Posts
4641
Following
318
Followers
484
Linux kernel hacker and maintainer etc.

OpenPGP: 3AB05486C7752FE1

Jarkko Sakkinen

should usage normally cause exit code 1 or 0?

right now e.g.,

❯ sudo target/debug/tpm2sh unseal
tpm2sh-unseal
Unseals a keyedhash object

USAGE:
tpm2sh unseal [OPTIONS]
OPTIONS:
--password <PASSWORD> Authorization value
-h, --help Print help information


~/work/github.com/puavo-org/tpm2sh main
❯ echo $status
1

It checks if stdin is open for the sake of pipelien and if not it shows usage.
1
0
0

Jarkko Sakkinen

the very last spam alert:

https://lore.kernel.org/rust-for-linux/aKfaR-h6Itc38qfl@kernel.org/T/#u

moving to on hold as tpm2_protocol is/will be mailing list based project.

tpm2sh has a new github location: https://github.com/puavo-org/tpm2sh

#linux #kernel #tpm #rust
0
0
1

Jarkko Sakkinen

Edited 23 hours ago
The first independent release of the protocol: https://crates.io/crates/tpm2-protocol

Git: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git

Release notes:

tag 0.10.0
Tagger: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Date: Fri Aug 22 04:45:40 2025 +0300

Release 0.10.0

- chore: refactor into standalone crate
- refactor(tpm2_protocol): reduce defaults
- refactor(tpm2_protocol): merge TpmuSigScheme and TpmuAsymScheme
- refactor(tpm2_protocol): decouple command building
- fix(tpm2_protocol): trailing data
- refactor(tpm2_protocol): remove MAC definitions
- tests(tpm2_protocol)
- fix(tpm2-protocol): TpmuAttest error code
- tests: migrate dyn trait test to tpm2_protocol
- fix(tpm2_protocol): correct serialization logic
- refactor: InternalError -> Unreachable
- tests(tpm2_protocol): fix compilation errors
- fix(tpm2_protocol): StartAuthSession response
- refactor!(tpm2_protocol): drop tpm_response! and TpmParameters
- fix!(tpm2_protocol): DO NOT export submodules
- refactor(tpm2_protocol): adjust buffer debug output
- fix(tpm2_protocol): TpmRc::base() return code
-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQRE6pSOnaBC00OEHEIaerohdGur0gUCaKfLxAAKCRAaerohdGur
0nY/AP9/4HMLP+wY0h5tQSnbzmIajNzzBAoWIA7nA8dIkcQ8RQEAxhK/MrKKT7iQ
j2rEvvKdgWPdHtPhZWzUahuZnW6LIgA=
=RfaI
-----END PGP SIGNATURE-----

#linux #kernel #tpm #rust
0
0
2

Jarkko Sakkinen

Edited yesterday
I migrated dyn trait (or Box<dyn TpmObject>) as part of tpm2_protocol test suite just to demonstrate that on-wire TPM2 protocol can be dynamically detected without any spurious dependencies ;-)

Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.

#linux #kernel #tpm #rust
0
0
1

Jarkko Sakkinen

Edited yesterday
My standalone and kselftest exit code compatible test program might be archaic yes but it sure executes fast as hell compared to running cargo test :-)

On first run it also fully compiles the test program togehter with crate's source code linked into it.

#linux #kernel #tpm #rust
0
1
2

I've finally just submitted the RFC series for USB3 support on Apple Silicon machines. RFC because the entire Type-C machinery spans multiple subsystems and has quite a few quirks which makes the entire thing rather annoying to deal with and I'm not 100% convinced about the current approach.

This also includes some initial work for DisplayPort-altmode and USB4/Thunderbolt but both will require much more work after this is upstream, so don't get your hopes up just yet.

https://lore.kernel.org/asahi/20250821-atcphy-6-17-v1-0-172beda182b8@kernel.org/

4
5
0

I'm dying here. Just had a customer come in, asking where his drink was. We never got any mobile orders for him.

"I asked ChatGPT to order it for me and it said I could pick it up."

7
17
3

Jarkko Sakkinen

I learned a new thing in macro_rules! i.e., pattern matching:

tpm_struct! {
    #[derive(Debug, Default, PartialEq, Eq, Clone)]
    kind: Command,
    name: TpmStartAuthSessionCommand,
    cc: TpmCc::StartAuthSession,
    no_sessions: true,
    with_sessions: true,
    handles: {
        pub tpm_key: crate::data::TpmiDhObject,
        pub bind: crate::data::TpmiDhObject,
    },
    parameters: {
        pub nonce_caller: Tpm2bNonce,
        pub encrypted_salt: Tpm2b,
        pub session_type: TpmSe,
        pub symmetric: TpmtSymDefObject,
        pub auth_hash: TpmAlgId,
    }
}

tpm_struct! {
    #[derive(Debug, Default, PartialEq, Eq, Clone)]
    kind: Response,
    name: TpmStartAuthSessionResponse,
    cc: TpmCc::StartAuthSession,
    no_sessions: true,
    with_sessions: false,
    handles: {
        pub session_handle: TpmSession,
    },
    parameters: {
        pub nonce_tpm: Tpm2bNonce,
    }
}
1
0
1

Jarkko Sakkinen

Edited 2 days ago
I can do this:

rustc --crate-type lib --crate-name tpm2_protocol tpm2_protocol/src/lib.rs --edition=2021 --emit=mir

Cool. Can I compile a single file from a crate project? This would be great when doing large refactor and not get your terminal DOS'd :-)

It's pain really. ATM, I'm refactoring out a macro called "tpm_response!" (it is replaced with pre-existing "tpm_struct!" that is extended) and I need to do similar changes to few dozen files.

I'd like to:

1. Do the edit to a single file.
2. Try if that file compiles.
3. Move on to next files.

Lack of knowledge with this makes refactors in Rust living hell TBH ...

Some constrains in my project that might help (possibly):

1. no_std
2. no deps
3. no alloc

Another way to express this: what is "gcc -c" of rustc?

#rust
3
1
1

Jarkko Sakkinen

Edited 2 days ago
Can you specify calling convention for assembly (with asm, global_asm etc.)? I mean things like stdcall and cdecl in C and GCC...

I could not find anything and it'd be a huge limitation...

#rust #assembly
2
2
1

[video] Blastromen (a.k.a. Sami Koskivaara & Mika Rosenberg) - Live @ Hellsinki Industrial Festival, Tiivistämö, Helsinki, Finland, 8 November 2024.

https://www.youtube.com/watch?v=g10owNrqthA

0
2
0
Edited 2 days ago

Real or @NanoRaptor

Well this an IBM 5120 https://en.wikipedia.org/wiki/IBM_5120 a preliminary system to the IBM PC.

1
2
0

Jarkko Sakkinen

Very cool, I start to participate to tpm-rs meetings :-) My project is not a conflicting entity, it's just the protocol layer isolated and made for import (a design choice driven by kernel ofc).

I was just worried what are the thoughts when I come from the woods and say that here's 7000 lines of source code, please repeal and replace but initial feedback is actually quite positive.

For kernel (and tpm-rs) if/when kernel has TPM2 support on Rust side the model could be a bit similar as it is for ACPICA. You have a fast policy-free upstream that tracks the protocol spec as it develops and import cycle.

Would be great to see tpm-rs story to continue but obviously they make their choices.
0
1
1

Jarkko Sakkinen

IMHO, good design goals for any Rust crate would be that:

1. It should run on your toaster.
2. It should run on #Amiga.

Once I stopped using Cargo and 3rd party crates when making my own crates I've started to enjoy Rust for real :-) IMHO, programming should be fun, not efficient or "productive". If I have to start to be too efficient I'll immediately stop this career.

#rust
1
1
9

Jarkko Sakkinen

My next thing in the Rust world is Z-modem but beyond that I'm also looking into legendary S-modem after I get Z-modem first in shape:

https://en.wikipedia.org/wiki/SMODEM

Back in the day S-modem enabled to download your games and porn, and chat with the sysop while doing it ;-)

#bbs #zmodem #smodem
1
1
5

Jarkko Sakkinen

Now it is time phase out doing this and detach myself from the grip of hyperfocus ...

https://lore.kernel.org/rust-for-linux/aKUTF6lu5JetDJxX@kernel.org/T/#u

Ton of stuff that I did not do during last three weeks that I should had done (mainly outside of work) so navigating myself to that direction :-) I just could not stop, once I got really started.

Also I sleeping might be good idea once in a while :-)

#linux #kernel #tpm #rust
1
1
5

Jarkko Sakkinen

12000 SLOC for full TCG TPM 2.0 protocol spefication in three weeks (with about 1000 SLOC of initial code I made year ago).

This includes also tpm2sh. The protocol crate is only ~7000 SLOC.

Now that tpm2_protocol is "complete", I'd believe that it will also slim down over time because first version always the fattest.

I think tpm2_protocol would be the right basis for Linux Rust support for TPM2 but it definitely must mature some time so that low-hanging bugs etc are fixed.

tpm2sh is still quite immature but it is just a test program :-) It has quite a lot of crypto code but use that your own responsibility. I've added that to help with testing now meant for use in production.

#linux #kernel #tpm #rust
0
0
0

Jarkko Sakkinen

Well... hell... TCG TPM 2.0 specification 184 minus one command coverage.
2
0
0

Jarkko Sakkinen

Edited 3 days ago
Despite having implemented SGX driver some years ago I think we all can agree that the existing confidential computing technologies suck like nothing else, right? :-)

In Linux kernel they are essentially proprietary pieces decorated as open source as the technology is unreachable by anyone and is really only option for companies such as Google.

SGX, SNP and TDX are technologies that FSF should be vocal about, not so much TPM (which open protocol specification).

E.g., with SGX Intel made a single NUC in 2018 to get ack from open source community for the kernel feature. Once it landed they have not continued to ship any affordable platforms for these technologies.

#linux #kernel #fsf #opensource
1
4
10
Show older