[U-Boot] [PATCH v4 09/32] tpm: prepare introduction of TPMv2.x support in Kconfig
Miquel Raynal
miquel.raynal at bootlin.com
Tue May 15 09:57:05 UTC 2018
Because both major revisions are not compatible at all, let's make them
mutually exclusive in Kconfig. This way we will be sure, when using a
command or a library function that it is supported by the right
revision.
Current drivers are currently prefixed by "tpm_", we will prefix TPMv2.x
files by "tpm2_" to make the distinction without moving everything.
The Kconfig menu about TPM drivers is now divided into two sections, one
for each specification. Compliant drivers with one specification will
only show up if this specification _only_ has been selected, otherwise a
comment is displayed.
Once a driver is selected by the user, it selects automatically a
boolean value, that is needed in order to activate the TPM commands.
Selecting the TPM commands will automatically select the right
command/library files.
Signed-off-by: Miquel Raynal <miquel.raynal at bootlin.com>
Reviewed-by: Simon Glass <sjg at chromium.org>
---
cmd/Kconfig | 24 +++++++++++++++------
cmd/Makefile | 2 +-
drivers/tpm/Kconfig | 62 +++++++++++++++++++++++++++++++++++++++++++----------
lib/Makefile | 2 +-
4 files changed, 71 insertions(+), 19 deletions(-)
diff --git a/cmd/Kconfig b/cmd/Kconfig
index 136836d146..7c09c94d6d 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -1354,25 +1354,37 @@ config HASH_VERIFY
help
Add -v option to verify data against a hash.
+config CMD_TPM_V1
+ bool
+
+config CMD_TPM_V2
+ bool
+
config CMD_TPM
bool "Enable the 'tpm' command"
- depends on TPM
+ depends on TPM_DRIVER_SELECTED
+ select CMD_TPM_V1 if TPM_V1
+ select CMD_TPM_V2 if TPM_V2
help
This provides a means to talk to a TPM from the command line. A wide
range of commands if provided - see 'tpm help' for details. The
command requires a suitable TPM on your board and the correct driver
must be enabled.
+if CMD_TPM
+
config CMD_TPM_TEST
bool "Enable the 'tpm test' command"
- depends on CMD_TPM
+ depends on TPM_V1
help
- This provides a a series of tests to confirm that the TPM is working
- correctly. The tests cover initialisation, non-volatile RAM, extend,
- global lock and checking that timing is within expectations. The
- tests pass correctly on Infineon TPMs but may need to be adjusted
+ This provides a a series of tests to confirm that the TPMv1.x is
+ working correctly. The tests cover initialisation, non-volatile RAM,
+ extend, global lock and checking that timing is within expectations.
+ The tests pass correctly on Infineon TPMs but may need to be adjusted
for other devices.
+endif
+
endmenu
menu "Firmware commands"
diff --git a/cmd/Makefile b/cmd/Makefile
index 9a358e4801..bbeeb7e7f7 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -117,7 +117,7 @@ obj-$(CONFIG_CMD_TERMINAL) += terminal.o
obj-$(CONFIG_CMD_TIME) += time.o
obj-$(CONFIG_CMD_TRACE) += trace.o
obj-$(CONFIG_HUSH_PARSER) += test.o
-obj-$(CONFIG_CMD_TPM) += tpm.o
+obj-$(CONFIG_CMD_TPM_V1) += tpm.o
obj-$(CONFIG_CMD_TPM_TEST) += tpm_test.o
obj-$(CONFIG_CMD_CROS_EC) += cros_ec.o
obj-$(CONFIG_CMD_TSI148) += tsi148.o
diff --git a/drivers/tpm/Kconfig b/drivers/tpm/Kconfig
index 2a64bc49c3..01967ffd35 100644
--- a/drivers/tpm/Kconfig
+++ b/drivers/tpm/Kconfig
@@ -4,9 +4,27 @@
menu "TPM support"
+comment "Please select only one TPM revision"
+ depends on TPM_V1 && TPM_V2
+
+config TPM_DRIVER_SELECTED
+ bool
+ help
+ A valid TPM driver has been selected.
+
+config TPM_V1
+ bool "TPMv1.x support"
+ default y
+ help
+ Major TPM versions are not compatible at all, choose either
+ one or the other. This option enables TPMv1.x drivers/commands.
+
+if TPM_V1 && !TPM_V2
+
config TPM_TIS_SANDBOX
bool "Enable sandbox TPM driver"
- depends on SANDBOX
+ depends on TPM_V1 && SANDBOX
+ select TPM_DRIVER_SELECTED
help
This driver emulates a TPM, providing access to base functions
such as reading and writing TPM private data. This is enough to
@@ -15,7 +33,8 @@ config TPM_TIS_SANDBOX
config TPM_ATMEL_TWI
bool "Enable Atmel TWI TPM device driver"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
This driver supports an Atmel TPM device connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -24,7 +43,8 @@ config TPM_ATMEL_TWI
config TPM_TIS_INFINEON
bool "Enable support for Infineon SLB9635/45 TPMs on I2C"
- depends on TPM && DM_I2C
+ depends on TPM_V1 && DM_I2C
+ select TPM_DRIVER_SELECTED
help
This driver supports Infineon TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -33,7 +53,7 @@ config TPM_TIS_INFINEON
config TPM_TIS_I2C_BURST_LIMITATION
bool "Enable I2C burst length limitation"
- depends on TPM_TIS_INFINEON
+ depends on TPM_V1 && TPM_TIS_INFINEON
help
Some broken TPMs have a limitation on the number of bytes they can
receive in one message. Enable this option to allow you to set this
@@ -48,7 +68,7 @@ config TPM_TIS_I2C_BURST_LIMITATION_LEN
config TPM_TIS_LPC
bool "Enable support for Infineon SLB9635/45 TPMs on LPC"
- depends on TPM && X86
+ depends on TPM_V1 && X86
help
This driver supports Infineon TPM devices connected on the LPC bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -57,7 +77,8 @@ config TPM_TIS_LPC
config TPM_AUTH_SESSIONS
bool "Enable TPM authentication session support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support for authorised (AUTH1) commands as specified in the
TCG Main Specification 1.2. OIAP-authorised versions of the commands
@@ -66,7 +87,8 @@ config TPM_AUTH_SESSIONS
config TPM_ST33ZP24_I2C
bool "STMicroelectronics ST33ZP24 I2C TPM"
- depends on TPM && DM_I2C
+ depends on TPM_V1 && DM_I2C
+ select TPM_DRIVER_SELECTED
---help---
This driver supports STMicroelectronics TPM devices connected on the I2C bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -75,7 +97,8 @@ config TPM_ST33ZP24_I2C
config TPM_ST33ZP24_SPI
bool "STMicroelectronics ST33ZP24 SPI TPM"
- depends on TPM && DM_SPI
+ depends on TPM_V1 && DM_SPI
+ select TPM_DRIVER_SELECTED
---help---
This driver supports STMicroelectronics TPM devices connected on the SPI bus.
The usual tpm operations and the 'tpm' command can be used to talk
@@ -84,14 +107,16 @@ config TPM_ST33ZP24_SPI
config TPM_FLUSH_RESOURCES
bool "Enable TPM resource flushing support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to flush specific resources (e.g. keys) from the TPM.
The functionality is available via the 'tpm' command as well.
config TPM_LOAD_KEY_BY_SHA1
bool "Enable TPM key loading by SHA1 support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to load keys into the TPM by identifying
their parent via the public key's SHA1 hash.
@@ -99,8 +124,23 @@ config TPM_LOAD_KEY_BY_SHA1
config TPM_LIST_RESOURCES
bool "Enable TPM resource listing support"
- depends on TPM
+ depends on TPM_V1
+ select TPM_DRIVER_SELECTED
help
Enable support to list specific resources (e.g. keys) within the TPM.
The functionality is available via the 'tpm' command as well.
+
+endif # TPM_V1
+
+config TPM_V2
+ bool "TPMv2.x support"
+ default n
+ help
+ Major TPM versions are not compatible at all, choose either
+ one or the other. This option enables TPMv2.x drivers/commands.
+
+if TPM_V2 && !TPM_V1
+
+endif # TPM_V2
+
endmenu
diff --git a/lib/Makefile b/lib/Makefile
index 0db41c19f3..9ec4a93043 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -40,7 +40,7 @@ obj-$(CONFIG_PHYSMEM) += physmem.o
obj-y += qsort.o
obj-y += rc4.o
obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
-obj-$(CONFIG_TPM) += tpm.o
+obj-$(CONFIG_TPM_V1) += tpm.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
--
2.14.1
More information about the U-Boot
mailing list