|
| 1 | +# TPM connection over LPC interface |
| 2 | + |
| 3 | +At this point in time, using TPM module over LPC interface was unsuccessful. |
| 4 | + |
| 5 | +## TPM support in Hostboot |
| 6 | + |
| 7 | +Hostboot mentions in one of the comments in code, that two families of |
| 8 | +TPM from Nuvoton vendor are supported. |
| 9 | + |
| 10 | +``` |
| 11 | +Hostboot code only supports Nuvoton 65x and 75x Models at this time |
| 12 | +``` |
| 13 | + |
| 14 | +This support was not verified yet. |
| 15 | + |
| 16 | +## Talos II TPM Connector |
| 17 | + |
| 18 | +Talos II TPM connector has `LPC`and `I2C` connections.\ |
| 19 | +The description is available in the [user guide](https://wiki.raptorcs.com/w/images/e/e3/T2P9D01_users_guide_version_1_0.pdf). |
| 20 | + |
| 21 | + |
| 22 | +## TPM over LPC interface |
| 23 | + |
| 24 | +`OPTIGA™ TPM SLB 9665TT2.0 TPM2.0` was tested over an LPC interface. |
| 25 | + |
| 26 | +To test the chip, original Hostboot image with [Heads](https://github.com/3mdeb/openpower-coreboot-docs/blob/main/releases/0.3.0.heads.md) |
| 27 | +as a payload was flashed into the system. |
| 28 | + |
| 29 | +Talos II properly booted, however no TPM module was detected by Heads. |
| 30 | + |
| 31 | +``` |
| 32 | +$ dmesg | grep -i tpm |
| 33 | +[ 4.552516] ima: No TPM chip found, activating TPM-bypass! |
| 34 | +``` |
| 35 | + |
| 36 | +### START nibble |
| 37 | + |
| 38 | +The LPC TPM uses the same cycles as I/O cycles which we implement e.g. for |
| 39 | +serial port. The only difference is the START nibble. There may exist a register |
| 40 | +thast allows to alter a START nibble that is sent on each LPC cycle. |
| 41 | + |
| 42 | +> TODO: Check if this type of register exists. |
| 43 | +
|
| 44 | +## Supported TPM connections |
| 45 | + |
| 46 | +TPM connection is hardware-supperted via LPC and I2C interface. |
| 47 | +[Source](https://wiki.raptorcs.com/wiki/User:HLandau/Block_Diagram_Discussion#Minor_CPU_Interfaces) |
| 48 | + |
| 49 | +* CPU0 LPC [to FlexVer] to BMC, LPC TPM |
| 50 | + |
| 51 | + ``` |
| 52 | + The LPC interface of CPU0 is connected to the BMC. The BMC serves the PNOR flash chip connected to it to CPU0, and CPU0 loads boot firmware from it. A TPM connector is also provided on the board which exposes this bus, and allows a standard TPM to be attached to it. |
| 53 | +
|
| 54 | + A FlexVer module, if fitted, can intermediate this bus and proxy all communications between the CPU and other devices on the LPC bus. This switching is done automatically via analogue components on the mainboard when a FlexVer device is connected. |
| 55 | + ``` |
| 56 | +* BMC I2C TO I2C TPM |
| 57 | + ``` |
| 58 | + Runs to the TPM connector. Allows connection of a TPM via I2C instead of LPC. In this case, the connection is via the BMC. |
| 59 | + ``` |
0 commit comments