Cover Letter Detail

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2233308,
    "url": "http://patchwork.ozlabs.org/api/1.2/covers/2233308/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/cover/20260506075813.120781-1-armenon@redhat.com/",
    "project": {
        "id": 14,
        "url": "http://patchwork.ozlabs.org/api/1.2/projects/14/?format=api",
        "name": "QEMU Development",
        "link_name": "qemu-devel",
        "list_id": "qemu-devel.nongnu.org",
        "list_email": "qemu-devel@nongnu.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20260506075813.120781-1-armenon@redhat.com>",
    "list_archive_url": null,
    "date": "2026-05-06T07:58:07",
    "name": "[v7,0/6] hw/tpm: CRB chunking capability to handle PQC",
    "submitter": {
        "id": 91136,
        "url": "http://patchwork.ozlabs.org/api/1.2/people/91136/?format=api",
        "name": "Arun Menon",
        "email": "armenon@redhat.com"
    },
    "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/cover/20260506075813.120781-1-armenon@redhat.com/mbox/",
    "series": [
        {
            "id": 502931,
            "url": "http://patchwork.ozlabs.org/api/1.2/series/502931/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=502931",
            "date": "2026-05-06T07:58:09",
            "name": "hw/tpm: CRB chunking capability to handle PQC",
            "version": 7,
            "mbox": "http://patchwork.ozlabs.org/series/502931/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/covers/2233308/comments/",
    "headers": {
        "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=LZ54rPHi;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=google header.b=qynYCiJs;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists1p.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"
        ],
        "Received": [
            "from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g9SSt4Z8wz1yJq\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 06 May 2026 17:59:10 +1000 (AEST)",
            "from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists1p.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces@nongnu.org>)\n\tid 1wKX9P-0004u9-QL; Wed, 06 May 2026 03:58:35 -0400",
            "from eggs.gnu.org ([2001:470:142:3::10])\n by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <armenon@redhat.com>)\n id 1wKX9O-0004tX-4N\n for qemu-devel@nongnu.org; Wed, 06 May 2026 03:58:34 -0400",
            "from us-smtp-delivery-124.mimecast.com ([170.10.129.124])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <armenon@redhat.com>)\n id 1wKX9L-0000bU-QL\n for qemu-devel@nongnu.org; Wed, 06 May 2026 03:58:33 -0400",
            "from mail-pl1-f200.google.com (mail-pl1-f200.google.com\n [209.85.214.200]) by relay.mimecast.com with ESMTP with STARTTLS\n (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n us-mta-537-2onX61QoN5meBtZJn3NjUA-1; Wed, 06 May 2026 03:58:29 -0400",
            "by mail-pl1-f200.google.com with SMTP id\n d9443c01a7336-2b7c904d476so50977805ad.3\n for <qemu-devel@nongnu.org>; Wed, 06 May 2026 00:58:29 -0700 (PDT)",
            "from fedora.armenon-thinkpadp16vgen1.bengluru.csb ([49.36.106.26])\n by smtp.gmail.com with ESMTPSA id\n d9443c01a7336-2ba7ca29f9dsm15439865ad.78.2026.05.06.00.58.16\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 06 May 2026 00:58:20 -0700 (PDT)"
        ],
        "DKIM-Signature": [
            "v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1778054310;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding;\n bh=n40BxiZzWNA7TuKxnmwNj5nS/1nPkGLYu3DAPy4QD9U=;\n b=LZ54rPHiDIX7SAvmy3xRg9dSi5j2aSPcBiLwr5j3pfGlK6h/h3xPAXqeb+J+0BCqKFRVQB\n 0yHDqXFrVBxY7XI3cNKBMXlrc3MqQFQEq7Y7z7z8+XYek1ZSQnphC4mwIziUtDnVCGaZW5\n CKD5ZBKln/cAcNhve6y5vkd0FsHTgow=",
            "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=redhat.com; s=google; t=1778054308; x=1778659108; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=n40BxiZzWNA7TuKxnmwNj5nS/1nPkGLYu3DAPy4QD9U=;\n b=qynYCiJshr66FvgKtIIlWnCUtEnuHpfstZQ/GuXAthGFP7ILg3qlkJCo4wCTHqflU6\n nWZuYDLbtxk7nUy6cHEz+fOHMfMoYxFrOc6qRRZqKG87lgbseBuXJfXSfplmfeCL3hlG\n SaCimwEeQJluwzSRAAicpROZabWxbf99SBuzbABjoMI9rnzUzm0bVJAB47CDilzmOBj/\n 094Q859vbb6T08WDiU9+BvhUDn74CN3lc8xsAitrHpnV9orXMvGd8LDzdlgDGMxrX/sK\n oVNePPuda56JZ1/gGDFatO0RgguZbNiPHGMQv7kQkWfaNxz5Hd6bmq6xBLkcYO9xXh8l\n +AsQ=="
        ],
        "X-MC-Unique": "2onX61QoN5meBtZJn3NjUA-1",
        "X-Mimecast-MFC-AGG-ID": "2onX61QoN5meBtZJn3NjUA_1778054308",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1778054308; x=1778659108;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=n40BxiZzWNA7TuKxnmwNj5nS/1nPkGLYu3DAPy4QD9U=;\n b=EQ6Z4j5FVQJntsPL4Mx4pMVOx8XsRJYhBn2Zm50w825GUoW2CJDHe67NayqYbM/8LN\n zDOkM6V/wBXD6M+tYViHi3zyh0cS9Zqo/xqLvxR0e4HTZiWFobOwDaZXluX4D6upw20I\n XXEfIVtPnLNDp5PASYUHUfjW/PSmOTKg6Zk60drd5JqNULeFRpynanHOCGtlW344gltu\n pQNspcUjAAN9kKDFUN4q6CIT3xWtna8wuwvL9X7VhlmZPqhwuFUHPBhumP8LUUfs/n6P\n RR3ma9gih9AIiOmjeyrBhLhsiiCMMY/1nqT/glSG7XecJGL4hdX5wyCTsDDK5FWLr6xT\n YvOA==",
        "X-Gm-Message-State": "AOJu0YzxL3kdROw52PV+kp0N3lMFxSlKNZ3gABslVDFPZta9WpK1N4Da\n ifTuO16RzgjgghVZJKySyOw2hD+lyqrAFxeAdC3ciHos+t8KlT5D2ZZEW6SyX6sWeBAQ3QWOnOD\n M4IbJ885EnFJ+ZJFdmSFDEwqzYfZxgsTqQT/6FsePvOlG/AXvs5ACNirWG6umaSXYEBIyea73qZ\n cm/WA7NY7qVjZBQ37Yq9PMCkta8xkHJbIMu+fwtcc=",
        "X-Gm-Gg": "AeBDieuC34/plPu/HzGcM58jVDm23Gg3fzsHibgUnTdjTLS5gF8iO/sHXgQQhbEy9ez\n m4zDLbU/ijOHj2U0fL5kC2dIIHlLm7RuXhYjMXar0fsB1+VoEgAjmn8Rtq6dELouSAhfOXUfmWa\n B8SWG1/voVMwK6G4/nqJfUXtah+gDoAJ90Yd1F90DYRCy87UBSeLO8OdfH4o7GsnMlm4bfav7v9\n BtztMMDpcaRyARTGzkUDOTqfQFrJC7qLRXl9+HRuekwo7DKgnvb53IzVGmmk8uKo/RvotNlqKQ6\n asfwgnywdIqocA65mQM9rtgc9HOt7JPG2Hpvl0FYs9VM3Wyv/NBhkhaWe7RzG0rEXv5sgYTJ8il\n KfBrB0YljPZ6J8AcH2j4VWnIWuCux9YIpMztfGEeb1Iftjj5UF9QphcmzIYsMA8ApOYjVA0An",
        "X-Received": [
            "by 2002:a17:903:13cf:b0:2ba:1756:aea7 with SMTP id\n d9443c01a7336-2ba78b4402cmr24082385ad.2.1778054302906;\n Wed, 06 May 2026 00:58:22 -0700 (PDT)",
            "by 2002:a17:903:13cf:b0:2ba:1756:aea7 with SMTP id\n d9443c01a7336-2ba78b4402cmr24081955ad.2.1778054302241;\n Wed, 06 May 2026 00:58:22 -0700 (PDT)"
        ],
        "From": "Arun Menon <armenon@redhat.com>",
        "To": "qemu-devel@nongnu.org",
        "Cc": "Zhao Liu <zhao1.liu@intel.com>,\n Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,\n Ani Sinha <anisinha@redhat.com>, Fabiano Rosas <farosas@suse.de>,\n marcandre.lureau@redhat.com, Stefan Berger <stefanb@linux.vnet.ibm.com>,\n\t=?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>,\n Yanan Wang <wangyanan55@huawei.com>, Paolo Bonzini <pbonzini@redhat.com>,\n Laurent Vivier <lvivier@redhat.com>, \"Michael S. Tsirkin\" <mst@redhat.com>,\n Igor Mammedov <imammedo@redhat.com>, Arun Menon <armenon@redhat.com>",
        "Subject": "[PATCH v7 0/6] hw/tpm: CRB chunking capability to handle PQC",
        "Date": "Wed,  6 May 2026 13:28:07 +0530",
        "Message-ID": "<20260506075813.120781-1-armenon@redhat.com>",
        "X-Mailer": "git-send-email 2.54.0",
        "MIME-Version": "1.0",
        "Content-Type": "text/plain; charset=\"utf-8\"",
        "Content-Transfer-Encoding": "8bit",
        "Received-SPF": "pass client-ip=170.10.129.124; envelope-from=armenon@redhat.com;\n helo=us-smtp-delivery-124.mimecast.com",
        "X-Spam_score_int": "-24",
        "X-Spam_score": "-2.5",
        "X-Spam_bar": "--",
        "X-Spam_report": "(-2.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.443,\n DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001,\n SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no",
        "X-Spam_action": "no action",
        "X-BeenThere": "qemu-devel@nongnu.org",
        "X-Mailman-Version": "2.1.29",
        "Precedence": "list",
        "List-Id": "qemu development <qemu-devel.nongnu.org>",
        "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>",
        "List-Archive": "<https://lists.nongnu.org/archive/html/qemu-devel>",
        "List-Post": "<mailto:qemu-devel@nongnu.org>",
        "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>",
        "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>",
        "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org",
        "Sender": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"
    },
    "content": "The move to Post Quantum Cryptography (PQC) changes how we manage\nmemory buffers. Unlike classic crypto algorithms like RSA or ECC which\nused small keys and signatures, PQC algorithms require larger buffers.\n\nThe new version of TCG TPM v185 (currently under review [1]) supports\nsending data/commands in chunks for the CRB (Command Response Buffer)\ninterface. This is in line with the initiative to support PQC algorithms.\n\nThis series implements the logic to send and receive data from the\nlinux guest to the TPM backend in chunks, thereby allowing the\nguest to send larger data buffers. We introduce 2 new control registers\ncalled nextChunk and crbRspRetry that will control the START. We also\nadd the CRB Interface Identifier called CapCRBChunk that is set to 1\nindicating that the device supports chunking. The default maximum\nchunk/buffer size is 3968 (4096 - 128) bytes.\n\nDuring a send operation, the guest driver places data in the CRB buffer\nand signals nextChunk for each segment until the final chunk is reached.\nUpon receiving the START signal, QEMU appends the final chunk to its\ninternal buffer and dispatches the complete command to the TPM backend.\n\nFor responses, the backend's output is buffered. The guest consumes the\nfirst chunk once the START bit is cleared. Subsequent chunks are\nretrieved by the guest toggling the nextChunk bit, which advances the\ninternal buffer offset and populates the CRB data window.\n\nFor this to work, the linux guest tpm driver will also have to\na) probe if CRB chunking is supported\nb) send data in chunks if the command length exceeds the chunk size.\nc) receive data in chunks by sending a nextChunk signal and accumulate.\nThese patches are posted upstream:\nhttps://lore.kernel.org/lkml/20260324181244.17741-1-armenon@redhat.com/\n\nDependencies:\nThis series has a hard dependency on the following patches currently on\nthe mailing list. They must be applied first for this series to function\ncorrectly:\n1. [PATCH 1/2] migration/vmstate: Add VMState support for GByteArray\n   Link: https://lore.kernel.org/all/20260422082214.10390-2-armenon@redhat.com/\n2. [PATCH for-11.1] hw: add compat machines for 11.1\n   Link: https://lore.kernel.org/all/20260331140347.653404-1-cohuck@redhat.com/\n\n[1] https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p07_rc1_121225.pdf\n\nv7\n--\n- Removed error_free() after calling migrate_del_blocker\n- Typo fix be_bufer_size to be_buffer_size, and removed a redundant\n  check.\n\nv6\n--\n- Removed Stefan Berger's patches to make this series CRB-only. The\n  complex TIS changes will be posted later.\n- Added a comment in the post_load hook.\n\nv5\n--\n- Expose cap-chunk only if the binary is run with the new machine type\n  (>11.1). Remove migrate-buffers as this property is not needed.\n- Add x-allow-chunk-migration internal property that will help in\n  blocking migration from a source with 11.1 binary and pre 11.1 machine\n  type to pre 11.1 binary and pre 11.1 machine type.\n  In this case, the source supports cap-chunk, but the destination binary\n  is unaware of the new buffers.\n- Add post_load_errp hook, to validate the buffers before the VM is\n  started at the destination.\n- Check if cap-chunk is true before processing nextChunk and crbRspRetry\n  from the guest. Patches 01, 04 and 06 have undergone changes.\n\nv4\n--\n- Add migration blocker to prevent data loss and new hw_compat property\n  called cap_chunk. The chunking feature is now only visible to machine\n  type 11.1 and higher.\n- Rename invoke to Start, to comply with the TCG TPM specification.\n- Use g_clear_pointer for safety.\n\nv3\n--\nPatches 1-6\n- Fix the issue with subsequent nextChunk signal from the guest while\n  the TPM backend is not done processing the previous request.\n- Add tpm_crb_unrealize() to clear buffers\n- Update hw_compat to 11.1.\n- Use newly introduced GByteArray VMStateInfo for migration.\nPatches 7-10\n- Add Stefan Berger's patches for swtpm profile support, TPM TIS\n  migration support with extended buffer and related tests.\n  NOTE: I have removed the \"WIP\" prefix and the \"TODO\" regarding dynamic\n  allocation from Stefan's final patch, as the static 8192-byte limit is\n  sufficient for the current requirements and passes all local testing.\n\nv2\n--\n- Add the VM migration support.\n- Increase the TIS TPM interface max buffer size to 8192.\n\nBased-on: <20260331140347.653404-1-cohuck@redhat.com>\nBased-on: <20260422082214.10390-2-armenon@redhat.com>\n\nArun Menon (6):\n  hw/tpm: Add TPM CRB chunking fields\n  hw/tpm: Refactor CRB_CTRL_START register access\n  hw/tpm: Add internal buffer state for chunking\n  hw/tpm: Implement TPM CRB chunking logic\n  test/qtest: Add test for tpm crb chunking\n  hw/tpm: Add support for VM migration with TPM CRB chunking\n\n hw/core/machine.c                |   5 +-\n hw/tpm/tpm_crb.c                 | 253 ++++++++++++++++++++++++++++---\n include/hw/acpi/tpm.h            |   5 +-\n tests/qtest/tpm-crb-swtpm-test.c |  10 ++\n tests/qtest/tpm-util.c           | 109 +++++++++++--\n tests/qtest/tpm-util.h           |   5 +\n 6 files changed, 351 insertions(+), 36 deletions(-)"
}