Commit | Line | Data |
---|---|---|
ec8f24b7 | 1 | # SPDX-License-Identifier: GPL-2.0-only |
1da177e4 LT |
2 | # |
3 | # TPM device configuration | |
4 | # | |
5 | ||
7126b75c | 6 | menuconfig TCG_TPM |
1da177e4 | 7 | tristate "TPM Hardware Support" |
7126b75c | 8 | depends on HAS_IOMEM |
2f7d8dbb | 9 | imply SECURITYFS |
4bf4b4ed | 10 | select CRYPTO |
c1f92b4b | 11 | select CRYPTO_HASH_INFO |
a7f7f624 | 12 | help |
1da177e4 LT |
13 | If you have a TPM security chip in your system, which |
14 | implements the Trusted Computing Group's specification, | |
15 | say Yes and it will be accessible from within Linux. For | |
16 | more information see <http://www.trustedcomputinggroup.org>. | |
17 | An implementation of the Trusted Software Stack (TSS), the | |
18 | userspace enablement piece of the specification, can be | |
19 | obtained at: <http://sourceforge.net/projects/trousers>. To | |
20 | compile this driver as a module, choose M here; the module | |
21 | will be called tpm. If unsure, say N. | |
7f2ab000 RA |
22 | Notes: |
23 | 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI | |
ec4a162a | 24 | and CONFIG_PNPACPI. |
7f2ab000 RA |
25 | 2) Without ACPI enabled, the BIOS event log won't be accessible, |
26 | which is required to validate the PCR 0-7 values. | |
1da177e4 | 27 | |
7126b75c JE |
28 | if TCG_TPM |
29 | ||
6e592a06 JG |
30 | config HW_RANDOM_TPM |
31 | bool "TPM HW Random Number Generator support" | |
32 | depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) | |
33 | default y | |
a7f7f624 | 34 | help |
6e592a06 JG |
35 | This setting exposes the TPM's Random Number Generator as a hwrng |
36 | device. This allows the kernel to collect randomness from the TPM at | |
37 | boot, and provides the TPM randomines in /dev/hwrng. | |
38 | ||
39 | If unsure, say Y. | |
40 | ||
41a5e1cf CR |
41 | config TCG_TIS_CORE |
42 | tristate | |
a7f7f624 | 43 | help |
41a5e1cf CR |
44 | TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks |
45 | into the TPM kernel APIs. Physical layers will register against it. | |
46 | ||
27084efe | 47 | config TCG_TIS |
44506436 | 48 | tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" |
420d4398 | 49 | depends on X86 || OF |
41a5e1cf | 50 | select TCG_TIS_CORE |
a7f7f624 | 51 | help |
27084efe | 52 | If you have a TPM security chip that is compliant with the |
44506436 PH |
53 | TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO |
54 | specification (TPM2.0) say Yes and it will be accessible from | |
55 | within Linux. To compile this driver as a module, choose M here; | |
56 | the module will be called tpm_tis. | |
27084efe | 57 | |
0edbfea5 CR |
58 | config TCG_TIS_SPI |
59 | tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" | |
60 | depends on SPI | |
61 | select TCG_TIS_CORE | |
a7f7f624 | 62 | help |
0edbfea5 CR |
63 | If you have a TPM security chip which is connected to a regular, |
64 | non-tcg SPI master (i.e. most embedded platforms) that is compliant with the | |
65 | TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO | |
66 | specification (TPM2.0) say Yes and it will be accessible from | |
67 | within Linux. To compile this driver as a module, choose M here; | |
68 | the module will be called tpm_tis_spi. | |
69 | ||
797c0113 AP |
70 | config TCG_TIS_SPI_CR50 |
71 | bool "Cr50 SPI Interface" | |
72 | depends on TCG_TIS_SPI | |
73 | help | |
74 | If you have a H1 secure module running Cr50 firmware on SPI bus, | |
75 | say Yes and it will be accessible from within Linux. | |
76 | ||
a2871c62 JG |
77 | config TCG_TIS_I2C_ATMEL |
78 | tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" | |
79 | depends on I2C | |
a7f7f624 | 80 | help |
a2871c62 JG |
81 | If you have an Atmel I2C TPM security chip say Yes and it will be |
82 | accessible from within Linux. | |
83 | To compile this driver as a module, choose M here; the module will | |
84 | be called tpm_tis_i2c_atmel. | |
85 | ||
aad628c1 PH |
86 | config TCG_TIS_I2C_INFINEON |
87 | tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" | |
88 | depends on I2C | |
a7f7f624 | 89 | help |
aad628c1 PH |
90 | If you have a TPM security chip that is compliant with the |
91 | TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack | |
92 | Specification 0.20 say Yes and it will be accessible from within | |
93 | Linux. | |
94 | To compile this driver as a module, choose M here; the module | |
b3f2436a | 95 | will be called tpm_i2c_infineon. |
aad628c1 | 96 | |
4c336e4b JG |
97 | config TCG_TIS_I2C_NUVOTON |
98 | tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" | |
99 | depends on I2C | |
a7f7f624 | 100 | help |
4c336e4b JG |
101 | If you have a TPM security chip with an I2C interface from |
102 | Nuvoton Technology Corp. say Yes and it will be accessible | |
103 | from within Linux. | |
104 | To compile this driver as a module, choose M here; the module | |
105 | will be called tpm_i2c_nuvoton. | |
106 | ||
1da177e4 LT |
107 | config TCG_NSC |
108 | tristate "National Semiconductor TPM Interface" | |
2f592f2a | 109 | depends on X86 |
a7f7f624 | 110 | help |
3dde6ad8 | 111 | If you have a TPM security chip from National Semiconductor |
1da177e4 LT |
112 | say Yes and it will be accessible from within Linux. To |
113 | compile this driver as a module, choose M here; the module | |
114 | will be called tpm_nsc. | |
115 | ||
116 | config TCG_ATMEL | |
117 | tristate "Atmel TPM Interface" | |
ce816fa8 | 118 | depends on PPC64 || HAS_IOPORT_MAP |
a7f7f624 | 119 | help |
1da177e4 LT |
120 | If you have a TPM security chip from Atmel say Yes and it |
121 | will be accessible from within Linux. To compile this driver | |
122 | as a module, choose M here; the module will be called tpm_atmel. | |
123 | ||
ebb81fdb | 124 | config TCG_INFINEON |
f9abb020 | 125 | tristate "Infineon Technologies TPM Interface" |
cedb27de | 126 | depends on PNP |
a7f7f624 | 127 | help |
ebb81fdb | 128 | If you have a TPM security chip from Infineon Technologies |
f9abb020 MS |
129 | (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it |
130 | will be accessible from within Linux. | |
131 | To compile this driver as a module, choose M here; the module | |
ebb81fdb MS |
132 | will be called tpm_infineon. |
133 | Further information on this driver and the supported hardware | |
631dd1a8 | 134 | can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ |
ebb81fdb | 135 | |
132f7629 AL |
136 | config TCG_IBMVTPM |
137 | tristate "IBM VTPM Interface" | |
5b266032 | 138 | depends on PPC_PSERIES |
a7f7f624 | 139 | help |
132f7629 AL |
140 | If you have IBM virtual TPM (VTPM) support say Yes and it |
141 | will be accessible from within Linux. To compile this driver | |
142 | as a module, choose M here; the module will be called tpm_ibmvtpm. | |
143 | ||
e2683957 DDG |
144 | config TCG_XEN |
145 | tristate "XEN TPM Interface" | |
146 | depends on TCG_TPM && XEN | |
713efcab | 147 | select XEN_XENBUS_FRONTEND |
a7f7f624 | 148 | help |
e2683957 DDG |
149 | If you want to make TPM support available to a Xen user domain, |
150 | say Yes and it will be accessible from within Linux. See | |
151 | the manpages for xl, xl.conf, and docs/misc/vtpm.txt in | |
152 | the Xen source repository for more details. | |
153 | To compile this driver as a module, choose M here; the module | |
154 | will be called xen-tpmfront. | |
155 | ||
30fc8d13 JS |
156 | config TCG_CRB |
157 | tristate "TPM 2.0 CRB Interface" | |
08eff49d | 158 | depends on ACPI |
a7f7f624 | 159 | help |
30fc8d13 JS |
160 | If you have a TPM security chip that is compliant with the |
161 | TCG CRB 2.0 TPM specification say Yes and it will be accessible | |
162 | from within Linux. To compile this driver as a module, choose | |
163 | M here; the module will be called tpm_crb. | |
164 | ||
6f99612e SB |
165 | config TCG_VTPM_PROXY |
166 | tristate "VTPM Proxy Interface" | |
167 | depends on TCG_TPM | |
a7f7f624 | 168 | help |
6f99612e SB |
169 | This driver proxies for an emulated TPM (vTPM) running in userspace. |
170 | A device /dev/vtpmx is provided that creates a device pair | |
171 | /dev/vtpmX and a server-side file descriptor on which the vTPM | |
172 | can receive commands. | |
173 | ||
09e57483 SL |
174 | config TCG_FTPM_TEE |
175 | tristate "TEE based fTPM Interface" | |
176 | depends on TEE && OPTEE | |
177 | help | |
178 | This driver proxies for firmware TPM running in TEE. | |
6f99612e | 179 | |
bf38b871 | 180 | source "drivers/char/tpm/st33zp24/Kconfig" |
7126b75c | 181 | endif # TCG_TPM |