Hi all, This is v3 of the wolfTPM TPM 2.0 stack integration for U-Boot.
wolfTPM (https://github.com/wolfSSL/wolfTPM) is a portable, GPLv2 TPM 2.0 library that provides a full TPM 2.0 command set, an SPI/MMIO HAL, and firmware-update support for Infineon SLB9672/SLB9673 hardware. This series wires it into U-Boot as an optional backend behind the existing 'tpm2' command, alongside support for QEMU+swtpm, sandbox emulation, and real Raspberry Pi 4 + Infineon SLB9672 hardware. Branch (full 14-commit history including the subtree squash + merge): https://github.com/aidangarske/u-boot wolftpm-v2-patches Note on the subtree commits omitted from this email thread: The branch above contains 14 commits; the email series is 12 patches. Two commits are deliberately not sent to the list: * "Squashed 'lib/wolftpm/' content from commit 664db130d57" - the parentless squash commit produced by `git subtree add`. Its diff is ~3.4MB / ~90k lines and would be rejected by the mailing list on size. * "Merge commit 'd42fd7b146...' as 'lib/wolftpm'" - the corresponding subtree merge commit. Merges have no patch form and are routinely omitted by `git format-patch`. Please pull from the branch above (or wolfssl/wolfTPM @ 664db130d57) to inspect the imported wolfTPM source. Subsequent updates will go via tools/update-subtree.sh, matching how mbedTLS, lwIP, and dts/upstream are maintained in tree. Changes since v2: - Replaced the lib/wolftpm git submodule with a git subtree import (squash + merge), matching the convention used for mbedTLS, lwIP, and dts/upstream. tools/update-subtree.sh is updated to know about the wolftpm subtree (path lib/wolftpm, upstream https://github.com/wolfssl/wolfTPM.git). [feedback: Ilias Apalodimas] - Reverted the changes to include/linux/byteorder/generic.h. The redefinition workaround for cpu_to_beXX / beXX_to_cpu now lives on the wolfTPM side: include/configs/user_settings.h pulls in <asm/byteorder.h> up front so U-Boot's macros are defined before wolfTPM's #ifndef-guarded fallbacks in tpm2_packet.h. [feedback: Ilias Apalodimas] Testing: - QEMU arm64 + swtpm Python test framework (./test/py/test.py --bd qemu_arm64 -k "test_wolftpm and not ut_cmd"): 19 passed, 2 skipped (matching doc/usage/cmd/wolftpm.rst). - Manual QEMU arm64 + swtpm walkthrough per doc/usage/cmd/wolftpm.rst section "Building and Running wolfTPM with U-Boot using QEMU": tpm2 help/info/autostart/startup/ get_capability/pcr_read/pcr_print/caps all return expected output. - Raspberry Pi 4 + Infineon SLB9672 (real hardware): all wolfTPM cmd tests pass, including firmware update path. v2 thread: https://lore.kernel.org/u-boot/?q=PATCH+v2+tpm+wolfTPM Aidan Garske (12): tpm: export tpm_show_device, tpm_set_device, and get_tpm include/hash: add SHA384 hash wrapper declaration for wolfTPM spi: add BCM2835/BCM2711 hardware SPI controller driver dts: add TPM device tree nodes for RPi4, QEMU, and sandbox tpm: add wolfTPM build rules and Kconfig tpm: add wolfTPM headers and SHA384 glue code tpm: add wolfTPM driver helpers and Kconfig options cmd: refactor tpm2 command into frontend/backend architecture tpm: add sandbox TPM SPI emulator test: add wolfTPM C unit tests and Python integration tests doc: add wolfTPM documentation configs: enable wolfTPM in rpi_4_defconfig -- 2.47.3
