Commit 9f9ce3c3 authored by Miquel Raynal's avatar Miquel Raynal Committed by Tom Rini

tpm: prepare introduction of TPMv2.x support in Kconfig

Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.

Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.

The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.

Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.
Signed-off-by: default avatarMiquel Raynal <miquel.raynal@bootlin.com>
Reviewed-by: Simon Glass's avatarSimon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini's avatarTom Rini <trini@konsulko.com>
[trini: Rework deps as TPM_V1 and TPM_V2 depend on TPM,
        drop TPM_DRIVER_SELECTED]
Signed-off-by: Tom Rini's avatarTom Rini <trini@konsulko.com>
parent 06425aa0
......@@ -1491,25 +1491,37 @@ config HASH_VERIFY
help
Add -v option to verify data against a hash.
config CMD_TPM_V1
bool
config CMD_TPM_V2
bool
config CMD_TPM
bool "Enable the 'tpm' command"
depends on TPM
depends on TPM_V1 || TPM_V2
select CMD_TPM_V1 if TPM_V1
select CMD_TPM_V2 if TPM_V2
help
This provides a means to talk to a TPM from the command line. A wide
range of commands if provided - see 'tpm help' for details. The
command requires a suitable TPM on your board and the correct driver
must be enabled.
if CMD_TPM
config CMD_TPM_TEST
bool "Enable the 'tpm test' command"
depends on CMD_TPM
depends on TPM_V1
help
This provides a a series of tests to confirm that the TPM is working
correctly. The tests cover initialisation, non-volatile RAM, extend,
global lock and checking that timing is within expectations. The
tests pass correctly on Infineon TPMs but may need to be adjusted
This provides a a series of tests to confirm that the TPMv1.x is
working correctly. The tests cover initialisation, non-volatile RAM,
extend, global lock and checking that timing is within expectations.
The tests pass correctly on Infineon TPMs but may need to be adjusted
for other devices.
endif
endmenu
menu "Firmware commands"
......
......@@ -120,7 +120,7 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o
obj-$(CONFIG_CMD_TIME) += time.o
obj-$(CONFIG_CMD_TRACE) += trace.o
obj-$(CONFIG_HUSH_PARSER) += test.o
obj-$(CONFIG_CMD_TPM) += tpm.o
obj-$(CONFIG_CMD_TPM_V1) += tpm.o
obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o
obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o
obj-$(CONFIG_CMD_TSI148) += tsi148.o
......
......@@ -4,9 +4,22 @@
menu "TPM support"
comment "Please select only one TPM revision"
depends on TPM_V1 && TPM_V2
config TPM_V1
bool "TPMv1.x support"
depends on TPM
default y
help
Major TPM versions are not compatible at all, choose either
one or the other. This option enables TPMv1.x drivers/commands.
if TPM_V1 && !TPM_V2
config TPM_TIS_SANDBOX
bool "Enable sandbox TPM driver"
depends on SANDBOX
depends on TPM_V1 && SANDBOX
help
This driver emulates a TPM, providing access to base functions
such as reading and writing TPM private data. This is enough to
......@@ -15,7 +28,7 @@ config TPM_TIS_SANDBOX
config TPM_ATMEL_TWI
bool "Enable Atmel TWI TPM device driver"
depends on TPM
depends on TPM_V1
help
This driver supports an Atmel TPM device connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
......@@ -24,7 +37,7 @@ config TPM_ATMEL_TWI
config TPM_TIS_INFINEON
bool "Enable support for Infineon SLB9635/45 TPMs on I2C"
depends on TPM && DM_I2C
depends on TPM_V1 && DM_I2C
help
This driver supports Infineon TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
......@@ -33,7 +46,7 @@ config TPM_TIS_INFINEON
config TPM_TIS_I2C_BURST_LIMITATION
bool "Enable I2C burst length limitation"
depends on TPM_TIS_INFINEON
depends on TPM_V1 && TPM_TIS_INFINEON
help
Some broken TPMs have a limitation on the number of bytes they can
receive in one message. Enable this option to allow you to set this
......@@ -48,7 +61,7 @@ config TPM_TIS_I2C_BURST_LIMITATION_LEN
config TPM_TIS_LPC
bool "Enable support for Infineon SLB9635/45 TPMs on LPC"
depends on TPM && X86
depends on TPM_V1 && X86
help
This driver supports Infineon TPM devices connected on the LPC bus.
The usual tpm operations and the 'tpm' command can be used to talk
......@@ -57,7 +70,7 @@ config TPM_TIS_LPC
config TPM_AUTH_SESSIONS
bool "Enable TPM authentication session support"
depends on TPM
depends on TPM_V1
help
Enable support for authorised (AUTH1) commands as specified in the
TCG Main Specification 1.2. OIAP-authorised versions of the commands
......@@ -66,7 +79,7 @@ config TPM_AUTH_SESSIONS
config TPM_ST33ZP24_I2C
bool "STMicroelectronics ST33ZP24 I2C TPM"
depends on TPM && DM_I2C
depends on TPM_V1 && DM_I2C
---help---
This driver supports STMicroelectronics TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
......@@ -75,7 +88,7 @@ config TPM_ST33ZP24_I2C
config TPM_ST33ZP24_SPI
bool "STMicroelectronics ST33ZP24 SPI TPM"
depends on TPM && DM_SPI
depends on TPM_V1 && DM_SPI
---help---
This driver supports STMicroelectronics TPM devices connected on the SPI bus.
The usual tpm operations and the 'tpm' command can be used to talk
......@@ -84,14 +97,14 @@ config TPM_ST33ZP24_SPI
config TPM_FLUSH_RESOURCES
bool "Enable TPM resource flushing support"
depends on TPM
depends on TPM_V1
help
Enable support to flush specific resources (e.g. keys) from the TPM.
The functionality is available via the 'tpm' command as well.
config TPM_LOAD_KEY_BY_SHA1
bool "Enable TPM key loading by SHA1 support"
depends on TPM
depends on TPM_V1
help
Enable support to load keys into the TPM by identifying
their parent via the public key's SHA1 hash.
......@@ -99,8 +112,22 @@ config TPM_LOAD_KEY_BY_SHA1
config TPM_LIST_RESOURCES
bool "Enable TPM resource listing support"
depends on TPM
depends on TPM_V1
help
Enable support to list specific resources (e.g. keys) within the TPM.
The functionality is available via the 'tpm' command as well.
endif # TPM_V1
config TPM_V2
bool "TPMv2.x support"
depends on TPM
help
Major TPM versions are not compatible at all, choose either
one or the other. This option enables TPMv2.x drivers/commands.
if TPM_V2 && !TPM_V1
endif # TPM_V2
endmenu
......@@ -39,7 +39,7 @@ obj-$(CONFIG_PHYSMEM) += physmem.o
obj-y += qsort.o
obj-y += rc4.o
obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
obj-$(CONFIG_TPM) += tpm.o
obj-$(CONFIG_TPM_V1) += tpm.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment