Jarkko Sakkinen
Posts
4729Following
319Followers
489OpenPGP: 3AB05486C7752FE1
Jarkko Sakkinen
jarkko
The next thing with tpm2_protocol is obviously the figures!
I.e. creating a stress that measures the delta between compile-time estimated size and run-time realized size.
This spun up from my friend Philip Tricca asking about stack usage. I definitely want to know the truth and also catch regressions on this side that might be caused by new commits.
Obviously during construction time this has not been a priority but now it is time to level it up.
One of first commits to wiping away the excess fat is (already in 0.10.0):
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=cd6641bf9e8c8fde8726bece9eb6cdc630d893c2
#linux #kernel #tpm #rust
I.e. creating a stress that measures the delta between compile-time estimated size and run-time realized size.
This spun up from my friend Philip Tricca asking about stack usage. I definitely want to know the truth and also catch regressions on this side that might be caused by new commits.
Obviously during construction time this has not been a priority but now it is time to level it up.
One of first commits to wiping away the excess fat is (already in 0.10.0):
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=cd6641bf9e8c8fde8726bece9eb6cdc630d893c2
#linux #kernel #tpm #rust
0
0
0
Jarkko Sakkinen
jarkko
Edited 15 days ago
As of today can we do this:
1. drivers/char/tpm (C code)
2. drivers/char/tpm/protocol (imported tpm2_protocol)
?
And then build FFI from C to Rust for building commands that we need today etc.
There's one particular challenge where this could help: early boot code for D-RTM (i.e., Trenchboot) as given my crate is just a thing in stack with no deps, it could be linked also to that payload.
#linux #kernel #rust #tpm
1. drivers/char/tpm (C code)
2. drivers/char/tpm/protocol (imported tpm2_protocol)
?
And then build FFI from C to Rust for building commands that we need today etc.
There's one particular challenge where this could help: early boot code for D-RTM (i.e., Trenchboot) as given my crate is just a thing in stack with no deps, it could be linked also to that payload.
#linux #kernel #rust #tpm
1
1
1
Jarkko Sakkinen
jarkko
should usage normally cause exit code 1 or 0?
right now e.g.,
❯ sudo target/debug/tpm2sh unseal
tpm2sh-unseal
Unseals a keyedhash object
USAGE:
tpm2sh unseal [OPTIONS]
OPTIONS:
--password <PASSWORD> Authorization value
-h, --help Print help information
~/work/github.com/puavo-org/tpm2sh main
❯ echo $status
1
It checks if stdin is open for the sake of pipelien and if not it shows usage.
right now e.g.,
❯ sudo target/debug/tpm2sh unseal
tpm2sh-unseal
Unseals a keyedhash object
USAGE:
tpm2sh unseal [OPTIONS]
OPTIONS:
--password <PASSWORD> Authorization value
-h, --help Print help information
~/work/github.com/puavo-org/tpm2sh main
❯ echo $status
1
It checks if stdin is open for the sake of pipelien and if not it shows usage.
1
0
0
Jarkko Sakkinen
jarkko
the very last spam alert:
https://lore.kernel.org/rust-for-linux/aKfaR-h6Itc38qfl@kernel.org/T/#u
moving to on hold as tpm2_protocol is/will be mailing list based project.
tpm2sh has a new github location: https://github.com/puavo-org/tpm2sh
#linux #kernel #tpm #rust
https://lore.kernel.org/rust-for-linux/aKfaR-h6Itc38qfl@kernel.org/T/#u
moving to on hold as tpm2_protocol is/will be mailing list based project.
tpm2sh has a new github location: https://github.com/puavo-org/tpm2sh
#linux #kernel #tpm #rust
0
0
1
Jarkko Sakkinen
jarkko
Edited 16 days ago
The first independent release of the protocol: https://crates.io/crates/tpm2-protocol
Git: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git
Release notes:
tag 0.10.0
Tagger: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Date: Fri Aug 22 04:45:40 2025 +0300
Release 0.10.0
- chore: refactor into standalone crate
- refactor(tpm2_protocol): reduce defaults
- refactor(tpm2_protocol): merge TpmuSigScheme and TpmuAsymScheme
- refactor(tpm2_protocol): decouple command building
- fix(tpm2_protocol): trailing data
- refactor(tpm2_protocol): remove MAC definitions
- tests(tpm2_protocol)
- fix(tpm2-protocol): TpmuAttest error code
- tests: migrate dyn trait test to tpm2_protocol
- fix(tpm2_protocol): correct serialization logic
- refactor: InternalError -> Unreachable
- tests(tpm2_protocol): fix compilation errors
- fix(tpm2_protocol): StartAuthSession response
- refactor!(tpm2_protocol): drop tpm_response! and TpmParameters
- fix!(tpm2_protocol): DO NOT export submodules
- refactor(tpm2_protocol): adjust buffer debug output
- fix(tpm2_protocol): TpmRc::base() return code
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQRE6pSOnaBC00OEHEIaerohdGur0gUCaKfLxAAKCRAaerohdGur
0nY/AP9/4HMLP+wY0h5tQSnbzmIajNzzBAoWIA7nA8dIkcQ8RQEAxhK/MrKKT7iQ
j2rEvvKdgWPdHtPhZWzUahuZnW6LIgA=
=RfaI
-----END PGP SIGNATURE-----
#linux #kernel #tpm #rust
Git: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git
Release notes:
tag 0.10.0
Tagger: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Date: Fri Aug 22 04:45:40 2025 +0300
Release 0.10.0
- chore: refactor into standalone crate
- refactor(tpm2_protocol): reduce defaults
- refactor(tpm2_protocol): merge TpmuSigScheme and TpmuAsymScheme
- refactor(tpm2_protocol): decouple command building
- fix(tpm2_protocol): trailing data
- refactor(tpm2_protocol): remove MAC definitions
- tests(tpm2_protocol)
- fix(tpm2-protocol): TpmuAttest error code
- tests: migrate dyn trait test to tpm2_protocol
- fix(tpm2_protocol): correct serialization logic
- refactor: InternalError -> Unreachable
- tests(tpm2_protocol): fix compilation errors
- fix(tpm2_protocol): StartAuthSession response
- refactor!(tpm2_protocol): drop tpm_response! and TpmParameters
- fix!(tpm2_protocol): DO NOT export submodules
- refactor(tpm2_protocol): adjust buffer debug output
- fix(tpm2_protocol): TpmRc::base() return code
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQRE6pSOnaBC00OEHEIaerohdGur0gUCaKfLxAAKCRAaerohdGur
0nY/AP9/4HMLP+wY0h5tQSnbzmIajNzzBAoWIA7nA8dIkcQ8RQEAxhK/MrKKT7iQ
j2rEvvKdgWPdHtPhZWzUahuZnW6LIgA=
=RfaI
-----END PGP SIGNATURE-----
#linux #kernel #tpm #rust
0
0
4
@monsieuricon goals here summarized: a protocol crate (importable) that could be in future shared by TPM-RS and Linux kernel (both of which care about import not about using it as dep).
0
0
2
Jarkko Sakkinen
jarkko
Edited 16 days ago
I migrated dyn trait (or Box<dyn TpmObject>) as part of tpm2_protocol test suite just to demonstrate that on-wire TPM2 protocol can be dynamically detected without any spurious dependencies ;-)
Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.
#linux #kernel #tpm #rust
Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.
#linux #kernel #tpm #rust
0
0
1
Jarkko Sakkinen
repeated
repeated
Sven Peter
sven@social.treehouse.systemsI've finally just submitted the RFC series for USB3 support on Apple Silicon machines. RFC because the entire Type-C machinery spans multiple subsystems and has quite a few quirks which makes the entire thing rather annoying to deal with and I'm not 100% convinced about the current approach.
This also includes some initial work for DisplayPort-altmode and USB4/Thunderbolt but both will require much more work after this is upstream, so don't get your hopes up just yet.
https://lore.kernel.org/asahi/20250821-atcphy-6-17-v1-0-172beda182b8@kernel.org/
4
5
0
@Netux I can share the context that led me ripping my hairs of:
https://github.com/puavo-org/tpm2_library/commit/0e79aff5ed4ea52c553b97e74f2bdbb4819ffb84
This was due misconducted major refactoring, and type of refactoring that you cannot simply use some "LSP do the magic" button but have to conduct with ultimate care. I got mixed up in the middle because I was not anymore sure of errors that are just due incomplete changes, and those that are bugs caused by me during refactorization process. I finished it anyway because I was "too far to head back" ;-)
It took me two days and two sleepless nights to conduct that fix (these are the worst wher you have dozen of scattered 1-2 line tweaks here and there). The Python script I did, despite archaic help definitely keep my head together with these. I've also like "sacrified my life" for three weeks to write down this 7000 line protocol crate, which probably also makes me a bit more "trigger frenzy" than the usual grumpy me ;-)
https://github.com/puavo-org/tpm2_library/commit/0e79aff5ed4ea52c553b97e74f2bdbb4819ffb84
This was due misconducted major refactoring, and type of refactoring that you cannot simply use some "LSP do the magic" button but have to conduct with ultimate care. I got mixed up in the middle because I was not anymore sure of errors that are just due incomplete changes, and those that are bugs caused by me during refactorization process. I finished it anyway because I was "too far to head back" ;-)
It took me two days and two sleepless nights to conduct that fix (these are the worst wher you have dozen of scattered 1-2 line tweaks here and there). The Python script I did, despite archaic help definitely keep my head together with these. I've also like "sacrified my life" for three weeks to write down this 7000 line protocol crate, which probably also makes me a bit more "trigger frenzy" than the usual grumpy me ;-)
1
1
1
@Netux I can share the context that led me ripping my hairs of:
https://github.com/puavo-org/tpm2_library/commit/0e79aff5ed4ea52c553b97e74f2bdbb4819ffb84
This was due misconducted major refactoring, and type of refactoring that you cannot simply use some "LSP do the magic" button but have to conduct with ultimate care. I got mixed up in the middle because I was not anymore sure of errors that are just due incomplete changes, and those that are bugs caused by me during refactorization process. I finished it anyway because I was "too far to head back" ;-)
It took me two days and two sleepless nights to conduct that fix (these are the worst wher you have dozen of scattered 1-2 line tweaks here and there). The Python script I did, despite archaic help definitely keep my head together with these. I've also like "sacrified my life" for three weeks to write down this 7000 line protocol crate, which probably also makes me a bit more "trigger frenzy" than the usual grumpy me ;-)
https://github.com/puavo-org/tpm2_library/commit/0e79aff5ed4ea52c553b97e74f2bdbb4819ffb84
This was due misconducted major refactoring, and type of refactoring that you cannot simply use some "LSP do the magic" button but have to conduct with ultimate care. I got mixed up in the middle because I was not anymore sure of errors that are just due incomplete changes, and those that are bugs caused by me during refactorization process. I finished it anyway because I was "too far to head back" ;-)
It took me two days and two sleepless nights to conduct that fix (these are the worst wher you have dozen of scattered 1-2 line tweaks here and there). The Python script I did, despite archaic help definitely keep my head together with these. I've also like "sacrified my life" for three weeks to write down this 7000 line protocol crate, which probably also makes me a bit more "trigger frenzy" than the usual grumpy me ;-)
1
1
1
Jarkko Sakkinen
repeated
repeated
@diondokter @ekuber Sorry I was just super frustrated :-) On plus side, I can refine that Python script over time and perhaps get something useful out of json output. And thanks for all thet tips! It's the part I don't like in this compiler but nothing is perfect 🤷
0
0
1
@diondokter @ekuber BUT on bright sound: I have pattern to solve output issues i.e., json output :-) it's easier than capsulating a file to a temp crate at least (and does not contaminate compilation results).
1
0
0
@diondokter @ekuber but that's life and everything has disadvantages but this being a "Microsoft bug" does not make it better.
1
0
0