^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) # SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) # TPM device configuration
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) #
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) menuconfig TCG_TPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) tristate "TPM Hardware Support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) depends on HAS_IOMEM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) imply SECURITYFS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) select CRYPTO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) select CRYPTO_HASH_INFO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) If you have a TPM security chip in your system, which
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) implements the Trusted Computing Group's specification,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) say Yes and it will be accessible from within Linux. For
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) more information see <http://www.trustedcomputinggroup.org>.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) An implementation of the Trusted Software Stack (TSS), the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) userspace enablement piece of the specification, can be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) obtained at: <http://sourceforge.net/projects/trousers>. To
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) will be called tpm. If unsure, say N.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) Notes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) and CONFIG_PNPACPI.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) 2) Without ACPI enabled, the BIOS event log won't be accessible,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) which is required to validate the PCR 0-7 values.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) if TCG_TPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) config HW_RANDOM_TPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) bool "TPM HW Random Number Generator support"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) default y
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) This setting exposes the TPM's Random Number Generator as a hwrng
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) device. This allows the kernel to collect randomness from the TPM at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) boot, and provides the TPM randomines in /dev/hwrng.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) If unsure, say Y.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) config TCG_TIS_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) tristate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) into the TPM kernel APIs. Physical layers will register against it.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) config TCG_TIS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) depends on X86 || OF
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) select TCG_TIS_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) If you have a TPM security chip that is compliant with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) specification (TPM2.0) say Yes and it will be accessible from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) within Linux. To compile this driver as a module, choose M here;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) the module will be called tpm_tis.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) config TCG_TIS_SPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) depends on SPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) select TCG_TIS_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) If you have a TPM security chip which is connected to a regular,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) specification (TPM2.0) say Yes and it will be accessible from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) within Linux. To compile this driver as a module, choose M here;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) the module will be called tpm_tis_spi.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) config TCG_TIS_SPI_CR50
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) bool "Cr50 SPI Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) depends on TCG_TIS_SPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) If you have a H1 secure module running Cr50 firmware on SPI bus,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) say Yes and it will be accessible from within Linux.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) config TCG_TIS_SYNQUACER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) depends on ARCH_SYNQUACER
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) select TCG_TIS_CORE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) If you have a TPM security chip that is compliant with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) specification (TPM2.0) say Yes and it will be accessible from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) within Linux on Socionext SynQuacer platform.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) To compile this driver as a module, choose M here;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) the module will be called tpm_tis_synquacer.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) config TCG_TIS_I2C_ATMEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) depends on I2C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) If you have an Atmel I2C TPM security chip say Yes and it will be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) accessible from within Linux.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) To compile this driver as a module, choose M here; the module will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) be called tpm_tis_i2c_atmel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) config TCG_TIS_I2C_INFINEON
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) depends on I2C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) If you have a TPM security chip that is compliant with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) Specification 0.20 say Yes and it will be accessible from within
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) Linux.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) To compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) will be called tpm_i2c_infineon.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) config TCG_TIS_I2C_NUVOTON
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) depends on I2C
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) If you have a TPM security chip with an I2C interface from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) Nuvoton Technology Corp. say Yes and it will be accessible
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) from within Linux.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) To compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) will be called tpm_i2c_nuvoton.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) config TCG_NSC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) tristate "National Semiconductor TPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) depends on X86
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) If you have a TPM security chip from National Semiconductor
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) say Yes and it will be accessible from within Linux. To
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) will be called tpm_nsc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) config TCG_ATMEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) tristate "Atmel TPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) depends on PPC64 || HAS_IOPORT_MAP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) If you have a TPM security chip from Atmel say Yes and it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) will be accessible from within Linux. To compile this driver
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) as a module, choose M here; the module will be called tpm_atmel.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) config TCG_INFINEON
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) tristate "Infineon Technologies TPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) depends on PNP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) If you have a TPM security chip from Infineon Technologies
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) will be accessible from within Linux.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) To compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) will be called tpm_infineon.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) Further information on this driver and the supported hardware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) config TCG_IBMVTPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) tristate "IBM VTPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) depends on PPC_PSERIES
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) If you have IBM virtual TPM (VTPM) support say Yes and it
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) will be accessible from within Linux. To compile this driver
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) as a module, choose M here; the module will be called tpm_ibmvtpm.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) config TCG_XEN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) tristate "XEN TPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) depends on TCG_TPM && XEN
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) select XEN_XENBUS_FRONTEND
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) If you want to make TPM support available to a Xen user domain,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) say Yes and it will be accessible from within Linux. See
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) the Xen source repository for more details.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) To compile this driver as a module, choose M here; the module
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) will be called xen-tpmfront.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) config TCG_CRB
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) tristate "TPM 2.0 CRB Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) depends on ACPI
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) If you have a TPM security chip that is compliant with the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) TCG CRB 2.0 TPM specification say Yes and it will be accessible
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) from within Linux. To compile this driver as a module, choose
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) M here; the module will be called tpm_crb.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) config TCG_VTPM_PROXY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) tristate "VTPM Proxy Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) depends on TCG_TPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) This driver proxies for an emulated TPM (vTPM) running in userspace.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) A device /dev/vtpmx is provided that creates a device pair
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) /dev/vtpmX and a server-side file descriptor on which the vTPM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) can receive commands.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) config TCG_FTPM_TEE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) tristate "TEE based fTPM Interface"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) depends on TEE && OPTEE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) help
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) This driver proxies for firmware TPM running in TEE.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) source "drivers/char/tpm/st33zp24/Kconfig"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) endif # TCG_TPM
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags