Re: Aw: Re: Re: Re: tpm_tis_spi gets initialized long after IMA

[Mimi Zohar <zohar@linux.vnet.ibm.com>]

Hi Peter,

On Fri, 2017-09-29 at 22:14 +0200, Peter Huewe wrote:
> Hi pau,
> 
> thanks for your answer,
> SPI is enabled in DT and compiled in
> TPM is enabled in DT via overlay and compiled in.
> I have a working /dev/tpm0
> 
> However, the problem lays elsewhere - I added some debug prints to figure out what is going on:
> It looks like this
> 
> 
> [    0.027898] RPIFirmware: Calling rpi_firmware_get
> [    0.027929] bcm2835-clk 3f101000.cprman: Probing FW
> [    0.027949] bcm2835-clk 3f101000.cprman: FW not ready, defering probe                                                                                     
> [    0.028385] bcm2835-mbox 3f00b880.mailbox: mailbox enabled
> [    0.028847] uart-pl011 3f201000.serial: could not find pctldev for node /soc/gpio@7e200000/uart0_pins, deferring probe
> [    0.061353] bcm2835-dma 3f007000.dma: DMA legacy API manager at bb80f000, dmachans=0x1
> [    0.062828] SCSI subsystem initialized
> [    0.062950] usbcore: registered new interface driver usbfs
> [    0.063001] usbcore: registered new interface driver hub
> [    0.063084] usbcore: registered new device driver usb
> [    0.063362] raspberrypi-firmware soc:firmware: Calling rpi_firmware_probe
> 
> So the bcm2835-clk calls rpi_firmware_get, which returns with NULL since the pdev has not been set yet,
> as the rpi_firmware_probe gets called only later :/
> 
> That defers the probing of the bcm2835-clk, so it it not available for the bcm2835-spi which also gets defered, consequently making the tpm not available until ima is done :/

Sorry for the long delay!  At the end of last year we were able to
boot the pi with IMA using the TPM.

On the rpi-4.8.y kernel with tip commit 061dccc ("BCM270X_DT: Add pi3-
disable-wifi overlay"), I had to disable the full TPM selftest in
order for the TPM to be initialized prior to IMA.

-       rc = tpm2_start_selftest(chip, true);
+       rc = tpm2_start_selftest(chip, false);

I now have it working on the rpi-4.9.y kernel with tip commit e80a8a5
("Merge remote-tracking branch 'stable/linux-4.9.y' into rpi-4.9.y")
as well.  In addition to disabling the full selftest, I had to revert
commit b76c8d5 ("clk-bcm2835: Read max core clock from firmware") in
order for the TPM to initialize prior to IMA.

Mimi