1# SPDX-License-Identifier: GPL-2.0-only 2# 3# TPM device configuration 4# 5 6menuconfig TCG_TPM 7 tristate "TPM Hardware Support" 8 depends on HAS_IOMEM 9 imply SECURITYFS 10 select CRYPTO 11 select CRYPTO_HASH_INFO 12 ---help--- 13 If you have a TPM security chip in your system, which 14 implements the Trusted Computing Group's specification, 15 say Yes and it will be accessible from within Linux. For 16 more information see <http://www.trustedcomputinggroup.org>. 17 An implementation of the Trusted Software Stack (TSS), the 18 userspace enablement piece of the specification, can be 19 obtained at: <http://sourceforge.net/projects/trousers>. To 20 compile this driver as a module, choose M here; the module 21 will be called tpm. If unsure, say N. 22 Notes: 23 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 24 and CONFIG_PNPACPI. 25 2) Without ACPI enabled, the BIOS event log won't be accessible, 26 which is required to validate the PCR 0-7 values. 27 28if TCG_TPM 29 30config HW_RANDOM_TPM 31 bool "TPM HW Random Number Generator support" 32 depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 33 default y 34 ---help--- 35 This setting exposes the TPM's Random Number Generator as a hwrng 36 device. This allows the kernel to collect randomness from the TPM at 37 boot, and provides the TPM randomines in /dev/hwrng. 38 39 If unsure, say Y. 40 41config TCG_TIS_CORE 42 tristate 43 ---help--- 44 TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 45 into the TPM kernel APIs. Physical layers will register against it. 46 47config TCG_TIS 48 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 49 depends on X86 || OF 50 select TCG_TIS_CORE 51 ---help--- 52 If you have a TPM security chip that is compliant with the 53 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 54 specification (TPM2.0) say Yes and it will be accessible from 55 within Linux. To compile this driver as a module, choose M here; 56 the module will be called tpm_tis. 57 58config TCG_TIS_SPI 59 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 60 depends on SPI 61 select TCG_TIS_CORE 62 ---help--- 63 If you have a TPM security chip which is connected to a regular, 64 non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 65 TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 66 specification (TPM2.0) say Yes and it will be accessible from 67 within Linux. To compile this driver as a module, choose M here; 68 the module will be called tpm_tis_spi. 69 70config TCG_TIS_I2C_ATMEL 71 tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 72 depends on I2C 73 ---help--- 74 If you have an Atmel I2C TPM security chip say Yes and it will be 75 accessible from within Linux. 76 To compile this driver as a module, choose M here; the module will 77 be called tpm_tis_i2c_atmel. 78 79config TCG_TIS_I2C_INFINEON 80 tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 81 depends on I2C 82 ---help--- 83 If you have a TPM security chip that is compliant with the 84 TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 85 Specification 0.20 say Yes and it will be accessible from within 86 Linux. 87 To compile this driver as a module, choose M here; the module 88 will be called tpm_i2c_infineon. 89 90config TCG_TIS_I2C_NUVOTON 91 tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 92 depends on I2C 93 ---help--- 94 If you have a TPM security chip with an I2C interface from 95 Nuvoton Technology Corp. say Yes and it will be accessible 96 from within Linux. 97 To compile this driver as a module, choose M here; the module 98 will be called tpm_i2c_nuvoton. 99 100config TCG_NSC 101 tristate "National Semiconductor TPM Interface" 102 depends on X86 103 ---help--- 104 If you have a TPM security chip from National Semiconductor 105 say Yes and it will be accessible from within Linux. To 106 compile this driver as a module, choose M here; the module 107 will be called tpm_nsc. 108 109config TCG_ATMEL 110 tristate "Atmel TPM Interface" 111 depends on PPC64 || HAS_IOPORT_MAP 112 ---help--- 113 If you have a TPM security chip from Atmel say Yes and it 114 will be accessible from within Linux. To compile this driver 115 as a module, choose M here; the module will be called tpm_atmel. 116 117config TCG_INFINEON 118 tristate "Infineon Technologies TPM Interface" 119 depends on PNP 120 ---help--- 121 If you have a TPM security chip from Infineon Technologies 122 (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 123 will be accessible from within Linux. 124 To compile this driver as a module, choose M here; the module 125 will be called tpm_infineon. 126 Further information on this driver and the supported hardware 127 can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 128 129config TCG_IBMVTPM 130 tristate "IBM VTPM Interface" 131 depends on PPC_PSERIES 132 ---help--- 133 If you have IBM virtual TPM (VTPM) support say Yes and it 134 will be accessible from within Linux. To compile this driver 135 as a module, choose M here; the module will be called tpm_ibmvtpm. 136 137config TCG_XEN 138 tristate "XEN TPM Interface" 139 depends on TCG_TPM && XEN 140 select XEN_XENBUS_FRONTEND 141 ---help--- 142 If you want to make TPM support available to a Xen user domain, 143 say Yes and it will be accessible from within Linux. See 144 the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 145 the Xen source repository for more details. 146 To compile this driver as a module, choose M here; the module 147 will be called xen-tpmfront. 148 149config TCG_CRB 150 tristate "TPM 2.0 CRB Interface" 151 depends on ACPI 152 ---help--- 153 If you have a TPM security chip that is compliant with the 154 TCG CRB 2.0 TPM specification say Yes and it will be accessible 155 from within Linux. To compile this driver as a module, choose 156 M here; the module will be called tpm_crb. 157 158config TCG_VTPM_PROXY 159 tristate "VTPM Proxy Interface" 160 depends on TCG_TPM 161 ---help--- 162 This driver proxies for an emulated TPM (vTPM) running in userspace. 163 A device /dev/vtpmx is provided that creates a device pair 164 /dev/vtpmX and a server-side file descriptor on which the vTPM 165 can receive commands. 166 167config TCG_FTPM_TEE 168 tristate "TEE based fTPM Interface" 169 depends on TEE && OPTEE 170 help 171 This driver proxies for firmware TPM running in TEE. 172 173source "drivers/char/tpm/st33zp24/Kconfig" 174endif # TCG_TPM 175