Does anyone know if the Edison contains any kind of TPM capabilities? /proc/cpuinfo doesn't appear to show the "smx" flag, so Linux doesn't appear to think there is a TPM chip on board. However, most recent Atom chips (I have a Z3735G tablet for instance) contain one, so I was wondering if a chip was there but not enabled (as far as I understand, it would need to be enabled in the BIOS and I don't think the Edison has one).
If the chip is present (can anyone at Intel shed some light on this?), how do I activate it?
The Edison does not have a TPM integrated. Traditionally TPMs are attached to the system on the LPC bus and AFAIK the Edison doesn't have one. The good news is that there are TPMs out there designed for the I2C bus which the Edison does have. The hard part is actually finding a place where you can buy just the TPM. I'm in the process of bread-boarding out a project to hook an Atmel AT97SC3204T up to my MinnowboardMAX and eventually my Edison (when OE/Yocto support is upstream) as well. This is an older TPM but I couldn't find the newer AT97SC3205T for direct sale anywhere.
I've done a bit of research and it looks like the TPM is not always an external chip, some Intel chipsets appear to have an integrated one. I wonder if this could be the case of the Edison. I guess we'll have to wait for Sergio to confirm or deny this.
Later edit: it appears that this might actually be the case - all new Intel chips appear to use integrated TPMs as opposed to having an external chip. Given the amount of integration in the Edison (and other new Atom chips like the Z3735G I'm working on), this would really make sense. The technology already exists, so an integrated chip in the SoC makes perfect sense. I'd love to have confirmation from Intel though.
I imagine , when they bring the Edison Quark sub processor online, it may be in charge of secure boot validation, which would eliminate the requirement of a TPM. It may have memory sections internal to it that can't be read out in Edison user space. It would be a waste of a good sub-processor for handling I/O but there may be precedent for it in the Baytrail platform.
There is a security processor on Edison that is disabled by firmware. The security processor is not a standard Trusted Platform Module (TPM) like that used on PC's.