Usage of Trusted Platform Module (TPM) with verdin imx8m-mini

autolab · September 27, 2024, 2:03pm

Hi,

I want to integrate a TPM on my PCB (Motherboard for the SoM) to improve the security of the OPC-UA server running on my SoM (imx8m-mini).

The idea is to generate and store the key (pub and private) inside the TPM.

I just want to be sure that torizon is compatible with the TPM, my idea was to use the openSource TPM Software Stack : tpm2-tss .

I want to use this chip : SLB9673AU20FW2613XTMA1 from Infineon and i will interface with the chip in I2C.

My OPC-UA server is running inside a container on my SoM, i pretty sur that it won’t be a problem to access the TPM’s key but if you can validate it, it’s better for me!

Also if i have the time, i would like to configure the secure boot with the TPM, is it possible with torizon OS ?

Thank you for the answer !

jeremias.tx · September 27, 2024, 6:33pm

Greetings @autolab,

I just want to be sure that torizon is compatible with the TPM, my idea was to use the openSource TPM Software Stack : tpm2-tss .

I believe it should be. I mean Torizon is using the Linux kernel so it shoudl be capable of using that software stack.

I want to use this chip : SLB9673AU20FW2613XTMA1 from Infineon and i will interface with the chip in I2C.

You may need to double-check to make sure the kernel drivers and other configs for this specific chip are already enabled in Torizon. For reference this is all the TPM related configs we have enabled currently: toradex-kernel-cache/features/tpm/tpm.cfg at kirkstone-6.x.y · toradex/toradex-kernel-cache · GitHub

Also if i have the time, i would like to configure the secure boot with the TPM, is it possible with torizon OS ?

You’re going to have to clarify what you mean here, and exactly what it is you want to do. “Secure boot” is a very loaded term that can mean different things to different people. We have a Yocto meta-layer here for enabling security-related features, including what we call “secure boot”: GitHub - toradex/meta-toradex-security

But this does not use a TPM and instead makes use of the built-in security functionalities of the SoC chip.

Best Regards,
Jeremias

autolab · September 30, 2024, 9:22am

Hi,

Thank you a lot for the clarifications.

You may need to double-check to make sure the kernel drivers and other configs for this specific chip are already enabled in Torizon. For reference this is all the TPM related configs we have enabled currently: toradex-kernel-cache/features/tpm/tpm.cfg at kirkstone-6.x.y · toradex/toradex-kernel-cache · GitHub 3

I see in the github page that you linked :

CONFIG_TCG_TIS_I2C_INFINEON=m

For me it means that the support for I2C Infineon chip is already enabled in the kernel, do you agree ?

You’re going to have to clarify what you mean here, and exactly what it is you want to do. “Secure boot” is a very loaded term that can mean different things to different people. We have a Yocto meta-layer here for enabling security-related features, including what we call “secure boot”: GitHub - toradex/meta-toradex-security

Sorry if my question wasn’t clear,

So this is an example with another board, the idea is to compute an hash of every sequences during the boot (sunxi, uboot, linux kernel) and then to compare them with the original ones ( Policy values).

I don’t know if this example applies to the SoM imx8m-mini ?

Thank you very much for all the information, have a nice day

jeremias.tx · September 30, 2024, 5:38pm

For me it means that the support for I2C Infineon chip is already enabled in the kernel, do you agree ?

Not necessarily. This is just a generic driver, you need to actually check if it supports your specific TPM model. Also, you need to confirm what version of the Linux kernel support was added for this TPM model.

Doing some research you can see support for the SLB 9673 was only added somewhat recently:

dt-bindings: trivial-devices: Add Infineon SLB9673 TPM · torvalds/linux@2353673 · GitHub
tpm: Add tpm_tis_i2c backend for tpm_tis_core · torvalds/linux@bbc23a0 · GitHub

Looking at the commits this support was only available in kernel version 6.0 onward. Our current software for the Verdin i.MX8M Mini is based on the 5.15 kernel. This would mean support doesn’t exist for this TPM in this version. That said, we are about to release new software that is based on the 6.6 Linux kernel.

This is why you should confirm what driver your device actually uses.

I don’t know if this example applies to the SoM imx8m-mini ?

So the diagram you showed seems like a sort of chain of trust using the TPM has a hardware root of trust. This should be technically possible, at least on paper. We don’t have any documentation on this specific process though. You’ll probably need to develop and test this flow on your own.

As I said, we already have our own secure boot flow that doesn’t use a TPM and instead uses the SoC as a hardware root of trust. I’m not saying our flow is superior since security is very opinion/requirement dependent. But we are fairly confident our flow does suffice for providing a secure boot/chain-of-trust workflow.

If you want to pursue your own security workflow, then that is fine. But, keep in mind that means we might not have the knowledge to assist you on topics related to your workflow

Best Regards,
Jeremias

autolab · October 2, 2024, 7:42am

Hi,

Thank you again for the answer !

I now understand what the problem is, i am sorry in my mind it was “juste” some I2C communication between this chip and my Linux system and I didn’t think about drivers.

I don’t know if it changes something, but i am using the image :

imx8mm-Tezi_6.4.0+build.5

I did some research on the net and found this :

OPTIGA™ TPM User Guide
OPTIGA™ TPM SLx 967y TPM2.0 on Raspberry Pi® 4 QuickStarter User Guide

This document explains how the OPTIGA™ TPM SLx 967y TPM2.0 can be used on a Raspberry Pi® 4. The same setup also
works and has been tested on a Raspberry Pi® 3. However, in this document we refer to “Raspberry Pi® 4”. The Linux®
kernel described in this document is version 5.15 (the latest kernel in Raspberry Pi® OS) as well as version 6.0 (the latest
upstream kernel). These kernels have integrated TPM 2.0 driver support, which simplifies TPM setup with the Raspberry
Pi® 4. This Application Note shows how fast and simple the TPM 2.0 setup is, even with basic Linux® knowledge.

and at page 9/46:

Optiga™ TPM SLB 9672 and SLB 9673 RPi Evaluation Boards
Insert the flashed SD card and boot the Raspberry Pi® 4. The driver should be automatically loaded and configured.
After boot, you can check for the existence of /dev/tpm0 and /dev/tpmrm0:
1 ls -l /dev/tpm*
During the boot process the Linux® kernel is configured using the device tree information of the device how the host
CPU and all its peripherals are connected. These device tree information is static for the basic board, but can also be
extended using so-called device tree overlays. The Optiga™ TPM SLB967y RPi Evaluation boards contain an EEPROM
chip that contain these device tree overlays. The Raspberry Pi® OS Linux® kernel is configured in such a way, that it reads out the EEPROM auf such boards and applies the configuration automatically.
Note: on older Optiga™ TPM SLx 9670 Iridium board, you need to manually enable the driver. After flashing, remove and reinsert the SD card into your PC.
Edit the file config.txt from the FAT32 partition labeled boot. Add the following
line to the [all] section: 1 dtoverlay=tpm-slb9670

Link : https://www.infineon.com/dgdl/Infineon-Optiga_TPM_RPi_Quickstarter_User_Guide-UserManual-v01_00-EN.pdf?fileId=8ac78c8c8e7ead30018ee5a4d85b04bd&da=t

So reading this, I understand that you have to modify your device tree to make the TPM work with kernel 5.15.xx ?

I will open a ticket with Infineon to try to find a solution.

Do you have a release date for the kernel 6.xx on the verdin imx8m-mini ?

I will take a moment to read about Toradex’s security workflow. Thank you !

Thank you for all the answers, i really appreciate it.

Best regards

jeremias.tx · October 2, 2024, 6:12pm

So reading this, I understand that you have to modify your device tree to make the TPM work with kernel 5.15.xx ?

In general to add most hardware peripherals including TPMs, changes/additions to the device tree must be made. The linux kernel has rough documentation on what the changes should be: https://www.kernel.org/doc/Documentation/devicetree/bindings/security/tpm/tpm-i2c.txt

This is just a generic example keep in mind.

Do you have a release date for the kernel 6.xx on the verdin imx8m-mini ?

We’re actually undergoing final checks/tests before the release now. So, I would say maybe within the next couple of weeks.

Please let us know if you have any further questions or requests on this specific topic.

Best Regards,
Jeremias

autolab · October 3, 2024, 1:22pm

After speaking with Infineon I have to apply 3 patches for backporting v5.15 :

https://patchwork.kernel.org/project/linux-integrity/patch/20220608173113.9232-4-Alexander.Steffen@infineon.com/

https://patchwork.kernel.org/project/linux-integrity/patch/20220321090924.1951-1-johannes.holland@infineon.com/

https://patchwork.kernel.org/project/linux-integrity/patch/20220608173113.9232-3-Alexander.Steffen@infineon.com/

Is it possible to do it with TorizonOS ? i found this documentation about building external kernel module with torizonOS :

https://developer.toradex.com/torizon/os-customization/use-cases/building-external-kernel-modules-with-torizon/

i know how to use torizonCore builder as I already multiplexed some pins for my SoM in the device tree source but I’m not familiar with applying patches with torizonOS.

I want to do it like that :

create single directory : /tcbdir/tpm-module
create Makefile inside of it :

obj-m := TPM-Infineon-I2C-Module.o

SRC := $(shell pwd)

all:
        $(MAKE) -C $(KERNEL_SRC) M=$(SRC) modules

clean:
        $(MAKE) -C $(KERNEL_SRC) M=$(SRC) clean

modify my tcbuild.yaml in order to include the kernel module :

input:
  easy-installer:
    local: path/to/your/torizon-image.tar
customization:
  kernel:
    modules:
      - source-dir: ~/tpm-module/
        autoload: no
output:
  easy-installer:
    local: your-custom-image-name

Build l’image :
    torizoncore-builder build

Patch installation.

wget https://patchwork.kernel.org/project/linux-integrity/patch/20220608173113.9232-4-Alexander.Steffen@infineon.com/
wget https://patchwork.kernel.org/project/linux-integrity/patch/20220321090924.1951-1-johannes.holland@infineon.com/
wget https://patchwork.kernel.org/project/linux-integrity/patch/20220608173113.9232-3-Alexander.Steffen@infineon.com/

apply my 3 patches inside : tcbdir\linux\drivers\char\tpm

1.	patch -p1 < /path/to/patch1.patch
2.	patch -p1 < /path/to/patch2.patch
3.	patch -p1 < /path/to/patch3.patch

Image build with torizoncore :

torizoncore-builder build

remote deploy on SoM

jeremias.tx · October 3, 2024, 6:54pm

This is a bit tricky now. These patches are targeting drivers and files in the Linux Kernel itself. This isn’t a standalone driver. If you notice in that article you linked we state:

Add an out-of-tree kernel module, in other words, a module that is external to the Linux kernel source tree.

Meaning this wasn’t designed to work on drivers that are in the Linux kernel source. Now it could work, but there’s no guarantee it will work properly. Furthermore, these patches are touching on drivers and files that are already in our default Linux kernel. If you create a new driver with these patches and try to run it with the old drivers present, I’m not sure what would happen exactly. There might be conflicts, and other weird behaviors.

The only surefire way I know to patch the Linux kernel in a clean way is to do a Yocto build with those patches against the Linux kernel recipe: Build Torizon OS from Source With Yocto Project/OpenEmbedded | Toradex Developer Center

In this way you create a fresh OS image with a patched Linux kernel. That said if you’re not familiar with Yocto, this isn’t a trivial task.

Can you not wait till we have our release with the 6.6 Linux kernel? By the way did infineon confirm no backporting will be needed for the 6.6 kernel?

Even if you do get this working on the 5.15 kernel you’d be carrying around these patches as additional maintenance on your end. Which isn’t ideal.

Best Regards,
Jeremias

autolab · October 4, 2024, 7:49am

I’m not familiar with Yocto and even if it interest me a lot to do It.
I probably won’t have the time I think.

Infineon did told me what i have to do to back-port to 5.15 :

Please follow the steps below to backport to 5.15:

    Set the default kernel configurations to enable I2C. The output should look something like this: 

    CONFIG_TCG_TPM=y
    CONFIG_HW_RANDOM_TPM=y
    CONFIG_TCG_TIS_CORE=y
    CONFIG_TCG_TIS=y
    CONFIG_TCG_TIS_I2C_INFINEON=y
    CONFIG_TCG_CRB=y
    CONFIG_TCG_INFINEON=y
    CONFIG_TCG_TIS_I2C=y  

    Apply the patches and modify tpm_tis_i2c.c. Please use this link to patches: https://patchwork.kernel.org/project/linux-integrity/list/?series=648586&archive=both
     
    Add the device tree (tpm-slb9673) as provided in the Application note (Page 37-39).
     
    Compile the device tree and add it to the boot directory. 
     
    In /boot/config.txt, add the overlay created for SLB9673: dtoverlay=tpm-slb9673
     
    Build and run. Observe the kernel booting message to check if TPM has started.
    Output should look something like this: 
    tpm_tis_i2c 0-002e: 2.0 TPM (device-id 0x1C, rev-id 22)
     
    Check for the existence of /dev/tpm0 and /dev/tpmrm0: " ls -l /dev/tpm* "
     
    Use eltt2 tool to verify TPM's functionalities.

Is applying the patch the only part of the “process” which might not work ?

I think that I can change default kernel config, i found this doc from toradex :
https://developer.toradex.com/torizon/os-customization/use-cases/customizing-kernel-arguments-in-torizon/

and also I think I can modify the DTS with overlay ? (as I did it for multiplexing my pins).

I’ll give you the application note we mentioned in the discussion with Infineon if you’re interested.

I know I could wait for you to bring the new kernel version to torizonos but this “fix” process has intrigued me and I’d like to give it a try.

I will ask Infineon if it will work “out-of-the-box” with the kernel 6.6 and let you know.

thank you for your help, I’m still a beginner with linux configuration and these discussions are very enriching for me.
Infineon-Optiga_TPM_RPi_Quickstarter_User_Guide-UserManual-v01_00-EN.pdf (4.0 MB)

jeremias.tx · October 4, 2024, 6:06pm

Is applying the patch the only part of the “process” which might not work ?

Well to be fair, we’re talking about backporting a driver that we’re not particularly familiar with. There could potentially be a lot of things that might not work.

I think that I can change default kernel config, i found this doc from toradex :
Customizing Kernel Arguments in Torizon | Toradex Developer Center

That article is about changing kernel command line arguments. These are not the same thing as the kernel configuration. To change the kernel configuration you need to essentially build the linux kernel from scratch, which goes back to what I was saying about Yocto earlier.

and also I think I can modify the DTS with overlay ? (as I did it for multiplexing my pins).

That is correct you could modify the DTS witha n overlay.

I know I could wait for you to bring the new kernel version to torizonos but this “fix” process has intrigued me and I’d like to give it a try.

I understand if you’re curious. But, this just seems like more work and maintenance for you in the long run. Especially since you’re not familiar with Yocto, this can lead to a lot of potential errors and headaches.

Best Regards,
Jeremias

autolab · October 8, 2024, 9:25am

Hi,

Okey i see, thank you a lot for all the informations.

So the answer of Infineon :

Yes the TPM will work out-of-the-box with kernel v6.xx, you just need to add the device tree overlay for SLB9673 (the following lines):

/boot/config.txt

dtparam=i2c=on
dtoverlay=tpm-slb9673

This configuration is for a Raspberry Pi and i know that my I2C is already enabled (as it work for a sensor at the moment).

I founded the dtbo : boot/overlays/tpm-slb9673.dtbo for Raspberry Pi

https://github.com/raspberrypi/firmware/blob/master/boot/overlays/tpm-slb9673.dtbo

Does i have to download the overlay from Raspberry Pi (tpm-slb9673) or does maybe Toradex have to upload a DTO adapted for the imx8m-mini ?

and then to add it inside the tcbuild.yalm from torizonCore builder ?

Like if it was a DTO from toradex ?

I found this for the SLB9673.dts :

/ TPM /
tpm: tpm@2e {
compatible = “infineon,slb9673”, “tcg,tpm-tis-i2c”;
reg = <0x2e>;
};

For me i have to create an overlay like for pin multiplexing and then use torizonCore builder with the tcbuilder.yalm.

Or is it already enabled inside the kernel and i don’t have to worry about it ?

Best regards

jeremias.tx · October 11, 2024, 6:53pm

Yes the TPM will work out-of-the-box with kernel v6.xx, you just need to add the device tree overlay for SLB9673 (the following lines):

This information looks to be specific to raspberry pi and not transferable to other devices.

Does i have to download the overlay from Raspberry Pi (tpm-slb9673) or does maybe Toradex have to upload a DTO adapted for the imx8m-mini ?

Device tree overlays are specific to the device tree, which are specific to the actual hardware. So, no you probably can’t just use this overlay designed for raspberry pi on Toradex hardware. It would need to be adapted/modified.

and then to add it inside the tcbuild.yalm from torizonCore builder ?
Like if it was a DTO from toradex ?

Once you have the correct device tree overlay for your Toradex device then yes you can use TorzionCore Builder to apply it.

Or is it already enabled inside the kernel and i don’t have to worry about it ?

You probably have to do your customization for this device. It depends I’m not super familiar with this peripheral myself and would need to research it.

Best Regards,
Jeremias