Software crypto would really need its own "official" systemd service as that way any application could have audited crypto. I.e. crypto operations would be executed by that service and results returned back to the caller. It could probably be just user service running inside session in order to guarantee better privacy.

This is partly because Rust does not have a proper DSO support, and this would address this flaw in Rust. It is not a question how great some random crate is but more like can you make software that can be used in production as per standards that companies use.

E.g., I cannot recommend to use tpm2sh to use anything else except kernel testing for this exact reason no matter how the crates are implemented or how well I might orchestrate the calls.

https://www.youtube.com/watch?v=jjhiTyF0MvY

IMHO learnings from SGX, SNP and TDX: we should simply stop accepting enterprisy CPU features UNLESS there's guaranteed flow of reasonably priced SDPs, EVEN if they are not profitable for the CPU company.

E.g., in SGX, Intel delivered exactly one generation of NUCs in order to comply what we agreed on at Linux Plumbers 2016. Once the feature was in the mainline it was end of story for developer accessible hardware. And still after that SNP and TDX have been included, which is plain stupid.

It's hard to take away user facing code from kernel once it is included but it would be the best possible policy and constraint to take only bug fixes up until we have cheap SDPs for the confidential computing CPU features.

Let's shutdown any other improvements up until that. Not a decision maker on x86 tree but I have right for my opinion at least :-)

EDIT: I think I make my case without "PS" part :-) This is still how things have went and based on facts (I've witnessed the whole process).

#linux #kernel #intel #amd

Fuck, I’ve removed TPM_RC_SIZE at some point while drilling and hammering… I’ll add it back!

#linux #kernel #tpm #rust

"Who needs an App Store? You've got the Nokia PC Suite software on a CD-ROM! Just plug the proprietary cable into your Symbian S60 device, boot up your Windows PC, and away you go. THIS is the smartphone experience for people who are serious about mobile computing."

#Nokia #Symbian #smartphone #retrophone

The next thing with tpm2_protocol is obviously the figures!

I.e. creating a stress that measures the delta between compile-time estimated size and run-time realized size.

This spun up from my friend Philip Tricca asking about stack usage. I definitely want to know the truth and also catch regressions on this side that might be caused by new commits.

Obviously during construction time this has not been a priority but now it is time to level it up.

One of first commits to wiping away the excess fat is (already in 0.10.0):
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?id=cd6641bf9e8c8fde8726bece9eb6cdc630d893c2

#linux #kernel #tpm #rust

hot:

https://shop.compiler-explorer.com/en-eur/collections/abi-mugs

As of today can we do this:

1. drivers/char/tpm (C code)
2. drivers/char/tpm/protocol (imported tpm2_protocol)

?

And then build FFI from C to Rust for building commands that we need today etc.

There's one particular challenge where this could help: early boot code for D-RTM (i.e., Trenchboot) as given my crate is just a thing in stack with no deps, it could be linked also to that payload.

#linux #kernel #rust #tpm

should usage normally cause exit code 1 or 0?

right now e.g.,

❯ sudo target/debug/tpm2sh unseal
tpm2sh-unseal
Unseals a keyedhash object

USAGE:
tpm2sh unseal [OPTIONS]
OPTIONS:
--password <PASSWORD> Authorization value
-h, --help Print help information


~/work/github.com/puavo-org/tpm2sh main
❯ echo $status
1

It checks if stdin is open for the sake of pipelien and if not it shows usage.

the very last spam alert:

https://lore.kernel.org/rust-for-linux/aKfaR-h6Itc38qfl@kernel.org/T/#u

moving to on hold as tpm2_protocol is/will be mailing list based project.

tpm2sh has a new github location: https://github.com/puavo-org/tpm2sh

#linux #kernel #tpm #rust

The first independent release of the protocol: https://crates.io/crates/tpm2-protocol

Git: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git

Release notes:

tag 0.10.0
Tagger: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Date: Fri Aug 22 04:45:40 2025 +0300

Release 0.10.0

- chore: refactor into standalone crate
- refactor(tpm2_protocol): reduce defaults
- refactor(tpm2_protocol): merge TpmuSigScheme and TpmuAsymScheme
- refactor(tpm2_protocol): decouple command building
- fix(tpm2_protocol): trailing data
- refactor(tpm2_protocol): remove MAC definitions
- tests(tpm2_protocol)
- fix(tpm2-protocol): TpmuAttest error code
- tests: migrate dyn trait test to tpm2_protocol
- fix(tpm2_protocol): correct serialization logic
- refactor: InternalError -> Unreachable
- tests(tpm2_protocol): fix compilation errors
- fix(tpm2_protocol): StartAuthSession response
- refactor!(tpm2_protocol): drop tpm_response! and TpmParameters
- fix!(tpm2_protocol): DO NOT export submodules
- refactor(tpm2_protocol): adjust buffer debug output
- fix(tpm2_protocol): TpmRc::base() return code
-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQRE6pSOnaBC00OEHEIaerohdGur0gUCaKfLxAAKCRAaerohdGur
0nY/AP9/4HMLP+wY0h5tQSnbzmIajNzzBAoWIA7nA8dIkcQ8RQEAxhK/MrKKT7iQ
j2rEvvKdgWPdHtPhZWzUahuZnW6LIgA=
=RfaI
-----END PGP SIGNATURE-----

#linux #kernel #tpm #rust

@monsieuricon possible to get a ML?

https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git

See https://github.com/tpm-rs/tpm-rs/issues/196#issuecomment-3207383832

I migrated dyn trait (or Box<dyn TpmObject>) as part of tpm2_protocol test suite just to demonstrate that on-wire TPM2 protocol can be dynamically detected without any spurious dependencies ;-)

Screencast demonstrates also the time that it takes to run the full kselftest compatible test suite.

#linux #kernel #tpm #rust

My standalone and kselftest exit code compatible test program might be archaic yes but it sure executes fast as hell compared to running cargo test :-)

On first run it also fully compiles the test program togehter with crate's source code linked into it.

#linux #kernel #tpm #rust

I've finally just submitted the RFC series for USB3 support on Apple Silicon machines. RFC because the entire Type-C machinery spans multiple subsystems and has quite a few quirks which makes the entire thing rather annoying to deal with and I'm not 100% convinced about the current approach.

This also includes some initial work for DisplayPort-altmode and USB4/Thunderbolt but both will require much more work after this is upstream, so don't get your hopes up just yet.

https://lore.kernel.org/asahi/20250821-atcphy-6-17-v1-0-172beda182b8@kernel.org/

#asahilinux #linux

I'm dying here. Just had a customer come in, asking where his drink was. We never got any mobile orders for him.

"I asked ChatGPT to order it for me and it said I could pick it up."

#smdh #FuckAI

I learned a new thing in macro_rules! i.e., pattern matching:

tpm_struct! {
    #[derive(Debug, Default, PartialEq, Eq, Clone)]
    kind: Command,
    name: TpmStartAuthSessionCommand,
    cc: TpmCc::StartAuthSession,
    no_sessions: true,
    with_sessions: true,
    handles: {
        pub tpm_key: crate::data::TpmiDhObject,
        pub bind: crate::data::TpmiDhObject,
    },
    parameters: {
        pub nonce_caller: Tpm2bNonce,
        pub encrypted_salt: Tpm2b,
        pub session_type: TpmSe,
        pub symmetric: TpmtSymDefObject,
        pub auth_hash: TpmAlgId,
    }
}

tpm_struct! {
    #[derive(Debug, Default, PartialEq, Eq, Clone)]
    kind: Response,
    name: TpmStartAuthSessionResponse,
    cc: TpmCc::StartAuthSession,
    no_sessions: true,
    with_sessions: true,
    handles: {
        pub session_handle: TpmSession,
    },
    parameters: {
        pub nonce_tpm: Tpm2bNonce,
    }
}

I can do this:

rustc --crate-type lib --crate-name tpm2_protocol tpm2_protocol/src/lib.rs --edition=2021 --emit=mir

Cool. Can I compile a single file from a crate project? This would be great when doing large refactor and not get your terminal DOS'd :-)

It's pain really. ATM, I'm refactoring out a macro called "tpm_response!" (it is replaced with pre-existing "tpm_struct!" that is extended) and I need to do similar changes to few dozen files.

I'd like to:

1. Do the edit to a single file.
2. Try if that file compiles.
3. Move on to next files.

Lack of knowledge with this makes refactors in Rust living hell TBH ...

Some constrains in my project that might help (possibly):

1. no_std
2. no deps
3. no alloc

Another way to express this: what is "gcc -c" of rustc?

#rust

Can you specify calling convention for assembly (with asm, global_asm etc.)? I mean things like stdcall and cdecl in C and GCC...

I could not find anything and it'd be a huge limitation...

#rust #assembly

[video] Blastromen (a.k.a. Sami Koskivaara & Mika Rosenberg) - Live @ Hellsinki Industrial Festival, Tiivistämö, Helsinki, Finland, 8 November 2024.

https://www.youtube.com/watch?v=g10owNrqthA

#Blastromen #electro #electronic #DominanceElectricity #HellsinkiIndustrialFestival #SamiKoskivaara #MikaRosenberg #Tiivistämö #Helsinki #Finland