SPI driver for Raspberry Pi 4 (BMC2835)
Hi,
does anyone know, if there is a SPI driver for Raspberry Pi 4 in U-Boot?
I want to communicate with a TPM 2.0 via hardware SPI. So far I've compiled mainline U-Boot with TPM driver support. However, the SPI driver seems to be missing.
The linux kernel ships the driver (drivers/spi/spi-bcm2835.c). Does anyone know if there is there a port for U-Boot or if anyone is currently working on it?
In theory, I should be able to use the soft SPI driver (since there is a GPIO driver), but I'd very much prefer using the hardware SPI controller.
Many thanks!
Best, Johannes
Hi Johannes,
I'm also trying to make a secure boot using an SLB9670 TPM (SPI), Yocto and a Raspberry 3, and as far as I'm documented there are no hardware SPI driver due to the fact that `start.elf` and `bootcode.bin` are being closed binaries (https://pi3g.com/2019/02/04/qa-letstrust-tpm/).
However some people tried to deal with software SPI driver as a workaround, but I don't know yet if it works (@see: https://www.mail-archive.com/u-boot@lists.denx.de/msg330403.html).
Hope it brings some clues, if you manage to do something keep me updated !
Have a nice day,
Pierre Fontaine
Le 25/03/2020 à 09:08, J. Holland a écrit :
Hi,
does anyone know, if there is a SPI driver for Raspberry Pi 4 in U-Boot?
I want to communicate with a TPM 2.0 via hardware SPI. So far I've compiled mainline U-Boot with TPM driver support. However, the SPI driver seems to be missing.
The linux kernel ships the driver (drivers/spi/spi-bcm2835.c). Does anyone know if there is there a port for U-Boot or if anyone is currently working on it?
In theory, I should be able to use the soft SPI driver (since there is a GPIO driver), but I'd very much prefer using the hardware SPI controller.
Many thanks!
Best, Johannes
Hi Pierre,
I'm also trying to make a secure boot using an SLB9670 TPM (SPI), Yocto and a Raspberry 3, and as far as I'm documented there are no hardware SPI driver due to the fact that `start.elf` and `bootcode.bin` are being closed binaries (https://pi3g.com/2019/02/04/qa-letstrust-tpm/).
There is no driver because nobody wrote one for u-boot, yet. The linux kernel does have the right driver, so closed source is not the problem. The thing is, that nobody ported it to u-boot, yet.
What the Let's Trust website refers to is that *secure boot* is not possible because there is no open-source first-level bootloader, only a closed-source proprietary one. You can use u-boot as a second-stage bootloader and use the TPM. It's just not secure boot since you need a so-called Root of Trust in the first-stage bootloader, which we do not have.
However some people tried to deal with software SPI driver as a workaround, but I don't know yet if it works (@see: https://www.mail-archive.com/u-boot@lists.denx.de/msg330403.html).
Hope it brings some clues, if you manage to do something keep me updated !
Thanks for the hint. In fact, I managed to solve the issue. The problem is, that the soft-spi driver does not implement the SPI modes properly. The Infineon TPM slb9670 expects mode 0 (CPOL=0, CPHA=0), but the driver has CPOL=1 hardcoded and operates on CPHA=1 by default. After fixing the issue, using the TPM works. However, you might not be able to use the TPM in the Raspbian kernel anymore. I'm working on that, currently.
See my patch: https://patchwork.ozlabs.org/patch/1263827/
Thanks, Johannes
participants (2)
-
J. Holland -
pierre fontaine