[PATCH v3 12/12] configs: enable wolfTPM in rpi_4_defconfig
Peter Robinson
pbrobinson at gmail.com
Mon May 11 10:22:12 CEST 2026
Hi Aidan,
Firstly you should be copying the maintainers of the components you're
changing, I see a bunch of changes to the Raspberry Pi but the
maintainers aren't copied.
> Enable SPI, TPM, and wolfTPM support in the Raspberry Pi 4 default
> configuration for out-of-the-box TPM 2.0 support with Infineon
> SLB9670/9672 TPM HATs.
>
> SPI support:
> CONFIG_SPI, CONFIG_DM_SPI, CONFIG_BCM2835_SPI, CONFIG_CMD_SPI
> Enables the BCM2835 hardware SPI driver. Soft SPI is disabled
> since the hardware driver is used.
Why would the would the soft SPI driver be enabled, I don't see it as
a default y anywhere.
> TPM and wolfTPM:
> CONFIG_TPM, CONFIG_TPM_V2, CONFIG_CMD_TPM: core TPM support
> CONFIG_TPM_WOLF: wolfTPM library integration
> CONFIG_CMD_WOLFTPM: wolfTPM command backend for tpm2
> CONFIG_WOLFTPM_SLB9672: Infineon SLB9672 chip support
> WOLFTPM_LINUX_DEV disabled: uses native wolfTPM TIS layer with
> direct SPI communication rather than U-Boot's TPM driver model
>
> Logging:
> CONFIG_LOG with level 7 (DEBUG) to enable log_debug() output
> from wolfTPM commands.
>
> Testing:
> CONFIG_UNIT_TEST, CONFIG_CONSOLE_RECORD, CONFIG_HEXDUMP for
> running the wolfTPM C unit test suite.
The above tells me what you're doing, but I can see that from the
config changes below, it doesn't tell me *WHY*! So please explain!
> Signed-off-by: Aidan Garske <aidan at wolfssl.com>
> ---
> configs/rpi_4_defconfig | 29 ++++++++++++++++++++++++++++-
> 1 file changed, 28 insertions(+), 1 deletion(-)
>
> diff --git a/configs/rpi_4_defconfig b/configs/rpi_4_defconfig
> index 8362242b97f..22280d9b70e 100644
> --- a/configs/rpi_4_defconfig
> +++ b/configs/rpi_4_defconfig
> @@ -69,4 +69,31 @@ CONFIG_SYS_WHITE_ON_BLACK=y
> CONFIG_VIDEO_BCM2835=y
> CONFIG_CONSOLE_SCROLL_LINES=10
> CONFIG_PHYS_TO_BUS=y
> -# CONFIG_HEXDUMP is not set
> +# HEXDUMP enabled for unit tests
Would we want this enabled for a default user on a RPi? I'm not sure we do.
> +# SPI support (hardware SPI - matches Linux tpm-slb9670 overlay)
> +CONFIG_SPI=y
> +CONFIG_DM_SPI=y
> +CONFIG_BCM2835_SPI=y
> +# CONFIG_SOFT_SPI is not set
> +CONFIG_CMD_SPI=y
What does the below bring for the average RPi user? Why would I want
it as the maintainer?
> +# TPM and wolfTPM support
> +CONFIG_TPM=y
> +CONFIG_TPM_V2=y
> +CONFIG_CMD_TPM=y
> +CONFIG_TPM_WOLF=y
> +# CONFIG_WOLFTPM_LINUX_DEV is not set
> +CONFIG_WOLFTPM_SLB9672=y
> +CONFIG_CMD_WOLFTPM=y
For the below an absolute NAK, This config isn't what the average user
would want. The config isn't your play ground.
> +# Logging (debug level to see log_debug output)
> +CONFIG_LOG=y
> +CONFIG_LOGLEVEL=7
> +CONFIG_LOG_MAX_LEVEL=7
> +CONFIG_LOG_DEFAULT_LEVEL=7
> +
> +# Unit testing support
> +CONFIG_UNIT_TEST=y
> +CONFIG_CONSOLE_RECORD=y
> +CONFIG_HEXDUMP=y
> --
> 2.47.3
>
More information about the U-Boot
mailing list