From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AF7E73AC0FE; Wed, 8 Apr 2026 08:45:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775637940; cv=none; b=dO44y9TXBZM5BeeRmra+D92npyXcMzAzVN49+SdyuV3Ub4i7Iscb+SQ0KBIhjKtJ5AauNk0FA9/rQPAD514oDeuEDSHTABU1ltLK8iZfOyi5H2LK6aTzzYwJxI2yrqHBPbYqfIFXPXGF8yBznHPoVQcY7Fp9qPS7EZIi1L9qjj8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775637940; c=relaxed/simple; bh=Di02Q8yecbqVyaGkl+vas50Umn2i2DlEdnDDo75n6l4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=oZL/XqDdbuPrhKTkRSkhYpu1fnZ9m389Rztiv2aGv1h07gXNSxXxuXRDT9toQ7DkRhRn0J0B2zdi53Zm1ZxqcQpWP1KqpqdbSKEU4y43pIaXCTh768WwwlhGvt5IPE7C0qJ6LI1Kj32EVewaDIMsFZNAV+mgqc5AXzDsaPGm8RA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=tBq+goUZ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="tBq+goUZ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id AE355C19424; Wed, 8 Apr 2026 08:45:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775637939; bh=Di02Q8yecbqVyaGkl+vas50Umn2i2DlEdnDDo75n6l4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=tBq+goUZ+a0yMJO9PYaIRo7GG5e2F0JvI3AjVbMlce1Pf2PuBhsV4e1VElxnn6AJS FFWbsNphDPm9Juzd6t2NhkvM192TpETr8USRF8TN9zGQO00CCgInDLwDhRMk/j9akq +De2Lj+lIFaJwvz9HD3yEY8FSJPnUztyFtGS3xjR7nT7JSMNPU1wMoEKQe2+eeDkvA rYCvggX0kgWcI536IDhycWl1n0g6fPhHQh4+XJaIlw+vDYN2oXx7r/D8dRF1m4if9q DVrE9jog2y7KOBKyjNe2269pnooGbAvktdUZmzLqoKBq7zZACGLJYYOj/2e06Ub6UF po/VPVwN8oj0Q== Date: Wed, 8 Apr 2026 11:45:35 +0300 From: Jarkko Sakkinen To: Alec Brown Cc: "linux-kernel@vger.kernel.org" , "linux-integrity@vger.kernel.org" , "peterhuewe@gmx.de" , "jarkko.sakkinen@iki.fi" , "jgg@ziepe.ca" , Ross Philipson , "dpsmith@apertussolutions.com" , Daniel Kiper , Kanth Ghatraju , "trenchboot-devel@googlegroups.com" , "ardb@kernel.org" Subject: Re: [PATCH 4/4] tpm: Move TPM common base definitions to the command header Message-ID: References: <20260317160613.2899129-1-alec.r.brown@oracle.com> <20260317160613.2899129-5-alec.r.brown@oracle.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Thu, Mar 26, 2026 at 07:54:36PM +0000, Alec Brown wrote: > On Mon, Mar 23, 2026 at 1:42 AM, Jarkko Sakkinen wrote: > > On Tue, Mar 17, 2026 at 04:03:35PM +0000, Alec Brown wrote: > > > From: Ross Philipson > > > > > > From: Ross Philipson > > > > > > These are top level definitions shared by both TPM 1 and 2 family > > > chips. This includes core definitions like TPM localities, common > > > crypto algorithm IDs, and the base TPM command header. > > > > > > Signed-off-by: Daniel P. Smith > > > Signed-off-by: Ross Philipson > > > Signed-off-by: Alec Brown > > > --- > > > include/linux/tpm.h | 50 +-------------------- > > > include/linux/tpm_command.h | 89 > > > +++++++++++++++++++++++++++++++++++++ > > > 2 files changed, 90 insertions(+), 49 deletions(-) > > > > > > diff --git a/include/linux/tpm.h b/include/linux/tpm.h index > > > 92957452f7a7..a282b7045a24 100644 > > > --- a/include/linux/tpm.h > > > +++ b/include/linux/tpm.h > > > @@ -27,49 +27,12 @@ > > > > > > #include "tpm_command.h" > > > > > > -#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ > > > - > > > -#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE > > > -#define TPM2_MAX_PCR_BANKS 8 > > > - > > > struct tpm_chip; > > > struct trusted_key_payload; > > > struct trusted_key_options; > > > /* opaque structure, holds auth session parameters like the session > > > key */ struct tpm2_auth; > > > > > > -/* if you add a new hash to this, increment TPM_MAX_HASHES below */ > > > -enum tpm_algorithms { > > > - TPM_ALG_ERROR = 0x0000, > > > - TPM_ALG_SHA1 = 0x0004, > > > - TPM_ALG_AES = 0x0006, > > > - TPM_ALG_KEYEDHASH = 0x0008, > > > - TPM_ALG_SHA256 = 0x000B, > > > - TPM_ALG_SHA384 = 0x000C, > > > - TPM_ALG_SHA512 = 0x000D, > > > - TPM_ALG_NULL = 0x0010, > > > - TPM_ALG_SM3_256 = 0x0012, > > > - TPM_ALG_ECC = 0x0023, > > > - TPM_ALG_CFB = 0x0043, > > > -}; > > > - > > > -/* > > > - * maximum number of hashing algorithms a TPM can have. This is > > > - * basically a count of every hash in tpm_algorithms above > > > - */ > > > -#define TPM_MAX_HASHES 5 > > > - > > > -struct tpm_digest { > > > - u16 alg_id; > > > - u8 digest[TPM2_MAX_DIGEST_SIZE]; > > > -} __packed; > > > - > > > -struct tpm_bank_info { > > > - u16 alg_id; > > > - u16 digest_size; > > > - u16 crypto_id; > > > -}; > > > - > > > enum TPM_OPS_FLAGS { > > > TPM_OPS_AUTO_STARTUP = BIT(0), > > > }; > > > @@ -127,7 +90,7 @@ struct tpm_chip_seqops { > > > const struct seq_operations *seqops; }; > > > > > > -/* fixed define for the curve we use which is NIST_P256 */ > > > +/* Fixed define for the curve we use which is NIST_P256 */ > > > #define EC_PT_SZ 32 > > > > > > /* > > > @@ -209,8 +172,6 @@ struct tpm_chip { > > > #endif > > > }; > > > > > > -#define TPM_HEADER_SIZE 10 > > > - > > > static inline enum tpm2_mso_type tpm2_handle_mso(u32 handle) { > > > return handle >> 24; > > > @@ -239,15 +200,6 @@ enum tpm_chip_flags { > > > > > > #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev) > > > > > > -struct tpm_header { > > > - __be16 tag; > > > - __be32 length; > > > - union { > > > - __be32 ordinal; > > > - __be32 return_code; > > > - }; > > > -} __packed; > > > - > > > enum tpm_buf_flags { > > > /* the capacity exceeded: */ > > > TPM_BUF_OVERFLOW = BIT(0), > > > diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h > > > index ee76fcd5ecef..25a247254140 100644 > > > --- a/include/linux/tpm_command.h > > > +++ b/include/linux/tpm_command.h > > > @@ -431,4 +431,93 @@ struct tpm2_context { > > > __be16 blob_size; > > > } __packed; > > > > > > +/************************************************/ > > > +/* TPM Common Defs */ > > > +/************************************************/ One nit I just noticed here: let's use kernel standard block comments. E.g. /* * Common definitions for TPM. */ > > > + > > > +#define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ > > > +#define TPM_BUFSIZE 4096 > > > + > > > +/* > > > + * SHA-512 is, as of today, the largest digest in the TCG algorithm repository. > > > + */ > > > +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE > > > + > > > +/* > > > + * A TPM name digest i.e., TPMT_HA, is a concatenation of TPM_ALG_ID > > > +of the > > > + * name algorithm and hash of TPMT_PUBLIC. > > > + */ > > > +#define TPM2_MAX_NAME_SIZE (TPM2_MAX_DIGEST_SIZE + 2) > > > + > > > +/* > > > + * Fixed define for the size of a name. This is actually HASHALG > > > +size > > > + * plus 2, so 32 for SHA256 > > > + */ > > > +#define TPM2_NULL_NAME_SIZE 34 > > > + > > > +/* > > > + * The maximum number of PCR banks. > > > + */ > > > +#define TPM2_MAX_PCR_BANKS 8 > > > + > > > +/* If you add a new hash to this, increment TPM_MAX_HASHES below */ > > > +enum tpm_algorithms { > > > + TPM_ALG_ERROR = 0x0000, > > > + TPM_ALG_SHA1 = 0x0004, > > > + TPM_ALG_AES = 0x0006, > > > + TPM_ALG_KEYEDHASH = 0x0008, > > > + TPM_ALG_SHA256 = 0x000B, > > > + TPM_ALG_SHA384 = 0x000C, > > > + TPM_ALG_SHA512 = 0x000D, > > > + TPM_ALG_NULL = 0x0010, > > > + TPM_ALG_SM3_256 = 0x0012, > > > + TPM_ALG_ECC = 0x0023, > > > + TPM_ALG_CFB = 0x0043, > > > +}; > > > + > > > +/* > > > + * The locality (0 - 4) for a TPM, as defined in section 3.2 of the > > > + * Client Platform Profile Specification. > > > + */ > > > +enum tpm_localities { > > > + TPM_LOCALITY_0 = 0, /* Static RTM */ > > > + TPM_LOCALITY_1 = 1, /* Dynamic OS */ > > > + TPM_LOCALITY_2 = 2, /* DRTM Environment */ > > > + TPM_LOCALITY_3 = 3, /* Aux Components */ > > > + TPM_LOCALITY_4 = 4, /* CPU DRTM Establishment */ > > > + TPM_MAX_LOCALITY = TPM_LOCALITY_4 > > > +}; > > > + > > > +/* > > > + * Structure to represent active PCR algorithm banks usable by the > > > + * TPM chip. > > > + */ > > > +struct tpm_bank_info { > > > + u16 alg_id; > > > + u16 digest_size; > > > + u16 crypto_id; > > > +}; > > > + > > > +/* > > > + * Maximum number of hashing algorithms a TPM can have. This is > > > + * basically a count of every hash in tpm_algorithms above */ > > > +#define TPM_MAX_HASHES 5 > > > + > > > +struct tpm_digest { > > > + u16 alg_id; > > > + u8 digest[TPM2_MAX_DIGEST_SIZE]; > > > +} __packed; > > > + > > > +#define TPM_HEADER_SIZE 10 > > > + > > > +struct tpm_header { > > > + __be16 tag; > > > + __be32 length; > > > + union { > > > + __be32 ordinal; > > > + __be32 return_code; > > > + }; > > > +} __packed; > > > + > > > #endif > > > -- > > > 2.47.3 > > > > > > > Yep, all looks great and clean to me but exactly for that reason > > this needs to the truth serum :-) > > > > BR, Jarkko > > Thanks for taking a look! Glad to hear the patches are looking good! > > Alec Brown BR, Jarkko