Enable TPM on Jetson AGX orin

Robotics & Edge Computing Jetson & Embedded Systems Jetson AGX Orin
1

HI, I’m trying to enable TPM on Jetson AGX orin
But I keep getting this error message

[ 19.573822] spi-tegra114 3210000.spi: Adding to iommu group 1
[ 19.614724] spi-tegra114 3230000.spi: Adding to iommu group 1
[ 20.073997] tpm_tis_spi: probe of spi0.0 failed with error -110
we are using JETSON LINUX Version 36.4.3 JetPack 6.2

Here is my dtb file

image
image635×280 6.76 KB

We have done the loop back test for MOSI ,and check the CS0 & CLK signal to TPM module
But still getting -110 error from tpm driver.

I think maybe the pinmux setting is wrong ,here is the pinmux setting using jetson-io
hdr40-pin18 {
nvidia,pins = “soc_gpio21_ph0”;
nvidia,function = “gp”;
nvidia,tristate = <0x00>;
nvidia,enable-input = <0x00>;
};

                            hdr40-pin19 {
                                    nvidia,pins = "spi1_mosi_pz5";
                                    nvidia,function = "spi1";
                                    nvidia,tristate = <0x00>;
                                    nvidia,enable-input = <0x01>;
                            };

                            hdr40-pin21 {
                                    nvidia,pins = "spi1_miso_pz4";
                                    nvidia,function = "spi1";
                                    nvidia,tristate = <0x00>;
                                    nvidia,enable-input = <0x01>;
                            };

                            hdr40-pin23 {
                                    nvidia,pins = "spi1_sck_pz3";
                                    nvidia,function = "spi1";
                                    nvidia,tristate = <0x00>;
                                    nvidia,enable-input = <0x01>;
                            };

                            hdr40-pin24 {
                                    nvidia,pins = "spi1_cs0_pz6";
                                    nvidia,function = "spi1";
                                    nvidia,tristate = <0x00>;
                                    nvidia,enable-input = <0x01>;
                            };

                            hdr40-pin26 {
                                    nvidia,pins = "spi1_cs1_pz7";
                                    nvidia,function = "spi1";
                                    nvidia,tristate = <0x00>;
                                    nvidia,enable-input = <0x01>;
                            };

the spi setting is fine , we are try to use pin18(GPIO) as RESET gpio, but the setting seems not working
I check from
gpioinfo
line 43: “PH.00” unused input active-high
sudo cat /sys/kernel/debug/pinctrl/2430000.pinmux/pinmux-pins
pin 43 (SOC_GPIO21_PH0): 2430000.pinmux (GPIO UNCLAIMED) (HOG) function gp group soc_gpio21_ph0

Can you give me some guide

Best Regards,
Kevin Tseng

4

you may refer to Changing the Pinmux to check you’re updating the pin correctly.

5

Hi, I have follow the step and change
/Linux_for_Tegra/bootloader/generic/BCT/tegra234-mb1-bct-pinmux-p3701-0000-a04.dtsi

soc_gpio21_ph0 {
nvidia,pins = “soc_gpio21_ph0”;
nvidia,function = “gp”;
nvidia,pull = <TEGRA_PIN_PULL_UP>;
nvidia,tristate = <TEGRA_PIN_DISABLE>;
nvidia,enable-input = <TEGRA_PIN_DISABLE>;
nvidia,lpdr = <TEGRA_PIN_DISABLE>;
};

/Linux_for_Tegra/bootloader/generic/tegra234-mb1-bct-gpio-p3701-0000-a04.dtsi

image
image421×131 1.33 KB

which these files is defined in
Linux_for_Tegra/p3737-0000-p3701-0000.conf.common
PINMUX_CONFIG=“tegra234-mb1-bct-pinmux-p3701-0000-a04.dtsi”;

the default state of PH0 pin after flashing seems to be right

line 43: “PH.00” unused output active-high

but GPIO info still show unused
and
sudo cat /sys/kernel/debug/pinctrl/2430000.pinmux/pinmux-pins

pin 43 (SOC_GPIO21_PH0): 2430000.pinmux (GPIO UNCLAIMED) (HOG) function gp group soc_gpio21_ph

Do you have any clue?

Best Regards,
Kevin_Tseng

6

hello kevintseng83,

please try below to toggle the pin, PH.00.
# gpioinfo gpiochip0 | grep PH.0
# gpioset --mode=wait --drive=push-pull gpiochip0 43=1

7

Hi, Jerry
Here is the result
gpioinfo gpiochip0 | grep PH.0

	line  43:      "PH.00"       unused  output  active-high 
	line  44:      "PH.01"       unused  output  active-high 
	line  45:      "PH.02"       unused   input  active-high 
	line  46:      "PH.03" "camera-control-output-low" output active-high [used]
	line  47:      "PH.04" "regulator-vdd-3v3-pcie" output active-high [used]
	line  48:      "PH.05"       unused  output  active-high 
	line  49:      "PH.06" "camera-control-output-low" output active-high [used]
	line  50:      "PH.07"       unused   input  active-high

gpioset --mode=wait --drive=push-pull gpiochip0 43=1
seems to be no output

image
image476×254 1.64 KB

Best Regards,
Kevin

8

HI
For more information
We use scope to measure this pin PH.00 (as reset pin for TPM), it can be toggled by gpioset cmd you provide.
But when we try to trigger it through modprobe tpm_tis_spi(TPM driver), there seems to be no output from it.
In other words, the reset pin claim inside dtsi seems not taken by TPM driver.

image
image599×474 7.04 KB

cs-gpios works fine by the way.

PS:
The error message from TPM driver some how disappeared
sudo dmesg| grep spi

[   17.877160] spi-tegra114 3210000.spi: Adding to iommu group 1
[   17.889707] spi-tegra114 3230000.spi: Adding to iommu group 1

But the node under /dev/ still didn’t show and
tpm2_getrandom 8
show error as below

ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory 
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 
ERROR:tcti:src/tss2-tcti/tcti-device.c:452:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory 
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 
WARNING:tcti:src/util/io.c:262:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused 
ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:614:Tss2_Tcti_Swtpm_Init() Cannot connect to swtpm TPM socket 
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 
WARNING:tcti:src/util/io.c:262:socket_connect() Failed to connect to host 127.0.0.1, port 2321: errno 111: Connection refused 
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-mssim.so.0 
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:254:tctildr_get_default() No standard TCTI could be loaded 
ERROR:tcti:src/tss2-tcti/tctildr.c:428:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI 
ERROR: Could not load tcti, got: "(null)"

Best Regards,
Kevin_Tseng

9

hello kevintseng83,

thanks for testing.

just for confirmation, are you going to attach a DTPM (HW TPM) on Jetson via SPI interface?
note, we do not support DTPM for Jetson, yet.

so,
you’ll need to build the HW TPM SPI driver, load the HW TPM driver, and run the TPM2 commands with root privilege.
if the driver is ready, you should be able to see the device node /dev/tpm0 and /dev/tpmrm0.

10

Hi ,Jerry
Thanks for the reply
Turn out we keep connecting NV board CS0 to TPM board CS0(which is not cabled)
and that’s why we can’t get any response(MISO) from TPM module

image
image823×468 52.4 KB

After connecting to CS1 on TPM board, TPM shows correctly

Thank for the helping

Best Regards
Kevin

1 Like