Re: [linux-yocto] [kernel-cache][RFC][ PATCH] features/tpm: split into tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm feature

Mon, 21 Feb 2022 23:43:26 -0800 

Hi Armin

Am 21.02.2022 um 18:29 schrieb akuster808:

On 2/20/22 20:18, Bruce Ashfield wrote:
In message: [kernel-cache][RFC][ PATCH] features/tpm: split into tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm feature 
on 18/02/2022 Stefan Herbrechtsmeier wrote:


From: Stefan Herbrechtsmeier <[email protected]>

Split the tpm feature into individual features as the tpm feature is
only usable on x86 because of its dependencies:

Config 'TCG_NSC' has the following Direct dependencies (TCG_NSC=n):
         X86(undefined/n) && TCG_TPM(=y)
Config 'TCG_ATMEL' has the following Direct dependencies (TCG_ATMEL=n):
         PPC64(undefined/n) || HAS_IOPORT_MAP(=n) (=n) && TCG_TPM(=y)
Config 'TCG_INFINEON' has the following Direct dependencies (TCG_INFINEON=n): 
         PNP(=n) && TCG_TPM(=y)
Config 'TCG_CRB' has the following Direct dependencies (TCG_CRB=n):
         ACPI(undefined/n) && TCG_TPM(=y)
Signed-off-by: Stefan Herbrechtsmeier <[email protected]> 

---
The commit adds new features to keep features/tpm/tpm backward
compatible.

At a glance, this looks fine to me. I'll see if anyone else has
comments, and then let this soak for a few days.
This will allow folks to enable the version that applies to their needs.  I would roll meta-security to adapt to these changes.
Does meta-security needs more features to enable TPM-1.2 i2c, spi and x86 separate? 

Regards
  Stefan




-armin


Bruce


  features/tpm/tpm-1.2.cfg     | 11 +++++++++++
  features/tpm/tpm-1.2.scc     |  7 +++++++
  features/tpm/tpm-2.0-crb.cfg |  3 +++
  features/tpm/tpm-2.0-crb.scc |  7 +++++++
  features/tpm/tpm-2.0.cfg     |  4 ++++
  features/tpm/tpm-2.0.scc     |  7 +++++++
  features/tpm/tpm-common.cfg  |  7 +++++++
  features/tpm/tpm-common.scc  |  5 +++++
  features/tpm/tpm.cfg         | 20 --------------------
  features/tpm/tpm.scc         |  8 ++++++--
  features/tpm/vtpm.cfg        |  3 +++
  features/tpm/vtpm.scc        |  7 +++++++
  12 files changed, 67 insertions(+), 22 deletions(-)
  create mode 100644 features/tpm/tpm-1.2.cfg
  create mode 100644 features/tpm/tpm-1.2.scc
  create mode 100644 features/tpm/tpm-2.0-crb.cfg
  create mode 100644 features/tpm/tpm-2.0-crb.scc
  create mode 100644 features/tpm/tpm-2.0.cfg
  create mode 100644 features/tpm/tpm-2.0.scc
  create mode 100644 features/tpm/tpm-common.cfg
  create mode 100644 features/tpm/tpm-common.scc
  delete mode 100644 features/tpm/tpm.cfg
  create mode 100644 features/tpm/vtpm.cfg
  create mode 100644 features/tpm/vtpm.scc

diff --git a/features/tpm/tpm-1.2.cfg b/features/tpm/tpm-1.2.cfg
new file mode 100644
index 00000000..d1fcf98c
--- /dev/null
+++ b/features/tpm/tpm-1.2.cfg
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM 1.2 device drivers.
+CONFIG_TCG_TIS_I2C_ATMEL=y
+CONFIG_TCG_TIS_I2C_INFINEON=y
+CONFIG_TCG_TIS_I2C_NUVOTON=y
+CONFIG_TCG_NSC=y
+CONFIG_TCG_ATMEL=y
+CONFIG_TCG_INFINEON=y
+CONFIG_TCG_TIS_ST33ZP24=y
+CONFIG_TCG_TIS_ST33ZP24_I2C=y
+CONFIG_TCG_TIS_ST33ZP24_SPI=y
\ No newline at end of file
diff --git a/features/tpm/tpm-1.2.scc b/features/tpm/tpm-1.2.scc
new file mode 100644
index 00000000..74900486
--- /dev/null
+++ b/features/tpm/tpm-1.2.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group Trusted Platform Module) 1.2 drivers" 
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm-1.2.cfg
diff --git a/features/tpm/tpm-2.0-crb.cfg b/features/tpm/tpm-2.0-crb.cfg
new file mode 100644
index 00000000..27a1ba25
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.cfg
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_TCG_CRB=y
diff --git a/features/tpm/tpm-2.0-crb.scc b/features/tpm/tpm-2.0-crb.scc
new file mode 100644
index 00000000..50875596
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG CRB TPM (Trusted Computing Group Command Response Buffer Trusted Platform Module) 2.0 driver" 
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2-crb.cfg
diff --git a/features/tpm/tpm-2.0.cfg b/features/tpm/tpm-2.0.cfg
new file mode 100644
index 00000000..9f427afa
--- /dev/null
+++ b/features/tpm/tpm-2.0.cfg
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_SPI=y
+CONFIG_TCG_TIS_SPI=y
diff --git a/features/tpm/tpm-2.0.scc b/features/tpm/tpm-2.0.scc
new file mode 100644
index 00000000..68f98702
--- /dev/null
+++ b/features/tpm/tpm-2.0.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group Trusted Platform Module) 2.0 drivers" 
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2.cfg
diff --git a/features/tpm/tpm-common.cfg b/features/tpm/tpm-common.cfg
new file mode 100644
index 00000000..7e2ea6c1
--- /dev/null
+++ b/features/tpm/tpm-common.cfg
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM hardware support.
+CONFIG_TCG_TPM=y
+CONFIG_HW_RANDOM=y
+CONFIG_HW_RANDOM_TPM=y
+CONFIG_TCG_TIS_CORE=y
+CONFIG_TCG_TIS=y
diff --git a/features/tpm/tpm-common.scc b/features/tpm/tpm-common.scc
new file mode 100644
index 00000000..31a070c0
--- /dev/null
+++ b/features/tpm/tpm-common.scc
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable common TCG TPM (Trusted Computing Group Trusted Platform Module) features" 
+define KFEATURE_COMPATIBILITY board
+
+kconf hardware tpm-common.cfg
diff --git a/features/tpm/tpm.cfg b/features/tpm/tpm.cfg
deleted file mode 100644
index ea10c1fb..00000000
--- a/features/tpm/tpm.cfg
+++ /dev/null
@@ -1,20 +0,0 @@
-# SPDX-License-Identifier: MIT
-# Enable TPM device drivers.
-CONFIG_TCG_TPM=y
-CONFIG_HW_RANDOM=y
-CONFIG_HW_RANDOM_TPM=y
-CONFIG_TCG_TIS_CORE=y
-CONFIG_TCG_TIS=y
-CONFIG_SPI=y
-CONFIG_TCG_TIS_SPI=y
-CONFIG_TCG_TIS_I2C_ATMEL=y
-CONFIG_TCG_TIS_I2C_INFINEON=y
-CONFIG_TCG_TIS_I2C_NUVOTON=y
-CONFIG_TCG_NSC=y
-CONFIG_TCG_ATMEL=y
-CONFIG_TCG_INFINEON=y
-CONFIG_TCG_CRB=y
-CONFIG_TCG_VTPM_PROXY=y
-CONFIG_TCG_TIS_ST33ZP24=y
-CONFIG_TCG_TIS_ST33ZP24_I2C=y
-CONFIG_TCG_TIS_ST33ZP24_SPI=y
diff --git a/features/tpm/tpm.scc b/features/tpm/tpm.scc
index a1435480..1f3ba9cf 100644
--- a/features/tpm/tpm.scc
+++ b/features/tpm/tpm.scc
@@ -1,5 +1,9 @@
  # SPDX-License-Identifier: MIT
-define KFEATURE_DESCRIPTION "Enable TCG TPM driver (Trusted Computing Group Trusted Platform Module)" +define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group Trusted Platform Module) drivers" 
  define KFEATURE_COMPATIBILITY board
-kconf hardware tpm.cfg
+include tpm-common.scc
+include tpm-1.2.scc
+include tpm-2.0.scc
+include tpm-2.0-crb.scc
+include vtpm.scc
diff --git a/features/tpm/vtpm.cfg b/features/tpm/vtpm.cfg
new file mode 100644
index 00000000..eeb58e96
--- /dev/null
+++ b/features/tpm/vtpm.cfg
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: MIT
+# Enable vTPM device drivers.
+CONFIG_TCG_VTPM_PROXY=y
diff --git a/features/tpm/vtpm.scc b/features/tpm/vtpm.scc
new file mode 100644
index 00000000..e927ffb6
--- /dev/null
+++ b/features/tpm/vtpm.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable virtual TCG TPM (Trusted Computing Group Trusted Platform Module) proxy driver" 
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware vtpm.cfg
--
2.30.2







-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#10976): 
https://lists.yoctoproject.org/g/linux-yocto/message/10976
Mute This Topic: https://lists.yoctoproject.org/mt/89237564/21656
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to