[3/3] dt-bindings: tpm: Document Microsoft fTPM bindings

Commit Message

Lukas Wunner Nov. 21, 2023, 9:48 a.m. UTC

A driver for Microsoft's firmware-based Trusted Platform Module (fTPM)
was merged with commit 09e574831b27 ("tpm/tpm_ftpm_tee: A driver for
firmware TPM running inside TEE"), but its devicetree bindings were not.

This is the only remaining undocumented compatible string for a TPM,
so add a DT schema based on the patch linked below.

Link: https://lore.kernel.org/all/20190409184958.7476-2-sashal@kernel.org/
Signed-off-by: Lukas Wunner <lukas@wunner.de>
---
 .../bindings/tpm/microsoft,ftpm.yaml          | 48 +++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml

Comments

Rob Herring (Arm) Nov. 21, 2023, 10:57 a.m. UTC | #1

On Tue, 21 Nov 2023 10:48:43 +0100, Lukas Wunner wrote:
> A driver for Microsoft's firmware-based Trusted Platform Module (fTPM)
> was merged with commit 09e574831b27 ("tpm/tpm_ftpm_tee: A driver for
> firmware TPM running inside TEE"), but its devicetree bindings were not.
> 
> This is the only remaining undocumented compatible string for a TPM,
> so add a DT schema based on the patch linked below.
> 
> Link: https://lore.kernel.org/all/20190409184958.7476-2-sashal@kernel.org/
> Signed-off-by: Lukas Wunner <lukas@wunner.de>
> ---
>  .../bindings/tpm/microsoft,ftpm.yaml          | 48 +++++++++++++++++++
>  1 file changed, 48 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml
> 

My bot found errors running 'make DT_CHECKER_FLAGS=-m dt_binding_check'
on your patch (DT_CHECKER_FLAGS is new in v5.13):

yamllint warnings/errors:

dtschema/dtc warnings/errors:
/builds/robherring/dt-review-ci/linux/Documentation/devicetree/bindings/tpm/microsoft,ftpm.example.dtb: tpm: Unevaluated properties are not allowed ('linux,sml-base', 'linux,sml-size' were unexpected)
	from schema $id: http://devicetree.org/schemas/tpm/microsoft,ftpm.yaml#

doc reference errors (make refcheckdocs):

See https://patchwork.ozlabs.org/project/devicetree-bindings/patch/ad4b484da8190c83902b2525823ceb3439a7576e.1700555862.git.lukas@wunner.de

The base for the series is generally the latest rc1. A different dependency
should be noted in *this* patch.

If you already ran 'make dt_binding_check' and didn't see the above
error(s), then make sure 'yamllint' is installed and dt-schema is up to
date:

pip3 install dtschema --upgrade

Please check and re-submit after running the above command yourself. Note
that DT_SCHEMA_FILES can be set to your schema file to speed up checking
your schema. However, it must be unset to test all examples with your schema.

Lukas Wunner Nov. 21, 2023, 11:03 a.m. UTC | #2

On Tue, Nov 21, 2023 at 03:57:21AM -0700, Rob Herring wrote:
> My bot found errors running 'make DT_CHECKER_FLAGS=-m dt_binding_check'
> on your patch (DT_CHECKER_FLAGS is new in v5.13):

Your bot hasn't read the cover letter, which discusses those errors:

https://lore.kernel.org/linux-devicetree/cover.1700555862.git.lukas@wunner.de/

Rob Herring (Arm) Nov. 21, 2023, 4:20 p.m. UTC | #3

On Tue, Nov 21, 2023 at 10:48:43AM +0100, Lukas Wunner wrote:
> A driver for Microsoft's firmware-based Trusted Platform Module (fTPM)
> was merged with commit 09e574831b27 ("tpm/tpm_ftpm_tee: A driver for
> firmware TPM running inside TEE"), but its devicetree bindings were not.
> 
> This is the only remaining undocumented compatible string for a TPM,
> so add a DT schema based on the patch linked below.
> 
> Link: https://lore.kernel.org/all/20190409184958.7476-2-sashal@kernel.org/
> Signed-off-by: Lukas Wunner <lukas@wunner.de>
> ---
>  .../bindings/tpm/microsoft,ftpm.yaml          | 48 +++++++++++++++++++
>  1 file changed, 48 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml

Reviewed-by: Rob Herring <robh@kernel.org>

Patch

diff --git a/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml b/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml
new file mode 100644
index 000000000000..cc9c3aa6d48d
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml
@@ -0,0 +1,48 @@ 
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/microsoft,ftpm.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: Microsoft firmware-based Trusted Platform Module (fTPM)
+
+maintainers:
+  - Thirupathaiah Annapureddy <thiruan@microsoft.com>
+  - Sasha Levin <sashal@kernel.org>
+
+description: |
+  Commodity CPU architectures, such as ARM and Intel CPUs, have started to
+  offer trusted computing features in their CPUs aimed at displacing dedicated
+  trusted hardware.  Unfortunately, these CPU architectures raise serious
+  challenges to building trusted systems because they omit providing secure
+  resources outside the CPU perimeter.
+
+  Microsoft's firmware-based TPM 2.0 (fTPM) leverages ARM TrustZone to overcome
+  these challenges and provide software with security guarantees similar to
+  those of dedicated trusted hardware.
+
+  https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/
+  https://github.com/Microsoft/ms-tpm-20-ref/tree/main/Samples/ARM32-FirmwareTPM
+
+properties:
+  compatible:
+    enum:
+      - microsoft,ftpm
+
+required:
+  - compatible
+  - linux,sml-base
+  - linux,sml-size
+
+allOf:
+  - $ref: tpm-common.yaml#
+
+unevaluatedProperties: false
+
+examples:
+  - |
+    tpm {
+        compatible = "microsoft,ftpm";
+        linux,sml-base = <0x0 0xc0000000>;
+        linux,sml-size = <0x10000>;
+    };