From: Rob Herring <robh@kernel.org>
To: Lukas Wunner <lukas@wunner.de>
Cc: Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Conor Dooley <conor+dt@kernel.org>,
devicetree@vger.kernel.org, linux-integrity@vger.kernel.org,
Lino Sanfilippo <LinoSanfilippo@gmx.de>
Subject: Re: [PATCH 1/3] dt-bindings: tpm: Consolidate TCG TIS bindings
Date: Tue, 21 Nov 2023 08:56:32 -0700 [thread overview]
Message-ID: <20231121155632.GB1845293-robh@kernel.org> (raw)
In-Reply-To: <e83a43a67c96b4f2614f029666209cb408da8678.1700555862.git.lukas@wunner.de>
On Tue, Nov 21, 2023 at 10:48:41AM +0100, Lukas Wunner wrote:
> A significant number of Trusted Platform Modules conform to the "TIS"
> specification published by the Trusted Computing Group ("TCG PC Client
> Specific TPM Interface Specification"). These chips typically use an
> SPI, I²C or LPC bus as transport (via MMIO in the latter case). Some
> of them even support multiple of those buses (selectable through a
> config strap) or the same chip is available in multiple SKUs, each with
> a different bus interface.
>
> The devicetree bindings for these TPMs have not been converted to DT
> schema yet and are spread out across 3 generic files and 3 chip-specific
> files. A few TPM compatible strings were added to trivial-devices.yaml
> even though additional properties are documented in the plaintext
> bindings.
Thanks for doing this. Looks pretty good.
>
> Consolidate the devicetree bindings into 3 files, one per bus.
>
> Move common properties to a separate tpm-common.yaml.
>
> Document compatible strings which are supported by the TPM TIS driver
> but were neglected to be added to the devicetree bindings.
>
> Document the memory-region property recently introduced by commit
> 1e2714bb83fc ("tpm: Add reserved memory event log").
>
> Signed-off-by: Lukas Wunner <lukas@wunner.de>
> ---
> .../bindings/security/tpm/google,cr50.txt | 19 ----
> .../bindings/security/tpm/st33zp24-i2c.txt | 34 ------
> .../bindings/security/tpm/st33zp24-spi.txt | 32 ------
> .../bindings/security/tpm/tpm-i2c.txt | 26 -----
> .../bindings/security/tpm/tpm_tis_mmio.txt | 25 ----
> .../bindings/security/tpm/tpm_tis_spi.txt | 23 ----
> .../bindings/tpm/tcg,tpm-tis-i2c.yaml | 107 ++++++++++++++++++
> .../bindings/tpm/tcg,tpm-tis-mmio.yaml | 50 ++++++++
> .../bindings/tpm/tcg,tpm_tis-spi.yaml | 88 ++++++++++++++
> .../devicetree/bindings/tpm/tpm-common.yaml | 56 +++++++++
> .../devicetree/bindings/trivial-devices.yaml | 16 ---
> 11 files changed, 301 insertions(+), 175 deletions(-)
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/google,cr50.txt
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/st33zp24-i2c.txt
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/st33zp24-spi.txt
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/tpm-i2c.txt
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/tpm_tis_mmio.txt
> delete mode 100644 Documentation/devicetree/bindings/security/tpm/tpm_tis_spi.txt
> create mode 100644 Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml
> create mode 100644 Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml
> create mode 100644 Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml
> create mode 100644 Documentation/devicetree/bindings/tpm/tpm-common.yaml
> diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml
> new file mode 100644
> index 000000000000..2f95916046a1
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml
> @@ -0,0 +1,107 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/tpm/tcg,tpm-tis-i2c.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: I²C-attached Trusted Platform Module conforming to TCG TIS specification
> +
> +maintainers:
> + - Lukas Wunner <lukas@wunner.de>
> +
> +description: |
> + The Trusted Computing Group (TCG) has defined a multi-vendor standard
> + for accessing a TPM chip. It can be transported over various buses,
> + one of them being I²C. The standard is named:
> + TCG PC Client Specific TPM Interface Specification (TIS)
> + https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
> +
> +properties:
> + compatible:
> + items:
> + - enum:
> + - atmel,at97sc3204t
> + - google,cr50 # H1 Secure Microcontroller running Cr50 firmware
> + - infineon,slb9635tt
> + - infineon,slb9645tt
> + - infineon,slb9673
> + - infineon,tpm_i2c_infineon
> + - nuvoton,npct501
> + - nuvoton,npct601
> + - st,st33zp24-i2c
> + - winbond,wpct301
> + - const: tcg,tpm-tis-i2c
> +
> + reg:
> + description: address of TPM on the I²C bus
> +
> + clock-frequency:
> + description: clock frequency used to access TPM on the I²C bus
> +
> +allOf:
> + - $ref: tpm-common.yaml#
> + - if:
> + properties:
> + compatible:
> + contains:
> + const: at97sc3201
> + then:
> + properties:
> + $nodename:
> + pattern: "^tpm$"
Devices on I2C bus have a unit address.
> + - if:
> + properties:
> + compatible:
> + contains:
> + const: infineon,slb9635tt
> + then:
> + properties:
> + clock-frequency:
> + maximum: 100000
> + - if:
> + properties:
> + compatible:
> + contains:
> + const: infineon,slb9645tt
> + then:
> + properties:
> + clock-frequency:
> + maximum: 400000
> +
> +required:
> + - compatible
> + - reg
> +
> +unevaluatedProperties: false
> +
> +examples:
> + - |
> + i2c {
> + #address-cells = <1>;
> + #size-cells = <0>;
> +
> + tpm@57 {
> + label = "tpm";
> + compatible = "nuvoton,npct601", "tcg,tpm-tis-i2c";
> + reg = <0x57>;
> + linux,sml-base = <0x7f 0xfd450000>;
> + linux,sml-size = <0x10000>;
> + };
> + };
> +
> + - |
> + #include <dt-bindings/gpio/gpio.h>
> + #include <dt-bindings/interrupt-controller/irq.h>
> + i2c {
> + #address-cells = <1>;
> + #size-cells = <0>;
> +
> + tpm@13 {
> + reg = <0x13>;
> + compatible = "st,st33zp24-i2c", "tcg,tpm-tis-i2c";
> + clock-frequency = <400000>;
> + interrupt-parent = <&gpio5>;
> + interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;
> + lpcpd-gpios = <&gpio5 15 GPIO_ACTIVE_HIGH>;
> + };
> + };
> diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml
> new file mode 100644
> index 000000000000..ce578cf22079
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml
> @@ -0,0 +1,50 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/tpm/tcg,tpm-tis-mmio.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: MMIO-accessed Trusted Platform Module conforming to TCG TIS specification
> +
> +maintainers:
> + - Lukas Wunner <lukas@wunner.de>
> +
> +description: |
> + The Trusted Computing Group (TCG) has defined a multi-vendor standard
> + for accessing a TPM chip. It can be transported over various buses,
> + one of them being LPC (via MMIO). The standard is named:
> + TCG PC Client Specific TPM Interface Specification (TIS)
> + https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
> +
> +properties:
> + compatible:
> + items:
> + - enum:
> + - at97sc3201
> + - atmel,at97sc3204
> + - nuvoton,npct650
> + - socionext,synquacer-tpm-mmio
> + - const: tcg,tpm-tis-mmio
> +
> + reg:
> + description:
> + location and length of the MMIO registers, length should be
> + at least 0x5000 bytes
> +
> +allOf:
> + - $ref: tpm-common.yaml#
> +
> +required:
> + - compatible
> + - reg
> +
> +unevaluatedProperties: false
> +
> +examples:
> + - |
> + tpm@90000 {
> + compatible = "atmel,at97sc3204", "tcg,tpm-tis-mmio";
> + reg = <0x90000 0x5000>;
> + interrupt-parent = <&EIC0>;
> + interrupts = <1 2>;
> + };
> diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml
> new file mode 100644
> index 000000000000..2415839eda7f
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml
> @@ -0,0 +1,88 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/tpm/tcg,tpm_tis-spi.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: SPI-attached Trusted Platform Module conforming to TCG TIS specification
> +
> +maintainers:
> + - Lukas Wunner <lukas@wunner.de>
> +
> +description: |
> + The Trusted Computing Group (TCG) has defined a multi-vendor standard
> + for accessing a TPM chip. It can be transported over various buses,
> + one of them being SPI. The standard is named:
> + TCG PC Client Specific TPM Interface Specification (TIS)
> + https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
> +
> +properties:
> + compatible:
> + items:
> + - enum:
> + - google,cr50 # H1 Secure Microcontroller running Cr50 firmware
> + - infineon,slb9670
> + - st,st33htpm-spi
> + - st,st33zp24-spi
> + - const: tcg,tpm_tis-spi
> +
> +allOf:
> + - $ref: tpm-common.yaml#
> + - $ref: /schemas/spi/spi-peripheral-props.yaml#
> + - if:
> + properties:
> + compatible:
> + contains:
> + const: st,st33zp24-spi
> + then:
> + properties:
> + spi-max-frequency:
> + maximum: 10000000
> +
> +required:
> + - compatible
> + - reg
> +
> +unevaluatedProperties: false
> +
> +examples:
> + - |
> + spi {
> + #address-cells = <1>;
> + #size-cells = <0>;
> +
> + tpm@0 {
> + reg = <0>;
> + compatible = "google,cr50", "tcg,tpm_tis-spi";
> + spi-max-frequency = <800000>;
> + };
> + };
> +
> + - |
> + spi {
> + #address-cells = <1>;
> + #size-cells = <0>;
> +
> + tpm@0 {
> + reg = <0>;
> + compatible = "infineon,slb9670", "tcg,tpm_tis-spi";
> + spi-max-frequency = <10000000>;
> + };
> + };
Just a different compatible string and frequency doesn't really justify
an example.
> +
> + - |
> + #include <dt-bindings/gpio/gpio.h>
> + #include <dt-bindings/interrupt-controller/irq.h>
> + spi {
> + #address-cells = <1>;
> + #size-cells = <0>;
> +
> + tpm@0 {
> + reg = <0>;
> + compatible = "st,st33zp24-spi", "tcg,tpm_tis-spi";
> + spi-max-frequency = <10000000>;
> + interrupt-parent = <&gpio5>;
> + interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;
> + lpcpd-gpios = <&gpio5 15 GPIO_ACTIVE_HIGH>;
> + };
> + };
> diff --git a/Documentation/devicetree/bindings/tpm/tpm-common.yaml b/Documentation/devicetree/bindings/tpm/tpm-common.yaml
> new file mode 100644
> index 000000000000..03569b74a318
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/tpm/tpm-common.yaml
> @@ -0,0 +1,56 @@
> +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/tpm/tpm-common.yaml#
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title: Trusted Platform Module common properties
> +
> +maintainers:
> + - Lukas Wunner <lukas@wunner.de>
> +
> +properties:
> + interrupts:
> + description: indicates command completion
> + maxItems: 1
> +
> + label:
> + description: human readable string describing the device, e.g. "tpm"
> +
> + oneOf:
This will be an error because 'oneOf' here is a DT property name.
> + - memory-region:
> + description: reserved memory allocated for firmware event log
> + maxItems: 1
> + - allOf:
> + - linux,sml-base:
> + description:
> + base address of reserved memory allocated for firmware event log
> + $ref: /schemas/types.yaml#/definitions/uint32-array
> + minItems: 2
> + maxItems: 2
You can just define this as a uint64 instead. The source encoding
doesn't matter.
> + - linux,sml-size:
> + description:
> + size of reserved memory allocated for firmware event log
> + $ref: /schemas/types.yaml#/definitions/uint32
What you need here is just define these properties and then add this:
dependentRequired:
linux,sml-base: ['linux,sml-size']
linux,sml-size: ['linux,sml-base']
dependentSchemas:
memory-region:
properties:
linux,sml-base: false
linux,sml-base:
properties:
memory-region: false
> +
> + powered-while-suspended:
> + description:
> + present when the TPM is left powered on between suspend and resume
> + (makes the suspend/resume callbacks do nothing)
Needs a type (type: boolean).
> +
> +allOf:
> + - if:
> + properties:
> + compatible:
> + contains:
> + const: st,st33zp24
> + then:
> + properties:
> + lpcpd-gpios:
> + description:
> + Output GPIO pin used for ST33ZP24 power management of D1/D2 state.
> + If set, power must be present when the platform is going into
> + sleep/hibernate mode.
> + maxItems: 1
> +
> +additionalProperties: true
> diff --git a/Documentation/devicetree/bindings/trivial-devices.yaml b/Documentation/devicetree/bindings/trivial-devices.yaml
> index c3190f2a168a..29aed5ddba6b 100644
> --- a/Documentation/devicetree/bindings/trivial-devices.yaml
> +++ b/Documentation/devicetree/bindings/trivial-devices.yaml
> @@ -49,8 +49,6 @@ properties:
> - ams,iaq-core
> # i2c serial eeprom (24cxx)
> - at,24c08
> - # i2c trusted platform module (TPM)
> - - atmel,at97sc3204t
> # ATSHA204 - i2c h/w symmetric crypto module
> - atmel,atsha204
> # ATSHA204A - i2c h/w symmetric crypto module
> @@ -145,12 +143,6 @@ properties:
> - infineon,ir38263
> # Infineon IRPS5401 Voltage Regulator (PMIC)
> - infineon,irps5401
> - # Infineon SLB9635 (Soft-) I2C TPM (old protocol, max 100khz)
> - - infineon,slb9635tt
> - # Infineon SLB9645 I2C TPM (new protocol, max 400khz)
> - - infineon,slb9645tt
> - # Infineon SLB9673 I2C TPM 2.0
> - - infineon,slb9673
> # Infineon TLV493D-A1B6 I2C 3D Magnetic Sensor
> - infineon,tlv493d-a1b6
> # Infineon Multi-phase Digital VR Controller xdpe11280
> @@ -301,10 +293,6 @@ properties:
> - national,lm85
> # I2C ±0.33°C Accurate, 12-Bit + Sign Temperature Sensor and Thermal Window Comparator
> - national,lm92
> - # i2c trusted platform module (TPM)
> - - nuvoton,npct501
> - # i2c trusted platform module (TPM2)
> - - nuvoton,npct601
> # Nuvoton Temperature Sensor
> - nuvoton,w83773g
> # OKI ML86V7667 video decoder
> @@ -349,8 +337,6 @@ properties:
> - silabs,si7020
> # Skyworks SKY81452: Six-Channel White LED Driver with Touch Panel Bias Supply
> - skyworks,sky81452
> - # Socionext SynQuacer TPM MMIO module
> - - socionext,synquacer-tpm-mmio
> # SparkFun Qwiic Joystick (COM-15168) with i2c interface
> - sparkfun,qwiic-joystick
> # i2c serial eeprom (24cxx)
> @@ -405,8 +391,6 @@ properties:
> - winbond,w83793
> # Vicor Corporation Digital Supervisor
> - vicor,pli1209bc
> - # i2c trusted platform module (TPM)
> - - winbond,wpct301
>
> required:
> - compatible
> --
> 2.40.1
>
next prev parent reply other threads:[~2023-11-21 15:56 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-21 9:48 [PATCH 0/3] dt-bindings: tpm: Clean all the things Lukas Wunner
2023-11-21 9:48 ` [PATCH 1/3] dt-bindings: tpm: Consolidate TCG TIS bindings Lukas Wunner
2023-11-21 10:57 ` Rob Herring
2023-11-21 11:02 ` Lukas Wunner
2023-11-21 15:37 ` Rob Herring
2023-11-21 15:56 ` Rob Herring [this message]
2023-11-21 9:48 ` [PATCH 2/3] dt-bindings: tpm: Convert IBM vTPM bindings to DT schema Lukas Wunner
2023-11-21 10:57 ` Rob Herring
2023-11-21 11:03 ` Lukas Wunner
2023-11-21 16:19 ` Rob Herring
2023-11-24 8:43 ` Lukas Wunner
2023-11-21 9:48 ` [PATCH 3/3] dt-bindings: tpm: Document Microsoft fTPM bindings Lukas Wunner
2023-11-21 10:57 ` Rob Herring
2023-11-21 11:03 ` Lukas Wunner
2023-11-21 16:20 ` Rob Herring
2023-11-21 16:10 ` [PATCH 0/3] dt-bindings: tpm: Clean all the things Rob Herring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231121155632.GB1845293-robh@kernel.org \
--to=robh@kernel.org \
--cc=LinoSanfilippo@gmx.de \
--cc=conor+dt@kernel.org \
--cc=devicetree@vger.kernel.org \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=linux-integrity@vger.kernel.org \
--cc=lukas@wunner.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox