From: Jarkko Sakkinen <jarkko@kernel.org>
To: tpm2@lists.linux.dev, linux-integrity@vger.kernel.org,
rust-for-linux@vger.kernel.org
Subject: Re: tpm2_protocol / tpm2sh 0.9.0
Date: Wed, 20 Aug 2025 03:27:59 +0300 [thread overview]
Message-ID: <aKUWj-QCsMUnysme@kernel.org> (raw)
In-Reply-To: <aKUTF6lu5JetDJxX@kernel.org>
On Wed, Aug 20, 2025 at 03:13:11AM +0300, Jarkko Sakkinen wrote:
> I started this project originally in 2024 then I got quickly stuck.
> After one year of processing how to do it the result is no_std, zero
> dependency crate, which does not require memory allocator. It can
> empower both chips, clients, emulators and operating systems. Even tho
> most of the code was written in three weeks (11K of 12K for both
> protocol and client) the ideas have been developing for a long time.
Also tpm2_protocol byte granular precision in its understanding of the
protocol.
We don't need to validate anymore just length or trivial metrics like
that. The power of Rust here is really that we can structurally say
what "is" and what "is not".
It's not just a security property. It increases the overall stability
of the system. One particular benefit that it gives for kernel hacking
is the ability in some cases to differentiate the stimulus of a bug
between kernel, hardware and firmware.
My crate takes byte granularity seriously. E.g. day ago I noticed
that spec had enums with signed discriminants, which I hadn't paid
attention but compiler reminded me of that by complaining that
building and parsing traits were not available for 'i8' :-) (it
event has separate building and parsing traits for u8).
BR, Jarkko
prev parent reply other threads:[~2025-08-20 0:28 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-20 0:13 tpm2_protocol / tpm2sh 0.9.0 Jarkko Sakkinen
2025-08-20 0:27 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aKUWj-QCsMUnysme@kernel.org \
--to=jarkko@kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tpm2@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).