xref: /linux/drivers/char/tpm/Kconfig (revision 3c4fc7bf4c9e66fe71abcbf93f62f4ddb89b7f15)
1# SPDX-License-Identifier: GPL-2.0-only
2#
3# TPM device configuration
4#
5
6menuconfig TCG_TPM
7	tristate "TPM Hardware Support"
8	depends on HAS_IOMEM
9	imply SECURITYFS
10	select CRYPTO
11	select CRYPTO_HASH_INFO
12	help
13	  If you have a TPM security chip in your system, which
14	  implements the Trusted Computing Group's specification,
15	  say Yes and it will be accessible from within Linux.  For
16	  more information see <http://www.trustedcomputinggroup.org>.
17	  An implementation of the Trusted Software Stack (TSS), the
18	  userspace enablement piece of the specification, can be
19	  obtained at: <http://sourceforge.net/projects/trousers>.  To
20	  compile this driver as a module, choose M here; the module
21	  will be called tpm. If unsure, say N.
22	  Notes:
23	  1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
24	  and CONFIG_PNPACPI.
25	  2) Without ACPI enabled, the BIOS event log won't be accessible,
26	  which is required to validate the PCR 0-7 values.
27
28if TCG_TPM
29
30config HW_RANDOM_TPM
31	bool "TPM HW Random Number Generator support"
32	depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
33	default y
34	help
35	  This setting exposes the TPM's Random Number Generator as a hwrng
36	  device. This allows the kernel to collect randomness from the TPM at
37	  boot, and provides the TPM randomines in /dev/hwrng.
38
39	  If unsure, say Y.
40
41config TCG_TIS_CORE
42	tristate
43	help
44	TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
45	into the TPM kernel APIs. Physical layers will register against it.
46
47config TCG_TIS
48	tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
49	depends on X86 || OF
50	select TCG_TIS_CORE
51	help
52	  If you have a TPM security chip that is compliant with the
53	  TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
54	  specification (TPM2.0) say Yes and it will be accessible from
55	  within Linux. To compile this driver as a module, choose  M here;
56	  the module will be called tpm_tis.
57
58config TCG_TIS_SPI
59	tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
60	depends on SPI
61	select TCG_TIS_CORE
62	help
63	  If you have a TPM security chip which is connected to a regular,
64	  non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
65	  TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
66	  specification (TPM2.0) say Yes and it will be accessible from
67	  within Linux. To compile this driver as a module, choose  M here;
68	  the module will be called tpm_tis_spi.
69
70config TCG_TIS_SPI_CR50
71	bool "Cr50 SPI Interface"
72	depends on TCG_TIS_SPI
73	help
74	  If you have a H1 secure module running Cr50 firmware on SPI bus,
75	  say Yes and it will be accessible from within Linux.
76
77config TCG_TIS_I2C
78	tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C - generic)"
79	depends on I2C
80	select CRC_CCITT
81	select TCG_TIS_CORE
82	help
83	  If you have a TPM security chip, compliant with the TCG TPM PTP
84	  (I2C interface) specification and connected to an I2C bus master,
85	  say Yes and it will be accessible from within Linux.
86	  To compile this driver as a module, choose M here;
87	  the module will be called tpm_tis_i2c.
88
89config TCG_TIS_SYNQUACER
90	tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
91	depends on ARCH_SYNQUACER || COMPILE_TEST
92	select TCG_TIS_CORE
93	help
94	  If you have a TPM security chip that is compliant with the
95	  TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
96	  specification (TPM2.0) say Yes and it will be accessible from
97	  within Linux on Socionext SynQuacer platform.
98	  To compile this driver as a module, choose  M here;
99	  the module will be called tpm_tis_synquacer.
100
101config TCG_TIS_I2C_CR50
102	tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)"
103	depends on I2C
104	help
105	  This is a driver for the Google cr50 I2C TPM interface which is a
106	  custom microcontroller and requires a custom i2c protocol interface
107	  to handle the limitations of the hardware.  To compile this driver
108	  as a module, choose M here; the module will be called tcg_tis_i2c_cr50.
109
110config TCG_TIS_I2C_ATMEL
111	tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
112	depends on I2C
113	help
114	  If you have an Atmel I2C TPM security chip say Yes and it will be
115	  accessible from within Linux.
116	  To compile this driver as a module, choose M here; the module will
117	  be called tpm_tis_i2c_atmel.
118
119config TCG_TIS_I2C_INFINEON
120	tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
121	depends on I2C
122	help
123	  If you have a TPM security chip that is compliant with the
124	  TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
125	  Specification 0.20 say Yes and it will be accessible from within
126	  Linux.
127	  To compile this driver as a module, choose M here; the module
128	  will be called tpm_i2c_infineon.
129
130config TCG_TIS_I2C_NUVOTON
131	tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
132	depends on I2C
133	help
134	  If you have a TPM security chip with an I2C interface from
135	  Nuvoton Technology Corp. say Yes and it will be accessible
136	  from within Linux.
137	  To compile this driver as a module, choose M here; the module
138	  will be called tpm_i2c_nuvoton.
139
140config TCG_NSC
141	tristate "National Semiconductor TPM Interface"
142	depends on X86
143	help
144	  If you have a TPM security chip from National Semiconductor
145	  say Yes and it will be accessible from within Linux.  To
146	  compile this driver as a module, choose M here; the module
147	  will be called tpm_nsc.
148
149config TCG_ATMEL
150	tristate "Atmel TPM Interface"
151	depends on PPC64 || HAS_IOPORT_MAP
152	help
153	  If you have a TPM security chip from Atmel say Yes and it
154	  will be accessible from within Linux.  To compile this driver
155	  as a module, choose M here; the module will be called tpm_atmel.
156
157config TCG_INFINEON
158	tristate "Infineon Technologies TPM Interface"
159	depends on PNP
160	help
161	  If you have a TPM security chip from Infineon Technologies
162	  (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
163	  will be accessible from within Linux.
164	  To compile this driver as a module, choose M here; the module
165	  will be called tpm_infineon.
166	  Further information on this driver and the supported hardware
167	  can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
168
169config TCG_IBMVTPM
170	tristate "IBM VTPM Interface"
171	depends on PPC_PSERIES
172	help
173	  If you have IBM virtual TPM (VTPM) support say Yes and it
174	  will be accessible from within Linux.  To compile this driver
175	  as a module, choose M here; the module will be called tpm_ibmvtpm.
176
177config TCG_XEN
178	tristate "XEN TPM Interface"
179	depends on TCG_TPM && XEN
180	select XEN_XENBUS_FRONTEND
181	help
182	  If you want to make TPM support available to a Xen user domain,
183	  say Yes and it will be accessible from within Linux. See
184	  the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
185	  the Xen source repository for more details.
186	  To compile this driver as a module, choose M here; the module
187	  will be called xen-tpmfront.
188
189config TCG_CRB
190	tristate "TPM 2.0 CRB Interface"
191	depends on ACPI
192	help
193	  If you have a TPM security chip that is compliant with the
194	  TCG CRB 2.0 TPM specification say Yes and it will be accessible
195	  from within Linux.  To compile this driver as a module, choose
196	  M here; the module will be called tpm_crb.
197
198config TCG_VTPM_PROXY
199	tristate "VTPM Proxy Interface"
200	depends on TCG_TPM
201	help
202	  This driver proxies for an emulated TPM (vTPM) running in userspace.
203	  A device /dev/vtpmx is provided that creates a device pair
204	  /dev/vtpmX and a server-side file descriptor on which the vTPM
205	  can receive commands.
206
207config TCG_FTPM_TEE
208	tristate "TEE based fTPM Interface"
209	depends on TEE && OPTEE
210	help
211	  This driver proxies for firmware TPM running in TEE.
212
213source "drivers/char/tpm/st33zp24/Kconfig"
214endif # TCG_TPM
215