Skip to content

nati_x86_64_defconfig: enable additional TPM modules#270

Merged
gratian merged 1 commit intoni:nilrt/master/6.12from
amstewart:dev/scarthgap/clevis
Mar 16, 2026
Merged

nati_x86_64_defconfig: enable additional TPM modules#270
gratian merged 1 commit intoni:nilrt/master/6.12from
amstewart:dev/scarthgap/clevis

Conversation

@amstewart
Copy link

@amstewart amstewart commented Mar 16, 2026
edited
Loading

Enable more UEFI/TPM kconfigs that are necessary to support userspace interactions with TPM2 devices.

Of particular importance:

  • CONFIG_BLK_DEV_DM - Driver support for DeviceMapper block devices.
  • CONFIG_DM_CRYPT - Driver support for encrypted DeviceMapper devices (LUKS).
  • CONFIG_EFI_STUB - Allows the kernel to collect TPM measurement logs from the EFI store.
  • CONFIG_DAX - Direct Access to Differenated memory. Necessary dependency of DeviceMapper.

NOTE: The CONFIG_CRYPTO_CBC kconfig was removed automatically by savedefconfig. I assume that it is enabled implicitly by one of the other crypto-kconfigs I am enabling.

This PR is in support of the NILRT Measured Boot / Device Encryption feature.

Testing

  • Built and hand-tested the NILRT x64 kernel on QEMU with these changes. Confirmed that the initramfs I constructed has the drivers necessary to unlock and mount LUKS partitions to the DeviceMapper. Confirmed that the securityfs can be mounted and that it contains a log of the early bootloader TPM measurements.

nati_x86_64_defconfig: enable additional TPM modules
6bdf5bd 
Enable more UEFI/TPM kconfigs that are necessary to support userspace
interactions with TPM2 devices.

Of particular importance:
* CONFIG_BLK_DEV_DM - Driver support for DeviceMapper block devices.
* CONFIG_DM_CRYPT - Driver support for encrypted DeviceMapper devices
  (LUKS).
* CONFIG_EFI_STUB - Allows the kernel to collect TPM measurement logs
  from the EFI store.
* CONFIG_DAX - Direct Access to Differenated memory. Necessary
  dependency of DeviceMapper.

Signed-off-by: Alex Stewart <alex.stewart@emerson.com>
@amstewart amstewart requested a review from a team March 16, 2026 16:15
@gratian gratian merged commit 3da1661 into ni:nilrt/master/6.12 Mar 16, 2026
1 check passed
@amstewart amstewart deleted the dev/scarthgap/clevis branch March 16, 2026 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gratian gratian gratian approved these changes

@chaitu236 chaitu236 chaitu236 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@amstewart @gratian @chaitu236