From: Jarkko Sakkinen <jarkko@kernel.org>
To: Alec Brown <alec.r.brown@oracle.com>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"peterhuewe@gmx.de" <peterhuewe@gmx.de>,
"jarkko.sakkinen@iki.fi" <jarkko.sakkinen@iki.fi>,
"jgg@ziepe.ca" <jgg@ziepe.ca>,
Ross Philipson <ross.philipson@oracle.com>,
"dpsmith@apertussolutions.com" <dpsmith@apertussolutions.com>,
Daniel Kiper <daniel.kiper@oracle.com>,
Kanth Ghatraju <kanth.ghatraju@oracle.com>,
"trenchboot-devel@googlegroups.com"
<trenchboot-devel@googlegroups.com>,
"ardb@kernel.org" <ardb@kernel.org>
Subject: Re: [PATCH 4/4] tpm: Move TPM common base definitions to the command header
Date: Wed, 8 Apr 2026 11:45:35 +0300 [thread overview]
Message-ID: <adYVrzCqmVVRUxFb@kernel.org> (raw)
In-Reply-To: <IA1PR10MB68309FDA0D5450AB2FC0B5BFBC56A@IA1PR10MB6830.namprd10.prod.outlook.com>
On Thu, Mar 26, 2026 at 07:54:36PM +0000, Alec Brown wrote:
> On Mon, Mar 23, 2026 at 1:42 AM, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > On Tue, Mar 17, 2026 at 04:03:35PM +0000, Alec Brown wrote:
> > > From: Ross Philipson <ross.philipson@oracle.com>
> > >
> > > From: Ross Philipson <ross.philipson@oracle.com>
> > >
> > > These are top level definitions shared by both TPM 1 and 2 family
> > > chips. This includes core definitions like TPM localities, common
> > > crypto algorithm IDs, and the base TPM command header.
> > >
> > > Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> > > Signed-off-by: Ross Philipson <ross.philipson@oracle.com>
> > > Signed-off-by: Alec Brown <alec.r.brown@oracle.com>
> > > ---
> > > include/linux/tpm.h | 50 +--------------------
> > > include/linux/tpm_command.h | 89
> > > +++++++++++++++++++++++++++++++++++++
> > > 2 files changed, 90 insertions(+), 49 deletions(-)
> > >
> > > diff --git a/include/linux/tpm.h b/include/linux/tpm.h index
> > > 92957452f7a7..a282b7045a24 100644
> > > --- a/include/linux/tpm.h
> > > +++ b/include/linux/tpm.h
> > > @@ -27,49 +27,12 @@
> > >
> > > #include "tpm_command.h"
> > >
> > > -#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
> > > -
> > > -#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
> > > -#define TPM2_MAX_PCR_BANKS 8
> > > -
> > > struct tpm_chip;
> > > struct trusted_key_payload;
> > > struct trusted_key_options;
> > > /* opaque structure, holds auth session parameters like the session
> > > key */ struct tpm2_auth;
> > >
> > > -/* if you add a new hash to this, increment TPM_MAX_HASHES below */
> > > -enum tpm_algorithms {
> > > - TPM_ALG_ERROR = 0x0000,
> > > - TPM_ALG_SHA1 = 0x0004,
> > > - TPM_ALG_AES = 0x0006,
> > > - TPM_ALG_KEYEDHASH = 0x0008,
> > > - TPM_ALG_SHA256 = 0x000B,
> > > - TPM_ALG_SHA384 = 0x000C,
> > > - TPM_ALG_SHA512 = 0x000D,
> > > - TPM_ALG_NULL = 0x0010,
> > > - TPM_ALG_SM3_256 = 0x0012,
> > > - TPM_ALG_ECC = 0x0023,
> > > - TPM_ALG_CFB = 0x0043,
> > > -};
> > > -
> > > -/*
> > > - * maximum number of hashing algorithms a TPM can have. This is
> > > - * basically a count of every hash in tpm_algorithms above
> > > - */
> > > -#define TPM_MAX_HASHES 5
> > > -
> > > -struct tpm_digest {
> > > - u16 alg_id;
> > > - u8 digest[TPM2_MAX_DIGEST_SIZE];
> > > -} __packed;
> > > -
> > > -struct tpm_bank_info {
> > > - u16 alg_id;
> > > - u16 digest_size;
> > > - u16 crypto_id;
> > > -};
> > > -
> > > enum TPM_OPS_FLAGS {
> > > TPM_OPS_AUTO_STARTUP = BIT(0),
> > > };
> > > @@ -127,7 +90,7 @@ struct tpm_chip_seqops {
> > > const struct seq_operations *seqops; };
> > >
> > > -/* fixed define for the curve we use which is NIST_P256 */
> > > +/* Fixed define for the curve we use which is NIST_P256 */
> > > #define EC_PT_SZ 32
> > >
> > > /*
> > > @@ -209,8 +172,6 @@ struct tpm_chip {
> > > #endif
> > > };
> > >
> > > -#define TPM_HEADER_SIZE 10
> > > -
> > > static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) {
> > > return handle >> 24;
> > > @@ -239,15 +200,6 @@ enum tpm_chip_flags {
> > >
> > > #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev)
> > >
> > > -struct tpm_header {
> > > - __be16 tag;
> > > - __be32 length;
> > > - union {
> > > - __be32 ordinal;
> > > - __be32 return_code;
> > > - };
> > > -} __packed;
> > > -
> > > enum tpm_buf_flags {
> > > /* the capacity exceeded: */
> > > TPM_BUF_OVERFLOW = BIT(0),
> > > diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> > > index ee76fcd5ecef..25a247254140 100644
> > > --- a/include/linux/tpm_command.h
> > > +++ b/include/linux/tpm_command.h
> > > @@ -431,4 +431,93 @@ struct tpm2_context {
> > > __be16 blob_size;
> > > } __packed;
> > >
> > > +/************************************************/
> > > +/* TPM Common Defs */
> > > +/************************************************/
One nit I just noticed here: let's use kernel standard block comments.
E.g.
/*
* Common definitions for TPM.
*/
> > > +
> > > +#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */
> > > +#define TPM_BUFSIZE 4096
> > > +
> > > +/*
> > > + * SHA-512 is, as of today, the largest digest in the TCG algorithm repository.
> > > + */
> > > +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
> > > +
> > > +/*
> > > + * A TPM name digest i.e., TPMT_HA, is a concatenation of TPM_ALG_ID
> > > +of the
> > > + * name algorithm and hash of TPMT_PUBLIC.
> > > + */
> > > +#define TPM2_MAX_NAME_SIZE (TPM2_MAX_DIGEST_SIZE + 2)
> > > +
> > > +/*
> > > + * Fixed define for the size of a name. This is actually HASHALG
> > > +size
> > > + * plus 2, so 32 for SHA256
> > > + */
> > > +#define TPM2_NULL_NAME_SIZE 34
> > > +
> > > +/*
> > > + * The maximum number of PCR banks.
> > > + */
> > > +#define TPM2_MAX_PCR_BANKS 8
> > > +
> > > +/* If you add a new hash to this, increment TPM_MAX_HASHES below */
> > > +enum tpm_algorithms {
> > > + TPM_ALG_ERROR = 0x0000,
> > > + TPM_ALG_SHA1 = 0x0004,
> > > + TPM_ALG_AES = 0x0006,
> > > + TPM_ALG_KEYEDHASH = 0x0008,
> > > + TPM_ALG_SHA256 = 0x000B,
> > > + TPM_ALG_SHA384 = 0x000C,
> > > + TPM_ALG_SHA512 = 0x000D,
> > > + TPM_ALG_NULL = 0x0010,
> > > + TPM_ALG_SM3_256 = 0x0012,
> > > + TPM_ALG_ECC = 0x0023,
> > > + TPM_ALG_CFB = 0x0043,
> > > +};
> > > +
> > > +/*
> > > + * The locality (0 - 4) for a TPM, as defined in section 3.2 of the
> > > + * Client Platform Profile Specification.
> > > + */
> > > +enum tpm_localities {
> > > + TPM_LOCALITY_0 = 0, /* Static RTM */
> > > + TPM_LOCALITY_1 = 1, /* Dynamic OS */
> > > + TPM_LOCALITY_2 = 2, /* DRTM Environment */
> > > + TPM_LOCALITY_3 = 3, /* Aux Components */
> > > + TPM_LOCALITY_4 = 4, /* CPU DRTM Establishment */
> > > + TPM_MAX_LOCALITY = TPM_LOCALITY_4
> > > +};
> > > +
> > > +/*
> > > + * Structure to represent active PCR algorithm banks usable by the
> > > + * TPM chip.
> > > + */
> > > +struct tpm_bank_info {
> > > + u16 alg_id;
> > > + u16 digest_size;
> > > + u16 crypto_id;
> > > +};
> > > +
> > > +/*
> > > + * Maximum number of hashing algorithms a TPM can have. This is
> > > + * basically a count of every hash in tpm_algorithms above */
> > > +#define TPM_MAX_HASHES 5
> > > +
> > > +struct tpm_digest {
> > > + u16 alg_id;
> > > + u8 digest[TPM2_MAX_DIGEST_SIZE];
> > > +} __packed;
> > > +
> > > +#define TPM_HEADER_SIZE 10
> > > +
> > > +struct tpm_header {
> > > + __be16 tag;
> > > + __be32 length;
> > > + union {
> > > + __be32 ordinal;
> > > + __be32 return_code;
> > > + };
> > > +} __packed;
> > > +
> > > #endif
> > > --
> > > 2.47.3
> > >
> >
> > Yep, all looks great and clean to me but exactly for that reason
> > this needs to the truth serum :-)
> >
> > BR, Jarkko
>
> Thanks for taking a look! Glad to hear the patches are looking good!
>
> Alec Brown
BR, Jarkko
prev parent reply other threads:[~2026-04-08 8:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 16:03 [PATCH 0/4] Reorganize TPM public headers Alec Brown
2026-03-17 16:03 ` [PATCH 1/4] tpm: Initial step to reorganize " Alec Brown
2026-03-23 5:39 ` Jarkko Sakkinen
2026-03-17 16:03 ` [PATCH 2/4] tpm: Move TPM1 specific definitions to the command header Alec Brown
2026-03-17 16:03 ` [PATCH 3/4] tpm: Move TPM2 " Alec Brown
2026-03-23 5:41 ` Jarkko Sakkinen
2026-03-17 16:03 ` [PATCH 4/4] tpm: Move TPM common base " Alec Brown
2026-03-22 2:00 ` kernel test robot
2026-03-23 5:42 ` Jarkko Sakkinen
2026-03-26 19:54 ` Alec Brown
2026-04-08 8:45 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adYVrzCqmVVRUxFb@kernel.org \
--to=jarkko@kernel.org \
--cc=alec.r.brown@oracle.com \
--cc=ardb@kernel.org \
--cc=daniel.kiper@oracle.com \
--cc=dpsmith@apertussolutions.com \
--cc=jarkko.sakkinen@iki.fi \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=ross.philipson@oracle.com \
--cc=trenchboot-devel@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox