TCTI: Add tcti-spidev

Add a new TCTI module that can talk to TPMs connected via spidev
to the host.

Signed-off-by: Andreas Fuchs <andreas.fuchs@infineon.com>

Makefile-test.am

@@ -158,6 +158,9 @@ endif
 if ENABLE_TCTI_SPI_LTT2GO
 TESTS_UNIT += test/unit/tcti-spi-ltt2go
 endif
+if ENABLE_TCTI_SPIDEV
+TESTS_UNIT += test/unit/tcti-spidev
+endif
 if ENABLE_TCTI_SPI_FTDI
 TESTS_UNIT += test/unit/tcti-spi-ftdi
 endif
@@ -570,6 +573,18 @@ test_unit_tcti_spi_ltt2go_SOURCES = test/unit/tcti-spi-ltt2go.c \
                                    src/tss2-tcti/tcti-spi-ltt2go.c
 endif
 
+if ENABLE_TCTI_SPIDEV
+test_unit_tcti_spidev_CFLAGS  = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
+test_unit_tcti_spidev_LDADD   = $(CMOCKA_LIBS) $(libtss2_tcti_spi_helper)
+test_unit_tcti_spidev_LDFLAGS = -Wl,--wrap=open \
+                                -Wl,--wrap=close \
+                                -Wl,--wrap=ioctl \
+                                -Wl,--wrap=select \
+                                -Wl,--wrap=gettimeofday
+test_unit_tcti_spidev_SOURCES = test/unit/tcti-spidev.c \
+                                src/tss2-tcti/tcti-spidev.c
+endif
+
 if ENABLE_TCTI_SPI_FTDI
 test_unit_tcti_spi_ftdi_CFLAGS  = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
 test_unit_tcti_spi_ftdi_LDADD   = $(CMOCKA_LIBS) $(libtss2_tcti_spi_helper)

Makefile.am

@@ -450,6 +450,26 @@ endif # ENABLE_TCTI_SPI_LTT2GO
 EXTRA_DIST += lib/tss2-tcti-spi-ltt2go.map \
               lib/tss2-tcti-spi-ltt2go.def
 
+# tcti library for letstrust-tpm2go usb tpm
+if ENABLE_TCTI_SPIDEV
+libtss2_tcti_spidev = src/tss2-tcti/libtss2-tcti-spidev.la
+tss2_HEADERS += $(srcdir)/include/tss2/tss2_tcti_spidev.h
+lib_LTLIBRARIES += $(libtss2_tcti_spidev)
+pkgconfig_DATA += lib/tss2-tcti-spidev.pc
+
+src_tss2_tcti_libtss2_tcti_spidev_la_LDFLAGS  =
+
+if HAVE_LD_VERSION_SCRIPT
+src_tss2_tcti_libtss2_tcti_spidev_la_LDFLAGS  += -Wl,--version-script=$(srcdir)/lib/tss2-tcti-spidev.map
+endif # HAVE_LD_VERSION_SCRIPT
+src_tss2_tcti_libtss2_tcti_spidev_la_LIBADD   = $(libutil) $(libtss2_mu) $(libtss2_tcti_spi_helper)
+src_tss2_tcti_libtss2_tcti_spidev_la_SOURCES  = \
+    src/tss2-tcti/tcti-common.c \
+    src/tss2-tcti/tcti-spidev.c
+endif # ENABLE_TCTI_SPIDEV
+EXTRA_DIST += lib/tss2-tcti-spidev.map \
+              lib/tss2-tcti-spidev.def
+
 # tcti library for ftdi connected tpm
 if ENABLE_TCTI_SPI_FTDI
 libtss2_tcti_spi_ftdi = src/tss2-tcti/libtss2-tcti-spi-ftdi.la
@@ -907,6 +927,7 @@ man7_MANS = \
     man/man7/tss2-tcti-swtpm.7 \
     man/man7/tss2-tcti-mssim.7 \
     man/man7/tss2-tcti-cmd.7 \
+    man/man7/tss2-tcti-spidev.7 \
     man/man7/tss2-tcti-spi-helper.7 \
     man/man7/tss2-tcti-spi-ltt2go.7 \
     man/man7/tss2-tcti-spi-ftdi.7 \
@@ -990,6 +1011,7 @@ EXTRA_DIST += \
     man/tss2-tcti-swtpm.7.in \
     man/tss2-tcti-mssim.7.in \
     man/tss2-tcti-cmd.7.in \
+    man/tss2-tcti-spidev.7.in \
     man/tss2-tcti-spi-helper.7.in \
     man/tss2-tcti-spi-ltt2go.7.in \
     man/tss2-tcti-spi-ftdi.7.in \

configure.ac

@@ -15,7 +15,7 @@ m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) #Backward compatible setti
 
 AC_CONFIG_HEADERS([config.h])
 
-AC_CONFIG_FILES([Makefile Doxyfile lib/tss2-sys.pc lib/tss2-esys.pc lib/tss2-mu.pc lib/tss2-tcti-device.pc lib/tss2-tcti-mssim.pc lib/tss2-tcti-swtpm.pc lib/tss2-tcti-pcap.pc lib/tss2-tcti-libtpms.pc lib/tss2-rc.pc lib/tss2-tctildr.pc lib/tss2-fapi.pc lib/tss2-tcti-cmd.pc lib/tss2-policy.pc lib/tss2-tcti-spi-helper.pc lib/tss2-tcti-spi-ltt2go.pc lib/tss2-tcti-spi-ftdi.pc lib/tss2-tcti-i2c-helper.pc lib/tss2-tcti-i2c-ftdi.pc])
+AC_CONFIG_FILES([Makefile Doxyfile lib/tss2-sys.pc lib/tss2-esys.pc lib/tss2-mu.pc lib/tss2-tcti-device.pc lib/tss2-tcti-mssim.pc lib/tss2-tcti-swtpm.pc lib/tss2-tcti-pcap.pc lib/tss2-tcti-libtpms.pc lib/tss2-rc.pc lib/tss2-tctildr.pc lib/tss2-fapi.pc lib/tss2-tcti-cmd.pc lib/tss2-policy.pc lib/tss2-tcti-spi-helper.pc lib/tss2-tcti-spi-ltt2go.pc lib/tss2-tcti-spidev.pc lib/tss2-tcti-spi-ftdi.pc lib/tss2-tcti-i2c-helper.pc lib/tss2-tcti-i2c-ftdi.pc])
 
 # propagate configure arguments to distcheck
 AC_SUBST([DISTCHECK_CONFIGURE_FLAGS],[$ac_configure_args])
@@ -328,6 +328,18 @@ AM_CONDITIONAL([ENABLE_TCTI_SPI_LTT2GO], [test "x$enable_tcti_spi_ltt2go" != xno
 AS_IF([test "x$enable_tcti_spi_ltt2go" = "xyes"],
     AC_DEFINE([TCTI_SPI_LTT2GO],[1], [TCTI FOR USB BASED ACCESS TO LETSTRUST-TPM2GO]))
 
+AC_ARG_ENABLE([tcti-spidev],
+            [AS_HELP_STRING([--disable-tcti-spidev],
+                            [don't build the tcti-spidev module; Default: Auto])],,
+            [enable_tcti_spidev=auto])
+AS_IF([test "x$enable_tcti_spidev" = "xauto"],
+    AC_CHECK_HEADER(linux/ioctl.h,
+        [enable_tcti_spidev=yes],
+        [enable_tcti_spidev=no]))
+AM_CONDITIONAL([ENABLE_TCTI_SPIDEV], [test "x$enable_tcti_spidev" != xno])
+AS_IF([test "x$enable_tcti_spidev" = "xyes"],
+    AC_DEFINE([TCTI_SPIDEV],[1], [TCTI FOR SPIDEV BASED ACCESS TO TPM]))
+
 PKG_CHECK_MODULES([LIBFTDI],
                   [libftdi],
                   [AC_DEFINE(LIBFTDI_VERSION, [0], [libftdi version 0.x])]
@@ -721,6 +733,7 @@ AC_MSG_RESULT([
     sysmeasurements:    $sysmeasurements
     imameasurements:    $imameasurements
     tcti_spi_ltt2go      $enable_tcti_spi_ltt2go
+    tcti_spidev         $enable_tcti_spidev
     tcti_spi_ftdi       $enable_tcti_spi_ftdi
     tcti_i2c_ftdi       $enable_tcti_i2c_ftdi
 ])

doc/tcti.md

@@ -13,6 +13,7 @@
 - [tcti-spi-ftdi](#tcti-spi-ftdi)
 - [tcti-i2c-ftdi](#tcti-i2c-ftdi)
 - [tcti-spi-ltt2go](#tcti-spi-ltt2go)
+- [tcti-spidev](#tcti-spidev)
 - [TPM Simulator tctis](#tpm-simulator-tctis)
   - [tcti-libtpms](#tcti-libtpms)
     - [Parameters](#parameters-4)
@@ -273,6 +274,12 @@ flowchart TD
     style tpm stroke-dasharray: 3, 3
 ```
 
+## tcti-spidev
+
+The tcti-spidev is used for communicating to a TPM that is connected via
+a spidev device. On a Raspberry Pi for example this happens when enabling
+the device tree overlay `spi0-cs2`.
+
 ## TPM Simulator tctis
 
 There are multiple tctis used for testing.

include/tss2/tss2_tcti_spidev.h

@@ -0,0 +1,25 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/*
+ * Copyright 2023 Infineon Technologies AG
+ */
+#ifndef TSS2_TCTI_SPIDEV_H
+#define TSS2_TCTI_SPIDEV_H
+
+#include <stdbool.h>
+#include "tss2_tcti.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+TSS2_RC Tss2_Tcti_Spidev_Init (
+    TSS2_TCTI_CONTEXT *tctiContext,
+    size_t *size,
+    const char *config);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TSS2_TCTI_SPIDEV_H */

lib/tss2-tcti-spidev.def

@@ -0,0 +1,4 @@
+LIBRARY tss2-tcti-spidev
+EXPORTS
+    Tss2_Tcti_Info
+    Tss2_Tcti_Spidev_Init

lib/tss2-tcti-spidev.map

@@ -0,0 +1,7 @@
+{
+    global:
+        Tss2_Tcti_Info;
+        Tss2_Tcti_Spidev_Init;
+    local:
+        *;
+};

lib/tss2-tcti-spidev.pc.in

@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: tss2-tcti-spidev
+Description: TCTI library for communicating with the TPM over spidev.
+URL: https://github.com/tpm2-software/tpm2-tss
+Version: @VERSION@
+Cflags: -I${includedir} -I${includedir}/tss
+Libs: -ltss2-tcti-spi-helper -ltss2-tcti-spi-ltt2go -L${libdir}

man/tss2-tcti-spidev.7.in

@@ -0,0 +1,16 @@
+.\" Process this file with
+.\" groff -man -Tascii foo.1
+.\"
+.TH TCTI-SPI 7 "NOVEMBER 2023" "TPM2 Software Stack"
+.SH NAME
+tcti-spidev \- TCTI library for accessing TPMs via spidev
+.SH SYNOPSIS
+A TPM Command Transmission Interface (TCTI) module for interaction with
+a TPM that is attached to an spidev device node.
+.SH DESCRIPTION
+tcti-spidev is a library that abstracts the details of communication
+with a TPM that is attached to an spidev device node.. The interface
+exposed by this library is defined in the \*(lqTSS System Level API
+and TPM Command Transmission Interface Specification\*(rq specification.
+The configuration of this TCTI takes the filepath to the device node
+(Default: /dev/spidev0.1).