1 # SPDX-License-Identifier: GPL-2.0-only
3 # TPM device configuration
7 tristate "TPM Hardware Support"
11 select CRYPTO_HASH_INFO
13 If you have a TPM security chip in your system, which
14 implements the Trusted Computing Group's specification,
15 say Yes and it will be accessible from within Linux. For
16 more information see <http://www.trustedcomputinggroup.org>.
17 An implementation of the Trusted Software Stack (TSS), the
18 userspace enablement piece of the specification, can be
19 obtained at: <http://sourceforge.net/projects/trousers>. To
20 compile this driver as a module, choose M here; the module
21 will be called tpm. If unsure, say N.
23 1) For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI
25 2) Without ACPI enabled, the BIOS event log won't be accessible,
26 which is required to validate the PCR 0-7 values.
31 bool "TPM HW Random Number Generator support"
32 depends on TCG_TPM && HW_RANDOM && !(TCG_TPM=y && HW_RANDOM=m)
35 This setting exposes the TPM's Random Number Generator as a hwrng
36 device. This allows the kernel to collect randomness from the TPM at
37 boot, and provides the TPM randomines in /dev/hwrng.
44 TCG TIS TPM core driver. It implements the TPM TCG TIS logic and hooks
45 into the TPM kernel APIs. Physical layers will register against it.
48 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface"
52 If you have a TPM security chip that is compliant with the
53 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
54 specification (TPM2.0) say Yes and it will be accessible from
55 within Linux. To compile this driver as a module, choose M here;
56 the module will be called tpm_tis.
59 tristate "TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (SPI)"
63 If you have a TPM security chip which is connected to a regular,
64 non-tcg SPI master (i.e. most embedded platforms) that is compliant with the
65 TCG TIS 1.3 TPM specification (TPM1.2) or the TCG PTP FIFO
66 specification (TPM2.0) say Yes and it will be accessible from
67 within Linux. To compile this driver as a module, choose M here;
68 the module will be called tpm_tis_spi.
70 config TCG_TIS_SPI_CR50
71 bool "Cr50 SPI Interface"
72 depends on TCG_TIS_SPI
74 If you have a H1 secure module running Cr50 firmware on SPI bus,
75 say Yes and it will be accessible from within Linux.
77 config TCG_TIS_SYNQUACER
78 tristate "TPM Interface Specification 1.2 Interface / TPM 2.0 FIFO Interface (MMIO - SynQuacer)"
79 depends on ARCH_SYNQUACER || COMPILE_TEST
82 If you have a TPM security chip that is compliant with the
83 TCG TIS 1.2 TPM specification (TPM1.2) or the TCG PTP FIFO
84 specification (TPM2.0) say Yes and it will be accessible from
85 within Linux on Socionext SynQuacer platform.
86 To compile this driver as a module, choose M here;
87 the module will be called tpm_tis_synquacer.
89 config TCG_TIS_I2C_CR50
90 tristate "TPM Interface Specification 2.0 Interface (I2C - CR50)"
93 This is a driver for the Google cr50 I2C TPM interface which is a
94 custom microcontroller and requires a custom i2c protocol interface
95 to handle the limitations of the hardware. To compile this driver
96 as a module, choose M here; the module will be called tcg_tis_i2c_cr50.
98 config TCG_TIS_I2C_ATMEL
99 tristate "TPM Interface Specification 1.2 Interface (I2C - Atmel)"
102 If you have an Atmel I2C TPM security chip say Yes and it will be
103 accessible from within Linux.
104 To compile this driver as a module, choose M here; the module will
105 be called tpm_tis_i2c_atmel.
107 config TCG_TIS_I2C_INFINEON
108 tristate "TPM Interface Specification 1.2 Interface (I2C - Infineon)"
111 If you have a TPM security chip that is compliant with the
112 TCG TIS 1.2 TPM specification and Infineon's I2C Protocol Stack
113 Specification 0.20 say Yes and it will be accessible from within
115 To compile this driver as a module, choose M here; the module
116 will be called tpm_i2c_infineon.
118 config TCG_TIS_I2C_NUVOTON
119 tristate "TPM Interface Specification 1.2 Interface (I2C - Nuvoton)"
122 If you have a TPM security chip with an I2C interface from
123 Nuvoton Technology Corp. say Yes and it will be accessible
125 To compile this driver as a module, choose M here; the module
126 will be called tpm_i2c_nuvoton.
129 tristate "National Semiconductor TPM Interface"
132 If you have a TPM security chip from National Semiconductor
133 say Yes and it will be accessible from within Linux. To
134 compile this driver as a module, choose M here; the module
135 will be called tpm_nsc.
138 tristate "Atmel TPM Interface"
139 depends on PPC64 || HAS_IOPORT_MAP
141 If you have a TPM security chip from Atmel say Yes and it
142 will be accessible from within Linux. To compile this driver
143 as a module, choose M here; the module will be called tpm_atmel.
146 tristate "Infineon Technologies TPM Interface"
149 If you have a TPM security chip from Infineon Technologies
150 (either SLD 9630 TT 1.1 or SLB 9635 TT 1.2) say Yes and it
151 will be accessible from within Linux.
152 To compile this driver as a module, choose M here; the module
153 will be called tpm_infineon.
154 Further information on this driver and the supported hardware
155 can be found at http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/
158 tristate "IBM VTPM Interface"
159 depends on PPC_PSERIES
161 If you have IBM virtual TPM (VTPM) support say Yes and it
162 will be accessible from within Linux. To compile this driver
163 as a module, choose M here; the module will be called tpm_ibmvtpm.
166 tristate "XEN TPM Interface"
167 depends on TCG_TPM && XEN
168 select XEN_XENBUS_FRONTEND
170 If you want to make TPM support available to a Xen user domain,
171 say Yes and it will be accessible from within Linux. See
172 the manpages for xl, xl.conf, and docs/misc/vtpm.txt in
173 the Xen source repository for more details.
174 To compile this driver as a module, choose M here; the module
175 will be called xen-tpmfront.
178 tristate "TPM 2.0 CRB Interface"
181 If you have a TPM security chip that is compliant with the
182 TCG CRB 2.0 TPM specification say Yes and it will be accessible
183 from within Linux. To compile this driver as a module, choose
184 M here; the module will be called tpm_crb.
186 config TCG_VTPM_PROXY
187 tristate "VTPM Proxy Interface"
190 This driver proxies for an emulated TPM (vTPM) running in userspace.
191 A device /dev/vtpmx is provided that creates a device pair
192 /dev/vtpmX and a server-side file descriptor on which the vTPM
193 can receive commands.
196 tristate "TEE based fTPM Interface"
197 depends on TEE && OPTEE
199 This driver proxies for firmware TPM running in TEE.
201 source "drivers/char/tpm/st33zp24/Kconfig"