1# SPDX-License-Identifier: GPL-2.0-only 2# 3# TPM device configuration 4# 5 6menuconfig TCG_TPM 7 tristate "TPM Hardware Support" 8 depends on HAS_IOMEM 9 imply SECURITYFS 10 select CRYPTO 11 select CRYPTO_HASH_INFO 12 help 13 If you have a TPM security chip in your system, which 14 implements the Trusted Computing Group's specification, 15 say Yes and it will be accessible from within Linux. For 16 more information see <http://www.trustedcomputinggroup.org>. 17 An implementation of the Trusted Software Stack (TSS), the 18 userspace enablement piece of the specification, can be 19 obtained at: <http://sourceforge.net/projects/trousers>. To 20 compile this driver as a module, choose M here; the module 21 will be called tpm. If unsure, say N. 22 Notes: 23 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 24 and CONFIG_PNPACPI. 25 2) Without ACPI enabled, the BIOS event log won't be accessible, 26 which is required to validate the PCR 0-7 values. 27 28if TCG_TPM 29 30config HW_RANDOM_TPM 31 bool "TPM HW Random Number Generator support" 32 depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 33 default y 34 help 35 This setting exposes the TPM's Random Number Generator as a hwrng 36 device. This allows the kernel to collect randomness from the TPM at 37 boot, and provides the TPM randomines in /dev/hwrng. 38 39 If unsure, say Y. 40 41config TCG_TIS_CORE 42 tristate 43 help 44 TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 45 into the TPM kernel APIs. Physical layers will register against it. 46 47config TCG_TIS 48 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 49 depends on X86 || OF 50 select TCG_TIS_CORE 51 help 52 If you have a TPM security chip that is compliant with the 53 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 54 specification (TPM2.0) say Yes and it will be accessible from 55 within Linux. To compile this driver as a module, choose M here; 56 the module will be called tpm_tis. 57 58config TCG_TIS_SPI 59 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 60 depends on SPI 61 select TCG_TIS_CORE 62 help 63 If you have a TPM security chip which is connected to a regular, 64 non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 65 TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 66 specification (TPM2.0) say Yes and it will be accessible from 67 within Linux. To compile this driver as a module, choose M here; 68 the module will be called tpm_tis_spi. 69 70config TCG_TIS_SPI_CR50 71 bool "Cr50 SPI Interface" 72 depends on TCG_TIS_SPI 73 help 74 If you have a H1 secure module running Cr50 firmware on SPI bus, 75 say Yes and it will be accessible from within Linux. 76 77config TCG_TIS_I2C_ATMEL 78 tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 79 depends on I2C 80 help 81 If you have an Atmel I2C TPM security chip say Yes and it will be 82 accessible from within Linux. 83 To compile this driver as a module, choose M here; the module will 84 be called tpm_tis_i2c_atmel. 85 86config TCG_TIS_I2C_INFINEON 87 tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 88 depends on I2C 89 help 90 If you have a TPM security chip that is compliant with the 91 TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 92 Specification 0.20 say Yes and it will be accessible from within 93 Linux. 94 To compile this driver as a module, choose M here; the module 95 will be called tpm_i2c_infineon. 96 97config TCG_TIS_I2C_NUVOTON 98 tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 99 depends on I2C 100 help 101 If you have a TPM security chip with an I2C interface from 102 Nuvoton Technology Corp. say Yes and it will be accessible 103 from within Linux. 104 To compile this driver as a module, choose M here; the module 105 will be called tpm_i2c_nuvoton. 106 107config TCG_NSC 108 tristate "National Semiconductor TPM Interface" 109 depends on X86 110 help 111 If you have a TPM security chip from National Semiconductor 112 say Yes and it will be accessible from within Linux. To 113 compile this driver as a module, choose M here; the module 114 will be called tpm_nsc. 115 116config TCG_ATMEL 117 tristate "Atmel TPM Interface" 118 depends on PPC64 || HAS_IOPORT_MAP 119 help 120 If you have a TPM security chip from Atmel say Yes and it 121 will be accessible from within Linux. To compile this driver 122 as a module, choose M here; the module will be called tpm_atmel. 123 124config TCG_INFINEON 125 tristate "Infineon Technologies TPM Interface" 126 depends on PNP 127 help 128 If you have a TPM security chip from Infineon Technologies 129 (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 130 will be accessible from within Linux. 131 To compile this driver as a module, choose M here; the module 132 will be called tpm_infineon. 133 Further information on this driver and the supported hardware 134 can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 135 136config TCG_IBMVTPM 137 tristate "IBM VTPM Interface" 138 depends on PPC_PSERIES 139 help 140 If you have IBM virtual TPM (VTPM) support say Yes and it 141 will be accessible from within Linux. To compile this driver 142 as a module, choose M here; the module will be called tpm_ibmvtpm. 143 144config TCG_XEN 145 tristate "XEN TPM Interface" 146 depends on TCG_TPM && XEN 147 select XEN_XENBUS_FRONTEND 148 help 149 If you want to make TPM support available to a Xen user domain, 150 say Yes and it will be accessible from within Linux. See 151 the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 152 the Xen source repository for more details. 153 To compile this driver as a module, choose M here; the module 154 will be called xen-tpmfront. 155 156config TCG_CRB 157 tristate "TPM 2.0 CRB Interface" 158 depends on ACPI 159 help 160 If you have a TPM security chip that is compliant with the 161 TCG CRB 2.0 TPM specification say Yes and it will be accessible 162 from within Linux. To compile this driver as a module, choose 163 M here; the module will be called tpm_crb. 164 165config TCG_VTPM_PROXY 166 tristate "VTPM Proxy Interface" 167 depends on TCG_TPM 168 help 169 This driver proxies for an emulated TPM (vTPM) running in userspace. 170 A device /dev/vtpmx is provided that creates a device pair 171 /dev/vtpmX and a server-side file descriptor on which the vTPM 172 can receive commands. 173 174config TCG_FTPM_TEE 175 tristate "TEE based fTPM Interface" 176 depends on TEE && OPTEE 177 help 178 This driver proxies for firmware TPM running in TEE. 179 180source "drivers/char/tpm/st33zp24/Kconfig" 181endif # TCG_TPM 182