GNUBoot/coreboot-kgpe-d16
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
coreboot-kgpe-d16/src/security/tpm/Kconfig
Philipp Deppenwiese c07f8fbe6f security/tpm: Unify the coreboot TPM software stack 
* Remove 2nd software stack in pc80 drivers directory.
* Create TSPI interface for common usage.
* Refactor TSS / TIS code base.
* Add vendor tss (Cr50) directory.
* Change kconfig options for TPM to TPM1.
* Add user / board configuration with:
  * MAINBOARD_HAS_*_TPM # * BUS driver
  * MAINBOARD_HAS_TPM1 or MAINBOARD_HAS_TPM2
  * Add kconfig TPM user selection (e.g. pluggable TPMs)
* Fix existing headers and function calls.
* Fix vboot for interface usage and antirollback mode.

Change-Id: I7ec277e82a3c20c62a0548a1a2b013e6ce8f5b3f
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/24903
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Aaron Durbin <adurbin@chromium.org>
2018-06-04 20:33:07 +00:00

96 lines
2.5 KiB
Text
Raw Blame History

## This file is part of the coreboot project.
##
## Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
## Copyright (C) 2018 Facebook Inc.
##
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; version 2 of the License.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
##
source "src/security/tpm/tss/vendor/cr50/Kconfig"
menu "Trusted Platform Module"
config TPM1
bool
default y if MAINBOARD_HAS_TPM1 || USER_TPM1
depends on MAINBOARD_HAS_LPC_TPM || MAINBOARD_HAS_I2C_TPM_GENERIC \
|| MAINBOARD_HAS_I2C_TPM_ATMEL
config TPM2
bool
default y if MAINBOARD_HAS_TPM2 || USER_TPM2
depends on MAINBOARD_HAS_I2C_TPM_GENERIC || MAINBOARD_HAS_LPC_TPM \
|| MAINBOARD_HAS_I2C_TPM_ATMEL || MAINBOARD_HAS_I2C_TPM_CR50 \
|| MAINBOARD_HAS_SPI_TPM_CR50
config MAINBOARD_HAS_TPM1
bool
config MAINBOARD_HAS_TPM2
bool
if !MAINBOARD_HAS_TPM1 && !MAINBOARD_HAS_TPM2
choice
prompt "Trusted Platform Module"
default USER_NO_TPM
config USER_NO_TPM
bool "disabled"
config USER_TPM1
bool "1.2"
depends on MAINBOARD_HAS_LPC_TPM || MAINBOARD_HAS_I2C_TPM_GENERIC \
|| MAINBOARD_HAS_I2C_TPM_ATMEL
help
Enable this option to enable TPM 1.0 - 1.2 support in coreboot.
If unsure, say N.
config USER_TPM2
bool "2.0"
depends on MAINBOARD_HAS_I2C_TPM_GENERIC || MAINBOARD_HAS_LPC_TPM \
|| MAINBOARD_HAS_I2C_TPM_ATMEL || MAINBOARD_HAS_I2C_TPM_CR50 \
|| MAINBOARD_HAS_SPI_TPM_CR50
help
Enable this option to enable TPM 2.0 support in coreboot.
If unsure, say N.
endchoice
endif
config TPM_DEACTIVATE
bool "Deactivate TPM"
default n
depends on !VBOOT
depends on TPM1
help
Deactivate TPM by issuing deactivate command.
config DEBUG_TPM
bool "Output verbose TPM debug messages"
default n
select DRIVER_TPM_DISPLAY_TIS_BYTES if I2C_TPM
depends on TPM1 || TPM2
help
This option enables additional TPM related debug messages.
config TPM_RDRESP_NEED_DELAY
bool "Enable Delay Workaround for TPM"
default n
depends on LPC_TPM
help
Certain TPMs seem to need some delay when reading response
to work around a race-condition-related issue, possibly
caused by ill-programmed TPM firmware.
endmenu # Trusted Platform Module (tpm)
Reference in a new issue View git blame Copy permalink