2019-05-19 13:07:45 +01:00
# SPDX-License-Identifier: GPL-2.0-only
2005-04-16 15:20:36 -07:00
#
# TPM device configuration
#
2007-07-15 23:39:31 -07:00
menuconfig TCG_TPM
2005-04-16 15:20:36 -07:00
tristate "TPM Hardware Support"
2007-07-15 23:39:31 -07:00
depends on HAS_IOMEM
2018-09-03 21:51:51 +02:00
imply SECURITYFS
2017-02-28 22:12:55 +01:00
select CRYPTO
2017-01-30 04:59:41 -05:00
select CRYPTO_HASH_INFO
2020-06-14 01:50:22 +09:00
help
2005-04-16 15:20:36 -07:00
If you have a TPM security chip in your system, which
implements the Trusted Computing Group's specification,
say Yes and it will be accessible from within Linux. For
more information see <http://www.trustedcomputinggroup.org>.
An implementation of the Trusted Software Stack (TSS), the
userspace enablement piece of the specification, can be
obtained at: <http://sourceforge.net/projects/trousers>. To
compile this driver as a module, choose M here; the module
will be called tpm. If unsure, say N.
2010-05-13 17:37:54 -03:00
Notes:
1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
2010-05-07 09:19:29 +10:00
and CONFIG_PNPACPI.
2010-05-13 17:37:54 -03:00
2) Without ACPI enabled, the BIOS event log won't be accessible,
which is required to validate the PCR 0-7 values.
2005-04-16 15:20:36 -07:00
2007-07-15 23:39:31 -07:00
if TCG_TPM
2017-11-17 15:24:03 +02:00
config HW_RANDOM_TPM
bool "TPM HW Random Number Generator support"
depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
default y
2020-06-14 01:50:22 +09:00
help
2017-11-17 15:24:03 +02:00
This setting exposes the TPM's Random Number Generator as a hwrng
device. This allows the kernel to collect randomness from the TPM at
boot, and provides the TPM randomines in /dev/hwrng.
If unsure, say Y.
2016-05-19 00:35:52 +02:00
config TCG_TIS_CORE
tristate
2020-06-14 01:50:22 +09:00
help
2016-05-19 00:35:52 +02:00
TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
into the TPM kernel APIs. Physical layers will register against it.
2006-04-22 02:38:03 -07:00
config TCG_TIS
2015-03-15 00:54:43 +01:00
tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
2016-11-07 15:44:31 -07:00
depends on X86 || OF
2016-05-19 00:35:52 +02:00
select TCG_TIS_CORE
2020-06-14 01:50:22 +09:00
help
2006-04-22 02:38:03 -07:00
If you have a TPM security chip that is compliant with the
2015-03-15 00:54:43 +01:00
TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
specification (TPM2.0) say Yes and it will be accessible from
within Linux. To compile this driver as a module, choose M here;
the module will be called tpm_tis.
2006-04-22 02:38:03 -07:00
2016-05-19 00:35:53 +02:00
config TCG_TIS_SPI
tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
depends on SPI
select TCG_TIS_CORE
2020-06-14 01:50:22 +09:00
help
2016-05-19 00:35:53 +02:00
If you have a TPM security chip which is connected to a regular,
non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
specification (TPM2.0) say Yes and it will be accessible from
within Linux. To compile this driver as a module, choose M here;
the module will be called tpm_tis_spi.
2019-09-20 11:32:38 -07:00
config TCG_TIS_SPI_CR50
bool "Cr50 SPI Interface"
depends on TCG_TIS_SPI
help
If you have a H1 secure module running Cr50 firmware on SPI bus,
say Yes and it will be accessible from within Linux.
tpm: Add tpm_tis_i2c backend for tpm_tis_core
Implement the TCG I2C Interface driver, as specified in the TCG PC
Client Platform TPM Profile (PTP) specification for TPM 2.0 v1.04
revision 14, section 8, I2C Interface Definition.
This driver supports Guard Times. That is, if required by the TPM, the
driver has to wait by a vendor-specific time after each I2C read/write.
The specific time is read from the TPM_I2C_INTERFACE_CAPABILITY register.
Unfortunately, the TCG specified almost but not quite compatible
register addresses. Therefore, the TIS register addresses need to be
mapped to I2C ones. The locality is stripped because for now, only
locality 0 is supported.
Add a sanity check to I2C reads of e.g. TPM_ACCESS and TPM_STS. This is
to detect communication errors and issues due to non-standard behaviour
(E.g. the clock stretching quirk in the BCM2835, see 4dbfb5f4401f). In
case the sanity check fails, attempt a retry.
Co-developed-by: Johannes Holland <johannes.holland@infineon.com>
Signed-off-by: Johannes Holland <johannes.holland@infineon.com>
Co-developed-by: Amir Mizinski <amirmizi6@gmail.com>
Signed-off-by: Amir Mizinski <amirmizi6@gmail.com>
Signed-off-by: Alexander Steffen <Alexander.Steffen@infineon.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2022-06-08 19:31:13 +02:00
config TCG_TIS_I2C
tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C - generic)"
depends on I2C
select CRC_CCITT
select TCG_TIS_CORE
help
If you have a TPM security chip, compliant with the TCG TPM PTP
(I2C interface) specification and connected to an I2C bus master,
say Yes and it will be accessible from within Linux.
To compile this driver as a module, choose M here;
the module will be called tpm_tis_i2c.
2020-07-28 12:14:31 +09:00
config TCG_TIS_SYNQUACER
tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
2021-08-26 09:10:12 +08:00
depends on ARCH_SYNQUACER || COMPILE_TEST
2020-07-28 12:14:31 +09:00
select TCG_TIS_CORE
help
If you have a TPM security chip that is compliant with the
TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
specification (TPM2.0) say Yes and it will be accessible from
within Linux on Socionext SynQuacer platform.
To compile this driver as a module, choose M here;
the module will be called tpm_tis_synquacer.
2020-12-07 16:20:16 +02:00
config TCG_TIS_I2C_CR50
tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)"
depends on I2C
help
This is a driver for the Google cr50 I2C TPM interface which is a
custom microcontroller and requires a custom i2c protocol interface
to handle the limitations of the hardware. To compile this driver
as a module, choose M here; the module will be called tcg_tis_i2c_cr50.
2013-10-06 12:43:36 -06:00
config TCG_TIS_I2C_ATMEL
tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
depends on I2C
2020-06-14 01:50:22 +09:00
help
2013-10-06 12:43:36 -06:00
If you have an Atmel I2C TPM security chip say Yes and it will be
accessible from within Linux.
To compile this driver as a module, choose M here; the module will
be called tpm_tis_i2c_atmel.
2012-08-07 11:42:32 +02:00
config TCG_TIS_I2C_INFINEON
tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
depends on I2C
2020-06-14 01:50:22 +09:00
help
2012-08-07 11:42:32 +02:00
If you have a TPM security chip that is compliant with the
TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
Specification 0.20 say Yes and it will be accessible from within
Linux.
To compile this driver as a module, choose M here; the module
2013-10-22 01:12:15 +02:00
will be called tpm_i2c_infineon.
2012-08-07 11:42:32 +02:00
2013-10-06 12:43:13 -06:00
config TCG_TIS_I2C_NUVOTON
tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
depends on I2C
2020-06-14 01:50:22 +09:00
help
2013-10-06 12:43:13 -06:00
If you have a TPM security chip with an I2C interface from
Nuvoton Technology Corp. say Yes and it will be accessible
from within Linux.
To compile this driver as a module, choose M here; the module
will be called tpm_i2c_nuvoton.
2005-04-16 15:20:36 -07:00
config TCG_NSC
tristate "National Semiconductor TPM Interface"
2011-11-01 09:42:58 -02:00
depends on X86
2020-06-14 01:50:22 +09:00
help
2007-05-09 07:12:20 +02:00
If you have a TPM security chip from National Semiconductor
2005-04-16 15:20:36 -07:00
say Yes and it will be accessible from within Linux. To
compile this driver as a module, choose M here; the module
will be called tpm_nsc.
config TCG_ATMEL
tristate "Atmel TPM Interface"
2014-04-07 15:39:19 -07:00
depends on PPC64 || HAS_IOPORT_MAP
2020-06-14 01:50:22 +09:00
help
2005-04-16 15:20:36 -07:00
If you have a TPM security chip from Atmel say Yes and it
will be accessible from within Linux. To compile this driver
as a module, choose M here; the module will be called tpm_atmel.
2005-07-27 11:45:12 -07:00
config TCG_INFINEON
2005-08-05 11:59:33 -07:00
tristate "Infineon Technologies TPM Interface"
2008-04-29 01:03:25 -07:00
depends on PNP
2020-06-14 01:50:22 +09:00
help
2005-07-27 11:45:12 -07:00
If you have a TPM security chip from Infineon Technologies
2005-08-05 11:59:33 -07:00
(either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
will be accessible from within Linux.
To compile this driver as a module, choose M here; the module
2005-07-27 11:45:12 -07:00
will be called tpm_infineon.
Further information on this driver and the supported hardware
2010-10-18 11:03:14 +02:00
can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
2005-07-27 11:45:12 -07:00
2012-08-22 16:17:43 -05:00
config TCG_IBMVTPM
tristate "IBM VTPM Interface"
2013-02-11 14:36:44 -05:00
depends on PPC_PSERIES
2020-06-14 01:50:22 +09:00
help
2012-08-22 16:17:43 -05:00
If you have IBM virtual TPM (VTPM) support say Yes and it
will be accessible from within Linux. To compile this driver
as a module, choose M here; the module will be called tpm_ibmvtpm.
2013-07-30 13:29:47 -04:00
config TCG_XEN
tristate "XEN TPM Interface"
depends on TCG_TPM && XEN
2013-08-30 09:02:27 -04:00
select XEN_XENBUS_FRONTEND
2020-06-14 01:50:22 +09:00
help
2013-07-30 13:29:47 -04:00
If you want to make TPM support available to a Xen user domain,
say Yes and it will be accessible from within Linux. See
the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
the Xen source repository for more details.
To compile this driver as a module, choose M here; the module
will be called xen-tpmfront.
2014-12-12 11:46:39 -08:00
config TCG_CRB
tristate "TPM 2.0 CRB Interface"
2017-03-24 04:55:45 -05:00
depends on ACPI
2020-06-14 01:50:22 +09:00
help
2014-12-12 11:46:39 -08:00
If you have a TPM security chip that is compliant with the
TCG CRB 2.0 TPM specification say Yes and it will be accessible
from within Linux. To compile this driver as a module, choose
M here; the module will be called tpm_crb.
2016-04-18 13:26:15 -04:00
config TCG_VTPM_PROXY
tristate "VTPM Proxy Interface"
depends on TCG_TPM
2020-06-14 01:50:22 +09:00
help
2016-04-18 13:26:15 -04:00
This driver proxies for an emulated TPM (vTPM) running in userspace.
A device /dev/vtpmx is provided that creates a device pair
/dev/vtpmX and a server-side file descriptor on which the vTPM
can receive commands.
2019-07-05 16:47:45 -04:00
config TCG_FTPM_TEE
tristate "TEE based fTPM Interface"
depends on TEE && OPTEE
help
This driver proxies for firmware TPM running in TEE.
2016-04-18 13:26:15 -04:00
2015-03-08 11:17:14 +01:00
source "drivers/char/tpm/st33zp24/Kconfig"
2007-07-15 23:39:31 -07:00
endif # TCG_TPM