diff options
| author | Sergii Dmytruk <sergii.dmytruk@3mdeb.com> | 2022-10-23 00:47:55 +0300 |
|---|---|---|
| committer | Felix Held <felix-coreboot@felixheld.de> | 2023-03-04 02:01:48 +0000 |
| commit | 53db677586e3e7c4a874f1ef16f34a6d01c269a0 (patch) | |
| tree | 21f86ad11201bc00cf5a94653417ae3f96792e94 /src/security/tpm/Kconfig | |
| parent | 4191dbf0c9a57088e7a7323d8bf02a8708eacdb9 (diff) | |
security/tpm: add TPM log format as per 2.0 spec
Used by default for all boards with TPM2 which don't specify log
format explicitly.
Change-Id: I0fac386bebab1b7104378ae3424957c6497e84e1
Ticket: https://ticket.coreboot.org/issues/422
Ticket: https://ticket.coreboot.org/issues/423
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
Signed-off-by: Sergii Dmytruk <sergii.dmytruk@3mdeb.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/68748
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/security/tpm/Kconfig')
| -rw-r--r-- | src/security/tpm/Kconfig | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig index 467773dee4..8466d80dbe 100644 --- a/src/security/tpm/Kconfig +++ b/src/security/tpm/Kconfig @@ -98,7 +98,7 @@ choice prompt "TPM event log format" depends on TPM_MEASURED_BOOT default TPM_LOG_TPM1 if TPM1 - default TPM_LOG_CB + default TPM_LOG_TPM2 if TPM2 config TPM_LOG_CB bool "coreboot's custom format" @@ -110,6 +110,29 @@ config TPM_LOG_TPM1 help Log per TPM 1.2 specification. See "TCG PC Client Specific Implementation Specification for Conventional BIOS". +config TPM_LOG_TPM2 + bool "TPM 2.0 format" + depends on TPM2 + help + Log per TPM 2.0 specification. + See "TCG PC Client Platform Firmware Profile Specification". + +endchoice + +choice + prompt "TPM2 hashing algorithm" + depends on TPM_MEASURED_BOOT && TPM_LOG_TPM2 + default TPM_HASH_SHA1 if TPM1 + default TPM_HASH_SHA256 if TPM2 + +config TPM_HASH_SHA1 + bool "SHA1" +config TPM_HASH_SHA256 + bool "SHA256" +config TPM_HASH_SHA384 + bool "SHA384" +config TPM_HASH_SHA512 + bool "SHA512" endchoice |