1# SPDX-License-Identifier: GPL-2.0-only 2# 3# TPM device configuration 4# 5 6menuconfig TCG_TPM 7 tristate "TPM Hardware Support" 8 depends on HAS_IOMEM 9 imply SECURITYFS 10 select CRYPTO 11 select CRYPTO_HASH_INFO 12 help 13 If you have a TPM security chip in your system, which 14 implements the Trusted Computing Group's specification, 15 say Yes and it will be accessible from within Linux. For 16 more information see <http://www.trustedcomputinggroup.org>. 17 An implementation of the Trusted Software Stack (TSS), the 18 userspace enablement piece of the specification, can be 19 obtained at: <http://sourceforge.net/projects/trousers>. To 20 compile this driver as a module, choose M here; the module 21 will be called tpm. If unsure, say N. 22 Notes: 23 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 24 and CONFIG_PNPACPI. 25 2) Without ACPI enabled, the BIOS event log won't be accessible, 26 which is required to validate the PCR 0-7 values. 27 28if TCG_TPM 29 30config HW_RANDOM_TPM 31 bool "TPM HW Random Number Generator support" 32 depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 33 default y 34 help 35 This setting exposes the TPM's Random Number Generator as a hwrng 36 device. This allows the kernel to collect randomness from the TPM at 37 boot, and provides the TPM randomines in /dev/hwrng. 38 39 If unsure, say Y. 40 41config TCG_TIS_CORE 42 tristate 43 help 44 TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 45 into the TPM kernel APIs. Physical layers will register against it. 46 47config TCG_TIS 48 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 49 depends on X86 || OF 50 select TCG_TIS_CORE 51 help 52 If you have a TPM security chip that is compliant with the 53 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 54 specification (TPM2.0) say Yes and it will be accessible from 55 within Linux. To compile this driver as a module, choose M here; 56 the module will be called tpm_tis. 57 58config TCG_TIS_SPI 59 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 60 depends on SPI 61 select TCG_TIS_CORE 62 help 63 If you have a TPM security chip which is connected to a regular, 64 non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 65 TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 66 specification (TPM2.0) say Yes and it will be accessible from 67 within Linux. To compile this driver as a module, choose M here; 68 the module will be called tpm_tis_spi. 69 70config TCG_TIS_SPI_CR50 71 bool "Cr50 SPI Interface" 72 depends on TCG_TIS_SPI 73 help 74 If you have a H1 secure module running Cr50 firmware on SPI bus, 75 say Yes and it will be accessible from within Linux. 76 77config TCG_TIS_I2C 78 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C - generic)" 79 depends on I2C 80 select CRC_CCITT 81 select TCG_TIS_CORE 82 help 83 If you have a TPM security chip, compliant with the TCG TPM PTP 84 (I2C interface) specification and connected to an I2C bus master, 85 say Yes and it will be accessible from within Linux. 86 To compile this driver as a module, choose M here; 87 the module will be called tpm_tis_i2c. 88 89config TCG_TIS_SYNQUACER 90 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)" 91 depends on ARCH_SYNQUACER || COMPILE_TEST 92 select TCG_TIS_CORE 93 help 94 If you have a TPM security chip that is compliant with the 95 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 96 specification (TPM2.0) say Yes and it will be accessible from 97 within Linux on Socionext SynQuacer platform. 98 To compile this driver as a module, choose M here; 99 the module will be called tpm_tis_synquacer. 100 101config TCG_TIS_I2C_CR50 102 tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)" 103 depends on I2C 104 help 105 This is a driver for the Google cr50 I2C TPM interface which is a 106 custom microcontroller and requires a custom i2c protocol interface 107 to handle the limitations of the hardware. To compile this driver 108 as a module, choose M here; the module will be called tcg_tis_i2c_cr50. 109 110config TCG_TIS_I2C_ATMEL 111 tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 112 depends on I2C 113 help 114 If you have an Atmel I2C TPM security chip say Yes and it will be 115 accessible from within Linux. 116 To compile this driver as a module, choose M here; the module will 117 be called tpm_tis_i2c_atmel. 118 119config TCG_TIS_I2C_INFINEON 120 tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 121 depends on I2C 122 help 123 If you have a TPM security chip that is compliant with the 124 TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 125 Specification 0.20 say Yes and it will be accessible from within 126 Linux. 127 To compile this driver as a module, choose M here; the module 128 will be called tpm_i2c_infineon. 129 130config TCG_TIS_I2C_NUVOTON 131 tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 132 depends on I2C 133 help 134 If you have a TPM security chip with an I2C interface from 135 Nuvoton Technology Corp. say Yes and it will be accessible 136 from within Linux. 137 To compile this driver as a module, choose M here; the module 138 will be called tpm_i2c_nuvoton. 139 140config TCG_NSC 141 tristate "National Semiconductor TPM Interface" 142 depends on X86 143 help 144 If you have a TPM security chip from National Semiconductor 145 say Yes and it will be accessible from within Linux. To 146 compile this driver as a module, choose M here; the module 147 will be called tpm_nsc. 148 149config TCG_ATMEL 150 tristate "Atmel TPM Interface" 151 depends on PPC64 || HAS_IOPORT_MAP 152 help 153 If you have a TPM security chip from Atmel say Yes and it 154 will be accessible from within Linux. To compile this driver 155 as a module, choose M here; the module will be called tpm_atmel. 156 157config TCG_INFINEON 158 tristate "Infineon Technologies TPM Interface" 159 depends on PNP 160 help 161 If you have a TPM security chip from Infineon Technologies 162 (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 163 will be accessible from within Linux. 164 To compile this driver as a module, choose M here; the module 165 will be called tpm_infineon. 166 Further information on this driver and the supported hardware 167 can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 168 169config TCG_IBMVTPM 170 tristate "IBM VTPM Interface" 171 depends on PPC_PSERIES 172 help 173 If you have IBM virtual TPM (VTPM) support say Yes and it 174 will be accessible from within Linux. To compile this driver 175 as a module, choose M here; the module will be called tpm_ibmvtpm. 176 177config TCG_XEN 178 tristate "XEN TPM Interface" 179 depends on TCG_TPM && XEN 180 select XEN_XENBUS_FRONTEND 181 help 182 If you want to make TPM support available to a Xen user domain, 183 say Yes and it will be accessible from within Linux. See 184 the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 185 the Xen source repository for more details. 186 To compile this driver as a module, choose M here; the module 187 will be called xen-tpmfront. 188 189config TCG_CRB 190 tristate "TPM 2.0 CRB Interface" 191 depends on ACPI 192 help 193 If you have a TPM security chip that is compliant with the 194 TCG CRB 2.0 TPM specification say Yes and it will be accessible 195 from within Linux. To compile this driver as a module, choose 196 M here; the module will be called tpm_crb. 197 198config TCG_VTPM_PROXY 199 tristate "VTPM Proxy Interface" 200 depends on TCG_TPM 201 help 202 This driver proxies for an emulated TPM (vTPM) running in userspace. 203 A device /dev/vtpmx is provided that creates a device pair 204 /dev/vtpmX and a server-side file descriptor on which the vTPM 205 can receive commands. 206 207config TCG_FTPM_TEE 208 tristate "TEE based fTPM Interface" 209 depends on TEE && OPTEE 210 help 211 This driver proxies for firmware TPM running in TEE. 212 213source "drivers/char/tpm/st33zp24/Kconfig" 214endif # TCG_TPM 215