xref: /openbmc/u-boot/drivers/tpm/Kconfig (revision 7b384eccc785b596f68448b155cbda26df57fb23) 
1 #
2 # TPM subsystem configuration
3 #
4 
5 menu "TPM support"
6 
7 comment "Please select only one TPM revision"
8 	depends on TPM_V1 && TPM_V2
9 
10 config TPM_V1
11 	bool "TPMv1.x support"
12 	depends on TPM
13 	default y
14 	help
15 	  Major TPM versions are not compatible at all, choose either
16 	  one or the other. This option enables TPMv1.x drivers/commands.
17 
18 if TPM_V1 && !TPM_V2
19 
20 config TPM_TIS_SANDBOX
21 	bool "Enable sandbox TPM driver"
22 	depends on TPM_V1 && SANDBOX
23 	help
24 	  This driver emulates a TPMv1.x, providing access to base functions
25 	  such as reading and writing TPM private data. This is enough to
26 	  support Chrome OS verified boot. Extend functionality is not
27 	  implemented.
28 
29 config TPM_ATMEL_TWI
30 	bool "Enable Atmel TWI TPM device driver"
31 	depends on TPM_V1
32 	help
33 	  This driver supports an Atmel TPM device connected on the I2C bus.
34 	  The usual tpm operations and the 'tpm' command can be used to talk
35 	  to the device using the standard TPM Interface Specification (TIS)
36 	  protocol
37 
38 config TPM_TIS_INFINEON
39 	bool "Enable support for Infineon SLB9635/45 TPMs on I2C"
40 	depends on TPM_V1 && DM_I2C
41 	help
42 	  This driver supports Infineon TPM devices connected on the I2C bus.
43 	  The usual tpm operations and the 'tpm' command can be used to talk
44 	  to the device using the standard TPM Interface Specification (TIS)
45 	  protocol
46 
47 config TPM_TIS_I2C_BURST_LIMITATION
48 	bool "Enable I2C burst length limitation"
49 	depends on TPM_TIS_INFINEON
50 	help
51 	  Some broken TPMs have a limitation on the number of bytes they can
52 	  receive in one message. Enable this option to allow you to set this
53 	  option. The can allow a broken TPM to be used by splitting messages
54 	  into separate pieces.
55 
56 config TPM_TIS_I2C_BURST_LIMITATION_LEN
57 	int "Length"
58 	depends on TPM_TIS_I2C_BURST_LIMITATION
59 	help
60 	  Use this to set the burst limitation length
61 
62 config TPM_TIS_LPC
63 	bool "Enable support for Infineon SLB9635/45 TPMs on LPC"
64 	depends on TPM_V1 && X86
65 	select TPM_DRIVER_SELECTED
66 	help
67 	  This driver supports Infineon TPM devices connected on the LPC bus.
68 	  The usual tpm operations and the 'tpm' command can be used to talk
69 	  to the device using the standard TPM Interface Specification (TIS)
70 	  protocol
71 
72 config TPM_AUTH_SESSIONS
73 	bool "Enable TPM authentication session support"
74 	depends on TPM_V1
75 	help
76 	  Enable support for authorised (AUTH1) commands as specified in the
77 	  TCG Main Specification 1.2. OIAP-authorised versions of the commands
78 	  TPM_LoadKey2 and TPM_GetPubKey are provided. Both features are
79 	  available using the 'tpm' command, too.
80 
81 config TPM_ST33ZP24_I2C
82 	bool "STMicroelectronics ST33ZP24 I2C TPM"
83 	depends on TPM_V1 && DM_I2C
84 	---help---
85 	  This driver supports STMicroelectronics TPM devices connected on the I2C bus.
86 	  The usual tpm operations and the 'tpm' command can be used to talk
87 	  to the device using the standard TPM Interface Specification (TIS)
88 	  protocol
89 
90 config TPM_ST33ZP24_SPI
91 	bool "STMicroelectronics ST33ZP24 SPI TPM"
92 	depends on TPM_V1 && DM_SPI
93 	---help---
94 	  This driver supports STMicroelectronics TPM devices connected on the SPI bus.
95 	  The usual tpm operations and the 'tpm' command can be used to talk
96 	  to the device using the standard TPM Interface Specification (TIS)
97 	  protocol
98 
99 config TPM_FLUSH_RESOURCES
100 	bool "Enable TPM resource flushing support"
101 	depends on TPM_V1
102 	help
103 	  Enable support to flush specific resources (e.g. keys) from the TPM.
104 	  The functionality is available via the 'tpm' command as well.
105 
106 config TPM_LOAD_KEY_BY_SHA1
107 	bool "Enable TPM key loading by SHA1 support"
108 	depends on TPM_V1
109 	help
110 	  Enable support to load keys into the TPM by identifying
111 	  their parent via the public key's SHA1 hash.
112 	  The functionality is available via the 'tpm' command as well.
113 
114 config TPM_LIST_RESOURCES
115 	bool "Enable TPM resource listing support"
116 	depends on TPM_V1
117 	help
118 	  Enable support to list specific resources (e.g. keys) within the TPM.
119 	  The functionality is available via the 'tpm' command as well.
120 
121 endif # TPM_V1
122 
123 config TPM_V2
124 	bool "TPMv2.x support"
125 	depends on TPM
126 	help
127 	  Major TPM versions are not compatible at all, choose either
128 	  one or the other. This option enables TPMv2.x drivers/commands.
129 
130 if TPM_V2 && !TPM_V1
131 
132 config TPM2_TIS_SANDBOX
133 	bool "Enable sandbox TPMv2.x driver"
134 	depends on TPM_V2 && SANDBOX
135 	select TPM_DRIVER_SELECTED
136 	help
137 	  This driver emulates a TPMv2.x, providing access to base functions
138 	  such as basic configuration, PCR extension and PCR read. Extended
139 	  functionalities are not implemented.
140 
141 config TPM2_TIS_SPI
142 	bool "Enable support for TPMv2.x SPI chips"
143 	depends on TPM_V2 && DM_SPI
144 	select TPM_DRIVER_SELECTED
145 	help
146 	  This driver supports TPMv2.x devices connected on the SPI bus.
147 	  The usual TPM operations and the 'tpm' command can be used to talk
148 	  to the device using the standard TPM Interface Specification (TIS)
149 	  protocol.
150 
151 endif # TPM_V2
152 
153 endmenu
154