From: Jarkko Sakkinen <jarkko@kernel.org>
To: Alec Brown <alec.r.brown@oracle.com>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"peterhuewe@gmx.de" <peterhuewe@gmx.de>,
"jarkko.sakkinen@iki.fi" <jarkko.sakkinen@iki.fi>,
"jgg@ziepe.ca" <jgg@ziepe.ca>,
Ross Philipson <ross.philipson@oracle.com>,
"dpsmith@apertussolutions.com" <dpsmith@apertussolutions.com>,
Daniel Kiper <daniel.kiper@oracle.com>,
Kanth Ghatraju <kanth.ghatraju@oracle.com>,
"trenchboot-devel@googlegroups.com"
<trenchboot-devel@googlegroups.com>,
"ardb@kernel.org" <ardb@kernel.org>
Subject: Re: [PATCH 4/4] tpm: Move TPM common base definitions to the command header
Date: Wed, 8 Apr 2026 11:45:35 +0300 [thread overview]
Message-ID: <adYVrzCqmVVRUxFb@kernel.org> (raw)
In-Reply-To: <IA1PR10MB68309FDA0D5450AB2FC0B5BFBC56A@IA1PR10MB6830.namprd10.prod.outlook.com>
On Thu, Mar 26, 2026 at 07:54:36PM +0000, Alec Brown wrote:
> On Mon, Mar 23, 2026 at 1:42 AM, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > On Tue, Mar 17, 2026 at 04:03:35PM +0000, Alec Brown wrote:
> > > From: Ross Philipson <ross.philipson@oracle.com>
> > >
> > > From: Ross Philipson <ross.philipson@oracle.com>
> > >
> > > These are top level definitions shared by both TPM 1 and 2 family
> > > chips. This includes core definitions like TPM localities, common
> > > crypto algorithm IDs, and the base TPM command header.
> > >
> > > Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> > > Signed-off-by: Ross Philipson <ross.philipson@oracle.com>
> > > Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
> > > ---
> > > include/linux/tpm.h | 50 +--------------------
> > > include/linux/tpm_command.h | 89
> > > +++++++++++++++++++++++++++++++++++++
> > > 2 files changed, 90 insertions(+), 49 deletions(-)
> > >
> > > diff --git a/include/linux/tpm.h b/include/linux/tpm.h index
> > > 92957452f7a7..a282b7045a24 100644
> > > --- a/include/linux/tpm.h
> > > +++ b/include/linux/tpm.h
> > > @@ -27,49 +27,12 @@
> > >
> > > #include "tpm_command.h"
> > >
> > > -#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
> > > -
> > > -#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
> > > -#define TPM2_MAX_PCR_BANKS 8
> > > -
> > > struct tpm_chip;
> > > struct trusted_key_payload;
> > > struct trusted_key_options;
> > > /* opaque structure, holds auth session parameters like the session
> > > key */ struct tpm2_auth;
> > >
> > > -/* if you add a new hash to this, increment TPM_MAX_HASHES below */
> > > -enum tpm_algorithms {
> > > - TPM_ALG_ERROR = 0x0000,
> > > - TPM_ALG_SHA1 = 0x0004,
> > > - TPM_ALG_AES = 0x0006,
> > > - TPM_ALG_KEYEDHASH = 0x0008,
> > > - TPM_ALG_SHA256 = 0x000B,
> > > - TPM_ALG_SHA384 = 0x000C,
> > > - TPM_ALG_SHA512 = 0x000D,
> > > - TPM_ALG_NULL = 0x0010,
> > > - TPM_ALG_SM3_256 = 0x0012,
> > > - TPM_ALG_ECC = 0x0023,
> > > - TPM_ALG_CFB = 0x0043,
> > > -};
> > > -
> > > -/*
> > > - * maximum number of hashing algorithms a TPM can have. This is
> > > - * basically a count of every hash in tpm_algorithms above
> > > - */
> > > -#define TPM_MAX_HASHES 5
> > > -
> > > -struct tpm_digest {
> > > - u16 alg_id;
> > > - u8 digest[TPM2_MAX_DIGEST_SIZE];
> > > -} __packed;
> > > -
> > > -struct tpm_bank_info {
> > > - u16 alg_id;
> > > - u16 digest_size;
> > > - u16 crypto_id;
> > > -};
> > > -
> > > enum TPM_OPS_FLAGS {
> > > TPM_OPS_AUTO_STARTUP = BIT(0),
> > > };
> > > @@ -127,7 +90,7 @@ struct tpm_chip_seqops {
> > > const struct seq_operations *seqops; };
> > >
> > > -/* fixed define for the curve we use which is NIST_P256 */
> > > +/* Fixed define for the curve we use which is NIST_P256 */
> > > #define EC_PT_SZ 32
> > >
> > > /*
> > > @@ -209,8 +172,6 @@ struct tpm_chip {
> > > #endif
> > > };
> > >
> > > -#define TPM_HEADER_SIZE 10
> > > -
> > > static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) {
> > > return handle >> 24;
> > > @@ -239,15 +200,6 @@ enum tpm_chip_flags {
> > >
> > > #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev)
> > >
> > > -struct tpm_header {
> > > - __be16 tag;
> > > - __be32 length;
> > > - union {
> > > - __be32 ordinal;
> > > - __be32 return_code;
> > > - };
> > > -} __packed;
> > > -
> > > enum tpm_buf_flags {
> > > /* the capacity exceeded: */
> > > TPM_BUF_OVERFLOW = BIT(0),
> > > diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> > > index ee76fcd5ecef..25a247254140 100644
> > > --- a/include/linux/tpm_command.h
> > > +++ b/include/linux/tpm_command.h
> > > @@ -431,4 +431,93 @@ struct tpm2_context {
> > > __be16 blob_size;
> > > } __packed;
> > >
> > > +/************************************************/
> > > +/* TPM Common Defs */
> > > +/************************************************/
One nit I just noticed here: let's use kernel standard block comments.
E.g.
/*
* Common definitions for TPM.
*/
> > > +
> > > +#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
> > > +#define TPM_BUFSIZE 4096
> > > +
> > > +/*
> > > + * SHA-512 is, as of today, the largest digest in the TCG algorithm repository.
> > > + */
> > > +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
> > > +
> > > +/*
> > > + * A TPM name digest i.e., TPMT_HA, is a concatenation of TPM_ALG_ID
> > > +of the
> > > + * name algorithm and hash of TPMT_PUBLIC.
> > > + */
> > > +#define TPM2_MAX_NAME_SIZE (TPM2_MAX_DIGEST_SIZE + 2)
> > > +
> > > +/*
> > > + * Fixed define for the size of a name. This is actually HASHALG
> > > +size
> > > + * plus 2, so 32 for SHA256
> > > + */
> > > +#define TPM2_NULL_NAME_SIZE 34
> > > +
> > > +/*
> > > + * The maximum number of PCR banks.
> > > + */
> > > +#define TPM2_MAX_PCR_BANKS 8
> > > +
> > > +/* If you add a new hash to this, increment TPM_MAX_HASHES below */
> > > +enum tpm_algorithms {
> > > + TPM_ALG_ERROR = 0x0000,
> > > + TPM_ALG_SHA1 = 0x0004,
> > > + TPM_ALG_AES = 0x0006,
> > > + TPM_ALG_KEYEDHASH = 0x0008,
> > > + TPM_ALG_SHA256 = 0x000B,
> > > + TPM_ALG_SHA384 = 0x000C,
> > > + TPM_ALG_SHA512 = 0x000D,
> > > + TPM_ALG_NULL = 0x0010,
> > > + TPM_ALG_SM3_256 = 0x0012,
> > > + TPM_ALG_ECC = 0x0023,
> > > + TPM_ALG_CFB = 0x0043,
> > > +};
> > > +
> > > +/*
> > > + * The locality (0 - 4) for a TPM, as defined in section 3.2 of the
> > > + * Client Platform Profile Specification.
> > > + */
> > > +enum tpm_localities {
> > > + TPM_LOCALITY_0 = 0, /* Static RTM */
> > > + TPM_LOCALITY_1 = 1, /* Dynamic OS */
> > > + TPM_LOCALITY_2 = 2, /* DRTM Environment */
> > > + TPM_LOCALITY_3 = 3, /* Aux Components */
> > > + TPM_LOCALITY_4 = 4, /* CPU DRTM Establishment */
> > > + TPM_MAX_LOCALITY = TPM_LOCALITY_4
> > > +};
> > > +
> > > +/*
> > > + * Structure to represent active PCR algorithm banks usable by the
> > > + * TPM chip.
> > > + */
> > > +struct tpm_bank_info {
> > > + u16 alg_id;
> > > + u16 digest_size;
> > > + u16 crypto_id;
> > > +};
> > > +
> > > +/*
> > > + * Maximum number of hashing algorithms a TPM can have. This is
> > > + * basically a count of every hash in tpm_algorithms above */
> > > +#define TPM_MAX_HASHES 5
> > > +
> > > +struct tpm_digest {
> > > + u16 alg_id;
> > > + u8 digest[TPM2_MAX_DIGEST_SIZE];
> > > +} __packed;
> > > +
> > > +#define TPM_HEADER_SIZE 10
> > > +
> > > +struct tpm_header {
> > > + __be16 tag;
> > > + __be32 length;
> > > + union {
> > > + __be32 ordinal;
> > > + __be32 return_code;
> > > + };
> > > +} __packed;
> > > +
> > > #endif
> > > --
> > > 2.47.3
> > >
> >
> > Yep, all looks great and clean to me but exactly for that reason
> > this needs to the truth serum :-)
> >
> > BR, Jarkko
>
> Thanks for taking a look! Glad to hear the patches are looking good!
>
> Alec Brown
BR, Jarkko
prev parent reply other threads:[~2026-04-08 8:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 16:03 [PATCH 0/4] Reorganize TPM public headers Alec Brown
2026-03-17 16:03 ` [PATCH 1/4] tpm: Initial step to reorganize " Alec Brown
2026-03-23 5:39 ` Jarkko Sakkinen
2026-03-17 16:03 ` [PATCH 2/4] tpm: Move TPM1 specific definitions to the command header Alec Brown
2026-03-17 16:03 ` [PATCH 3/4] tpm: Move TPM2 " Alec Brown
2026-03-23 5:41 ` Jarkko Sakkinen
2026-03-17 16:03 ` [PATCH 4/4] tpm: Move TPM common base " Alec Brown
2026-03-22 2:00 ` kernel test robot
2026-03-23 5:42 ` Jarkko Sakkinen
2026-03-26 19:54 ` Alec Brown
2026-04-08 8:45 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adYVrzCqmVVRUxFb@kernel.org \
--to=jarkko@kernel.org \
--cc=alec.r.brown@oracle.com \
--cc=ardb@kernel.org \
--cc=daniel.kiper@oracle.com \
--cc=dpsmith@apertussolutions.com \
--cc=jarkko.sakkinen@iki.fi \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=ross.philipson@oracle.com \
--cc=trenchboot-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.