LetsTrust

precompiled modules are for kernel 4.4.50+ but the boot problem happens as soon as I try using the bcm2709-rpi-2-b.dtb from the zip.

Instead I compiled a 4.12-rc4 bcm2709_defconfig and configured TPM as module together with native SPI as explained in compile_complete_kernel.zip.

arch/arm/boot/dts/bcm2709-rpi-2-b.dts

was given

spidev1: tpm_spi_tis@1{
compatible = "tcg,tpm_spi_tis";

and make dtbs compiled that to dtb (copied over to /boot afterwards).

It doesn't load the modules and when I load the modules manually the /dev/tpm* doesn't show up either.

spi is active it loads the spi_bcmXXXX module.

added dtdebug=1 to config.txt

vcdbg log msg

doesn't show anything related to the tpm device (don't know if that's expected).

OK I got it - the .compatible is just different! Look

root@pi:~/linux/arch/arm/boot/dts# git diff bcm2709-rpi-2-b.dts
diff --git a/arch/arm/boot/dts/bcm2709-rpi-2-b.dts b/arch/arm/boot/dts/bcm2709-rpi-2-b.dts
index 434c4519..af2eb25a 100644
--- a/arch/arm/boot/dts/bcm2709-rpi-2-b.dts
+++ b/arch/arm/boot/dts/bcm2709-rpi-2-b.dts
@@ -55,12 +55,9 @@
#size-cells = ;
spi-max-frequency = ;
};
-
- spidev1: spidev@1{
- compatible = "spidev";
+ spidev1: tpm_spi_tis@1{
+ compatible = "tcg,tpm_tis-spi";
reg = ; / CE1 /
- #address-cells = ;
- #size-cells = ;
spi-max-frequency = ;
};
};

so it's actually "tcg,tpm_tis-spi" instead of "tcg,tpm_spi_tis" now

root@pi:~/linux/arch/arm/boot/dts# uname -a
Linux pi 4.12.0-rc4-v7+ #1 SMP Sun Jun 11 15:46:12 UTC 2017 armv7l GNU/Linux

root@pi:~/linux/arch/arm/boot/dts# ls /dev/tp*
/dev/tpm0 /dev/tpmrm0

Also.. resourcemgr (which is mentioned in the howto as prerequisite to talk to the tpm) was removed from https://github.com/01org/TPM2.0-TSS/

commit 7966ef8916f79ed09eab966a58d773f413fbb67f
Author: Philip Tricca
Date: Wed May 10 09:32:36 2017 -0700

Remove resourcemgr and fixup build.

tpmclient and test won't work.

Hi JohnDoe,

first of all - thanks for trying it out and reporting the issues to us.
This is really appreciated!!

Yes its currently a bit messy - the TPM2.0 ecosystem currently gains a lot of momentum and thus leads to some churn and chicken egg problems :/
e.g. the resource manager was removed from the stack, since it was added to the kernel.
That the compatible string was changed was also unfortunate.
"infineon,slb9670" would work in both cases.

I hope we can look into that stuff over the weekend and create new tutorials/how-tos on how to use it on a current kernel with the current tools/stack.
We would be happy if you would try them out then and give feedback.

About your question with the missing headers - if you have a look in the .travis.yml you see that you need to have the following packages installed on your system:
packages:
- autoconf-archive
- openssl
- libssl-dev
- libcurl4-openssl-dev
- libdbus-1-dev
- libglib2.0-dev

So
sudo apt-get install autoconf-archive openssl libssl-dev libcurl4-openssl-dev libdbus-1-dev libglib2.0-dev
should do the trick.

Take care!

But fear not

it compiles after

changing the CC line in Makefile of tpm2.0-tools to

CC = gcc -I/usr/include/glib-2.0 -I/usr/lib/arm-linux-gnueabihf/glib-2.0/include -lglib-2.0

(I know that's really ugly.. but for quick result..)

also need to change tpm2-abrmd accordingly:

diff --git a/src/include/tcti-tabrmd.h b/src/include/tcti-tabrmd.h
index c145eb5..e8e0c7f 100644
--- a/src/include/tcti-tabrmd.h
+++ b/src/include/tcti-tabrmd.h
@@ -35,7 +35,7 @@ extern "C" {
#include
#include

-#include "tabrmd.h"
+#include

#define TCTI_TABRMD_DBUS_TYPE_DEFAULT TABRMD_DBUS_TYPE_DEFAULT
#define TCTI_TABRMD_DBUS_NAME_DEFAULT TABRMD_DBUS_NAME_DEFAULT

after make install and systemctl start tpm2-abrmd

win win win win win
tpm2_listpcrs

Bank/Algorithm: TPM_ALG_SHA1(0x0004)
.
.
Bank/Algorithm: TPM_ALG_SHA256(0x000b)
.
.

Feel free to raise issues on github as well
Phil usually fixes stuff pretty quick.