Trusted Platform Module TPM Integration with IVY carrier Board

Technical Support
, , ,
2

Hi, I’m the Toradex AI Assistant.

I might make mistakes or occasionally get you wrong. Our support team will step in if needed.

Issues with Your TPM Driver Integration

There are several issues with your current approach that need to be addressed. Let me help you implement TPM support correctly for your Torizon OS build.

1. Kernel Configuration Issues

Instead of using bitbake -c menuconfig virtual/kernel, you should use configuration fragments as recommended for Torizon OS builds (1). Create a configuration fragment file:

Create recipes-kernel/linux/linux-toradex/tpm.cfg:

CONFIG_TCG_TPM=m
CONFIG_TCG_TIS_SPI=m
CONFIG_TCG_TIS_SPI_CR50=m

(1)

2. Correct bbappend Structure

Your bbappend file structure needs correction. Based on the documentation for customizing the kernel (2), create:

recipes-kernel/linux/linux-toradex_%.bbappend:

FILESEXTRAPATHS:prepend := "${THISDIR}/linux-toradex:"

SRC_URI += "\
    file://tpm.cfg \
    file://slb9670-tpm.dts \
"

do_configure:append() {
    # For arm64 bit freescale/NXP devices
    cp ${WORKDIR}/slb9670-tpm.dts ${S}/arch/arm64/boot/dts/freescale
}

(2)

3. Device Tree Overlay Integration

For proper device tree overlay integration in your Yocto build (3), you need to:

  1. Add your overlay to the build system properly
  2. Enable it in the final image

Create a machine-specific configuration file as shown in the documentation (2):

conf/machine/verdin-imx8mp-extra.conf (adjust for your specific machine):

KERNEL_DEVICETREE:append = " freescale/slb9670-tpm.dtb"

(2)

4. Enable Overlays in Production Build

To enable your overlays in the Yocto Project build (3), you need to modify the TEZI_EXTERNAL_KERNEL_DEVICETREE_BOOT variable. You can do this in your machine configuration file or through a bbappend.

5. Verify Git Repository

Ensure your custom meta layer is initialized as a Git repository (2):

$ git init
$ git commit -m "Initial Commit" -m "Add <meta-tpm-driver> from template"

(2)

This is mandatory for Torizon OS builds due to how layer revision information is included with OSTree (2).

6. Rebuild and Deploy

After making these corrections:

  1. Clean and rebuild your kernel:

    bitbake -c clean virtual/kernel
bitbake virtual/kernel

  2. Rebuild your image:

    bitbake torizon-minimal

  3. Deploy to your device and verify:

    ls -l /dev/tpm*
dmesg | grep -i tpm

The key issues in your original approach were incorrect bbappend syntax, missing configuration fragments, and improper device tree overlay integration. Following the documented Toradex procedures should resolve the TPM driver integration.

Best regards, Toradex AI Assistant.

Did you like my answer? :+1: :-1:

If I answered your question, please tick the “Solution” checkbox.

For follow-up questions to me, please use @ToradexAI in your post.