1*ec8f24b7SThomas Gleixner# SPDX-License-Identifier: GPL-2.0-only 21da177e4SLinus Torvalds# 31da177e4SLinus Torvalds# TPM device configuration 41da177e4SLinus Torvalds# 51da177e4SLinus Torvalds 67126b75cSJan Engelhardtmenuconfig TCG_TPM 71da177e4SLinus Torvalds tristate "TPM Hardware Support" 87126b75cSJan Engelhardt depends on HAS_IOMEM 92f7d8dbbSPeter Huewe imply SECURITYFS 104bf4b4edSArnd Bergmann select CRYPTO 11c1f92b4bSNayna Jain select CRYPTO_HASH_INFO 121da177e4SLinus Torvalds ---help--- 131da177e4SLinus Torvalds If you have a TPM security chip in your system, which 141da177e4SLinus Torvalds implements the Trusted Computing Group's specification, 151da177e4SLinus Torvalds say Yes and it will be accessible from within Linux. For 161da177e4SLinus Torvalds more information see <http://www.trustedcomputinggroup.org>. 171da177e4SLinus Torvalds An implementation of the Trusted Software Stack (TSS), the 181da177e4SLinus Torvalds userspace enablement piece of the specification, can be 191da177e4SLinus Torvalds obtained at: <http://sourceforge.net/projects/trousers>. To 201da177e4SLinus Torvalds compile this driver as a module, choose M here; the module 211da177e4SLinus Torvalds will be called tpm. If unsure, say N. 227f2ab000SRajiv Andrade Notes: 237f2ab000SRajiv Andrade 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI 24ec4a162aSJames Morris and CONFIG_PNPACPI. 257f2ab000SRajiv Andrade 2) Without ACPI enabled, the BIOS event log won't be accessible, 267f2ab000SRajiv Andrade which is required to validate the PCR 0-7 values. 271da177e4SLinus Torvalds 287126b75cSJan Engelhardtif TCG_TPM 297126b75cSJan Engelhardt 306e592a06SJason Gunthorpeconfig HW_RANDOM_TPM 316e592a06SJason Gunthorpe bool "TPM HW Random Number Generator support" 326e592a06SJason Gunthorpe depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m) 336e592a06SJason Gunthorpe default y 346e592a06SJason Gunthorpe ---help--- 356e592a06SJason Gunthorpe This setting exposes the TPM's Random Number Generator as a hwrng 366e592a06SJason Gunthorpe device. This allows the kernel to collect randomness from the TPM at 376e592a06SJason Gunthorpe boot, and provides the TPM randomines in /dev/hwrng. 386e592a06SJason Gunthorpe 396e592a06SJason Gunthorpe If unsure, say Y. 406e592a06SJason Gunthorpe 4141a5e1cfSChristophe Ricardconfig TCG_TIS_CORE 4241a5e1cfSChristophe Ricard tristate 4341a5e1cfSChristophe Ricard ---help--- 4441a5e1cfSChristophe Ricard TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks 4541a5e1cfSChristophe Ricard into the TPM kernel APIs. Physical layers will register against it. 4641a5e1cfSChristophe Ricard 4727084efeSLeendert van Doornconfig TCG_TIS 4844506436SPeter Huewe tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface" 49420d4398SJason Gunthorpe depends on X86 || OF 5041a5e1cfSChristophe Ricard select TCG_TIS_CORE 5127084efeSLeendert van Doorn ---help--- 5227084efeSLeendert van Doorn If you have a TPM security chip that is compliant with the 5344506436SPeter Huewe TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO 5444506436SPeter Huewe specification (TPM2.0) say Yes and it will be accessible from 5544506436SPeter Huewe within Linux. To compile this driver as a module, choose M here; 5644506436SPeter Huewe the module will be called tpm_tis. 5727084efeSLeendert van Doorn 580edbfea5SChristophe Ricardconfig TCG_TIS_SPI 590edbfea5SChristophe Ricard tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)" 600edbfea5SChristophe Ricard depends on SPI 610edbfea5SChristophe Ricard select TCG_TIS_CORE 620edbfea5SChristophe Ricard ---help--- 630edbfea5SChristophe Ricard If you have a TPM security chip which is connected to a regular, 640edbfea5SChristophe Ricard non-tcg SPI master (i.e. most embedded platforms) that is compliant with the 650edbfea5SChristophe Ricard TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO 660edbfea5SChristophe Ricard specification (TPM2.0) say Yes and it will be accessible from 670edbfea5SChristophe Ricard within Linux. To compile this driver as a module, choose M here; 680edbfea5SChristophe Ricard the module will be called tpm_tis_spi. 690edbfea5SChristophe Ricard 70a2871c62SJason Gunthorpeconfig TCG_TIS_I2C_ATMEL 71a2871c62SJason Gunthorpe tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)" 72a2871c62SJason Gunthorpe depends on I2C 73a2871c62SJason Gunthorpe ---help--- 74a2871c62SJason Gunthorpe If you have an Atmel I2C TPM security chip say Yes and it will be 75a2871c62SJason Gunthorpe accessible from within Linux. 76a2871c62SJason Gunthorpe To compile this driver as a module, choose M here; the module will 77a2871c62SJason Gunthorpe be called tpm_tis_i2c_atmel. 78a2871c62SJason Gunthorpe 79aad628c1SPeter Hueweconfig TCG_TIS_I2C_INFINEON 80aad628c1SPeter Huewe tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)" 81aad628c1SPeter Huewe depends on I2C 82aad628c1SPeter Huewe ---help--- 83aad628c1SPeter Huewe If you have a TPM security chip that is compliant with the 84aad628c1SPeter Huewe TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack 85aad628c1SPeter Huewe Specification 0.20 say Yes and it will be accessible from within 86aad628c1SPeter Huewe Linux. 87aad628c1SPeter Huewe To compile this driver as a module, choose M here; the module 88b3f2436aSPeter Huewe will be called tpm_i2c_infineon. 89aad628c1SPeter Huewe 904c336e4bSJason Gunthorpeconfig TCG_TIS_I2C_NUVOTON 914c336e4bSJason Gunthorpe tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)" 924c336e4bSJason Gunthorpe depends on I2C 934c336e4bSJason Gunthorpe ---help--- 944c336e4bSJason Gunthorpe If you have a TPM security chip with an I2C interface from 954c336e4bSJason Gunthorpe Nuvoton Technology Corp. say Yes and it will be accessible 964c336e4bSJason Gunthorpe from within Linux. 974c336e4bSJason Gunthorpe To compile this driver as a module, choose M here; the module 984c336e4bSJason Gunthorpe will be called tpm_i2c_nuvoton. 994c336e4bSJason Gunthorpe 1001da177e4SLinus Torvaldsconfig TCG_NSC 1011da177e4SLinus Torvalds tristate "National Semiconductor TPM Interface" 1022f592f2aSRajiv Andrade depends on X86 1031da177e4SLinus Torvalds ---help--- 1043dde6ad8SDavid Sterba If you have a TPM security chip from National Semiconductor 1051da177e4SLinus Torvalds say Yes and it will be accessible from within Linux. To 1061da177e4SLinus Torvalds compile this driver as a module, choose M here; the module 1071da177e4SLinus Torvalds will be called tpm_nsc. 1081da177e4SLinus Torvalds 1091da177e4SLinus Torvaldsconfig TCG_ATMEL 1101da177e4SLinus Torvalds tristate "Atmel TPM Interface" 111ce816fa8SUwe Kleine-König depends on PPC64 || HAS_IOPORT_MAP 1121da177e4SLinus Torvalds ---help--- 1131da177e4SLinus Torvalds If you have a TPM security chip from Atmel say Yes and it 1141da177e4SLinus Torvalds will be accessible from within Linux. To compile this driver 1151da177e4SLinus Torvalds as a module, choose M here; the module will be called tpm_atmel. 1161da177e4SLinus Torvalds 117ebb81fdbSMarcel Selhorstconfig TCG_INFINEON 118f9abb020SMarcel Selhorst tristate "Infineon Technologies TPM Interface" 119cedb27deSBjorn Helgaas depends on PNP 120ebb81fdbSMarcel Selhorst ---help--- 121ebb81fdbSMarcel Selhorst If you have a TPM security chip from Infineon Technologies 122f9abb020SMarcel Selhorst (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it 123f9abb020SMarcel Selhorst will be accessible from within Linux. 124f9abb020SMarcel Selhorst To compile this driver as a module, choose M here; the module 125ebb81fdbSMarcel Selhorst will be called tpm_infineon. 126ebb81fdbSMarcel Selhorst Further information on this driver and the supported hardware 127631dd1a8SJustin P. Mattock can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 128ebb81fdbSMarcel Selhorst 129132f7629SAshley Laiconfig TCG_IBMVTPM 130132f7629SAshley Lai tristate "IBM VTPM Interface" 1315b266032SKent Yoder depends on PPC_PSERIES 132132f7629SAshley Lai ---help--- 133132f7629SAshley Lai If you have IBM virtual TPM (VTPM) support say Yes and it 134132f7629SAshley Lai will be accessible from within Linux. To compile this driver 135132f7629SAshley Lai as a module, choose M here; the module will be called tpm_ibmvtpm. 136132f7629SAshley Lai 137e2683957SDaniel De Graafconfig TCG_XEN 138e2683957SDaniel De Graaf tristate "XEN TPM Interface" 139e2683957SDaniel De Graaf depends on TCG_TPM && XEN 140713efcabSKonrad Rzeszutek Wilk select XEN_XENBUS_FRONTEND 141e2683957SDaniel De Graaf ---help--- 142e2683957SDaniel De Graaf If you want to make TPM support available to a Xen user domain, 143e2683957SDaniel De Graaf say Yes and it will be accessible from within Linux. See 144e2683957SDaniel De Graaf the manpages for xl, xl.conf, and docs/misc/vtpm.txt in 145e2683957SDaniel De Graaf the Xen source repository for more details. 146e2683957SDaniel De Graaf To compile this driver as a module, choose M here; the module 147e2683957SDaniel De Graaf will be called xen-tpmfront. 148e2683957SDaniel De Graaf 14930fc8d13SJarkko Sakkinenconfig TCG_CRB 15030fc8d13SJarkko Sakkinen tristate "TPM 2.0 CRB Interface" 15108eff49dSJiandi An depends on ACPI 15230fc8d13SJarkko Sakkinen ---help--- 15330fc8d13SJarkko Sakkinen If you have a TPM security chip that is compliant with the 15430fc8d13SJarkko Sakkinen TCG CRB 2.0 TPM specification say Yes and it will be accessible 15530fc8d13SJarkko Sakkinen from within Linux. To compile this driver as a module, choose 15630fc8d13SJarkko Sakkinen M here; the module will be called tpm_crb. 15730fc8d13SJarkko Sakkinen 1586f99612eSStefan Bergerconfig TCG_VTPM_PROXY 1596f99612eSStefan Berger tristate "VTPM Proxy Interface" 1606f99612eSStefan Berger depends on TCG_TPM 1616f99612eSStefan Berger ---help--- 1626f99612eSStefan Berger This driver proxies for an emulated TPM (vTPM) running in userspace. 1636f99612eSStefan Berger A device /dev/vtpmx is provided that creates a device pair 1646f99612eSStefan Berger /dev/vtpmX and a server-side file descriptor on which the vTPM 1656f99612eSStefan Berger can receive commands. 1666f99612eSStefan Berger 1676f99612eSStefan Berger 168bf38b871SChristophe Ricardsource "drivers/char/tpm/st33zp24/Kconfig" 1697126b75cSJan Engelhardtendif # TCG_TPM 170