6f8e9443aa
When using a hardware assisted root of trust measurement, like Intel TXT/CBnT, the TPM init needs to happen inside the bootblock to form a proper chain of trust. Change-Id: Ifacba5d9ab19b47968b4f2ed5731ded4aac55022 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/51923 Reviewed-by: Christian Walter <christian.walter@9elements.com> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
20 lines
706 B
Plaintext
20 lines
706 B
Plaintext
config TPM_INIT_RAMSTAGE
|
|
bool
|
|
default y if TPM1 || TPM2
|
|
depends on !VBOOT && !VENDORCODE_ELTAN_VBOOT && !VENDORCODE_ELTAN_MBOOT \
|
|
&& !TPM_MEASURED_BOOT_INIT_BOOTBLOCK
|
|
help
|
|
This driver automatically initializes the TPM if vboot is not used.
|
|
The TPM driver init is done during the ramstage chip init phase.
|
|
|
|
config TPM_PPI
|
|
bool "Generate ACPI code to implement TPM physical presence interface"
|
|
depends on TPM1 || TPM2
|
|
depends on HAVE_ACPI_TABLES
|
|
depends on !CHROMEOS
|
|
default y if PAYLOAD_TIANOCORE
|
|
help
|
|
This driver automatically generates ACPI tables for the Physical
|
|
Presence Interface defined by the TCG. If not activated only a stub
|
|
will be generated without any functionality.
|