diff options
Diffstat (limited to 'src/security/tpm/Kconfig')
| -rw-r--r-- | src/security/tpm/Kconfig | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig index 1766939c4c..d8652b2017 100644 --- a/src/security/tpm/Kconfig +++ b/src/security/tpm/Kconfig @@ -100,4 +100,21 @@ config TPM_STARTUP_IGNORE_POSTINIT or VBOOT on the Intel Arrandale processor, which issues a CPU-only reset during the romstage. +config TPM_MEASURED_BOOT + bool "Enable Measured Boot" + default n + select VBOOT_LIB + depends on TPM1 || TPM2 + depends on !VBOOT_RETURN_FROM_VERSTAGE + help + Enables measured boot (experimental) + +config TPM_MEASURED_BOOT_RUNTIME_DATA + string "Runtime data whitelist" + default "" + depends on TPM_MEASURED_BOOT + help + Runtime data whitelist of cbfs filenames. Needs to be a + comma separated list + endmenu # Trusted Platform Module (tpm) |