Add TpmTransport abstraction and no_std support#7
Merged
Conversation
All TPM I/O already funnelled through a single `Tpm::transmit`, so extract that into a `TpmTransport` trait and have `Tpm` hold a `Box<dyn TpmTransport>`. The Linux device path becomes `FileTransport` behind a default `std` feature; `Tpm::open()/open_path()/open_direct()` are unchanged for existing callers. This lets a UEFI caller supply a transport over `EFI_TCG2_PROTOCOL` and reuse the command marshalling + PCR ops (e.g. `pcr_extend`) verbatim, without any re-implementation. Make the crate `no_std` (default `std` feature on): - Core (`lib.rs` types, `CommandBuffer`/`ResponseBuffer`, `pcr`, `ek`, `nv`) compiles for `*-unknown-uefi` with only `alloc`. - `cert`, `roots`, `nsm`, `a9n`, the CLI bin and the heavy deps (der/x509-cert/serde/serde_json/ciborium/base64/thiserror) are gated behind `std`. - UEFI targets force the `force-soft` sha1/sha2 backends (their SIMD paths can't be lowered for the soft-float UEFI ABI). No behavioural change for the Linux build: same public API, all tests pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Apply rustfmt to the new transmit() body. - Drop the intra-doc link to the private `Tpm::transmit` from the `TpmTransport` docs (rejected under `-D warnings`); reference the public `Tpm` wrapper instead. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Extracts a
TpmTransporttrait sovaportpm-attestcan run in environments without/dev/tpm*, and makes the crateno_std-capable — enabling reuse from a bare UEFI bootloader overEFI_TCG2_PROTOCOL.Why
All TPM I/O already funnelled through a single
Tpm::transmit. lockboot is gaining a kernel-less stage0 UEFI netboot loader that must measure a downloaded payload into the TPM before executing it. Rather than reimplement TPM command marshalling, it supplies a TCG2-backed transport and reusespcr_extendverbatim.Changes
TpmTransporttrait;Tpmnow holds aBox<dyn TpmTransport>. The Linux device path becomesFileTransportbehind a defaultstdfeature.Tpm::open()/open_path()/open_direct()are unchanged — existing callers (stage1) are unaffected.no_std(defaultstdon): the core (lib.rstypes, command/response buffers,pcr,ek,nv) builds for*-unknown-uefiwith onlyalloc.cert/roots/nsm/a9n/CLI bin + heavy deps gated behindstd.force-softsha1/sha2 (SIMD paths can't be lowered for the soft-float UEFI ABI).Verification
cargo test).x86_64-unknown-uefiandaarch64-unknown-uefi.No behavioural or public-API change for existing (Linux) consumers.
🤖 Generated with Claude Code