Merge tag 'trace-printf-v6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/trace...

[drm/drm-misc.git] / drivers / char / tpm / Kconfig

# SPDX-License-Identifier: GPL-2.0-only
#
# TPM device configuration
#

menuconfig TCG_TPM
        tristate "TPM Hardware Support"
        depends on HAS_IOMEM
        imply SECURITYFS
        select CRYPTO
        select CRYPTO_HASH_INFO
        help
          If you have a TPM security chip in your system, which
          implements the Trusted Computing Group's specification,
          say Yes and it will be accessible from within Linux.  For
          more information see <http://www.trustedcomputinggroup.org>. 
          An implementation of the Trusted Software Stack (TSS), the 
          userspace enablement piece of the specification, can be 
          obtained at: <http://sourceforge.net/projects/trousers>.  To 
          compile this driver as a module, choose M here; the module 
          will be called tpm. If unsure, say N.
          Notes:
          1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
          and CONFIG_PNPACPI.
          2) Without ACPI enabled, the BIOS event log won't be accessible,
          which is required to validate the PCR 0-7 values.

if TCG_TPM

config TCG_TPM2_HMAC
        bool "Use HMAC and encrypted transactions on the TPM bus"
        default X86_64
        select CRYPTO_ECDH
        select CRYPTO_LIB_AESCFB
        select CRYPTO_LIB_SHA256
        help
          Setting this causes us to deploy a scheme which uses request
          and response HMACs in addition to encryption for
          communicating with the TPM to prevent or detect bus snooping
          and interposer attacks (see tpm-security.rst).  Saying Y
          here adds some encryption overhead to all kernel to TPM
          transactions.

config HW_RANDOM_TPM
        bool "TPM HW Random Number Generator support"
        depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
        default y
        help
          This setting exposes the TPM's Random Number Generator as a hwrng
          device. This allows the kernel to collect randomness from the TPM at
          boot, and provides the TPM randomines in /dev/hwrng.

          If unsure, say Y.

config TCG_TIS_CORE
        tristate
        help
        TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
        into the TPM kernel APIs. Physical layers will register against it.

config TCG_TIS
        tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
        depends on X86 || OF
        select TCG_TIS_CORE
        help
          If you have a TPM security chip that is compliant with the
          TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
          specification (TPM2.0) say Yes and it will be accessible from
          within Linux. To compile this driver as a module, choose  M here;
          the module will be called tpm_tis.

config TCG_TIS_SPI
        tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
        depends on SPI
        select TCG_TIS_CORE
        help
          If you have a TPM security chip which is connected to a regular,
          non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
          TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
          specification (TPM2.0) say Yes and it will be accessible from
          within Linux. To compile this driver as a module, choose  M here;
          the module will be called tpm_tis_spi.

config TCG_TIS_SPI_CR50
        bool "Cr50 SPI Interface"
        depends on TCG_TIS_SPI
        help
          If you have a H1 secure module running Cr50 firmware on SPI bus,
          say Yes and it will be accessible from within Linux.

config TCG_TIS_I2C
        tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C - generic)"
        depends on I2C
        select CRC_CCITT
        select TCG_TIS_CORE
        help
          If you have a TPM security chip, compliant with the TCG TPM PTP
          (I2C interface) specification and connected to an I2C bus master,
          say Yes and it will be accessible from within Linux.
          To compile this driver as a module, choose M here;
          the module will be called tpm_tis_i2c.

config TCG_TIS_SYNQUACER
        tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
        depends on ARCH_SYNQUACER || COMPILE_TEST
        select TCG_TIS_CORE
        help
          If you have a TPM security chip that is compliant with the
          TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
          specification (TPM2.0) say Yes and it will be accessible from
          within Linux on Socionext SynQuacer platform.
          To compile this driver as a module, choose  M here;
          the module will be called tpm_tis_synquacer.

config TCG_TIS_I2C_CR50
        tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)"
        depends on I2C
        help
          This is a driver for the Google cr50 I2C TPM interface which is a
          custom microcontroller and requires a custom i2c protocol interface
          to handle the limitations of the hardware.  To compile this driver
          as a module, choose M here; the module will be called tcg_tis_i2c_cr50.

config TCG_TIS_I2C_ATMEL
        tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
        depends on I2C
        help
          If you have an Atmel I2C TPM security chip say Yes and it will be
          accessible from within Linux.
          To compile this driver as a module, choose M here; the module will
          be called tpm_tis_i2c_atmel.

config TCG_TIS_I2C_INFINEON
        tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
        depends on I2C
        help
          If you have a TPM security chip that is compliant with the
          TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
          Specification 0.20 say Yes and it will be accessible from within
          Linux.
          To compile this driver as a module, choose M here; the module
          will be called tpm_i2c_infineon.

config TCG_TIS_I2C_NUVOTON
        tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
        depends on I2C
        help
          If you have a TPM security chip with an I2C interface from
          Nuvoton Technology Corp. say Yes and it will be accessible
          from within Linux.
          To compile this driver as a module, choose M here; the module
          will be called tpm_i2c_nuvoton.

config TCG_NSC
        tristate "National Semiconductor TPM Interface"
        depends on X86
        help
          If you have a TPM security chip from National Semiconductor 
          say Yes and it will be accessible from within Linux.  To 
          compile this driver as a module, choose M here; the module 
          will be called tpm_nsc.

config TCG_ATMEL
        tristate "Atmel TPM Interface"
        depends on HAS_IOPORT_MAP
        depends on HAS_IOPORT
        help
          If you have a TPM security chip from Atmel say Yes and it 
          will be accessible from within Linux.  To compile this driver 
          as a module, choose M here; the module will be called tpm_atmel.

config TCG_INFINEON
        tristate "Infineon Technologies TPM Interface"
        depends on PNP || COMPILE_TEST
        help
          If you have a TPM security chip from Infineon Technologies
          (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
          will be accessible from within Linux.
          To compile this driver as a module, choose M here; the module
          will be called tpm_infineon.
          Further information on this driver and the supported hardware
          can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 

config TCG_IBMVTPM
        tristate "IBM VTPM Interface"
        depends on PPC_PSERIES
        help
          If you have IBM virtual TPM (VTPM) support say Yes and it
          will be accessible from within Linux.  To compile this driver
          as a module, choose M here; the module will be called tpm_ibmvtpm.

config TCG_XEN
        tristate "XEN TPM Interface"
        depends on TCG_TPM && XEN
        select XEN_XENBUS_FRONTEND
        help
          If you want to make TPM support available to a Xen user domain,
          say Yes and it will be accessible from within Linux. See
          the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
          the Xen source repository for more details.
          To compile this driver as a module, choose M here; the module
          will be called xen-tpmfront.

config TCG_CRB
        tristate "TPM 2.0 CRB Interface"
        depends on ACPI
        help
          If you have a TPM security chip that is compliant with the
          TCG CRB 2.0 TPM specification say Yes and it will be accessible
          from within Linux.  To compile this driver as a module, choose
          M here; the module will be called tpm_crb.

config TCG_VTPM_PROXY
        tristate "VTPM Proxy Interface"
        depends on TCG_TPM
        help
          This driver proxies for an emulated TPM (vTPM) running in userspace.
          A device /dev/vtpmx is provided that creates a device pair
          /dev/vtpmX and a server-side file descriptor on which the vTPM
          can receive commands.

config TCG_FTPM_TEE
        tristate "TEE based fTPM Interface"
        depends on TEE && OPTEE
        help
          This driver proxies for firmware TPM running in TEE.

source "drivers/char/tpm/st33zp24/Kconfig"
endif # TCG_TPM