Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

# SPDX-License-Identifier: GPL-2.0-only
#
# TPM device configuration
#

menuconfig CONFIG_TCG_TPM
	tristate "TPM Hardware Support"
	depends on CONFIG_HAS_IOMEM
	imply CONFIG_SECURITYFS
	select CONFIG_CRYPTO
	select CONFIG_CRYPTO_HASH_INFO
	---help---
	  If you have a TPM security chip in your system, which
	  implements the Trusted Computing Group's specification,
	  say Yes and it will be accessible from within Linux.  For
	  more information see <http://www.trustedcomputinggroup.org>. 
	  An implementation of the Trusted Software Stack (TSS), the 
	  userspace enablement piece of the specification, can be 
	  obtained at: <http://sourceforge.net/projects/trousers>.  To 
	  compile this driver as a module, choose CONFIG_M here; the module 
	  will be called tpm. If unsure, say N.
	  Notes:
	  1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
	  and CONFIG_PNPACPI.
	  2) Without CONFIG_ACPI enabled, the BIOS event log won't be accessible,
	  which is required to validate the PCR 0-7 values.

if CONFIG_TCG_TPM

config CONFIG_HW_RANDOM_TPM
	bool "TPM HW Random Number Generator support"
	depends on CONFIG_TCG_TPM && CONFIG_HW_RANDOM && !(CONFIG_TCG_TPM=y && CONFIG_HW_RANDOM=m)
	default y
	---help---
	  This setting exposes the TPM's Random Number Generator as a hwrng
	  device. This allows the kernel to collect randomness from the TPM at
	  boot, and provides the TPM randomines in /dev/hwrng.

	  If unsure, say Y.

config CONFIG_TCG_TIS_CORE
	tristate
	---help---
	TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
	into the TPM kernel APIs. Physical layers will register against it.

config CONFIG_TCG_TIS
	tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
	depends on CONFIG_X86 || CONFIG_OF
	select CONFIG_TCG_TIS_CORE
	---help---
	  If you have a TPM security chip that is compliant with the
	  TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
	  specification (TPM2.0) say Yes and it will be accessible from
	  within Linux. To compile this driver as a module, choose  CONFIG_M here;
	  the module will be called tpm_tis.

config CONFIG_TCG_TIS_SPI
	tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
	depends on CONFIG_SPI
	select CONFIG_TCG_TIS_CORE
	---help---
	  If you have a TPM security chip which is connected to a regular,
	  non-tcg CONFIG_SPI master (i.e. most embedded platforms) that is compliant with the
	  TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
	  specification (TPM2.0) say Yes and it will be accessible from
	  within Linux. To compile this driver as a module, choose  CONFIG_M here;
	  the module will be called tpm_tis_spi.

config CONFIG_TCG_TIS_I2C_ATMEL
	tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
	depends on CONFIG_I2C
	---help---
	  If you have an Atmel CONFIG_I2C TPM security chip say Yes and it will be
	  accessible from within Linux.
	  To compile this driver as a module, choose CONFIG_M here; the module will
	  be called tpm_tis_i2c_atmel.

config CONFIG_TCG_TIS_I2C_INFINEON
	tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
	depends on CONFIG_I2C
	---help---
	  If you have a TPM security chip that is compliant with the
	  TCG TIS 1.2 TPM specification and Infineon's CONFIG_I2C Protocol Stack
	  Specification 0.20 say Yes and it will be accessible from within
	  Linux.
	  To compile this driver as a module, choose CONFIG_M here; the module
	  will be called tpm_i2c_infineon.

config CONFIG_TCG_TIS_I2C_NUVOTON
	tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
	depends on CONFIG_I2C
	---help---
	  If you have a TPM security chip with an CONFIG_I2C interface from
	  Nuvoton Technology Corp. say Yes and it will be accessible
	  from within Linux.
	  To compile this driver as a module, choose CONFIG_M here; the module
	  will be called tpm_i2c_nuvoton.

config CONFIG_TCG_NSC
	tristate "National Semiconductor TPM Interface"
	depends on CONFIG_X86
	---help---
	  If you have a TPM security chip from National Semiconductor 
	  say Yes and it will be accessible from within Linux.  To 
	  compile this driver as a module, choose CONFIG_M here; the module 
	  will be called tpm_nsc.

config CONFIG_TCG_ATMEL
	tristate "Atmel TPM Interface"
	depends on CONFIG_PPC64 || CONFIG_HAS_IOPORT_MAP
	---help---
	  If you have a TPM security chip from Atmel say Yes and it 
	  will be accessible from within Linux.  To compile this driver 
	  as a module, choose CONFIG_M here; the module will be called tpm_atmel.

config CONFIG_TCG_INFINEON
	tristate "Infineon Technologies TPM Interface"
	depends on CONFIG_PNP
	---help---
	  If you have a TPM security chip from Infineon Technologies
	  (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
	  will be accessible from within Linux.
	  To compile this driver as a module, choose CONFIG_M here; the module
	  will be called tpm_infineon.
	  Further information on this driver and the supported hardware
	  can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 

config CONFIG_TCG_IBMVTPM
	tristate "IBM VTPM Interface"
	depends on CONFIG_PPC_PSERIES
	---help---
	  If you have IBM virtual TPM (VTPM) support say Yes and it
	  will be accessible from within Linux.  To compile this driver
	  as a module, choose CONFIG_M here; the module will be called tpm_ibmvtpm.

config CONFIG_TCG_XEN
	tristate "XEN TPM Interface"
	depends on CONFIG_TCG_TPM && CONFIG_XEN
	select CONFIG_XEN_XENBUS_FRONTEND
	---help---
	  If you want to make TPM support available to a Xen user domain,
	  say Yes and it will be accessible from within Linux. See
	  the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
	  the Xen source repository for more details.
	  To compile this driver as a module, choose CONFIG_M here; the module
	  will be called xen-tpmfront.

config CONFIG_TCG_CRB
	tristate "TPM 2.0 CRB Interface"
	depends on CONFIG_ACPI
	---help---
	  If you have a TPM security chip that is compliant with the
	  TCG CRB 2.0 TPM specification say Yes and it will be accessible
	  from within Linux.  To compile this driver as a module, choose
	  CONFIG_M here; the module will be called tpm_crb.

config CONFIG_TCG_VTPM_PROXY
	tristate "VTPM Proxy Interface"
	depends on CONFIG_TCG_TPM
	---help---
	  This driver proxies for an emulated TPM (vTPM) running in userspace.
	  CONFIG_A device /dev/vtpmx is provided that creates a device pair
	  /dev/vtpmX and a server-side file descriptor on which the vTPM
	  can receive commands.

config CONFIG_TCG_FTPM_TEE
	tristate "TEE based fTPM Interface"
	depends on CONFIG_TEE && CONFIG_OPTEE
	help
	  This driver proxies for firmware TPM running in CONFIG_TEE.

source "drivers/char/tpm/st33zp24/Kconfig"
endif # CONFIG_TCG_TPM