Posts
4417
Following
315
Followers
470
Linux kernel hacker and maintainer etc.

OpenPGP: 3AB05486C7752FE1
jarkko

Jarkko Sakkinen

Reply to @jarkko
Dropped this question also to #wolfSSL: https://github.com/wolfSSL/wolfTPM/issues/356
0
0
0
jarkko

Jarkko Sakkinen

#Microsoft has invested considerable amount of money on #Ethereum but still nobody has put forward p256k1 to the TCG Algorithm Registry. IMHO, would be somewhat dead obvious thing to do...

https://trustedcomputinggroup.org/resource/tcg-algorithm-registry/

#TPM #blockchain
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
I wonder if TCG is ever going to add p256k1 to their algorithm repository...
0
0
0
jarkko

Jarkko Sakkinen

Edited 1 year ago

Asymmetric #TPM2 #keys v7:

https://lore.kernel.org/linux-crypto/20240528210823.28798-1-jarkko@kernel.org/T/#mb07f85a8c3f4af388cbc08438e71ac8aea447d85

This is the first version with fully working #ECDSA signing and signature verification with the public key.

Implementation notes:

  1. Accepts only sha256 at this point. Can be easily extended later. It is best overall choice for the first version.
  2. Does not accept any authentication policy yet. Can be extended later by adding a new parameter to match_table_t param_keys in security/keys/keyctl_pkey.c. E.g. "policy=%s".

Iā€™m pretty happy with this, given that I did it fully during 1.5 week period on my free time and unpaid ;-)

#Linux #kernel #TPM

1
0
1
jarkko
repeated
memes@wetdry.world

memes šŸ³ļøā€šŸŒˆšŸ³ļøā€āš§ļø

Edited 3 months ago
0
3
2
jarkko

Jarkko Sakkinen

Reply to @GossiTheDog@cyberplace.social
@GossiTheDog I'd generally prefer either Firefox or Chrome, or unbranded versions of them (like Debian's Iceweasel), even if there is zero controversies because obviously it is nearest the upstream where e.g. security fixes land first.
0
0
1
jarkko
repeated
hrw@society.oftrolls.com

Marcin Juszkiewicz šŸ™ƒ

Linux 6.10-rc1 got released yesterday. With brand new `mseal()` system call.

So my automation kicked in, posted pull request, I merged, page with system calls table got rebuilt:

https://gpages.juszkiewicz.com.pl/syscalls-table/syscalls.html

0
2
2
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 1 year ago
@tshepang Ultimately I cannot say anything definitive as it is up to arch subsystem tree maintainers, but I would be less surprised to win in lottery, than see an arch subsystem tree that would require two cross-compilation toolchains to make a build. From that I can pretty much deduce the original claim that feature parity is mandatory for linux-rust to have any long-standing significance in linux kernel.
1
0
0
jarkko

Jarkko Sakkinen

v6 of #TPM2 #asymmetric #keys patch set: https://lkml.org/lkml/2024/5/28/150

The new version includes also sub-type for ECDSA signing and verification.

#linux #kernel
0
0
1
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 1 year ago
@tshepang Not something that pro-actively waiting for but before that happens Rust is by.practical means blocked from defconfig's. It is then up to those who work on these compilers to find a way to make it happen (such as ISO standard).
2
0
0
jarkko

Jarkko Sakkinen

Reply to @tshepang@hachyderm.io
@tshepang Rust is already enabled in Linux but it has insignificant chance to reach any arch's defconfig before feature parity with gccrs. What is an "ok thing"?
2
0
0
jarkko

Jarkko Sakkinen

Reply to @tshepang@hachyderm.io
@tshepang not really understanding the context where this would happen, I'm not waiting for anything at all :-)
1
0
0
jarkko

Jarkko Sakkinen

Reply to @tshepang@hachyderm.io
@tshepang Because Linux supports GCC šŸ¤· And for anything compiled by default, i.e. in any defconfig, requiring two toolchains for a build is obnoxious and neither very portable. E.g. for specific cross-compilation target you might have only one toolchain.
1
0
0
jarkko

Jarkko Sakkinen

Reply to
@raggi Yeah, agreed :-)
0
0
0
jarkko

Jarkko Sakkinen

Reply to
@raggi Is there some other fronend for LLVM than rustc? Not sure I got hold of this argument.
0
0
0
jarkko

Jarkko Sakkinen

Reply to
@raggi Yeah, please understand that I would love to see some day rust in some arch's defconfig :-) So not claiming that I know things better than e.g. respective language communities but instead am just documenting here my own concerns.

I'm also happy to get things totally wrong :-) I never "defend" any of my opinions at the time...
0
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
@raggi In the end of the day I don't mind how 1:1 compatibility with the language spec is maintained as long as it works for rustc and GNU project. If it works for both with Github, then it is not my problem. I'm just consumer for these tools and part of neither community. Still for kernel, gccrs must have enough features to be drop-in replaceable with rustc, at least to compile kernel. In the long-term at least.
0
0
0
jarkko

Jarkko Sakkinen

Reply to
Edited 1 year ago
@raggi Not necessarily want email based workflow, it is just one vendor-neutral example. E.g. Rust Foundation itself just detach only language spec project from Github, and then host its own repositories and issue database, and have a method of submitting changes for it.
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
@raggi Github has guidelines, it can take a repository down based on its own decision and you cannot report a bug without an account just to name a few things that do not make a Github project just a Git repository. And all Rust projects use features such as issue database. I could agree with that if Rust was using Github as just a git repository but it is really not.

It is just an objectively false claim. I cannot help it tbh.
0
0
0
jarkko

Jarkko Sakkinen

Reply to
@raggi So I don't need to even disagree with an objectively false claim.
1
0
0
Show older
About social.kernel.org

Terms of service

  1. Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.

  2. "Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.

  3. You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).

  4. There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

  • You are listed in MAINTAINERS or CREDITS

  • OR: You have a kernel.org account or email address

  • OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account: