linux-drivers/
drivers/char/tpm

Trusted Platform Module (TPM 1.2 and 2.0) chips

Trusted Platform Modules are small security chips, either discrete on the motherboard or built into firmware, that store cryptographic keys, measure boot integrity, and back features like BitLocker and LUKS. The subsystem covers TPM 1.2 and 2.0 hardware over the older TIS and newer CRB interfaces, plus firmware and virtual TPMs from Xen, IBM, and AMD SVSM.

keep conf=0.95 deploy=high replacement=none subsystem=char category=crypto
95%

recommendation

It should stay because TPMs are standard equipment on modern PCs and servers — Microsoft has required TPM 2.0 on new Windows devices since 2016, vendors like Infineon still sell new OPTIGA TPM chips for PCs, servers, and IoT, and the kernel code is heavily maintained with hundreds of recent changes and no removal discussions on the linux-integrity list. There is also no single replacement, since the subsystem fans out into discrete, firmware, and virtual TPM backends that all depend on it.

repository signals

55 files
20,184 source lines
265 commits, 5y
+5,925 / −2,740 lines added / removed, 5y
108 authors, 5y
monthly commits · 2021-04-21 → 2026-04-21 · 265 total · active in 54/61 months
2021 2022 2023 2024 2025 2026 2021-04: 1 commit · +1 −1 2021-05: 7 commits · +28 −15 2021-06: 4 commits · +27 −19 2021-07: 2 commits · +2 −11 2021-08: 2 commits · +17 −13 2021-09: 3 commits · +26 −8 2021-10: 3 commits · +29 −105 2021-11: 1 commit · +1 −1 2021-12: 4 commits · +66 −16 2022-01: 5 commits · +18 −22 2022-02: 0 commits · +0 −0 2022-03: 6 commits · +200 −205 2022-04: 3 commits · +9 −20 2022-05: 2 commits · +15 −2 2022-06: 3 commits · +435 −1 2022-07: 1 commit · +0 −1 2022-08: 4 commits · +15 −18 2022-09: 0 commits · +0 −0 2022-10: 3 commits · +55 −284 2022-11: 28 commits · +314 −206 2022-12: 3 commits · +91 −25 2023-01: 3 commits · +46 −12 2023-02: 4 commits · +143 −5 2023-03: 10 commits · +24 −27 2023-04: 7 commits · +187 −35 2023-05: 9 commits · +86 −55 2023-06: 8 commits · +89 −39 2023-07: 6 commits · +128 −27 2023-08: 7 commits · +59 −181 2023-09: 2 commits · +9 −26 2023-10: 0 commits · +0 −0 2023-11: 1 commit · +4 −11 2023-12: 1 commit · +1 −2 2024-01: 4 commits · +7 −3 2024-02: 3 commits · +13 −14 2024-03: 0 commits · +0 −0 2024-04: 19 commits · +1,685 −100 2024-05: 5 commits · +33 −32 2024-06: 3 commits · +5 −2 2024-07: 5 commits · +248 −182 2024-08: 1 commit · +5 −0 2024-09: 4 commits · +32 −10 2024-10: 8 commits · +169 −122 2024-11: 3 commits · +136 −177 2024-12: 2 commits · +16 −5 2025-01: 0 commits · +0 −0 2025-02: 2 commits · +6 −8 2025-03: 10 commits · +515 −51 2025-04: 9 commits · +201 −48 2025-05: 1 commit · +1 −1 2025-06: 7 commits · +125 −153 2025-07: 8 commits · +177 −40 2025-08: 3 commits · +32 −75 2025-09: 7 commits · +120 −141 2025-10: 3 commits · +35 −10 2025-11: 4 commits · +131 −89 2025-12: 6 commits · +83 −58 2026-01: 3 commits · +9 −10 2026-02: 2 commits · +16 −16 2026-03: 0 commits · +0 −0 2026-04: 0 commits · +0 −0

sources

  1. lore.kernel.org

    Recent upstream TPM core maintenance continued in 2026; lore timeline for drivers/char/tpm/tpm-chip.c showed activity through 2026-04-09 and heavy traffic across 2024-2026.

  2. learn.microsoft.com

    Microsoft's OEM guidance says new device models have had to implement and enable TPM 2.0 by default since 2016, indicating TPM hardware remains standard in modern PC deployments.

  3. infineon.com

    Infineon still markets new OPTIGA TPM 2.0 products for PCs, servers, IoT, and industrial systems, showing the hardware family is still sold new.

codex reasoning notes (technical)

Keep: this is an active, non-obsolescent subsystem. `lore_file_timeline` on `drivers/char/tpm/tpm-chip.c` returned 290 matches from 2024-04-29 through 2026-04-09, including a 2026 linux-integrity fix URL cited above. `lore_regex` on linux-integrity subjects for TPM + remove/deprecate/obsolete/orphan returned no hits, so I found no active removal discussion. `web.search_query` found the Microsoft Learn TPM 2.0 OEM requirement page and Infineon OPTIGA TPM product page, supporting both current physical deployments and new hardware sales. Local `exec_command` inspection of `drivers/char/tpm/Kconfig` also shows ongoing support for discrete TPMs plus Xen/IBM/AMD SVSM vTPM and firmware TPM paths, so there is no single replacement driver.