This patch adds advertises a Software TPM or a Discrete TPM to Windows.
Selection is done at compile time, behind a build config flag in the board's
.dsc file.
We add two new configuration flags to the Pi2 and Pi3 Board .dsc file.
CONFIG_TPM_ENABLE controls whether to advertise any TPM support to Windows.
CONFIG_USE_DTPM enables the use of the discrete TPM, otherwise use
the software TPM. Note: this option requires CONFIG_TPM_ENABLE = TRUE.
Advertising a TPM requires two components - the TPM2 table
and device nodes. The TPM2 table advertises a TPM2 module
is present. We add the TPM device nodes by adding an SSDT
to extend the DSDT table.
Note: Software TPM is emulation and, as such, is not
fit for production security use.
This patch adds advertises a Software TPM or a Discrete TPM to Windows. Selection is done at compile time, behind a build config flag in the board's .dsc file.
We add two new configuration flags to the Pi2 and Pi3 Board .dsc file.
CONFIG_TPM_ENABLEcontrols whether to advertise any TPM support to Windows.CONFIG_USE_DTPMenables the use of the discrete TPM, otherwise use the software TPM. Note: this option requiresCONFIG_TPM_ENABLE = TRUE.Advertising a TPM requires two components - the TPM2 table and device nodes. The TPM2 table advertises a TPM2 module is present. We add the TPM device nodes by adding an SSDT to extend the DSDT table.
Note: Software TPM is emulation and, as such, is not fit for production security use.