Enable firmware TPM (fTPM) support via OP-TEE for K3 platforms with MMC hardware. This provides TPM 2.0 functionality through Microsoft's fTPM Trusted Application running in OP-TEE secure world, using eMMC RPMB as persistent storage.
fTPM support in U-Boot provides the foundation for measured boot and disk encryption use cases. The ARM64 condition ensures these apply only to A53/A72 cores and the MMC condition ensures fTPM is enabled only on platforms with eMMC hardware support. Signed-off-by: Shiva Tripathi <[email protected]> --- Changes in v2: - Moved fTPM enablement from per-board defconfig files to common Kconfig - Added configs to ARCH_K3 (arch/arm/Kconfig) to enable for all K3 platforms - Added command configs to TI_COMMON_CMD_OPTIONS (board/ti/common/Kconfig) - Added MMC dependency to address concern about boards without eMMC hardware - Link to v1: https://lore.kernel.org/all/[email protected]/ --- arch/arm/Kconfig | 3 +++ board/ti/common/Kconfig | 2 ++ 2 files changed, 5 insertions(+) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 5508fce796a..eb83b5c35f1 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -834,6 +834,9 @@ config ARCH_K3 imply DM_RNG if ARM64 imply TEE if ARM64 imply OPTEE if ARM64 + imply TPM if ARM64 && MMC + imply TPM2_FTPM_TEE if ARM64 && MMC + imply SUPPORT_EMMC_RPMB if ARM64 && MMC config ARCH_OMAP2PLUS bool "TI OMAP2+" diff --git a/board/ti/common/Kconfig b/board/ti/common/Kconfig index 409454813f3..149909093b3 100644 --- a/board/ti/common/Kconfig +++ b/board/ti/common/Kconfig @@ -61,4 +61,6 @@ config TI_COMMON_CMD_OPTIONS imply CMD_SPL imply CMD_TIME imply CMD_USB if USB + imply CMD_TPM if TPM + imply CMD_OPTEE_RPMB if OPTEE && SUPPORT_EMMC_RPMB -- 2.34.1
