xref: /openbmc/linux/drivers/char/tpm/Kconfig (revision 4f2c0a4acffbec01079c28f839422e64ddeff004)
1 # SPDX-License-Identifier: GPL-2.0-only
2 #
3 # TPM device configuration
4 #
5 
6 menuconfig TCG_TPM
7 	tristate "TPM Hardware Support"
8 	depends on HAS_IOMEM
9 	imply SECURITYFS
10 	select CRYPTO
11 	select CRYPTO_HASH_INFO
12 	help
13 	  If you have a TPM security chip in your system, which
14 	  implements the Trusted Computing Group's specification,
15 	  say Yes and it will be accessible from within Linux.  For
16 	  more information see <http://www.trustedcomputinggroup.org>.
17 	  An implementation of the Trusted Software Stack (TSS), the
18 	  userspace enablement piece of the specification, can be
19 	  obtained at: <http://sourceforge.net/projects/trousers>.  To
20 	  compile this driver as a module, choose M here; the module
21 	  will be called tpm. If unsure, say N.
22 	  Notes:
23 	  1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
24 	  and CONFIG_PNPACPI.
25 	  2) Without ACPI enabled, the BIOS event log won't be accessible,
26 	  which is required to validate the PCR 0-7 values.
27 
28 if TCG_TPM
29 
30 config HW_RANDOM_TPM
31 	bool "TPM HW Random Number Generator support"
32 	depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
33 	default y
34 	help
35 	  This setting exposes the TPM's Random Number Generator as a hwrng
36 	  device. This allows the kernel to collect randomness from the TPM at
37 	  boot, and provides the TPM randomines in /dev/hwrng.
38 
39 	  If unsure, say Y.
40 
41 config TCG_TIS_CORE
42 	tristate
43 	help
44 	TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
45 	into the TPM kernel APIs. Physical layers will register against it.
46 
47 config TCG_TIS
48 	tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
49 	depends on X86 || OF
50 	select TCG_TIS_CORE
51 	help
52 	  If you have a TPM security chip that is compliant with the
53 	  TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
54 	  specification (TPM2.0) say Yes and it will be accessible from
55 	  within Linux. To compile this driver as a module, choose  M here;
56 	  the module will be called tpm_tis.
57 
58 config TCG_TIS_SPI
59 	tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
60 	depends on SPI
61 	select TCG_TIS_CORE
62 	help
63 	  If you have a TPM security chip which is connected to a regular,
64 	  non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
65 	  TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
66 	  specification (TPM2.0) say Yes and it will be accessible from
67 	  within Linux. To compile this driver as a module, choose  M here;
68 	  the module will be called tpm_tis_spi.
69 
70 config TCG_TIS_SPI_CR50
71 	bool "Cr50 SPI Interface"
72 	depends on TCG_TIS_SPI
73 	help
74 	  If you have a H1 secure module running Cr50 firmware on SPI bus,
75 	  say Yes and it will be accessible from within Linux.
76 
77 config TCG_TIS_I2C
78 	tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C - generic)"
79 	depends on I2C
80 	select CRC_CCITT
81 	select TCG_TIS_CORE
82 	help
83 	  If you have a TPM security chip, compliant with the TCG TPM PTP
84 	  (I2C interface) specification and connected to an I2C bus master,
85 	  say Yes and it will be accessible from within Linux.
86 	  To compile this driver as a module, choose M here;
87 	  the module will be called tpm_tis_i2c.
88 
89 config TCG_TIS_SYNQUACER
90 	tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
91 	depends on ARCH_SYNQUACER || COMPILE_TEST
92 	select TCG_TIS_CORE
93 	help
94 	  If you have a TPM security chip that is compliant with the
95 	  TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
96 	  specification (TPM2.0) say Yes and it will be accessible from
97 	  within Linux on Socionext SynQuacer platform.
98 	  To compile this driver as a module, choose  M here;
99 	  the module will be called tpm_tis_synquacer.
100 
101 config TCG_TIS_I2C_CR50
102 	tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)"
103 	depends on I2C
104 	help
105 	  This is a driver for the Google cr50 I2C TPM interface which is a
106 	  custom microcontroller and requires a custom i2c protocol interface
107 	  to handle the limitations of the hardware.  To compile this driver
108 	  as a module, choose M here; the module will be called tcg_tis_i2c_cr50.
109 
110 config TCG_TIS_I2C_ATMEL
111 	tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
112 	depends on I2C
113 	help
114 	  If you have an Atmel I2C TPM security chip say Yes and it will be
115 	  accessible from within Linux.
116 	  To compile this driver as a module, choose M here; the module will
117 	  be called tpm_tis_i2c_atmel.
118 
119 config TCG_TIS_I2C_INFINEON
120 	tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
121 	depends on I2C
122 	help
123 	  If you have a TPM security chip that is compliant with the
124 	  TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
125 	  Specification 0.20 say Yes and it will be accessible from within
126 	  Linux.
127 	  To compile this driver as a module, choose M here; the module
128 	  will be called tpm_i2c_infineon.
129 
130 config TCG_TIS_I2C_NUVOTON
131 	tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
132 	depends on I2C
133 	help
134 	  If you have a TPM security chip with an I2C interface from
135 	  Nuvoton Technology Corp. say Yes and it will be accessible
136 	  from within Linux.
137 	  To compile this driver as a module, choose M here; the module
138 	  will be called tpm_i2c_nuvoton.
139 
140 config TCG_NSC
141 	tristate "National Semiconductor TPM Interface"
142 	depends on X86
143 	help
144 	  If you have a TPM security chip from National Semiconductor
145 	  say Yes and it will be accessible from within Linux.  To
146 	  compile this driver as a module, choose M here; the module
147 	  will be called tpm_nsc.
148 
149 config TCG_ATMEL
150 	tristate "Atmel TPM Interface"
151 	depends on PPC64 || HAS_IOPORT_MAP
152 	help
153 	  If you have a TPM security chip from Atmel say Yes and it
154 	  will be accessible from within Linux.  To compile this driver
155 	  as a module, choose M here; the module will be called tpm_atmel.
156 
157 config TCG_INFINEON
158 	tristate "Infineon Technologies TPM Interface"
159 	depends on PNP
160 	help
161 	  If you have a TPM security chip from Infineon Technologies
162 	  (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
163 	  will be accessible from within Linux.
164 	  To compile this driver as a module, choose M here; the module
165 	  will be called tpm_infineon.
166 	  Further information on this driver and the supported hardware
167 	  can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
168 
169 config TCG_IBMVTPM
170 	tristate "IBM VTPM Interface"
171 	depends on PPC_PSERIES
172 	help
173 	  If you have IBM virtual TPM (VTPM) support say Yes and it
174 	  will be accessible from within Linux.  To compile this driver
175 	  as a module, choose M here; the module will be called tpm_ibmvtpm.
176 
177 config TCG_XEN
178 	tristate "XEN TPM Interface"
179 	depends on TCG_TPM && XEN
180 	select XEN_XENBUS_FRONTEND
181 	help
182 	  If you want to make TPM support available to a Xen user domain,
183 	  say Yes and it will be accessible from within Linux. See
184 	  the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
185 	  the Xen source repository for more details.
186 	  To compile this driver as a module, choose M here; the module
187 	  will be called xen-tpmfront.
188 
189 config TCG_CRB
190 	tristate "TPM 2.0 CRB Interface"
191 	depends on ACPI
192 	help
193 	  If you have a TPM security chip that is compliant with the
194 	  TCG CRB 2.0 TPM specification say Yes and it will be accessible
195 	  from within Linux.  To compile this driver as a module, choose
196 	  M here; the module will be called tpm_crb.
197 
198 config TCG_VTPM_PROXY
199 	tristate "VTPM Proxy Interface"
200 	depends on TCG_TPM
201 	help
202 	  This driver proxies for an emulated TPM (vTPM) running in userspace.
203 	  A device /dev/vtpmx is provided that creates a device pair
204 	  /dev/vtpmX and a server-side file descriptor on which the vTPM
205 	  can receive commands.
206 
207 config TCG_FTPM_TEE
208 	tristate "TEE based fTPM Interface"
209 	depends on TEE && OPTEE
210 	help
211 	  This driver proxies for firmware TPM running in TEE.
212 
213 source "drivers/char/tpm/st33zp24/Kconfig"
214 endif # TCG_TPM
215