Posts
4936
Following
327
Followers
492
Linux kernel hacker and maintainer etc.

OpenPGP: 3AB05486C7752FE1
jarkko

Jarkko Sakkinen

bpftop is super nice (just learned about its existence)
0
0
2
jarkko

Jarkko Sakkinen

Edited 5 days ago
Developing a rendering engine for mailweb 0.3. The gist in that is Servo rendering the mail as a set of offline rendered tiles.

Given that Servo is complicated I'm figuring offline rendering part in a separate project.

I needed some tileable content to work with so I wrote "a classic" fractal cloud generator out of my memory (decades ago literally) ("diamond alike" recursion and periodic perlin noise) :-)

This was also great finding: https://github.com/rust-windowing/softbuffer
1
0
1
jarkko

Jarkko Sakkinen

tpm2-protocol 0.14.0 #linux #tpm #rustlang
0
0
1
jarkko

Jarkko Sakkinen

this is how my little stack plays out as a dep graph

#linux #rustlang #tpm
1
0
1
jarkko

Jarkko Sakkinen

I'm using Servo in the next (0.3.x) version of mailweb, which will no longer open browser like viewhtmlmail.

Instead using servo this will happen when showing HTML mail in mutt:

1. Render page as bitmap(s) to the cache after extracting CID shenanigans using Servo.
2. Page is showed then in the terminal sixel first and fallback to unicode rendering.

This way sixels performance issues won't get in the way and will overall much nice experience than opening a random tab in a browser.

https://crates.io/crates/mailweb

#mutt #viewhtmlmail #mailweb #servo
1
0
2
jarkko

Jarkko Sakkinen

i do want to support the cause but i don't want or am going to create yet another account 🤷 #mastodon
0
2
2
jarkko

Jarkko Sakkinen

batch file transfers finally working reliably
0
0
1
jarkko

Jarkko Sakkinen

I created a cheat sheet of my accumulated custom shortcuts in vim using typst. i'm going to maintain this and capping custom shortcuts to fit into single A4 helps to make sure that things don't get too complicated :-)
0
1
2
jarkko

Jarkko Sakkinen

tpm2sh 0.15.0 compiles the policy commands to the DER payload.

Crypto has been migrated to OpenSSL for sake of allowing to be (or delegating the policy of being) FIPS compatible, and making crypto patchable.

#linux #kernel #tpm #openssl #rustlang
0
2
1
jarkko

Jarkko Sakkinen

0
2
3
jarkko

Jarkko Sakkinen

Edited 18 days ago
tpm2sh 0.12.3 loads and processes multi-level ancestor chains correctly, policy expressions have now a more stable manually implemented custom-built parser.

https://crates.io/crates/tpm2sh/0.12.3

#linux #tpm #rustlang
1
0
3
jarkko

Jarkko Sakkinen

Noteworthy in this is the implict parent discovery without having to specify parent when loading keys :-) It recursively loads always the whole hierarchy where parent key is discovered either among persistent keys or cache.

#linux #kernel #tpm
0
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
@lkundrak
2
0
0
jarkko

Jarkko Sakkinen

After starting this work one Sunday on August and ~13000 lines of new Rust code after that, this is the first release where I don't have any catastrophical bugs to resolve, or have personally any immediate needs :-)

https://crates.io/crates/tpm2sh

#linux #rustlang #tpm
1
1
5
jarkko

Jarkko Sakkinen

tpm2sh policy has now more inituitive infix expressions :-) [learning nom by trial and error]
0
0
2
jarkko

Jarkko Sakkinen

Reply to @jarkko
policies:
0
0
0
jarkko

Jarkko Sakkinen

Refined the interface of offloaded objects:

1. Objects resident/loaded in TPM: tpm:
2. Offloaded objects: vtpm:

Thus, I removed also "key" and "session" subcommands and introduced "virtual" subcommand.

#linux #tpm #rustlang
1
0
1
jarkko

Jarkko Sakkinen

Edited 26 days ago

tpm2sh 0.11.16

This is the release where things mostly work and is first usable version for wider audience than just me.

Functionality is focused on key management and it is quite limited on operations.

That said, it the most important functionalities, and most difficult to implement, in place:

  1. Implicit creation of HMAC sessions to protect communication, and hiding its complexity . It is still a stub as parameter encryption is not in place but the mechanism is working correctly.
  2. Key management including direct support for PKCS#1, PKCS#8 and SEC1 external keys with custom parsers so that dependencies are light for e.g., BuildRoot embedded/VM targets. 3, Seamless over-subscription with key context cache (in ~/.cache/tpm2sh). Detects stale contexts from previous power cycles. “Cache keys” can be referred bit “key:<hex grip>” type of “URI”, where grip is 8 bytes of the key’s name hash.
  3. Seamless policy sessions with policy command, which can output both composite digest and session handle.
  4. Intuitive way to download vendor certificates from the chip.
  5. Full support for the TPMKey ASN.1 format, which is what kernel speaks.

Adding signing etc. ops would have been worse mistake to do before getting this basis right.

It’s not aiming to do all what tpm2-tools does but more like do stuff that I want to do and implementing that as a command-line tool :-) I.

#linux #kernel #tpm #rustlang #buildroot

0
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
@andrew fixed since
0
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
known argument parsing bug but downloading certs does work :-)
1
0
0
Show older
About social.kernel.org

Terms of service

  1. Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.

  2. "Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.

  3. You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).

  4. There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

  • You are listed in MAINTAINERS or CREDITS

  • OR: You have a kernel.org account or email address

  • OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account: