From: Jarkko Sakkinen <jarkko@kernel.org>
To: Ross Philipson <ross.philipson@oracle.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-integrity@vger.kernel.org, linux-doc@vger.kernel.org,
linux-crypto@vger.kernel.org, kexec@lists.infradead.org,
linux-efi@vger.kernel.org, iommu@lists.linux.dev,
dpsmith@apertussolutions.com, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, hpa@zytor.com,
dave.hansen@linux.intel.com, ardb@kernel.org,
mjg59@srcf.ucam.org, James.Bottomley@hansenpartnership.com,
peterhuewe@gmx.de, jgg@ziepe.ca, luto@amacapital.net,
nivedita@alum.mit.edu, herbert@gondor.apana.org.au,
davem@davemloft.net, corbet@lwn.net, ebiederm@xmission.com,
dwmw2@infradead.org, baolu.lu@linux.intel.com,
kanth.ghatraju@oracle.com, andrew.cooper3@citrix.com,
trenchboot-devel@googlegroups.com
Subject: Re: [PATCH v15 01/28] tpm: Initial step to reorganize TPM public headers
Date: Tue, 20 Jan 2026 01:52:57 +0200 [thread overview]
Message-ID: <aW7D2ZQZmoXF0L2p@kernel.org> (raw)
In-Reply-To: <aW7A-4xJSzln1HtH@kernel.org>
On Tue, Jan 20, 2026 at 01:40:49AM +0200, Jarkko Sakkinen wrote:
> On Mon, Dec 15, 2025 at 03:32:49PM -0800, Ross Philipson wrote:
> > Replace the existing public header tpm_command.h with the first two
> > new public headers tpm1.h and tpm_common.h. In addition, related
> > definitions in tpm1_cmd.c were moved to the new tpm1.h.
> >
> > Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> > Signed-off-by: Ross Philipson <ross.philipson@oracle.com>
> > ---
> > drivers/char/tpm/tpm-buf.c | 3 +-
> > drivers/char/tpm/tpm1-cmd.c | 13 +-----
> > include/keys/trusted_tpm.h | 1 -
> > include/linux/tpm.h | 3 ++
> > include/linux/tpm1.h | 55 +++++++++++++++++++++++
> > include/linux/tpm_command.h | 30 -------------
>
> Removing tpm_command.h causes unnecessary noise.
>
> It would be better to retain tpm_command.h, and simply supplement
> it with TPM2 constants.
>
> Also, what is the reason to not have both TPM1 and TPM2 in tpm.h?
>
> To put the question in other words: is there something in tpm.h that
> would be incompatible with early boot code?
>
> I'd rather tweak that than have more files...
>
> > include/linux/tpm_common.h | 22 +++++++++
> > security/keys/trusted-keys/trusted_tpm1.c | 1 -
> > security/keys/trusted-keys/trusted_tpm2.c | 1 -
> > 9 files changed, 82 insertions(+), 47 deletions(-)
> > create mode 100644 include/linux/tpm1.h
> > delete mode 100644 include/linux/tpm_command.h
> > create mode 100644 include/linux/tpm_common.h
> >
> > diff --git a/drivers/char/tpm/tpm-buf.c b/drivers/char/tpm/tpm-buf.c
> > index 1cb649938c01..dae23e6de269 100644
> > --- a/drivers/char/tpm/tpm-buf.c
> > +++ b/drivers/char/tpm/tpm-buf.c
> > @@ -3,7 +3,6 @@
> > * Handling of TPM command and other buffers.
> > */
> >
> > -#include <linux/tpm_command.h>
> > #include <linux/module.h>
> > #include <linux/tpm.h>
> >
> > @@ -296,7 +295,7 @@ void tpm1_buf_append_extend(struct tpm_buf *buf, u32 pcr_idx, const u8 *hash)
> > if (buf->flags & TPM_BUF_INVALID)
> > return;
> >
> > - if (!tpm1_buf_is_command(buf, TPM_ORD_EXTEND)) {
> > + if (!tpm1_buf_is_command(buf, TPM_ORD_PCR_EXTEND)) {
> > WARN(1, "tpm_buf: invalid TPM_Extend command\n");
> > buf->flags |= TPM_BUF_INVALID;
> > return;
> > diff --git a/drivers/char/tpm/tpm1-cmd.c b/drivers/char/tpm/tpm1-cmd.c
> > index bc156d7d59f2..f29827b454d2 100644
> > --- a/drivers/char/tpm/tpm1-cmd.c
> > +++ b/drivers/char/tpm/tpm1-cmd.c
> > @@ -18,12 +18,9 @@
> > #include <linux/mutex.h>
> > #include <linux/spinlock.h>
> > #include <linux/freezer.h>
> > -#include <linux/tpm_command.h>
> > #include <linux/tpm_eventlog.h>
> > #include "tpm.h"
> >
> > -#define TPM_MAX_ORDINAL 243
> > -
> > /*
> > * Array with one entry per ordinal defining the maximum amount
> > * of time the chip could take to return the result. The ordinal
> > @@ -308,9 +305,6 @@ unsigned long tpm1_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
> > return duration;
> > }
> >
> > -#define TPM_ORD_STARTUP 153
> > -#define TPM_ST_CLEAR 1
> > -
> > /**
> > * tpm1_startup() - turn on the TPM
> > * @chip: TPM chip to use
> > @@ -478,7 +472,6 @@ int tpm1_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, const u8 *hash,
> > return rc;
> > }
> >
> > -#define TPM_ORD_GET_CAP 101
> > ssize_t tpm1_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> > const char *desc, size_t min_cap_length)
> > {
> > @@ -574,7 +567,6 @@ int tpm1_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
> > return rc;
> > }
> >
> > -#define TPM_ORD_PCRREAD 21
> > int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > {
> > int rc;
> > @@ -584,7 +576,7 @@ int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > return -ENOMEM;
> >
> > tpm_buf_init(buf, TPM_BUFSIZE);
> > - tpm_buf_reset(buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCRREAD);
> > + tpm_buf_reset(buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_READ);
> > tpm_buf_append_u32(buf, pcr_idx);
> >
> > rc = tpm_transmit_cmd(chip, buf, TPM_DIGEST_SIZE,
> > @@ -599,7 +591,6 @@ int tpm1_pcr_read(struct tpm_chip *chip, u32 pcr_idx, u8 *res_buf)
> > return rc;
> > }
> >
> > -#define TPM_ORD_CONTINUE_SELFTEST 83
> > /**
> > * tpm1_continue_selftest() - run TPM's selftest
> > * @chip: TPM chip to use
> > @@ -716,8 +707,6 @@ int tpm1_auto_startup(struct tpm_chip *chip)
> > return rc;
> > }
> >
> > -#define TPM_ORD_SAVESTATE 152
> > -
> > /**
> > * tpm1_pm_suspend() - pm suspend handler
> > * @chip: TPM chip to use.
> > diff --git a/include/keys/trusted_tpm.h b/include/keys/trusted_tpm.h
> > index 0fadc6a4f166..3a0fa3bc8454 100644
> > --- a/include/keys/trusted_tpm.h
> > +++ b/include/keys/trusted_tpm.h
> > @@ -3,7 +3,6 @@
> > #define __TRUSTED_TPM_H
> >
> > #include <keys/trusted-type.h>
> > -#include <linux/tpm_command.h>
> >
> > extern struct trusted_key_ops trusted_key_tpm_ops;
> >
> > diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> > index 8da49e8769d5..ef81e0b59657 100644
> > --- a/include/linux/tpm.h
> > +++ b/include/linux/tpm.h
> > @@ -25,6 +25,9 @@
> > #include <crypto/hash_info.h>
> > #include <crypto/aes.h>
> >
> > +#include "tpm_common.h"
> > +#include "tpm1.h"
> > +
> > #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
> > #define TPM_HEADER_SIZE 10
> > #define TPM_BUFSIZE 4096
> > diff --git a/include/linux/tpm1.h b/include/linux/tpm1.h
> > new file mode 100644
> > index 000000000000..54c6c211eb9e
> > --- /dev/null
> > +++ b/include/linux/tpm1.h
> > @@ -0,0 +1,55 @@
> > +/* SPDX-License-Identifier: GPL-2.0-only */
> > +/*
> > + * Copyright (C) 2004,2007,2008 IBM Corporation
> > + *
> > + * Authors:
> > + * Leendert van Doorn <leendert@watson.ibm.com>
> > + * Dave Safford <safford@watson.ibm.com>
> > + * Reiner Sailer <sailer@watson.ibm.com>
> > + * Kylene Hall <kjhall@us.ibm.com>
> > + * Debora Velarde <dvelarde@us.ibm.com>
> > + *
> > + * Maintained by: <tpmdd_devel@lists.sourceforge.net>
> > + *
> > + * Device driver for TCG/TCPA TPM (trusted platform module).
> > + * Specifications at www.trustedcomputinggroup.org
> > + */
> > +#ifndef __LINUX_TPM1_H__
> > +#define __LINUX_TPM1_H__
> > +
> > +/*
> > + * TPM 1.2 Main Specification
> > + * https://trustedcomputinggroup.org/resource/tpm-main-specification/
> > + */
> > +
> > +/* Command TAGS */
> > +enum tpm_command_tags {
> > + TPM_TAG_RQU_COMMAND = 193,
> > + TPM_TAG_RQU_AUTH1_COMMAND = 194,
> > + TPM_TAG_RQU_AUTH2_COMMAND = 195,
> > + TPM_TAG_RSP_COMMAND = 196,
> > + TPM_TAG_RSP_AUTH1_COMMAND = 197,
> > + TPM_TAG_RSP_AUTH2_COMMAND = 198,
> > +};
> > +
> > +/* Command Ordinals */
> > +enum tpm_command_ordinals {
> > + TPM_ORD_CONTINUE_SELFTEST = 83,
> > + TPM_ORD_GET_CAP = 101,
> > + TPM_ORD_GET_RANDOM = 70,
> > + TPM_ORD_PCR_EXTEND = 20,
> > + TPM_ORD_PCR_READ = 21,
> > + TPM_ORD_OSAP = 11,
> > + TPM_ORD_OIAP = 10,
> > + TPM_ORD_SAVESTATE = 152,
> > + TPM_ORD_SEAL = 23,
> > + TPM_ORD_STARTUP = 153,
> > + TPM_ORD_UNSEAL = 24,
> > +};
> > +
> > +/* Other constants */
> > +#define SRKHANDLE 0x40000000
> > +#define TPM_NONCE_SIZE 20
> > +#define TPM_ST_CLEAR 1
> > +
> > +#endif
> > diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> > deleted file mode 100644
> > index 02038972a05f..000000000000
> > --- a/include/linux/tpm_command.h
> > +++ /dev/null
> > @@ -1,30 +0,0 @@
> > -/* SPDX-License-Identifier: GPL-2.0 */
> > -#ifndef __LINUX_TPM_COMMAND_H__
> > -#define __LINUX_TPM_COMMAND_H__
> > -
> > -/*
> > - * TPM Command constants from specifications at
> > - * http://www.trustedcomputinggroup.org
> > - */
> > -
> > -/* Command TAGS */
> > -#define TPM_TAG_RQU_COMMAND 193
> > -#define TPM_TAG_RQU_AUTH1_COMMAND 194
> > -#define TPM_TAG_RQU_AUTH2_COMMAND 195
> > -#define TPM_TAG_RSP_COMMAND 196
> > -#define TPM_TAG_RSP_AUTH1_COMMAND 197
> > -#define TPM_TAG_RSP_AUTH2_COMMAND 198
> > -
> > -/* Command Ordinals */
> > -#define TPM_ORD_OIAP 10
> > -#define TPM_ORD_OSAP 11
> > -#define TPM_ORD_EXTEND 20
> > -#define TPM_ORD_SEAL 23
> > -#define TPM_ORD_UNSEAL 24
> > -#define TPM_ORD_GET_RANDOM 70
> > -
> > -/* Other constants */
> > -#define SRKHANDLE 0x40000000
> > -#define TPM_NONCE_SIZE 20
> > -
> > -#endif
> > diff --git a/include/linux/tpm_common.h b/include/linux/tpm_common.h
> > new file mode 100644
> > index 000000000000..b8be669913dd
> > --- /dev/null
> > +++ b/include/linux/tpm_common.h
> > @@ -0,0 +1,22 @@
> > +/* SPDX-License-Identifier: GPL-2.0-only */
> > +/*
> > + * Copyright (C) 2004,2007,2008 IBM Corporation
> > + *
> > + * Authors:
> > + * Leendert van Doorn <leendert@watson.ibm.com>
> > + * Dave Safford <safford@watson.ibm.com>
> > + * Reiner Sailer <sailer@watson.ibm.com>
> > + * Kylene Hall <kjhall@us.ibm.com>
> > + * Debora Velarde <dvelarde@us.ibm.com>
> > + *
> > + * Maintained by: <tpmdd_devel@lists.sourceforge.net>
> > + *
> > + * Device driver for TCG/TCPA TPM (trusted platform module).
> > + * Specifications at www.trustedcomputinggroup.org
> > + */
> > +#ifndef __LINUX_TPM_COMMON_H__
> > +#define __LINUX_TPM_COMMON_H__
> > +
> > +#define TPM_MAX_ORDINAL 243
> > +
> > +#endif
By retaining tpm_command.h, this file neither won't be necessary.
> > diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c
> > index 6e6a9fb48e63..3717a06a5212 100644
> > --- a/security/keys/trusted-keys/trusted_tpm1.c
> > +++ b/security/keys/trusted-keys/trusted_tpm1.c
> > @@ -17,7 +17,6 @@
> > #include <keys/trusted-type.h>
> > #include <linux/key-type.h>
> > #include <linux/tpm.h>
> > -#include <linux/tpm_command.h>
> >
> > #include <keys/trusted_tpm.h>
> >
> > diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
> > index 0a99bd051a25..e6000c71eeb6 100644
> > --- a/security/keys/trusted-keys/trusted_tpm2.c
> > +++ b/security/keys/trusted-keys/trusted_tpm2.c
> > @@ -9,7 +9,6 @@
> > #include <linux/string.h>
> > #include <linux/err.h>
> > #include <linux/tpm.h>
> > -#include <linux/tpm_command.h>
> >
> > #include <keys/trusted-type.h>
> > #include <keys/trusted_tpm.h>
> > --
> > 2.43.7
> >
BR, Jarkko
next prev parent reply other threads:[~2026-01-19 23:53 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-15 23:32 [PATCH v15 00/28] x86: Secure Launch support for Intel TXT Ross Philipson
2025-12-15 23:32 ` [PATCH v15 01/28] tpm: Initial step to reorganize TPM public headers Ross Philipson
2026-01-19 23:40 ` Jarkko Sakkinen
2026-01-19 23:52 ` Jarkko Sakkinen [this message]
2026-02-01 16:21 ` Daniel P. Smith
2026-02-01 16:20 ` Daniel P. Smith
2026-02-01 22:46 ` Jarkko Sakkinen
2025-12-15 23:32 ` [PATCH v15 02/28] tpm: Move TPM1 specific definitions and functions to new headers Ross Philipson
2026-01-19 23:57 ` Jarkko Sakkinen
2026-02-01 16:23 ` Daniel P. Smith
2026-02-04 17:44 ` ross.philipson
2026-02-08 13:39 ` Jarkko Sakkinen
2025-12-15 23:32 ` [PATCH v15 03/28] tpm: Move TPM2 " Ross Philipson
2025-12-15 23:32 ` [PATCH v15 04/28] tpm: Move TPM common base definitions to new public common header Ross Philipson
2025-12-15 23:32 ` [PATCH v15 05/28] tpm: Move platform specific definitions to the new PTP header Ross Philipson
2025-12-15 23:32 ` [PATCH v15 06/28] tpm: Add TPM buffer support header for standalone reuse Ross Philipson
2025-12-15 23:32 ` [PATCH v15 07/28] tpm: Remove main TPM header from TPM event log header Ross Philipson
2025-12-15 23:32 ` [PATCH v15 08/28] tpm/tpm_tis: Close all localities Ross Philipson
2026-03-29 22:57 ` Josh Snyder
2025-12-15 23:32 ` [PATCH v15 09/28] tpm/tpm_tis: Address positive localities in tpm_tis_request_locality() Ross Philipson
2025-12-15 23:32 ` [PATCH v15 10/28] tpm/tpm_tis: Allow locality to be set to a different value Ross Philipson
2025-12-15 23:32 ` [PATCH v15 11/28] tpm/sysfs: Show locality used by kernel Ross Philipson
2025-12-15 23:33 ` [PATCH v15 12/28] Documentation/x86: Secure Launch kernel documentation Ross Philipson
2025-12-15 23:33 ` [PATCH v15 13/28] x86: Secure Launch Kconfig Ross Philipson
2025-12-16 3:20 ` Randy Dunlap
2025-12-17 18:11 ` ross.philipson
2025-12-15 23:33 ` [PATCH v15 14/28] x86: Secure Launch Resource Table header file Ross Philipson
2025-12-15 23:33 ` [PATCH v15 15/28] x86: Secure Launch main " Ross Philipson
2025-12-15 23:33 ` [PATCH v15 16/28] x86/txt: Intel Trusted eXecution Technology (TXT) definitions Ross Philipson
2025-12-16 22:14 ` Dave Hansen
2025-12-17 18:44 ` ross.philipson
2025-12-18 16:34 ` Dave Hansen
2025-12-18 18:17 ` ross.philipson
2025-12-15 23:33 ` [PATCH v15 17/28] x86: Add early SHA-1 support for Secure Launch early measurements Ross Philipson
2025-12-16 0:21 ` Eric Biggers
2025-12-17 18:10 ` ross.philipson
2025-12-15 23:33 ` [PATCH v15 18/28] x86: Add early SHA-256 " Ross Philipson
2025-12-15 23:33 ` [PATCH v15 19/28] x86/tpm: Early TPM PCR extending driver Ross Philipson
2025-12-16 21:53 ` Dave Hansen
2025-12-17 18:40 ` ross.philipson
2025-12-17 19:06 ` Dave Hansen
2025-12-19 21:26 ` Daniel P. Smith
2026-01-03 20:44 ` Dave Hansen
2026-01-08 16:21 ` Daniel P. Smith
2026-01-20 0:10 ` Jarkko Sakkinen
2025-12-15 23:33 ` [PATCH v15 20/28] x86/msr: Add variable MTRR base/mask and x2apic ID registers Ross Philipson
2025-12-15 23:33 ` [PATCH v15 21/28] x86/boot: Place TXT MLE header in the kernel_info section Ross Philipson
2025-12-15 23:33 ` [PATCH v15 22/28] x86: Secure Launch kernel early boot stub Ross Philipson
2025-12-16 22:32 ` Dave Hansen
2025-12-17 18:47 ` ross.philipson
2025-12-15 23:33 ` [PATCH v15 23/28] x86: Secure Launch kernel late " Ross Philipson
2025-12-15 23:33 ` [PATCH v15 24/28] x86: Secure Launch SMP bringup support Ross Philipson
2025-12-15 23:33 ` [PATCH v15 25/28] kexec: Secure Launch kexec SEXIT support Ross Philipson
2025-12-15 23:33 ` [PATCH v15 26/28] x86/reboot: Secure Launch SEXIT support on reboot paths Ross Philipson
2025-12-15 23:33 ` [PATCH v15 27/28] x86: Secure Launch late initcall platform module Ross Philipson
2025-12-15 23:33 ` [PATCH v15 28/28] x86/efi: EFI stub DRTM launch support for Secure Launch Ross Philipson
2025-12-16 3:46 ` [PATCH v15 00/28] x86: Secure Launch support for Intel TXT Jarkko Sakkinen
2025-12-17 18:15 ` ross.philipson
2025-12-16 22:14 ` Dave Hansen
2026-01-08 16:36 ` Daniel P. Smith
2026-01-08 16:41 ` Dave Hansen
2026-01-08 16:46 ` Daniel P. Smith
2026-02-09 14:04 ` Ard Biesheuvel
2026-02-12 19:49 ` Daniel P. Smith
2026-02-12 19:54 ` Dave Hansen
2026-02-12 20:39 ` Ard Biesheuvel
2026-02-18 17:30 ` Ard Biesheuvel
2026-02-18 18:02 ` ross.philipson
2026-02-26 18:31 ` ross.philipson
2026-02-26 22:33 ` Ard Biesheuvel
2026-02-18 20:03 ` Andy Lutomirski
2026-02-18 20:29 ` H. Peter Anvin
2026-02-18 20:34 ` Andy Lutomirski
2026-02-18 21:04 ` Simo Sorce
2026-02-18 21:54 ` Andy Lutomirski
2026-02-19 7:54 ` Ard Biesheuvel
2026-02-19 17:10 ` H. Peter Anvin
2026-02-19 17:34 ` Andy Lutomirski
2026-02-20 8:30 ` Ard Biesheuvel
2026-02-23 21:37 ` Daniel P. Smith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aW7D2ZQZmoXF0L2p@kernel.org \
--to=jarkko@kernel.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=andrew.cooper3@citrix.com \
--cc=ardb@kernel.org \
--cc=baolu.lu@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dpsmith@apertussolutions.com \
--cc=dwmw2@infradead.org \
--cc=ebiederm@xmission.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=mjg59@srcf.ucam.org \
--cc=nivedita@alum.mit.edu \
--cc=peterhuewe@gmx.de \
--cc=ross.philipson@oracle.com \
--cc=tglx@linutronix.de \
--cc=trenchboot-devel@googlegroups.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.