 help 141 If you have a TPM security chip from Atmel say Yes and it 142 will be accessible from within Linux. To compile this driver 143 as a module, choose M here; the module will be called tpm_atmel. 144 145config TCG_INFINEON 146 tristate "Infineon Technologies TPM Interface" 147 depends on PNP 148 help 149 If you have a TPM security chip from Infineon Technologies 150 (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 151 will be accessible from within Linux. 152 To compile this driver as a module, choose M here; the module 153 will be called tpm_infineon. 154 Further information on this driver and the supported hardware 155 can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 156 157config TCG_IBMVTPM 158 tristate "IBM VTPM Interface" 159 depends on PPC_PSERIES 160 help 161 If you have IBM virtual TPM (VTPM) support say Yes and it 162 will be accessible from within Linux. To compile this driver 163 as a module, choose M here; the module will be called tpm_ibmvtpm. 164 165config TCG_XEN 166 tristate "XEN TPM Interface" 167 depends on TCG_TPM && XEN 168 select XEN_XENBUS_FRONTEND 169 help 170 If you want to make TPM support available to a Xen user domain, 171 say Yes and it will be accessible from within Linux. See 172 the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 173 the Xen source repository for more details. 174 To compile this driver as a module, choose M here; the module 175 will be called xen-tpmfront. 176 177config TCG_CRB 178 tristate "TPM 2.0 CRB Interface" 179 depends on ACPI 180 help 181 If you have a TPM security chip that is compliant with the 182 TCG CRB 2.0 TPM specification say Yes and it will be accessible 183 from within Linux. To compile this driver as a module, choose 184 M here; the module will be called tpm_crb. 185 186config TCG_VTPM_PROXY 187 tristate "VTPM Proxy Interface" 188 depends on TCG_TPM 189 help 190 This driver proxies for an emulated TPM (vTPM) running in userspace. 191 A device /dev/vtpmx is provided that creates a device pair 192 /dev/vtpmX and a server-side file descriptor on which the vTPM 193 can receive commands. 194 195config TCG_FTPM_TEE 196 tristate "TEE based fTPM Interface" 197 depends on TEE && OPTEE 198 help 199 This driver proxies for firmware TPM running in TEE. 200 201source "drivers/char/tpm/st33zp24/Kconfig" 202endif # TCG_TPM