From: Jarkko Sakkinen <jarkko@kernel.org>
To: Stuart Yoder <stuart.yoder@arm.com>
Cc: linux-integrity@vger.kernel.org, peterhuewe@gmx.de, jgg@ziepe.ca,
sudeep.holla@arm.com, Prachotan.Bathi@arm.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] tpm_crb: Add idle support for the Arm FF-A start method
Date: Tue, 26 Aug 2025 01:49:13 +0300 [thread overview]
Message-ID: <aKzoaWeJOh5W0M6J@kernel.org> (raw)
In-Reply-To: <9227d35b-40d6-4faf-910d-ee7de9bbc094@arm.com>
On Mon, Aug 25, 2025 at 05:19:34PM -0500, Stuart Yoder wrote:
>
>
> On 8/25/25 4:58 PM, Jarkko Sakkinen wrote:
> > On Mon, Aug 25, 2025 at 03:59:43PM -0500, Stuart Yoder wrote:
> > > According to the CRB over FF-A specification [1], a TPM that implements
> > > the ABI must comply with the TCG PTP specification. This requires support
> > > for the Idle and Ready states.
> > >
> > > This patch implements CRB control area requests for goIdle and
> > > cmdReady on FF-A based TPMs.
> > >
> > > The FF-A message used to notify the TPM of CRB updates includes a
> > > locality parameter, which provides a hint to the TPM about which
> > > locality modified the CRB. This patch adds a locality parameter
> > > to __crb_go_idle() and __crb_cmd_ready() to support this.
> > >
> > > [1] https://developer.arm.com/documentation/den0138/latest/
> > >
> > > Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
> >
> > Perhaps a dummy question but is this "QEMU testable"? I know how
> > to bind swtpm to QEMU and make it appear as CRB device on x86-64.
> >
> > I don't see much testing happening with these ARM CRB patches,
> > and if that works in the first palce I could probably add
> > a new board target to my BR2_EXTERNAL [1].
> >
> > I can of course do "negative testing' i.e. that these don't
> > break x86 ;-)
>
> Unfortunately this is not currently testable on QEMU. We are using
> the Arm FVP [1], which is also a machine emulator, with the firmware
> stack and an fTPM running in TrustZone. The firmware, fTPM, etc are
> not all publicly available yet, but everything is based on open
> source projects and the intent is that all the components needed do
> test this on FVP will be available at some point.
>
> There is nothing fundamental that would prevent this from running
> on QEMU, but just a fair amount of integration and possibly firmware
> work.
OK, it's cool and the patch looks totally fine and I can
"hallucinate it" so:
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> [1] https://developer.arm.com/Tools%20and%20Software/Fixed%20Virtual%20Platforms/Arm%20Architecture%20FVPs
>
> Thanks,
> Stuart
BR, Jarkko
next prev parent reply other threads:[~2025-08-25 22:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-25 20:59 [PATCH] tpm_crb: Add idle support for the Arm FF-A start method Stuart Yoder
2025-08-25 21:58 ` Jarkko Sakkinen
2025-08-25 22:19 ` Stuart Yoder
2025-08-25 22:49 ` Jarkko Sakkinen [this message]
2025-10-15 22:22 ` Stuart Yoder
2025-10-18 11:28 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aKzoaWeJOh5W0M6J@kernel.org \
--to=jarkko@kernel.org \
--cc=Prachotan.Bathi@arm.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=stuart.yoder@arm.com \
--cc=sudeep.holla@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.