I’ll start out by saying that I am not an electrical engineer, and device trees are still new to me.

On our carrier board we have an Infineon slb9672 TPM. We have it connected to SPI2 (SPI2A_DOUT, SPI2A_DIN, SPI2A_SCK, and SPI2A_CS0 are connected). PBB.00 is also connected for PIRQ.

I added a dtsi file with the following content:

#include <dt-bindings/platform/t210/t210.h>
/ {
	spi@7000d600 {
		status = "okay";
		spi@0 {
			status = "disabled";
		};
		spi@1 {
			status = "disabled";
		};
		slb9670: slb9670@0{
			compatible = "infineon,slb9670";
			reg = <0>;
			spi-max-frequency = <32000000>;
			status = "okay";

			controller-data {
				nvidia,enable-hw-based-cs;
				nvidia,rx-clk-tap-delay = <7>;
			};
		};
	};
};

In addition we are adding the following to the kernel .config file:

CONFIG_TCG_TPM=y
CONFIG_TCG_TIS_CORE=y
CONFIG_TCG_TIS_SPI=y
# CONFIG_TCG_TIS_I2C_ATMEL is not set
# CONFIG_TCG_TIS_I2C_INFINEON is not set
# CONFIG_TCG_TIS_I2C_NUVOTON is not set
# CONFIG_TCG_ATMEL is not set
# CONFIG_TCG_VTPM_PROXY is not set
# CONFIG_TCG_TIS_ST33ZP24_I2C is not set
# CONFIG_TCG_TIS_ST33ZP24_SPI is not set
CONFIG_DEVPORT=y
# CONFIG_XILLYBUS is not set
# CONFIG_HMM_DMIRROR is not set
CONFIG_HW_RANDOM=m
CONFIG_HW_RANDOM_TPM=m
# CONFIG_TRUSTED_KEYS is not set

When we build/flash/boot the Jetson Nano we don’t see any tpm in /dev as we would expect.

If we grep dmesg for “TPM, tpm, tis, TIS or SPI” nothing is there. If we grep “spi” we only see:

dmesg | grep spi
[ 0.428153] iommu: Adding device 7000d400.spi to group 7
[ 0.428412] iommu: Adding device 7000d600.spi to group 8

I do see this in sysfs:

sudo cat /sys/bus/spi/devices/spi1.0/uevent
OF_NAME=slb9670
OF_FULLNAME=/spi@7000d600/slb9670@0
OF_COMPATIBLE_0=infineon,slb9670
OF_COMPATIBLE_N=1
MODALIAS=spi:slb9670

I also added tpm2-tss and tpm2-tools to the rootfs to help in testing, but since we dont see a /dev/tpmrm0 they are not being used.

Has anyone else put a Infineon TPM on a Jetson Nano carrier board?

Looks like need some device configure and sudo modprobe spi_bcm2835
Have reference to below link to check.

Hi, on the same problem in the past.

Do you see /dev/tpm0 on your board?

Some months ago, I tried to enable TPM2 SLB9670 on Nano SPI. It took me long time, but I’m not able to get /dev/tpmrm0 or anything else except /dev/tpm0. Then I had to deal with it, just use /dev/tpm0 for some so simple security stuffs.

Hi nvl1109, no I don’t have anything tpm in /dev.

Did you have to do more than just add the device tree?

Just the device tree. But I believe the CS control is the key. HW CS doesn’t work on my board.

This is my dts:

+	spi@7000d400 {
+		status = "okay";
+
+		cs-gpios = <&gpio TEGRA_GPIO(C, 3) GPIO_ACTIVE_LOW>;
+
+		slb9670: slb9670@0{
+			compatible = "infineon,slb9670";
+			reg = <0>;
+			spi-max-frequency = <20000000>;
+			status = "okay";
+			reset-gpios = <&gpio TEGRA_GPIO(BB, 0) GPIO_ACTIVE_LOW>;
+
+			controller-data {
+				nvidia,variable-length-transfer;
+				nvidia,rx-clk-tap-delay = <31>;
+			};
+		};

I tried to run sudo modprobe spi_bcm2835 and I got:
modprobe: FATAL: Module spi_bcm2835 not found in directory /lib/modules/4.9.253-tegra

I’ll look into that first.

I tried to use the cs-gpio with the following device tree and I still don’t see anything about a tpm in dmesg:

#include <dt-bindings/platform/t210/t210.h>
/ {
	spi@7000d600 {
		status = "okay";
		cs-gpios = <&gpio TEGRA_GPIO(B, 7) GPIO_ACTIVE_LOW>;
		spi@0 {
			status = "disabled";
		};
		spi@1 {
			status = "disabled";
		};
		slb9670: slb9670@0{
			compatible = "infineon,slb9670";
			reg = <0>;
			spi-max-frequency = <32000000>;
			status = "okay";
			reset-gpios = <&gpio TEGRA_GPIO(DD, 0) GPIO_ACTIVE_LOW>;
			controller-data {
				nvidia,variable-length-transfer;
				nvidia,rx-clk-tap-delay = <31>;
			};
		};
	};
};

We had some PinMux issues with our staging. Once we had the correct PinMux being loaded a device tree based on nvl1109’s answer worked for us and we were able to find a /dev/tpm0.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.