@amackif for this i just read the Rust documentation and for TCG specs I have 11 years familiarity so it's then it was just basically synthesis of those. As the word is defined you need to have a deep understanding of the domain really. From that angle, it is also impossible question to give any correct answer.

@amackif I have no idea tbh.

tpm2-protocol is the first thing i've done with Rust which would not be existentially possible achieve without some of the Rust features.

With TPM protocol shenanigans people tend to go generation path because writing all data types manually would be ridiculous amount of work.

By creating DSL with macros, "ridiculous" factored down to "huge" but only for the initial pass i.e., to reach the current TCG standard version. And given that I have now efficient DSL, keeping the implementation up to date is almost cost-free. And since none of the compiled code is a generation artifact, it is easy to "shift away" in selected places, and write down traits manually.

https://github.com/puavo-org/himmelblau-dev

I’m working on a bash and Makefile based project called “himmelblau-dev”, which provides low-barrier entry point to start contributing to that upstream project. I have not really contributed to that project much because there is no a meaningful edit-compile-run-cycle and that is what I’m resolving with this project.

I’ve taken a lot of trouble to not use containers, not even in the build, because containers always mean looking for problems when translating a development environment from one machine to another.

[To be completely honest, for any possible project I interpret “I have to use a container” into “my solution is going to be a trainwreck”]

Instead, I do the build with a combination of deboostrap and guestfish tricks. The project has makefile targets for running resulting QCOW2 in QEMU, contains a settings file (parser implemented in bash) and automatic download of OVMF images and logic for managing EFI vars file.

It’s a bit like embedded build system centered around a single upstream project.

Layout right now:

❯ tree
.
├── bootstrap
│   ├── settings.sh
│   └── start.sh
├── config
│   ├── debian.sh
│   ├── himmeblau.sh
│   └── start.sh
├── himmelblau.version
├── Makefile
├── qemu.json
├── README.md
└── vm
    ├── qemu.sh
    ├── start.sh
    └── swtpm.sh

I need to fine-tunet his for a while still before I publish it. It’s all GPL3 license as I see no point of using any other license for this.

qemu.json is just my own ad-hoc VM configuration format:

{
  "args": {
    "enable-kvm": true,
    "machine": "q35,accel=kvm",
    "cpu": "host",
    "memory": "4G",
    "rtc": "base=localtime"
  },
  "networking": {
    "user": [
      { "netdev": "user,id=net0,hostfwd=tcp::10022-:22" },
      { "device": "virtio-net-pci,netdev=net0" }
    ],
    "bridge": [
      { "netdev": "bridge,id=net0,br=br0" },
      { "device": "virtio-net-pci,netdev=net0" }
    ]
  },
  "tpm": {
    "enabled": true,
    "tpmdev": "emulator,id=tpm0,chardev=chrtpm",
    "device": "tpm-tis,tpmdev=tpm0"
  },
  "drives": [
    {
      "if": "pflash",
      "file": "OVMF_CODE.fd",
      "format": "raw",
      "readonly": "on"
    },
    {
      "if": "pflash",
      "file": "OVMF_VARS.fd",
      "format": "raw"
    },
    {
      "file": "himmelblau-demo.qcow2",
      "format": "qcow2"
    }
  ]
}

#azure #intune #himmelblau

I'm working on a mocked TPM for tpm2sh integration tests (still heavily WiP just had to put the first checkpoint):

https://github.com/puavo-org/tpm2sh/blob/main/src/bin/mock-tpm.rs

Even at this point it still demonstrates how easy it is to get ongoing with previously as complicated task as writing a TPM emulator.

#linux #kernel #tpm #rust

I have ML now: https://lore.kernel.org/tpm-protocol/

Patches and discussion: tpm-protocol@lists.linux.dev

More information: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/tree/README.md

#linux #kernel #tpm #rust

Since GlobalAlloc is not required from the get go it's easy to get from nothing to something with enclaves as stack will do (and obviously data and rodata are cool too, they don't require alloc).

It also means that one can be light on run-time if wanted and compile-time decided memory pool is good enough (placed in .data). This relaxes the SDK requirements quite a lot as with enclaves (for any technology) allocating new pages from untrusted host is super complex and involved process. Static memory size generally tends to also improve both security, privacy and availability properties of ANY piece of software.

This is the gist how you would go on implementing TPM emulator, or vTPM inside confidential computing (SGX, SNP, TDX) enclave:

#linux #kernel #rust #tpm

TBH, it would best for QEMU if it merged swtpm/libtpms code at some point. That would lower the barrier to implement emulation for e.g., fTPM behind ARM FF-A.

Normally software that uses TPM2 creates integration tests by setting up e.g., swtpm.

Once I land the fix for ATM broken tpm2sh import, I'll also add tests/commands.rs, which will demonstrate how you can use tpm2-protocol crate to mock the TPM device.

If you want to take the test to the device level, tpm_vtpm_proxy can be used for this purpose (a driver by Stefan Berger who has also created the awesome swtpm, which is *obviously* the ultimate solution with QEMU) .

#linux #kernel #tpm #rust

zero issues advertising this as i think it really does right things right:

https://github.com/himmelblau-idm/himmelblau/issues/662

buffering and parsing this protocol stream is just one thing i have pretty solid grip off so why not make best of it

the uncrowned king of RS-232 file transfer protocols: https://en.wikipedia.org/wiki/SMODEM

Now I can finally focus on zmodem

@Gargron sidetalking anyone? :-) https://sidetalking.com/

lifting weights felt great after three week break :-) that's the timeline for tpm2-protocol. it was unhealthy stretch as fuck but now it is done and my rust concerns have been mitigated!

i'm ready and i've fully prepared the next five year plan in the linux kernel, and more specifically in kernel sec...

    refactor!(pipeline): uri base schema
    
    Introduce a new object model with separation between 'tpm' objects (on-chip
    references) and 'key' objects (portable key material), simplifying the
    object lifecycle.
    
    Replace the inconsistent scheme with a URI based scheme ('tpm://',
    'file://', 'data://', 'pipe://') for all resource references.

new uri based json stack with tpm and key objects depending on binding etc. and things start to actually work.

Happy birthday, Linux! 🐧🎂

Here’s to 34 years of open source, community, and innovation.

#LinuxBirthday

(sort of) EOF for this project:
https://lore.kernel.org/tpm2/aKzaTYCI2GO_UPRB@kernel.org/T/#u

The thing that really did not exist before is there, features too, stability most likely not, processes and constraints are adequate for the goals and purpose 🤷

#linux #kernel #tpm #rust