tpm: Avoid code bloat when not using EFI_TCG2_PROTOCOL
It does not make sense to enable all SHA algorithms unless they are
needed. It bloats the code and in this case, causes chromebook_link to
fail to build. That board does use the TPM, but not with measured boot,
nor EFI.
Since EFI_TCG2_PROTOCOL already selects these options, we just need to
add them to MEASURED_BOOT as well.
Note that the original commit combines refactoring and new features,
which makes it hard to see what is going on.
Fixes: 97707f12fd tpm: Support boot measurements
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass
@@ -734,6 +734,10 @@ config LEGACY_IMAGE_FORMAT
|
||||
config MEASURED_BOOT
|
||||
bool "Measure boot images and configuration when booting without EFI"
|
||||
depends on HASH && TPM_V2
|
||||
select SHA1
|
||||
select SHA256
|
||||
select SHA384
|
||||
select SHA512
|
||||
help
|
||||
This option enables measurement of the boot process when booting
|
||||
without UEFI . Measurement involves creating cryptographic hashes
|
||||
|
||||
@@ -438,10 +438,6 @@ config TPM
|
||||
bool "Trusted Platform Module (TPM) Support"
|
||||
depends on DM
|
||||
imply DM_RNG
|
||||
select SHA1
|
||||
select SHA256
|
||||
select SHA384
|
||||
select SHA512
|
||||
help
|
||||
This enables support for TPMs which can be used to provide security
|
||||
features for your board. The TPM can be connected via LPC or I2C
|
||||
|
||||
Reference in New Issue
Block a user