wiki:tpm

Version 3 (modified by Samuel Lee, 12 months ago) ( diff )

Updated venice model info

Trusted Protection Module

Gateworks has an optional TPM on some SBCs.

The below models can optionally have it loaded:

  • Malibu GW8901
  • Venice:
    • GW74xx-B
    • GW73xx-F
    • GW72xx-F
    • GW71xx-E

The boards can contain an onboard Microchip ATTPM20P-H6MA1-10 TPM connected to the SPI bus.

This is compliant to the Trusted Computing Group (TCG) Trusted Platform Module (TPM) Version 2.0, r116 Trusted Platform Module Library. See link here: Link

Cryptographic Support for:

  • HMAC
  • AES-128
  • SHA-1
  • SHA-256
  • ECC BN_P256, ECCNIST_P256 -RSA 1024-2048 bit keys

It is controlled via generic TCG SPI Linux driver. TPM 2.0 provides direct access via /dev/tpm0 (with one client at a time), and can be accessed through the tpm2-abrmd resource manager daemon, or kernel-managed access via /dev/tpmrm0

The TPM device is at /dev/tpm0

The TPM tool set (over 100 different commands) can be installed with the following command:

apt install tpm2-tools tpm2-abrmd

Example tpm2-tools showing the properties:

root@jammy-malibu:~# tpm2_getcap properties-fixed
TPM2_PT_FAMILY_INDICATOR:
  raw: 0x322E3000
  value: "2.0"
TPM2_PT_LEVEL:
  raw: 0
TPM2_PT_REVISION:
  raw: 0x77
  value: 1.19
TPM2_PT_DAY_OF_YEAR:
  raw: 0x42
TPM2_PT_YEAR:
  raw: 0x7DE
TPM2_PT_MANUFACTURER:
  raw: 0x4D434850
  value: "MCHP"
TPM2_PT_VENDOR_STRING_1:
  raw: 0x0
  value: ""
  etc.....

Note: See TracWiki for help on using the wiki.