From 378d1023df9fb5baa17cea28963081ff896165d9 Mon Sep 17 00:00:00 2001 From: Peter Huewe Date: Thu, 14 Jun 2018 22:22:06 +0200 Subject: [PATCH] Add LetsTrust TPM LetsTrust-TPM is a TPM2.0 daughter board for the Raspberry Pi platform based on an Infineon SLB9670 chip. It is compatible with all Raspberry Pi models and probably the smallest available addon board on the market. The TPM can e.g. be used as a secure key storage and as a hwrng. Signed-off-by: Peter Huewe --- draft/boards/letstrust-tpm.png | Bin 0 -> 173723 bytes draft/overlay/letstrust-tpm.md | 67 +++++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100644 draft/boards/letstrust-tpm.png create mode 100644 draft/overlay/letstrust-tpm.md diff --git a/draft/boards/letstrust-tpm.png b/draft/boards/letstrust-tpm.png new file mode 100644 index 0000000000000000000000000000000000000000..dc2a63669dd869e591e4bba04b6cfa4ad1d48223 GIT binary patch literal 173723 zcmeI5X^>pkb>C0#d-wG0n89Fx0SF8T0^q)hq)3VqMca`~S*}QlY&lBge2MK;qEh@t zUzk*?;txrs5|{0Ys}fbDN>sK~s>-6pT1bi{D2iB!g}@B98DRFMr+a$e^EKF7E4 zXMX+Zr=+X@{@Zu|$A99T*gya9C;z3$k-hrm`{OUa|MR>V`P?&q?}L$R;neWJNZ;cA zAMn;4pZnk^KKFq?`h!3C>>qwkcHhEraOJ=JNMyG>^VAa`|6`v_KX?8MOk;;3UF*~Hb3`lyYD)- z&Rjm`NhH$p>~H+G+;iWfKjk;Jw|*7^!Jl=~&i!-*IxNDqVnMEMue*gG5Wj?dK`B+s z(&=>EMXhF=cSRbVwzOLirRZ~u-q-a@Bp7y!x6x`czAa%T5M-)0Y7z-W1cq^CSNc-@ z(r7iL)~Jfk>UhdHJ#>f?M~_4#Au))zytOI;@iAYJ>zJE!L5R|XoS|?~q7b|}c30g>uQwW&iVrfDyZkv9y)Nf3UXfIPMzVp31X}^A)GC6! zkqx9zsZbFgl1PsZOFtM3%4Bv#g3zj7foP$w6ze5f-!8+l_FGR82nHmRiOXnqR5q_I zO9z4G3kPH|w<(Qs!;SO#y3Fa5L^34fnXHrx4XJc;5XUF0r7bDuD*|VFJY-yuaU*?k ziA1xqg47Hq__HShvXCqAG=7Qq4>@V~)+I$4GG7>5>3XWqhl*g=DZ<^RBeM?-B>_2H?~mcni7tNA#hDv73RBfZ+&W? zzbjQFU)#4OwQ@xgt)v7SK50S703=tUhmlTpct^lc^N5++I8p2jr#)f!bXlmOP?(kM zlP2~`wOW&|Ul%YFvuIUT=#p=@yRy8xB2CD`RZ`05rR8gJeNRd;)s1m&X*HU%xxUWN z9k<{c%^KW9j&U!PE*KU7RNt8P7WP_2ABAUV zNgJuwW)c$f3jq97d{#%c)J@Rk9C$d|f zdFqLe|E+`UMDOooINUM<>Sa@@(18rP5D^kmDC8U=+AR2H8vFW5yk7%m;Imd@SXGFRx$|Ezk>n9K^&@X@Z_D!a1qu2C z(kRs>-!8e8uT$xY|NT$@1ONK^Ds~BCL{~KiN4tey#h3b~yDaMXD5`oojl3F7-*P2vq7sFv?WFR2DX2hYznrI0Do8r`IW~!;x6` zOJDqI$ItU(A;Ds%$8d_YgA!z(A&GEnCb7da0!AQ@km({Wm9`;IkN^$3Tp%dPWJ0!C z$Suh6ncx4^&QhuLAKTqd)QJaOn23rNVx`S@{c<{3$KMkLdK#j+gV%2nh_@V%5J`Hr z#dRobj%2DksB2Kk<%fiC5$MKif4ir*>6Ln2pxdea?mzy-AN`-NerF+o=nCP>R?RS` zH)V3wH=6{o?C_3&5y&HE)oMlZn>jgp_#W9gJ|$rSE_HOW0|yRC|G7jwycvGDX_ zVIvV%>4HS66WnPM`P2ZB5=o^)1fwdT=OIrGufa|4f}Ym}t^uN8fXHmSL6C=Qc^~?? zV2}oWVj&{15Jsb;Dv6vS#DE~)f@Cy?^x;|zE99MIhK9tmNTmhOQP_96ttxe1kwe(q_@vu}%CCP0pNS(mw=4L^b zme-{}l9bZcHiDxgo7JLJi@n7jhy-L}Xhhm|q!ALP)MUPGBAXZ`8ZAv{64FmpwaT16 z2)aoWw}DSvk5DuqJF@*!Xl%izu533dQrdO)2fbxJA^(3y}#g+PJeQp>4n4MD>2+FA4v zs1d9|kUSCCs`!YOwy|S6kWK9rl{6L3*C7V3bZK;(1aT_u_Yc{iy6a@;Czn^4DMb3wizIS&>MejE|4>Y^t9Fi}(5^Mj($XK$FSTDWE(U zN`~c$hYrb0&wo>P^#^1Lhk`GBJBv|WZyLnu9qK^n;Lq;)pRsvZ&@}=`>W6mf7m-h$ zPi-c3*)_3A0$qYUYX2a3)Yj3tlzf^{SB6-ebkYm!%3armO?qtuRS|{=))}PboRV4R z;p_ORGqRXR3I@V5G8mS}9=TIqJ~8K>SI64n9RVYdN6bQGb|&KqXZzfL=RrAo?-6<7 zJAWhPWLwTGb|ianNQzrX7o@^A|5QbDP6G9Ns}~HSs7Jcn;R|B8AQI1@nWxGUmw5^q zoK2)&1U<(;=PBUz&4f4x>R`?U$zts}6x_9%3PZeqygej*ltJ;Vz+a8!xm1D zL6>Hsb2!zK?{;`YzzF0GFNnbcPQ;yr(B&Q^En#83CW~toJY#-2f^(piC1;1!gdmbY zSGW>DBd7t=vbFvo8V=zBtDweJ#Ls&wNi=>`Bke(BOVMz#^;a7ry<7l1b*y(KPzO7z zTF2fY0-K1(oa6~Y5;)~zOiF|%kx?a<<_E!X_naDI3USXWxj#xkb-|xo%%jeAWI12M z)91%2l6SUNfOAd8+2I`lBa=tWYPFgx5TbfPzV-bd;^jIgRf!7%gt~@~oIP`fRo|99 zBQd%E!8=*ZH9385R?b|>OSMH16V+>wROy2|WAecC7|C-vd2_BHm)7cz2)<5J?%17{ zgL`&KJe`%*wQKUDvx`z}gm_Y)B*{WOx_3~H9=Q|G-?|(>{id9m-*yD+;@;M4@4x4$ z?3}to-aPY$y!gX&qrAYJJZ)E%~VEKaTMHksGkBL-Y2fIytFJssh}L49+AsuUxiC`xqbR>DYX~m*vWbB z)|JQaIxOLCNxu8yF&WGb$Rm$DB(q=nE-vP-3=rvj-$O@b_1ZPrSg**~a8`~Sj?1@y z01=RC4?TQ9c8_P|+{~L&rNHNjCmxVXU;Y-VS{VmNK%RW^L0OoamzCFElx$q&&cjpk z`q}GT8WhDaUDTC*w@slfV(nmmC6Y)RbVEPRgD9y#sZ5I45MP-zYMw0x@9V%~ zLO%y)EMyj2B9WxJu7RCFc__Aqde)N3xGb|kYgEq_$~9TqYRc9|L)O+eNd>Ax01SWB zuw1_60-^I89Z3yWWPM{(1rz6~#A|k4Kz1d^``f&RNUb2nJ){q*Z*GGMIfRDHq4M>m zYqD^Ck+@HbYPm4k4PBW-`dnSyl=;oBtZtU2>d$dUY$o*v^1W8q+H=Zlk)rCL2tr!* z8mi0N4(|wHirV1?fvfYER=Y3`T`C8tTJQnIf92h7^cIBhE{v_D4F);zq4gFW(NdD|L7KA&kzSpk`bN z$kDtPm1nsLB9sjvo98{$t8tK#`wmN)lOg1HQC7xVGU@Zg~H z4AxRrCwj~anx2)X{BYQ5dyMx7JtCm9O{JDmOW%j{dW|CXjz2DeE#cS{s(E|4%d4f z98O_}4N5b8rD@p{jrs_*R%Kvxl()@^;BhIq;pV%1 z8)~Qi^q>8e$gTGU=<-S5W#MUMsH$hpQl3wGEodWmlVw_>1R~^XvdH%fHLbF-bVcqt zdVsjjw5-!nq>wMjq5Y$B=)kBfFI;47T^@b>5s8J{vYE?K`cRVl@0&)lk&d%`MW*-f zlIh#`yRwRWJ|}zkjL01aC#1N3Rs79udH8+zQ5V#e+*XbU;^#;1k3zd; z`0#$&+S-s}F^?yYj0hwX|DjHHq*B;$wM%tWMc3)^ZMfLWTSLI4(XHY1)+kNJRHI*w z@x|pe+2oV{)1Ug7T$tUGM7SZZUM`@b^~jV=#EA7IQRT2_$hOvG&KmCLG9?NlgDDxp z9!aUK1RJ#sLKiVw7sRa7Rgu^d^+FLOTMM;L%N2a6durQ+$Rx;6+tZ(-I<{VrDx~e8 zU#h!Y=ZTPNG?YoAGBUnO!YiZ?VxRrqC!duwXD&#>Uz0oTen|e;H@^?@$*;f>qKzQz z@Q#2H$RlR1}7U8lbQL-H?Gb2+w`lSD{yCj+F zlUGljb%e&ZCo^xJlY_TSNRCR|uYCQR@~!WklrRaXL2NEpPvj8`8{U)VhJyzL78d5@ z*s+)7`R8ADR|Tj-4dL}74kS$^N2%JFCIjI0Ogxa793RFb7M8WmO}uv75UAG_8{s7r z!)e(~=0dGnlB?HOC9mBODeqQScpCd^*Ju{U0kI;|bu>t-wLK9epYyzhJ2F70M;*Ji zRdj@n;#F%PX#$-FX+=0Qkb1dNMHbe!H3g|m)4O{aenAWF{J7DpWNWLssmZE?1O4*U zQ%}hI-~Y4+By6Z6U=qmVI#7>Xh7_L3eUmhV(}KCG^hHSN!S$>?2XbXpCPJK5vaq8u z$_tWdG6Rw_oXkrJ6;69ksk+r6rW8yJN`H2TlzcJS8Er|0tbzg=(`ia4Mu&Gue_y}E zNFL2auHpr(%l#0ph`m*!8g=i^UG!jROL=})_QbS_U05zuTEdga?(DFP?--Yv`77cZ zUvkn*RmTIFVR`t0hvf3yoGfmv%G}n1`(1MRA|It{8QI|#0V9w{#56EEF}YjT8YQ__ zT9U$gQ64$42RkDqdvCixQ4VKb6d8gqe0eeT4HHzCnQcM zMm9u(tOwTrAo+L^l12xIh9rx67s)M4Jdl$6|$m<$Vcd+KDX1~GWJXmubIEvk#xHz zhuFg5DiPX9vnp$Ao6@eV%Tl!|6@Qej_t&{k3g^HeZtn;&pr9-gZ2i%XUdKgUmH^UZ zwV0Er#)lw8mrR8U_w=VyRId7Ev~N&mXJ=$Ao0VZm{f*<#OJZW!#kVw=Yln9Pj6fbS z(_~LIdY(<;@W!4a9;tas?6%?#xJ% zgw7H+l9prpXbw^>&{bh0FFqtn|N6Xaki8QpQ(yxpz&TQg@&uV^nkdKDu5%w!bq2>E z!2phkLHhA@WNK<3M9s?O>zAd1q#GC*kTGnaEu`Q2$~GH2;K75mXDIyB{I|jWEOwe7 zhX=Ng3=^D%z$#kp@Qi>F$RlK`wrQDwmNKZ>tu;4(Qg32o{?ZGwj9P`KKrSGS%GfNlopVlt3ioQU z_%-^y%nkK5ZZu~@edw|KWDAupx0Obs(X*jIYb`Rpx3=@t2_^CVt@WgvJ}8HF@=2mv zYAHkwH@xQBwRnC#t>x%;ct_xufI!I?Q`bdqJr}_HFZqkQLaRkp8fhl9s&ip%qk(}T zitC1*jikw=TJIBLQJoxM9U|XpuMmu5{%WajZbRnh-4F5u8?4^G-*3YNd`$DA~37Oj`I~k&Agi5 zL}qnma_3Gtboi)CO5NOCm7OkWsCsrYoE9e@lqOeB zn;mNQvl2+Z!Wi=%+-pmC<_5Ea#CZ}@4OgW_J*xlwum7ANCMh_aJ1}|B&A76@EIATG4@^yyc@UQCkVX4oAG-HG%C#qnAH`($ zrE9XHId<(~HvP%sU2Dmxe~TCs%@s8_2(oBBlD<*`=;3OBcwg&+$}Z21^6;TSl3jO5 zo*ccYiCr>2hP^bt%N6L&ZeDR!tU;vM_{ga2*|XbanCI9O_V&p!St+xJ3-f8IgdN@y zFamkR%#}s6nAJ0NB+>$<|NhH{jK1v+4J#UES@*1#JH<=d9bs(z}K;6zRE1d62 z4l3%LXD^n`xV`SX^y1b6zzo?8#Rhdjj0zD+jgrA#C*8-#JX3TD+JF09uAJfY**B!| zCZ!I{7ec+$gjqYhBVYvbh?yGlZYN@{bBm6}9j9;HhkxxOGC8?N{8XQ6#=&skup|eQ z80#0Mk3i~pddv|n5sFJ`^BS(@jLRAbvQH$*Jd&l{pp|I4l52Gms3Stl!*y2%C8Tpu za8Gqs=zUcJR%kdfcWI60jC);tsuhHARJdm8-H^m~TFI|LLUwxKpYr|M!WvCYUZ!-S z=2Xd4q7MRT6G$zYpbFLw&j=WSJVK_Q*t&={u7hZB>fG+#`|zaQK~dWds!!)!;oT~U zn{{7J5{;nrA&s^+a_r|rc6Me&a%=3{lhIAE>Jq^VrXDtJ1*|neN{l*co4U(2^ID}% z0$WKJxq9AQuQyjB-X@uq#wA4>-7l_DJV!i;`|P{p4jG1=8TI->lnr*3P=Tdc2@kyQ zaeCA(JFna*v8h)soWePwrQu{jXz8pSo)IwAJVM6$c1OTT1^i?DJUp>OPMmyI?z!uJ z?2eElgzj8-eRYofP2HfYD0S+Cbb+5ZbzDk$+W+G6&Y)6t$$8VFI%lU~H?<*&&aI@1 z=ywRKQZGR9TTjW-2cU5YQcAa!+$L>jW^vVRe-h}U*~n^^y^7YcgDSGh9!4QjeR|y#vg-4$|DRl~S;ctyYn1iqaqd$A)H${FT7r@Bm z2|*pqYGgtCSb%D0WKp$-)BSR3c}bps;|0j{yKcr9SqU5TB8X%EIJK&dD{-B^>QF-zWWKnz zxX&3olUAis>0<0Sp(ADtF z#RIzFX_(0Fcq)}Nc&ZKqRq6C+?Sr7(uc#fQF{LKG5>#sWl^k^92~ZxsO7?amzfLl0 zTk72!Btyb6hxTUZB0b$}LZ>_X$M_nNwe2lg$}MpoTS#?8q?3}^j-La8>F3UW!C2%G zxE98U>T}Lb23t;?KOqN44oJ94%Tj+D2KAET3V09_&4^6hKIO#L;wz*f#(Yboe(flCITHD2rQd35|kYy?DU|g48I{#jpLaG&OpVwCxrVP_27Nu<_7Jc~jE7*F|UA zGj*FpX+K&jQYe($rg;MHGlD>Es&?8KHA=)D6?=Yey_q&;(05xHO4UwXs_lwoFtmnt zj5#UN$NRx8bh^@tJ_);a(N5K;ok*y+z!S1U>FQuQAhW9rB6OjT1T(Igg6fR64~oZy zaAUX;$Rlnlee}~>>kTyasp$icz3&OR^T@q03;UiN>tHa_?#~RiwQjps$y3@2%#dvo zm)*kpq9cckW?~2h@jZt#)Lp08$qS#jHsZc%5NU8o)i)Qs;k$YOdOzbOXh&rt4skG| z7Rh9dKx9qMn;4x$E#vtx()K{|1{rXH^_6y^TJD~`HbWzBqN=EkV+4-W_~}w}(WVak zX7;K_INtNajX)lkfTl9*C$?@ts;?t7$o|gB7fE7M`@}DgJ@MoM1o~JyJw)M~y3LRo zE<&p0(u{7dQt85%E^;N-HhDg}8ETYBX-K1`s-|(iP3pEvJC#Jv7UDg(TQT2tUag$d z@>!Apzb@_u&8{^?dV-yZhhk}hK@l0J8TH8%ua}o{*S{Od#$+fyAR!F=7}u0a+fu>- zalKWPix)1*L~?|n(G(FYS<^sI5h%6qNj{k|9C)kQC=$nn~+oq zX@_?N>|@6(W;fI*UBK!nNaM%uiw&?S*_af^fclxkq+GAFeck12^HQWywl=2ju$Z^D zHsy`kSt-*(2M4xO$J#iPGjsq^|G2i*3DNwm!FCPdSRAigi)(UHqIZ?UiFSBLz$B1&%-koweqgJ^;PTRC2^QF4_`ydhRV7;!wdwg6zD?g>_GqNICp5U1 z?d7mzP|Ip8W^MJ8Mq;JenM);#N*0wQE--`2w!TW94$q|BOp2UWi5I7HquN?GHzHDL zrk*+7Nmx}pb%Vzs+|v&}F40t6UVrfg+}m+U(iW(IWhH!3e)FQQEme;QEb4dCr8PyGf zT4ashwdVlkq$Qc2JS6u$@F-+x$}6wFB3I8IlNN;Yvk7aAinnc~$2s<}zw4g+TsOwl z@Cb83C+?A@MUSQ|G)T$T6odZ$KBNZuIkZsKCf;s435GU#rW&0^mT;dZo3!Vl_38bO zdE5b=It2T$;Lvna*cFxbt1T1Az?Kg+z#&u7-}9d>vaU_74i_N zVPjL`JmV8`og}!c^y3ZDzjqRMbsqJpUYp~5Smv%=lx=!ZRY|ArC)>2fqA!KC@f2PEyvF>S>t*owU$2V7{?@!SlDp11_Qwx0yk5q zT}vH^pz7FOvPZ|+lRlrP*#ViM)c?qT|MvfsBny4|@V(9lahoQ^3Xf%7gu z+nNs7oQ%+StJ|eimQ?OI@gQ|wSGiB6PBkAL9d(y4-Nqph$Aif8=yPtcG3&Y2MR{oQ zfINQhlOEBq;U+O`daniD5 zk)%ua(M}|){;30D5DBS{gA%n8aW)pxIFn{lsM^*>>V+tA-9b6+#NZB(NZ4>izzF1Z z9k5`P6k4Gc=hMANYP1GR1K1S0XzP61YhY9xzNy+3#q*}w0v)w!P^Z+>mcL=&L>Z4C z9BDvMlR4W+Dy=`zYm_)0q)m+1>X-;XmM9$*eax@5*(vI|b?b%}_t5K=giVTs!aP?9 zg0$!{Od~CP?zM2QQtr{ZYrn2-0xZuKh@?gjXbNydhu+7y^cXAz%m? z0)~JgUYot_~NmDCGyLh3-GRk+3>F3UW;qPW9o5c_?1PlQ~zz{G53;{#H5HJJ`0YktLFa!(%L%0>2b@9FMi`wsK2p9r}fFWQA7y^cXAz%m?0)~JgUhJYbp2)vsSIQDq;UmU4C`yu@upZVZNp8DF8 IzxUk#11>yn2><{9 literal 0 HcmV?d00001 diff --git a/draft/overlay/letstrust-tpm.md b/draft/overlay/letstrust-tpm.md new file mode 100644 index 0000000..ca63970 --- /dev/null +++ b/draft/overlay/letstrust-tpm.md @@ -0,0 +1,67 @@ + +#LetsTrust-TPM + +LetsTrust-TPM is a TPM2.0 daughter board for the Raspberry Pi platform based on an Infineon SLB9670 chip. +It is compatible with all Raspberry Pi models and probably the smallest available addon board on the market. +The TPM can be used e.g. as a secure keystore or as an hwrng. + +In order to use it your kernel must have the following options enabled: +```kernelconfig + CONFIG_HW_RANDOM_TPM=m + CONFIG_TCG_TPM=m + CONFIG_TCG_TIS_CORE=m + CONFIG_TCG_TIS_SPI=m + CONFIG_SECURITYFS=y +``` +and a suitable device tree overlay: +```dts + slb9670: slb9670@0{ + compatible = "infineon,slb9670"; + reg = <1>; /* CE1 */ + #address-cells = <1>; + #size-cells = <0>; + spi-max-frequency = <32000000>; + status = "okay"; + }; +``` + +Per default CE1 is used as chip select, CE0 can also be used by resoldering a 0-ohm resistor. + +A full dts overlay is available here, +or you can also find a precompiled image with TPM support and the complete build-instructions at letstrust.de.