src/security/tpm/Kconfig - mirrors/cros/chromiumos/third_party/coreboot - Git at Google

 ## This file is part of the coreboot project.
 ##
 ## Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
 ## Copyright (C) 2018 Facebook Inc.
 ##
 ## This program is free software; you can redistribute it and/or modify
 ## it under the terms of the GNU General Public License as published by
 ## the Free Software Foundation; version 2 of the License.
 ##
 ## This program is distributed in the hope that it will be useful,
 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 ## GNU General Public License for more details.
 ##

 source "src/security/tpm/tss/vendor/cr50/Kconfig"

 menu "Trusted Platform Module"

 config TPM1
 	bool
 	default y if MAINBOARD_HAS_TPM1 || USER_TPM1
 	depends on MAINBOARD_HAS_LPC_TPM || MAINBOARD_HAS_I2C_TPM_GENERIC \
 						 || MAINBOARD_HAS_I2C_TPM_ATMEL

 config TPM2
 	bool
 	default y if MAINBOARD_HAS_TPM2 || USER_TPM2
 	depends on MAINBOARD_HAS_I2C_TPM_GENERIC || MAINBOARD_HAS_LPC_TPM \
 						 || MAINBOARD_HAS_I2C_TPM_ATMEL || MAINBOARD_HAS_I2C_TPM_CR50 \
 						 || MAINBOARD_HAS_SPI_TPM_CR50

 config MAINBOARD_HAS_TPM1
 	bool

 config MAINBOARD_HAS_TPM2
 	bool

 if !MAINBOARD_HAS_TPM1 && !MAINBOARD_HAS_TPM2

 choice
 	prompt "Trusted Platform Module"
 	default USER_NO_TPM

 config USER_NO_TPM
 	bool "disabled"

 config USER_TPM1
 	bool "1.2"
 	depends on MAINBOARD_HAS_LPC_TPM || MAINBOARD_HAS_I2C_TPM_GENERIC \
 						 || MAINBOARD_HAS_I2C_TPM_ATMEL
 	help
 		Enable this option to enable TPM 1.0 - 1.2 support in coreboot.

 		If unsure, say N.

 config USER_TPM2
 	bool "2.0"
 	depends on MAINBOARD_HAS_I2C_TPM_GENERIC || MAINBOARD_HAS_LPC_TPM \
 						 || MAINBOARD_HAS_I2C_TPM_ATMEL || MAINBOARD_HAS_I2C_TPM_CR50 \
 						 || MAINBOARD_HAS_SPI_TPM_CR50
 	help
 		Enable this option to enable TPM 2.0 support in coreboot.

 		If unsure, say N.

 endchoice

 endif

 config TPM_DEACTIVATE
 	bool "Deactivate TPM"
 	default n
 	depends on !VBOOT
 	depends on TPM1
 	help
 	  Deactivate TPM by issuing deactivate command.

 config DEBUG_TPM
 	bool "Output verbose TPM debug messages"
 	default n
 	select DRIVER_TPM_DISPLAY_TIS_BYTES if I2C_TPM
 	depends on TPM1 || TPM2
 	help
 	  This option enables additional TPM related debug messages.

 config TPM_RDRESP_NEED_DELAY
 	bool "Enable Delay Workaround for TPM"
 	default n
 	depends on LPC_TPM
 	help
 	  Certain TPMs seem to need some delay when reading response
 	  to work around a race-condition-related issue, possibly
 	  caused by ill-programmed TPM firmware.

 endmenu # Trusted Platform Module (tpm)
	## This file is part of the coreboot project.
	##
	## Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
	## Copyright (C) 2018 Facebook Inc.
	##
	## This program is free software; you can redistribute it and/or modify
	## it under the terms of the GNU General Public License as published by
	## the Free Software Foundation; version 2 of the License.
	##
	## This program is distributed in the hope that it will be useful,
	## but WITHOUT ANY WARRANTY; without even the implied warranty of
	## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	## GNU General Public License for more details.
	##

	source "src/security/tpm/tss/vendor/cr50/Kconfig"

	menu "Trusted Platform Module"

	config TPM1
	bool
	default y if MAINBOARD_HAS_TPM1 \|\| USER_TPM1
	depends on MAINBOARD_HAS_LPC_TPM \|\| MAINBOARD_HAS_I2C_TPM_GENERIC \
	\|\| MAINBOARD_HAS_I2C_TPM_ATMEL

	config TPM2
	bool
	default y if MAINBOARD_HAS_TPM2 \|\| USER_TPM2
	depends on MAINBOARD_HAS_I2C_TPM_GENERIC \|\| MAINBOARD_HAS_LPC_TPM \
	\|\| MAINBOARD_HAS_I2C_TPM_ATMEL \|\| MAINBOARD_HAS_I2C_TPM_CR50 \
	\|\| MAINBOARD_HAS_SPI_TPM_CR50

	config MAINBOARD_HAS_TPM1
	bool

	config MAINBOARD_HAS_TPM2
	bool

	if !MAINBOARD_HAS_TPM1 && !MAINBOARD_HAS_TPM2

	choice
	prompt "Trusted Platform Module"
	default USER_NO_TPM

	config USER_NO_TPM
	bool "disabled"

	config USER_TPM1
	bool "1.2"
	depends on MAINBOARD_HAS_LPC_TPM \|\| MAINBOARD_HAS_I2C_TPM_GENERIC \
	\|\| MAINBOARD_HAS_I2C_TPM_ATMEL
	help
	Enable this option to enable TPM 1.0 - 1.2 support in coreboot.

	If unsure, say N.

	config USER_TPM2
	bool "2.0"
	depends on MAINBOARD_HAS_I2C_TPM_GENERIC \|\| MAINBOARD_HAS_LPC_TPM \
	\|\| MAINBOARD_HAS_I2C_TPM_ATMEL \|\| MAINBOARD_HAS_I2C_TPM_CR50 \
	\|\| MAINBOARD_HAS_SPI_TPM_CR50
	help
	Enable this option to enable TPM 2.0 support in coreboot.

	If unsure, say N.

	endchoice

	endif

	config TPM_DEACTIVATE
	bool "Deactivate TPM"
	default n
	depends on !VBOOT
	depends on TPM1
	help
	Deactivate TPM by issuing deactivate command.

	config DEBUG_TPM
	bool "Output verbose TPM debug messages"
	default n
	select DRIVER_TPM_DISPLAY_TIS_BYTES if I2C_TPM
	depends on TPM1 \|\| TPM2
	help
	This option enables additional TPM related debug messages.

	config TPM_RDRESP_NEED_DELAY
	bool "Enable Delay Workaround for TPM"
	default n
	depends on LPC_TPM
	help
	Certain TPMs seem to need some delay when reading response
	to work around a race-condition-related issue, possibly
	caused by ill-programmed TPM firmware.

	endmenu # Trusted Platform Module (tpm)