11da177e4SLinus Torvalds# 21da177e4SLinus Torvalds# TPM device configuration 31da177e4SLinus Torvalds# 41da177e4SLinus Torvalds 57126b75cSJan Engelhardtmenuconfig TCG_TPM 61da177e4SLinus Torvalds tristate "TPM Hardware Support" 77126b75cSJan Engelhardt depends on HAS_IOMEM 8*2f7d8dbbSPeter Huewe imply SECURITYFS 94bf4b4edSArnd Bergmann select CRYPTO 10c1f92b4bSNayna Jain select CRYPTO_HASH_INFO 111da177e4SLinus Torvalds ---help--- 121da177e4SLinus Torvalds If you have a TPM security chip in your system, which 131da177e4SLinus Torvalds implements the Trusted Computing Group's specification, 141da177e4SLinus Torvalds say Yes and it will be accessible from within Linux. For 151da177e4SLinus Torvalds more information see <http://www.trustedcomputinggroup.org>. 161da177e4SLinus Torvalds An implementation of the Trusted Software Stack (TSS), the 171da177e4SLinus Torvalds userspace enablement piece of the specification, can be 181da177e4SLinus Torvalds obtained at: <http://sourceforge.net/projects/trousers>. To 191da177e4SLinus Torvalds compile this driver as a module, choose M here; the module 201da177e4SLinus Torvalds will be called tpm. If unsure, say N. 217f2ab000SRajiv Andrade Notes: 227f2ab000SRajiv Andrade 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 23ec4a162aSJames Morris and CONFIG_PNPACPI. 247f2ab000SRajiv Andrade 2) Without ACPI enabled, the BIOS event log won't be accessible, 257f2ab000SRajiv Andrade which is required to validate the PCR 0-7 values. 261da177e4SLinus Torvalds 277126b75cSJan Engelhardtif TCG_TPM 287126b75cSJan Engelhardt 296e592a06SJason Gunthorpeconfig HW_RANDOM_TPM 306e592a06SJason Gunthorpe bool "TPM HW Random Number Generator support" 316e592a06SJason Gunthorpe depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 326e592a06SJason Gunthorpe default y 336e592a06SJason Gunthorpe ---help--- 346e592a06SJason Gunthorpe This setting exposes the TPM's Random Number Generator as a hwrng 356e592a06SJason Gunthorpe device. This allows the kernel to collect randomness from the TPM at 366e592a06SJason Gunthorpe boot, and provides the TPM randomines in /dev/hwrng. 376e592a06SJason Gunthorpe 386e592a06SJason Gunthorpe If unsure, say Y. 396e592a06SJason Gunthorpe 4041a5e1cfSChristophe Ricardconfig TCG_TIS_CORE 4141a5e1cfSChristophe Ricard tristate 4241a5e1cfSChristophe Ricard ---help--- 4341a5e1cfSChristophe Ricard TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 4441a5e1cfSChristophe Ricard into the TPM kernel APIs. Physical layers will register against it. 4541a5e1cfSChristophe Ricard 4627084efeSLeendert van Doornconfig TCG_TIS 4744506436SPeter Huewe tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 48420d4398SJason Gunthorpe depends on X86 || OF 4941a5e1cfSChristophe Ricard select TCG_TIS_CORE 5027084efeSLeendert van Doorn ---help--- 5127084efeSLeendert van Doorn If you have a TPM security chip that is compliant with the 5244506436SPeter Huewe TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 5344506436SPeter Huewe specification (TPM2.0) say Yes and it will be accessible from 5444506436SPeter Huewe within Linux. To compile this driver as a module, choose M here; 5544506436SPeter Huewe the module will be called tpm_tis. 5627084efeSLeendert van Doorn 570edbfea5SChristophe Ricardconfig TCG_TIS_SPI 580edbfea5SChristophe Ricard tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 590edbfea5SChristophe Ricard depends on SPI 600edbfea5SChristophe Ricard select TCG_TIS_CORE 610edbfea5SChristophe Ricard ---help--- 620edbfea5SChristophe Ricard If you have a TPM security chip which is connected to a regular, 630edbfea5SChristophe Ricard non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 640edbfea5SChristophe Ricard TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 650edbfea5SChristophe Ricard specification (TPM2.0) say Yes and it will be accessible from 660edbfea5SChristophe Ricard within Linux. To compile this driver as a module, choose M here; 670edbfea5SChristophe Ricard the module will be called tpm_tis_spi. 680edbfea5SChristophe Ricard 69a2871c62SJason Gunthorpeconfig TCG_TIS_I2C_ATMEL 70a2871c62SJason Gunthorpe tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 71a2871c62SJason Gunthorpe depends on I2C 72a2871c62SJason Gunthorpe ---help--- 73a2871c62SJason Gunthorpe If you have an Atmel I2C TPM security chip say Yes and it will be 74a2871c62SJason Gunthorpe accessible from within Linux. 75a2871c62SJason Gunthorpe To compile this driver as a module, choose M here; the module will 76a2871c62SJason Gunthorpe be called tpm_tis_i2c_atmel. 77a2871c62SJason Gunthorpe 78aad628c1SPeter Hueweconfig TCG_TIS_I2C_INFINEON 79aad628c1SPeter Huewe tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 80aad628c1SPeter Huewe depends on I2C 81aad628c1SPeter Huewe ---help--- 82aad628c1SPeter Huewe If you have a TPM security chip that is compliant with the 83aad628c1SPeter Huewe TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 84aad628c1SPeter Huewe Specification 0.20 say Yes and it will be accessible from within 85aad628c1SPeter Huewe Linux. 86aad628c1SPeter Huewe To compile this driver as a module, choose M here; the module 87b3f2436aSPeter Huewe will be called tpm_i2c_infineon. 88aad628c1SPeter Huewe 894c336e4bSJason Gunthorpeconfig TCG_TIS_I2C_NUVOTON 904c336e4bSJason Gunthorpe tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 914c336e4bSJason Gunthorpe depends on I2C 924c336e4bSJason Gunthorpe ---help--- 934c336e4bSJason Gunthorpe If you have a TPM security chip with an I2C interface from 944c336e4bSJason Gunthorpe Nuvoton Technology Corp. say Yes and it will be accessible 954c336e4bSJason Gunthorpe from within Linux. 964c336e4bSJason Gunthorpe To compile this driver as a module, choose M here; the module 974c336e4bSJason Gunthorpe will be called tpm_i2c_nuvoton. 984c336e4bSJason Gunthorpe 991da177e4SLinus Torvaldsconfig TCG_NSC 1001da177e4SLinus Torvalds tristate "National Semiconductor TPM Interface" 1012f592f2aSRajiv Andrade depends on X86 1021da177e4SLinus Torvalds ---help--- 1033dde6ad8SDavid Sterba If you have a TPM security chip from National Semiconductor 1041da177e4SLinus Torvalds say Yes and it will be accessible from within Linux. To 1051da177e4SLinus Torvalds compile this driver as a module, choose M here; the module 1061da177e4SLinus Torvalds will be called tpm_nsc. 1071da177e4SLinus Torvalds 1081da177e4SLinus Torvaldsconfig TCG_ATMEL 1091da177e4SLinus Torvalds tristate "Atmel TPM Interface" 110ce816fa8SUwe Kleine-König depends on PPC64 || HAS_IOPORT_MAP 1111da177e4SLinus Torvalds ---help--- 1121da177e4SLinus Torvalds If you have a TPM security chip from Atmel say Yes and it 1131da177e4SLinus Torvalds will be accessible from within Linux. To compile this driver 1141da177e4SLinus Torvalds as a module, choose M here; the module will be called tpm_atmel. 1151da177e4SLinus Torvalds 116ebb81fdbSMarcel Selhorstconfig TCG_INFINEON 117f9abb020SMarcel Selhorst tristate "Infineon Technologies TPM Interface" 118cedb27deSBjorn Helgaas depends on PNP 119ebb81fdbSMarcel Selhorst ---help--- 120ebb81fdbSMarcel Selhorst If you have a TPM security chip from Infineon Technologies 121f9abb020SMarcel Selhorst (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 122f9abb020SMarcel Selhorst will be accessible from within Linux. 123f9abb020SMarcel Selhorst To compile this driver as a module, choose M here; the module 124ebb81fdbSMarcel Selhorst will be called tpm_infineon. 125ebb81fdbSMarcel Selhorst Further information on this driver and the supported hardware 126631dd1a8SJustin P. Mattock can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 127ebb81fdbSMarcel Selhorst 128132f7629SAshley Laiconfig TCG_IBMVTPM 129132f7629SAshley Lai tristate "IBM VTPM Interface" 1305b266032SKent Yoder depends on PPC_PSERIES 131132f7629SAshley Lai ---help--- 132132f7629SAshley Lai If you have IBM virtual TPM (VTPM) support say Yes and it 133132f7629SAshley Lai will be accessible from within Linux. To compile this driver 134132f7629SAshley Lai as a module, choose M here; the module will be called tpm_ibmvtpm. 135132f7629SAshley Lai 136e2683957SDaniel De Graafconfig TCG_XEN 137e2683957SDaniel De Graaf tristate "XEN TPM Interface" 138e2683957SDaniel De Graaf depends on TCG_TPM && XEN 139713efcabSKonrad Rzeszutek Wilk select XEN_XENBUS_FRONTEND 140e2683957SDaniel De Graaf ---help--- 141e2683957SDaniel De Graaf If you want to make TPM support available to a Xen user domain, 142e2683957SDaniel De Graaf say Yes and it will be accessible from within Linux. See 143e2683957SDaniel De Graaf the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 144e2683957SDaniel De Graaf the Xen source repository for more details. 145e2683957SDaniel De Graaf To compile this driver as a module, choose M here; the module 146e2683957SDaniel De Graaf will be called xen-tpmfront. 147e2683957SDaniel De Graaf 14830fc8d13SJarkko Sakkinenconfig TCG_CRB 14930fc8d13SJarkko Sakkinen tristate "TPM 2.0 CRB Interface" 15008eff49dSJiandi An depends on ACPI 15130fc8d13SJarkko Sakkinen ---help--- 15230fc8d13SJarkko Sakkinen If you have a TPM security chip that is compliant with the 15330fc8d13SJarkko Sakkinen TCG CRB 2.0 TPM specification say Yes and it will be accessible 15430fc8d13SJarkko Sakkinen from within Linux. To compile this driver as a module, choose 15530fc8d13SJarkko Sakkinen M here; the module will be called tpm_crb. 15630fc8d13SJarkko Sakkinen 1576f99612eSStefan Bergerconfig TCG_VTPM_PROXY 1586f99612eSStefan Berger tristate "VTPM Proxy Interface" 1596f99612eSStefan Berger depends on TCG_TPM 160a6885a53SArnd Bergmann select ANON_INODES 1616f99612eSStefan Berger ---help--- 1626f99612eSStefan Berger This driver proxies for an emulated TPM (vTPM) running in userspace. 1636f99612eSStefan Berger A device /dev/vtpmx is provided that creates a device pair 1646f99612eSStefan Berger /dev/vtpmX and a server-side file descriptor on which the vTPM 1656f99612eSStefan Berger can receive commands. 1666f99612eSStefan Berger 1676f99612eSStefan Berger 168bf38b871SChristophe Ricardsource "drivers/char/tpm/st33zp24/Kconfig" 1697126b75cSJan Engelhardtendif # TCG_TPM 170