Jarkko Sakkinen
Posts
4728Following
319Followers
489OpenPGP: 3AB05486C7752FE1
Jarkko Sakkinen
jarkko
Edited 13 hours ago
A literally WYSIWYG pattern for command-line usage and help where each subcommand has a directory with 'mod.rs', 'usage.txt' and 'help.txt':
- Text files are more readable than code generation (unless you are a compiler).
- Text files has factors better outreach than code generation.
- Text files are non-executable read-only data.
- A bug in a static text file is a typo. Typo is a distraction for sure, but it does not radiate software bugs.
- The factor it simplifies command argument processing is much heavier than some minor redundancy that using text files introduces.
- Text files can be read without building a project.
#rust #clap #lexopt
- Text files are more readable than code generation (unless you are a compiler).
- Text files has factors better outreach than code generation.
- Text files are non-executable read-only data.
- A bug in a static text file is a typo. Typo is a distraction for sure, but it does not radiate software bugs.
- The factor it simplifies command argument processing is much heavier than some minor redundancy that using text files introduces.
- Text files can be read without building a project.
#rust #clap #lexopt
1
3
2
Jarkko Sakkinen
jarkko
Edited yesterday
It took a lot of effort but now all parts of running TPM2_Import are fixed in both tpm2sh and TPM2_Import and integration tests runs perfectly.
Last fix: https://github.com/puavo-org/tpm2sh/commit/3627530516fdcc8739b3c7aea6fab6a136201bfa
It's a bidirectional test where both the client and the emulator are based on tpm2-protocol. The other side sends commands and parses responses, and the other side send responses and parses commands.
Given the fair amount of software crypto involved to perform any possible bidirectional handshake it is shows off pretty well how robust the implementation is.
#rust #tpm #linux
Last fix: https://github.com/puavo-org/tpm2sh/commit/3627530516fdcc8739b3c7aea6fab6a136201bfa
It's a bidirectional test where both the client and the emulator are based on tpm2-protocol. The other side sends commands and parses responses, and the other side send responses and parses commands.
Given the fair amount of software crypto involved to perform any possible bidirectional handshake it is shows off pretty well how robust the implementation is.
#rust #tpm #linux
0
2
2
Jarkko Sakkinen
jarkko
While tpm2-protocol feels really stable tpm2sh is still somewhat unstable and has bunch of bugs here and there. It is expected, as tpm2sh served only as a dumpster for test code while developing the protocol crate.
Now that I don't do active development on tpm2-protocol, I'm going to make the first actually somewhat stable 0.11.0 release of tpm2sh.
It has quite verbose interface, which will break also easily for that reason. Thus, before pursuing seriously to the possible bugs, I developed MockTPM, a simple TPM emulator that is used as the "TPM end" for subcommand integration tests..,
#linux #kernel #rust #tpm
Now that I don't do active development on tpm2-protocol, I'm going to make the first actually somewhat stable 0.11.0 release of tpm2sh.
It has quite verbose interface, which will break also easily for that reason. Thus, before pursuing seriously to the possible bugs, I developed MockTPM, a simple TPM emulator that is used as the "TPM end" for subcommand integration tests..,
#linux #kernel #rust #tpm
0
0
0
Jarkko Sakkinen
jarkko
new uri based json stack with tpm and key objects depending on binding etc. and things start to actually work.
1
0
0
Jarkko Sakkinen
jarkko
Edited 11 days ago
this SVG garbage fuck. is there something we could put .gitattributes, .gitignore or something that would make it not to destroy git grep experience?
2
0
0
Jarkko Sakkinen
jarkko
Edited 14 days ago
I migrated dyn trait (or Box<dyn TpmObject>) as part of tpm2_protocol test suite just to demonstrate that on-wire TPM2 protocol can be dynamically detected without any spurious dependencies ;-)
Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.
#linux #kernel #tpm #rust
Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.
#linux #kernel #tpm #rust
0
0
1
Jarkko Sakkinen
jarkko
Well... hell... TCG TPM 2.0 specification 184 minus one command coverage.
2
0
0
Jarkko Sakkinen
jarkko
tpm2sh starts to look pretty good and has at least the features i want it to have for kernel testing.
tpm2_protocol is "kernel-ready" (including Box<dyn TpmObject>, which is essential for a driver uapi) and this the full list of commands it lacks for 100% TCG TPM 2.0 specification coverage:
https://github.com/puavo-org/tpm2_library/issues/4
I'm pretty much done with this project for the moment :-)
tpm2_protocol is "kernel-ready" (including Box<dyn TpmObject>, which is essential for a driver uapi) and this the full list of commands it lacks for 100% TCG TPM 2.0 specification coverage:
https://github.com/puavo-org/tpm2_library/issues/4
I'm pretty much done with this project for the moment :-)
1
0
0
Jarkko Sakkinen
jarkko
This was nasty one to fix and took many days (and nights tbh) but now finally command parsing is fixed and all my tests pass:
https://github.com/puavo-org/tpm2_library/commit/7b0fc824bd341fb21c90a06b945f01feb1c20f5e
There's MS TPM 2.0 emulator and swtpm, and that's like all of command parsing and response synthesis I'm aware of. I.e. by practical means there was no useful existing work to take example of :-) I'm pretty happy and a bit proud too that I've reach unipolarity by writing Rust macros reflecting TCG specifications.
I don't have now known bugs in the protocol crate. I'm sure there's a bunch but still feels nice after 1.5 weeks of sleepless nights and 7K SLOC of code (protocol + cli).
#linux #kernel #rust #tpm
https://github.com/puavo-org/tpm2_library/commit/7b0fc824bd341fb21c90a06b945f01feb1c20f5e
There's MS TPM 2.0 emulator and swtpm, and that's like all of command parsing and response synthesis I'm aware of. I.e. by practical means there was no useful existing work to take example of :-) I'm pretty happy and a bit proud too that I've reach unipolarity by writing Rust macros reflecting TCG specifications.
I don't have now known bugs in the protocol crate. I'm sure there's a bunch but still feels nice after 1.5 weeks of sleepless nights and 7K SLOC of code (protocol + cli).
#linux #kernel #rust #tpm
1
0
1
Jarkko Sakkinen
jarkko
Edited 24 days ago
I'm ready to push this online, but not for a while tag a release because cli should be made to work optimally.
E.g., policy-secret is placeholder. it would much nicer to have "policy [--train] <expression>" with some combinatorial language.
It could take advantage of object references provided my baked-in stack machine:
1. Subcommands a take list of JSON objects from stdin and consume as many as they need from top of te stack.
2. Each subcommand then produce results to the top.
Of course some things come through arguments (e.g. for key creation I have "--persistent").
Also perhaps load and import should be combined to a single smart command. The point is that this is where I don't know what to do exactly and changes for cli interface are welcome :-) I'm now happy that I got allocs and panics away from protocol crate making it "linux-rust ready".
In the protocol crate itself there is one single puzzle where constant improvement makes sense both in kernel and user space: narrowing the delta between "SIZE" and "len()" of TpmSize trait. Ideally the delta would be zero t some point. To be usable in kernel I've now reach that goal (easily) but optimizing this equation makes it substantially better.
E.g., policy-secret is placeholder. it would much nicer to have "policy [--train] <expression>" with some combinatorial language.
It could take advantage of object references provided my baked-in stack machine:
1. Subcommands a take list of JSON objects from stdin and consume as many as they need from top of te stack.
2. Each subcommand then produce results to the top.
Of course some things come through arguments (e.g. for key creation I have "--persistent").
Also perhaps load and import should be combined to a single smart command. The point is that this is where I don't know what to do exactly and changes for cli interface are welcome :-) I'm now happy that I got allocs and panics away from protocol crate making it "linux-rust ready".
In the protocol crate itself there is one single puzzle where constant improvement makes sense both in kernel and user space: narrowing the delta between "SIZE" and "len()" of TpmSize trait. Ideally the delta would be zero t some point. To be usable in kernel I've now reach that goal (easily) but optimizing this equation makes it substantially better.
2
1
2