Hi Thirupathaiah, > > First of all, Thanks a lot for trying to test the driver. > np [...] > > I managed to do some quick testing in QEMU. > > Everything works fine when i build this as a module (using IBM's TPM 2.0 > > TSS) > > > > - As module > > # insmod /lib/modules/5.2.0-rc1/kernel/drivers/char/tpm/tpm_ftpm_tee.ko > > # getrandom -by 8 > > randomBytes length 8 > > 23 b9 3d c3 90 13 d9 6b > > > > - Built-in > > # dmesg | grep optee > > ftpm-tee firmware:optee: ftpm_tee_probe:tee_client_open_session failed, > > err=ffff0008 > This (0xffff0008) translates to TEE_ERROR_ITEM_NOT_FOUND. > > Where is fTPM TA located in the your test setup? > Is it stitched into TEE binary as an EARLY_TA or > Is it expected to be loaded during run-time with the help of user mode OP-TEE supplicant? > > My guess is that you are trying to load fTPM TA through user mode OP-TEE supplicant. > Can you confirm? I tried both > If that is the true, > - In the case of driver built as a module (CONFIG_TCG_FTPM_TEE=m), this is works fine > as user mode supplicant is ready. > - In the built-in case (CONFIG_TCG_FTPM_TEE=y), > This would result in the above error 0xffff0008 as TEE is unable to find fTPM TA. Maybe i did something wrong and never noticed it wasn't built as an earlyTA > > The expectation is that fTPM TA is built as an EARLY_TA (in BL32) so that > U-boot and Linux driver stacks work seamlessly without dependency on supplicant. > You can add my tested-by tag for the module. I'll go back to testing it as built-in at some point in real hardware and let you know if i have any issues. If someone's is interested in the QEMU testing: 1. compile this https://github.com/jbech-linaro/manifest/blob/ftpm/README.md 2. replace the whole linux kernel on the root-dir with a latest version + fTPM char driver 3. Apply a hack on kernel and disable dynamic shm (Need for this depends on kernel + op-tee version) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 1854a3db..7aea8a5 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -588,13 +588,15 @@ static struct optee *optee_probe(struct device_node *np) /* * Try to use dynamic shared memory if possible */ +#if 0 if (sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) pool = optee_config_dyn_shm(); +#endif /* * If dynamic shared memory is not available or failed - try static one */ - if (IS_ERR(pool) && (sec_caps & OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM)) + if (sec_caps & OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM) pool = optee_config_shm_memremap(invoke_fn, &memremaped_shm); if (IS_ERR(pool)) For the module part: Tested-by: Ilias Apalodimas <ilias.apalodimas@xxxxxxxxxx>
