diff options
| author | Simon Glass <sjg@chromium.org> | 2024-06-27 09:29:43 +0100 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2024-06-28 13:54:52 -0600 |
| commit | 092b6ec65c604972d80ba0b3ac2ff44e00adb238 (patch) | |
| tree | b0cec392089e53c57ded74cc4ca9b674e4701929 | |
| parent | 8a9040e3efe99ed2cd204f58693a2247970d09cb (diff) | |
tpm: Avoid code bloat when not using EFI_TCG2_PROTOCOL
It does not make sense to enable all SHA algorithms unless they are
needed. It bloats the code and in this case, causes chromebook_link to
fail to build. That board does use the TPM, but not with measured boot,
nor EFI.
Since EFI_TCG2_PROTOCOL already selects these options, we just need to
add them to MEASURED_BOOT as well.
Note that the original commit combines refactoring and new features,
which makes it hard to see what is going on.
Fixes: 97707f12fda tpm: Support boot measurements
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
| -rw-r--r-- | boot/Kconfig | 4 | ||||
| -rw-r--r-- | lib/Kconfig | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/boot/Kconfig b/boot/Kconfig index 36bdc83b957..4c9d2c0f79a 100644 --- a/boot/Kconfig +++ b/boot/Kconfig @@ -734,6 +734,10 @@ config LEGACY_IMAGE_FORMAT config MEASURED_BOOT bool "Measure boot images and configuration when booting without EFI" depends on HASH && TPM_V2 + select SHA1 + select SHA256 + select SHA384 + select SHA512 help This option enables measurement of the boot process when booting without UEFI . Measurement involves creating cryptographic hashes diff --git a/lib/Kconfig b/lib/Kconfig index 189e6eb31aa..568892fce44 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -438,10 +438,6 @@ config TPM bool "Trusted Platform Module (TPM) Support" depends on DM imply DM_RNG - select SHA1 - select SHA256 - select SHA384 - select SHA512 help This enables support for TPMs which can be used to provide security features for your board. The TPM can be connected via LPC or I2C |