Hi @adrian !
In addition to @joao.tx’s answer:
From what I can see, libtss2-tcti-device (and other TPM-related stuff) is provided by the meta-tpm [1], which lives inside meta-security.
Currently, on kirskstone-6.x.y manifest, the TPM setup is done for machines of the Verdin family: currently verdin-imx8mp, verdin-imx8mm, and verdin-am62 [2, 3, 4].
So, currently, Colibri iMX6ULL is not contemplated.
You can see from e.g. verdin-imx8mp.conf that MACHINE_FEATURES contains tpm2 [2]. This is used by tdx-reference-multimedia-image.bb [5] to include the packagegroup-tpm2-tdx-cli, which is defined in packagegroup-tdx-cli.bb [6].
You can try to do the same for Colibri iMX6ULL: enable the tpm2 in your MACHINE, perform the necessary changes in your device tree [overlay], and enable the kernel configs related to your TPM.
[1] : meta-tpm - meta-security - Security tools for Internet connected devices
[2] : verdin-imx8mp.conf « machine « conf - meta-toradex-nxp.git - Toradex BSP layer, recipes for NXP based modules
[3] : verdin-imx8mm.conf « machine « conf - meta-toradex-nxp.git - Toradex BSP layer, recipes for NXP based modules
[4] : verdin-am62.conf « machine « conf - meta-toradex-ti.git - Toradex BSP layer, recipes for TI based modules
[5] : tdx-reference-multimedia-image.bb « images « recipes-images - meta-toradex-demos.git - Toradex BSP layer, recipes for the demo images
[6] : packagegroup-tdx-cli.bb « images « recipes-images - meta-toradex-demos.git - Toradex BSP layer, recipes for the demo images
Best regards,