Date: Wed, 04 Aug 2010 12:47:40 +0900 From: Takanori Watanabe <takawata@init-main.com> To: Hans-Joerg Hoexer <tss-project@genua.de> Cc: freebsd-hackers@freebsd.org, freebsd-current@freebsd.org Subject: Re: Driver tpm(4) and third party packages for trusted platform modules Message-ID: <201008040347.o743leeR046013@sana.init-main.com> In-Reply-To: Your message of "Mon, 02 Aug 2010 14:02:36 %2B0200." <20100802120236.GB29950@modermoor.genua.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20100802120236.GB29950@modermoor.genua.de>, Hans-Joerg Hoexer wrote: >Hi, > >we have developed a driver tpm(4) for various TPMs for OpenBSD 4.7 and >FreeBSD 8.0 and have ported and updated several third party packages to >enable use of TPMs on Open- and FreeBSD. This enables applications like >OpenSSH to generate and store private keys inside a TPM. > >The supported TPMs are: > >- Atmel 97SC3203 >- Broadcom BCM0102 >- Infineon SLB 9635 TT 1.2 >- Intel INTC0102 >- Sinosun SNS SSX35 >- STM ST19WP18 >- Winbond WEC WPCT200 > >The supported third party packages are: > >- openCryptoki 2.3.1: An PKCS#11 implementation, including support > for TPMs. OpenSSH can use this library to generate and store private > RSA keys inside a TPM. >- openssl_tpm_engine 0.4.1: An openssl engine supporting TPMs. >- tpm-emulator 0.7.0: An emulator providing the functionality of a TPM. > Used for development purposes. >- tpm-tools 1.3.5: Various tools for managing a TPM, including key > generation. >- trousers 0.3.5: An implementation of the Trusted Software Stack. > This is the backend libary for the afore mentioned packages. >- trousers testsuite 0.2: A testsuite for trousers. >- TrustedGRUB 1.1.4: An TPM enabled version of grub, including support > for natively booting OpenBSD. > >A patch including the driver tpm(4) is attached, more information, >full source code and patches for third party packages can be found at >http://bsssd.sourceforge.net. Nice! Quick review and hack: 1.How about attaching it as acpi child driver? In some case, TPM may appear in ACPI namespace (with _HID) and TPM spec defines ACPI method to handle TPM specific request. 2. Is identify method needed? Writing device hint will attach isa child driver, I think. 3.Module build I don't know it is proper in TPM nature. === diff -ruN src/sys/dev/tpm/tpm.c src.new/sys/dev/tpm/tpm.c --- src/sys/dev/tpm/tpm.c 2010-08-04 12:39:05.000000000 +0900 +++ src.new/sys/dev/tpm/tpm.c 2010-08-04 12:27:41.000000000 +0900 @@ -264,15 +264,22 @@ int tpm_legacy_end(struct tpm_softc *, int, int); #ifdef __FreeBSD__ +static struct isa_pnp_id tpm_ids[] = { + {0x32021114, "Trusted Platform Module"}, + + {0} +}; + /* * FreeBSD specific code for probing and attaching TPM to device tree. */ +#if 0 static void tpm_identify(driver_t *driver, device_t parent) { BUS_ADD_CHILD(parent, ISA_ORDER_SPECULATIVE, "tpm", 0); } - +#endif static int tpm_probe(device_t dev) { @@ -281,8 +288,14 @@ bus_space_handle_t ioh; struct resource *mem_res; int rv, mem_rid; + int ret; bzero(sc, sizeof(struct tpm_softc)); + + if((ret = ISA_PNP_PROBE(device_get_parent(dev), dev, tpm_ids)) + <= 0){ + return ret; + } mem_rid = 0; mem_res = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &mem_rid, @@ -362,7 +375,9 @@ } static device_method_t tpm_methods[] = { +#if 0 DEVMETHOD(device_identify, tpm_identify), +#endif DEVMETHOD(device_probe, tpm_probe), DEVMETHOD(device_attach, tpm_attach), DEVMETHOD(device_suspend, tpm_suspend), @@ -377,6 +392,7 @@ static devclass_t tpm_devclass; DRIVER_MODULE(tpm, isa, tpm_driver, tpm_devclass, 0, 0); +DRIVER_MODULE(tpm, acpi, tpm_driver, tpm_devclass, 0, 0); #else /* * OpenBSD specific code for probing and attaching TPM to device tree. diff -ruN src/sys/modules/tpm/Makefile src.new/sys/modules/tpm/Makefile --- src/sys/modules/tpm/Makefile 1970-01-01 09:00:00.000000000 +0900 +++ src.new/sys/modules/tpm/Makefile 2010-08-04 12:43:59.000000000 +0900 @@ -0,0 +1,8 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../../dev/tpm + +KMOD= tpm +SRCS= tpm.c isa_if.h opt_acpi.h acpi_if.h bus_if.h device_if.h + +.include <bsd.kmod.mk>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008040347.o743leeR046013>