View Source

The goal of the document is to illustrate how setup and enable TPM module of Plus 1 (SP7021) demo board (V3). Plus 1 demo board (V3) has a built-in TPM module, ST ST33HTPHF2EI2C. It is an I²C interface device. We need to enable ‘I2C hardware support’, ‘TPM2.0 support’ and modify Linux device-tree source according to hardware connection of I²C interface. Please follow the following steps to setup and enable TPM in Linux.

1. Enable Sunplus I²C driver

Run make kconfig in project top directory. When “Linux/arm Kernel Configuration” menu pops up, move cursor to go to “Device Drivers” --> “I2C support” → “I2C Hardware Bus support”. Enable “SP I2C support”. Refer to screenshot below:

SP7021 Released Document > How to setup and enable TPM of SP7021 demo board V3 > image-20200611-052442.png

2. Enable TIS TPM driver

Use arrows and Enter keys to move cursor and go to “Device Drivers” ---> “Character devices”. Enable <TPM Hardware Support> as Linux module. Refer to snapshot of screen below:

SP7021 Released Document > How to setup and enable TPM of SP7021 demo board V3 > image-20200423-020524.png

where <TPM Hardware Support> is enabled as module (<M> means enabled as module).

After selecting <TPM Hardware Support> as module, press Enter key to enter sub-menu of <TPM Hardware Support>. Again, use arrow and Enter keys to enable <TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C)> as Linux module. Refer to snapshot of screen below:

SP7021 Released Document > How to setup and enable TPM of SP7021 demo board V3 > image-20200423-020824.png

where <TPM Interface Specification 1.3 Interface / TPM 2.0 FIFO Interface - (I2C)> enabled as module.

Use arrow and Enter keys to select <Save> and save the setting. Finally, press <Esc><Esc> till exit menuconfig.

3. Modify Linux device-tree source

Because the TPM module is an I2C interface device and is connected to G_MX64 (SDA) and G_MX61 (SCL), please modify device-tree source file, linux/kernel/arch/arm/boot/dts/sp7021-demov3.dts, as shown below:

&i2cm1 {
	clock-frequency = <100000>;
	pinctrl-names = "default";
	pinctrl-0 = <&i2cm1_tpm_pins>;
	#address-cells = <1>;
	#size-cells = <0>;
	st33htpi: st33htpi@2e{
		compatible = "st,st33htpm-i2c";
		reg = <0x2e>;
		status="okay";
	};
};

where channel 1 of i2c interface is used to communicate with TPM module. Note that i2cm1 is a label to node i2c@9c004700.

Add pin-ctrl node pinmux_i2cm1_tpm-pins as shown below:

	i2cm1_tpm_pins: pinmux_i2cm1_tpm-pins {
		sunplus,pins = <
			SPPCTL_IOPAD(64, SPPCTL_PCTL_G_PMUX, MUXF_I2CM1_DAT, 0)
			SPPCTL_IOPAD(61, SPPCTL_PCTL_G_PMUX, MUXF_I2CM1_CLK, 0)
		>;
	};

SDA of TPM module of demo board V3 is connected to G_MX64 while SCL of TPM module is connected to G_MX61.

Please note that to comply with Linux rules, after version 5.10.59, 4 property-names of pin node of SP7021 are changed as shown in table below:

5.4.35	5.10.59
sppctl,function	function
sppctl,groups	groups
sppctl,pins	sunplus,pins
sppctl,zero_func	sunplus,zerofunc

4. Build Linux image

Go to top folder. Run make all to build Linux image.

5. Boot Linux

Boot Linux with the built image.

6. Probe TPM modules

After Linux boots up successfully, run modprobe tpm_tis_i2c to load TPM module as below:

/ # modprobe tpm_tis_i2c
[   72.865657] tpm_tis_i2c: Unknown symbol tpm_tis_resume (err -2)
[   72.865769] tpm_tis_i2c: Unknown symbol tpm_chip_unregister (err -2)
[   72.866750] tpm_tis_i2c: Unknown symbol tpm_pm_suspend (err -2)
[   72.872735] tpm_tis_i2c: Unknown symbol tpm_tis_core_init (err -2)
[   72.957106] tpm_tis_i2c 1-002e: 2.0 TPM (device-id 0x0, rev-id 78)
[   72.975705] tpm tpm0: A TPM error (256) occurred attempting the self test
[   72.975806] tpm tpm0: starting up the TPM manually
/ #

7. Test TPM device

Run ls -al /dev/tpm* to check whether tpm module is loaded successfully or not.

/ # ls -al /dev/tpm*
crw-rw----    1 root     root       10, 224 Feb 22 20:09 /dev/tpm0
crw-rw----    1 root     root      249, 65536 Feb 22 20:09 /dev/tpmrm0
/ #

Note that TPM devices 'tpm0' and 'tpmrm0' are present at /dev/. This confirms that TPM modules are loaded successfully.

Run eltt2 -gc to view eltt2 report:

/ # ./eltt2 -gc


TPM capability information of fixed properties:
=========================================================
TPM_PT_FAMILY_INDICATOR:        2.0
TPM_PT_LEVEL:                   0
TPM_PT_REVISION:                138
TPM_PT_DAY_OF_YEAR:             8
TPM_PT_YEAR:                    2018
TPM_PT_MANUFACTURER:            STM
TPM_PT_VENDOR_STRING:
TPM_PT_VENDOR_TPM_TYPE:         1
TPM_PT_FIRMWARE_VERSION:        73.65.40986.23

TPM_PT_MEMORY:
=========================================================
Shared RAM:                     0 CLEAR
Shared NV:                      0 CLEAR
Object Copied To Ram:           0 CLEAR


Clock info:
=========================================================
Time since the last TPM_Init:
133945 ms  =  0 y, 0 d, 0 h, 2 min, 13 s, 945 ms

Time during which the TPM has been powered:
1666813 ms  =  0 y, 0 d, 0 h, 27 min, 46 s, 813 ms

TPM Reset since the last TPM2_Clear:            12
Number of times that TPM2_Shutdown:             0
Safe:                                           1 = Yes


/ #