OPTIGA™ TPM Forum Discussions
Hi,
I get this error when trying to interface SLB9670 with BeagleBone Balck over SPI1, bus with CS1:
tpm_tis_spi: probe of spi1.1 failed with error -110
This is my overlay:
/dts-v1/;
/plugin/;
/ {
compatible = "ti,beaglebone","ti,am335x-boneblack", "ti,beaglebone-black";
part-number = "BB-SPI1-SLB9670";
version = "00A0";
fragment@0 {
target = <&am33xx_pinmux>;
__overlay__ {
pinmux_spi1_pins: pinmux_spi1_pins {
pinctrl-single,pins = <
0x190 0x33 /* spi1_sclk,MODE3 */
0x194 0x33 /* spi1_d0, MODE3 */
0x198 0x33 /* spi1_d1, MODE3 */
0x164 0x32 /* spi1_cs1, MODE2 */
>;
};
};
};
fragment@1 {
target = <&spi1>;
__overlay__ {
pinctrl-0 = <&pinmux_spi1_pins>;
status = "okay";
};
};
fragment@2 {
target = <&spi1>;
__overlay__ {
#address-cells = <1>;
#size-cells = <0>;
slb9670: slb9670@1 {
compatible = "infineon,slb9670";
reg = <1>;
#address-cells = <1>;
#size-cells = <0>;
spi-max-frequency = <32000000>;
};
};
};
};
Reset has pull-up.
This is what I have included and compiled in my kernel image:
CONFIG_TCG_TPM=y
CONFIG_TCG_TIS_CORE=y
CONFIG_TCG_TIS=y
CONFIG_TCG_TIS_SPI=y
I can see that tis-spi driver for tpm2.0 is loaded under /sys/bus/spi/drivers (I compiled it with kernel).
There is also SPI1.1 device visible under /sys/bus/spi/devices
In short, SPI1 is working because I use it for ENC28J60 ethernet PHY with CS0.
For SLB9670 I use P9_42 pin in mode 2 as CS1, but without any luck to establish connection with SLB.
Can somone tell me more about error -110 and how to fix it amd get things working.
Thanks
Show Less
How does one field firmware upgrade / OTA the SLB9762 FW16.12?
We need to upgrade the SLB9762 FW16.12 to the latest (FW16.13??) in an ARM-based Linux environment.
Any pointers, sample code, examples, white papers, etc appreciated.
Show LessI am using the driver of SLB 9672XU2.0 FW16.10, but I encounter some problems. When debugging SLB 9672XU2.0 FW16.10 with the same platform and SPI driver, I find that the communication cannot be normal. But when I used the SLB 9670VQ2.0 FW7.85 was able to correctly identify the TPM device node. I was able to confirm that the hardware was working because I tested it with the Raspberry Pi and it recognized the TPM device. I have printed the SPI log when loading TPM at startup, see the attachment. Can anyone help analyze the reason? Thank you very much! ~
PS:9672 board reads 128 bytes, then only read 64 bytes each time, after reading the first frame, read the second frame, the command sent to read 00 00 00 01, return error FF FF FF FF, the result is an error. The 9670 board is 255. The second, third, and fourth frames can return 00 00 00 00 01 as normal, reading the data normally and reporting no errors. What is the difference between fifo and what are the requirements
Show Less
Hi
(a) How is "lifetime" defined - is this starting from date of manufacture? The 10 year figure is lower than I would have guessed.
(b) How should the 10 year lifetime figure be used in practice? For instance, suppose we wish to protect an asset for 20 years then should we swap-out at (for example) 7 years, 14 years?
(c) Are there expected failure modes? I'm wondering if these relate to non-volatile memory?
(d) How confident can we be that a unit of age
9 years < AGE < 10 years
will not fail - is there some distribution curve?
(e) How can we detect failure in the field?
(f) What is the distinction between "Useful lifetime" and "Operating lifetime" (Data Sheet, pg11)
Many thanks for any advice
Regards
Stephen
I'm tryint to encrypt a string using TSS.Java. It goes well on Intel TPMs, but failed on Infineon TPMs. All my code borrows from TSS.Java samples and use EncryptDecrypt2()
command. I tried 4 physical desktop with Intel TPM, 2 Azure VM, 2 physical laptops with Infineon. All of them are without problem but Infineon TPMs. I can't tell what the issue originate from, TSS.Java library or Infineon TPM? Any helps are appreciated.
PS: I executed the code with administrator(root), of course.
Show LessI want porting TPM SLB9672 on my custom board through the SPI, I have been porting SLB9670 on my custom board,It's work,but SLB9672 can not work when using the same step.I know SLB9670 and SLB9672 used the same driver,but I can not get any information from TPM, What should I do?
Show LessHi, I am using below TPM Module
TPM Device
Vendor ID: IFX
Specification Version: 2.0
Firmware Revision: 13.11
Description: INFINEON
Characteristics:
Family configurable via platform software support
OEM-specific Information: 0x00000000
I want to add support IMA in my kernel 5.10. After enabled the below config flags:
CONFIG_INTEGRITY=y CONFIG_IMA=y CONFIG_IMA_MEASURE_PCR_IDX=10 CONFIG_IMA_LSM_RULES=y CONFIG_INTEGRITY_SIGNATURE=y CONFIG_IMA_APPRAISE=y
I can see only one entry in PCR 10.
root@nikhil:~# cat /sys/kernel/security/ima/ascii_runtime_measurements
10 c1091b621b64546f90b059727f0ab1a08a257a71 ima-ng sha1:d5fbd75caeed26c1662f08139ee831cf807af34c boot_aggregate
root@nikhil:~#
Also I am not sure apart from these config flags what things i need to do to get all the IMA functionality.
Can someone please suggest me what wrong here.
Thanks,
Nikhil
Show LessHello,
I am trying to integrate Infineon OPTIGA slm9670 via SPI with nxp imx8mm evk and building the images using yocto project.
1. I have tested spi loop back test in imx8mm board. Therefore, i confirmed that spi is working good and the driver is spidev. The spi device is listed in kernel root space. if i give like /dev/spidev*
2. Not able to detect tpm device if i give cmd /dev/tpm* in kernel space
3. Can you guide me how to interface this device with imx8mm board?
4. What are the steps need to follow?
please kindly let know your suggestions
Thanks & Regards,
Balajikrishnan.GS
Show Less