tpm: Refactor TIS and add a SPI attachment
ClosedPublic
Actions

Authored by jhibbits on May 2 2024, 7:52 PM.

Details

Reviewers

kd
mw

Commits

rGc2e9c5bbf022: tpm: Refactor TIS and add a SPI attachment

Summary

Though mostly used in x86 devices, TPM can be used on others, with a
direct SPI attachment. Refactor the TPM 2.0 driver set to use an
attachment interface, and implement a SPI bus interface.

Obtained from: Juniper Networks, Inc.

Test Plan

Tested on a Raspberry Pi 4, with a GeeekPi TPM2.0 module (SLB9670
TPM) using security/tpm2-tools tpm2_getcaps for very light testing against the
spibus attachment.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhibbits created this revision.May 2 2024, 7:52 PM

Herald added a subscriber: imp. · View Herald TranscriptMay 2 2024, 7:52 PM

jhibbits requested review of this revision.May 2 2024, 7:52 PM

Harbormaster completed remote builds in B57556: Diff 138038.May 2 2024, 7:52 PM

kd added inline comments.May 3 2024, 4:20 PM

sys/conf/files
3201	Other TPM ACPI dependent files are only included files.amd64. Could you also move them here as a part of this commit? This way we could support TPM in ARM64 based boards that run ACPI.
sys/dev/tpm/tpm_tis.h
28 ↗	(On Diff #138038)	Do we really need this? Looks like an empty header.
sys/modules/tpm/Makefile
15	How about `.if defined(${OPT_ACPI})`? Also please move this below the `#TPM 2.0` comment (line 21). This way it'll be easier to differenciate which files are used for the old (TPM1.2) driver.

jhibbits marked an inline comment as done.May 3 2024, 7:02 PM

jhibbits added inline comments.

sys/conf/files
3201	This does allow ACPI ARM64 to do TPM2 with TIS. I can't verify CRB at all.
sys/dev/tpm/tpm_tis.h
28 ↗	(On Diff #138038)	Oops. This was leftover from dev.
sys/modules/tpm/Makefile
15	I can sort it, but I don't see OPT_ACPI anywhere existing.