From 64e2d19082636de9e82674ccfca574269bb34712 Mon Sep 17 00:00:00 2001 From: Philipp Deppenwiese Date: Wed, 18 Oct 2017 17:13:07 +0200 Subject: security/tpm: Move tpm TSS and TSPI layer to security section * Move code from src/lib and src/include into src/security/tpm * Split TPM TSS 1.2 and 2.0 * Fix header includes * Add a new directory structure with kconfig and makefile includes Change-Id: Id15a9aa6bd367560318dfcfd450bf5626ea0ec2b Signed-off-by: Philipp Deppenwiese Reviewed-on: https://review.coreboot.org/22103 Tested-by: build bot (Jenkins) Reviewed-by: Stefan Reinauer --- src/security/tpm/Kconfig | 69 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 src/security/tpm/Kconfig (limited to 'src/security/tpm/Kconfig') diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig new file mode 100644 index 0000000000..111f91a5c1 --- /dev/null +++ b/src/security/tpm/Kconfig @@ -0,0 +1,69 @@ +## This file is part of the coreboot project. +## +## Copyright (C) 2017 Philipp Deppenwiese, Facebook, Inc. +## +## This program is free software; you can redistribute it and/or modify +## it under the terms of the GNU General Public License as published by +## the Free Software Foundation; version 2 of the License. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## + +menu "Trusted Platform Module" + +config TPM + bool + default n + select LPC_TPM if MAINBOARD_HAS_LPC_TPM + select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM + help + Enable this option to enable TPM support in coreboot. + + If unsure, say N. + +config TPM2 + bool + select LPC_TPM if MAINBOARD_HAS_LPC_TPM + select I2C_TPM if !MAINBOARD_HAS_LPC_TPM && !SPI_TPM + help + Enable this option to enable TPM2 support in coreboot. + + If unsure, say N. + +config DEBUG_TPM + bool "Output verbose TPM debug messages" + default n + depends on TPM || TPM2 + help + This option enables additional TPM related debug messages. + +config MAINBOARD_HAS_TPM_CR50 + bool + default y if MAINBOARD_HAS_SPI_TPM_CR50 || MAINBOARD_HAS_I2C_TPM_CR50 + default n + select MAINBOARD_HAS_TPM2 + select POWER_OFF_ON_CR50_UPDATE if ARCH_X86 + +config POWER_OFF_ON_CR50_UPDATE + bool + help + Power off machine while waiting for CR50 update to take effect. + +config MAINBOARD_HAS_LPC_TPM + bool + default n + help + Board has TPM support + +config MAINBOARD_HAS_TPM2 + bool + default n + help + There is a TPM device installed on the mainboard, and it is + compliant with version 2 TCG TPM specification. Could be connected + over LPC, SPI or I2C. + +endmenu # Trusted Platform Module (tpm) -- cgit v1.2.3