| Sasha Levin | e8bd417 | 2019-07-05 16:47:46 -0400 | [diff] [blame^] | 1 | ============================================= |
| 2 | Firmware TPM Driver |
| 3 | ============================================= |
| 4 | |
| 5 | This document describes the firmware Trusted Platform Module (fTPM) |
| 6 | device driver. |
| 7 | |
| 8 | Introduction |
| 9 | ============ |
| 10 | |
| 11 | This driver is a shim for firmware implemented in ARM's TrustZone |
| 12 | environment. The driver allows programs to interact with the TPM in the same |
| 13 | way they would interact with a hardware TPM. |
| 14 | |
| 15 | Design |
| 16 | ====== |
| 17 | |
| 18 | The driver acts as a thin layer that passes commands to and from a TPM |
| 19 | implemented in firmware. The driver itself doesn't contain much logic and is |
| 20 | used more like a dumb pipe between firmware and kernel/userspace. |
| 21 | |
| 22 | The firmware itself is based on the following paper: |
| 23 | https://www.microsoft.com/en-us/research/wp-content/uploads/2017/06/ftpm1.pdf |
| 24 | |
| 25 | When the driver is loaded it will expose ``/dev/tpmX`` character devices to |
| 26 | userspace which will enable userspace to communicate with the firmware TPM |
| 27 | through this device. |