Hi David > Hi Denx, > > We at wolfSSL have developed a port for wolfTPM in U-Boot. The patch allows > using the current built-in TPM 2.0 support or switching to wolfTPM via > CONFIG_TPM_WOLF=y. It also supports TPM 2.0 firmware update for the Infineon > SLB9672 and SLB9673. > > I think there is probably some more cleanup and testing needed, but I wanted > to submit this to start the discussion and see your thoughts.
It's easier if you CC the appropriate maintainers for each subsystem next time! > > The wolfTPM library is GPLv2 and added as a submodule. If the license or > submodule is an issue let’s discuss! I’m positive we can resolve anything. We recently added a few external libraries. mbedTLS and lwIP. Both of these are pulled as subtrees, so I'd like to stick to that. I briefly went through the patch and I don't disagree in pulling an external library as long as it's reasonably stable and will continue to be maintained. A few questions since I am not familiar with wolfTPM - Have you made any size comparisons wrt to the final binary size? - Does wolfTPM have stable releases that we can use? - Is there a CVE policy ? The current patch is quite big and I honestly don't have time to go through all of it in detail. I'll be away next week, but I can give some general feedback in ~10days. The easiest thing to do is try to split it a reasonable amount of patches -- and only include the bare minimum of what's required to work. Thanks /Ilias > > Attached is the patch based on latest master 3b6760ddeb4 to review. > >  > > Thanks, > David Garske > Software Engineer, wolfSSL > +1 (530) 409-2990 > https://www.wolfssl.com <https://www.wolfssl.com/> > https://github.com/wolfssl
