{"id":2223035,"url":"http://patchwork.ozlabs.org/api/covers/2223035/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260414082915.112122-1-armenon@redhat.com/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260414082915.112122-1-armenon@redhat.com>","list_archive_url":null,"date":"2026-04-14T08:29:05","name":"[v4,00/10] hw/tpm: CRB chunking capability to handle PQC","submitter":{"id":91136,"url":"http://patchwork.ozlabs.org/api/people/91136/?format=json","name":"Arun Menon","email":"armenon@redhat.com"},"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/cover/20260414082915.112122-1-armenon@redhat.com/mbox/","series":[{"id":499802,"url":"http://patchwork.ozlabs.org/api/series/499802/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=499802","date":"2026-04-14T08:29:05","name":"hw/tpm: CRB chunking capability to handle PQC","version":4,"mbox":"http://patchwork.ozlabs.org/series/499802/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/covers/2223035/comments/","headers":{"Return-Path":"<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=IDLiewr7;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=google header.b=LinMieLR;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists1p.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fvyCD6jbFz1yDF\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 14 Apr 2026 18:30:31 +1000 (AEST)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists1p.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces@nongnu.org>)\n\tid 1wCZ9a-0007Tp-S8; Tue, 14 Apr 2026 04:29:50 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <armenon@redhat.com>)\n id 1wCZ9Q-0007TU-AT\n for qemu-devel@nongnu.org; Tue, 14 Apr 2026 04:29:40 -0400","from us-smtp-delivery-124.mimecast.com ([170.10.133.124])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <armenon@redhat.com>)\n id 1wCZ9N-0003iV-Vd\n for qemu-devel@nongnu.org; Tue, 14 Apr 2026 04:29:40 -0400","from mail-pl1-f198.google.com (mail-pl1-f198.google.com\n [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS\n (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id\n us-mta-68-nkxX8wUvMmiAgqfhR6OFxg-1; Tue, 14 Apr 2026 04:29:34 -0400","by mail-pl1-f198.google.com with SMTP id\n d9443c01a7336-2adc527eaf5so38426565ad.0\n for <qemu-devel@nongnu.org>; Tue, 14 Apr 2026 01:29:34 -0700 (PDT)","from fedora.armenon-thinkpadp16vgen1.bengluru.csb ([49.36.110.202])\n by smtp.gmail.com with ESMTPSA id\n d9443c01a7336-2b2d4e0f909sm181493785ad.35.2026.04.14.01.29.19\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 14 Apr 2026 01:29:31 -0700 (PDT)"],"DKIM-Signature":["v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1776155375;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:cc:mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding;\n bh=W2rAN5fPcIF7SrGv2GjPwSusr1gYWjyFYBjsVcpDLcI=;\n b=IDLiewr73EeqSugWAkkIC2KbS+/Rh9Qwpl5BsIN++731gHxTIs/htPZt08sZNt5sS+NVQ9\n enzHbG9WarGE1alpuRv8zrBwZ2v3Mw6KFfRuH6DuGftMST4SgldZSTSNs68jl56RFXxpK8\n cB5NKbkDcYHehvUTLMABonETs93GRJA=","v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=redhat.com; s=google; t=1776155373; x=1776760173; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=W2rAN5fPcIF7SrGv2GjPwSusr1gYWjyFYBjsVcpDLcI=;\n b=LinMieLRNQMgG7uLC2vF0OI4QPZ46m/Yctr57CFhenPhIsczSiggr+mXnsbi3Clw3C\n S41CDraOavRkbUv/p6ch04TGMvYRMTvRU29GJ5xjFwbcP5wS8SypX05wZrfFX3v/+79A\n /iEThX98GF7R3HKsKG6pwaPuEmaXfmgyuersoVxa3uFil2wAZcLrE157vJVx5mwmp7FU\n 5UOS9qGqJiGLyqUaBOnA/YnepIRMBNuZlnX1iypjDXlrZlgzR1riHkmCGMGzLaRmZcnX\n Vw5ZGXtSipNcfDgO0XZyQzbU7D/HT03HFRsTwDBmEa69U/Z9RpTPv8yszNP2GT5eeBBC\n gYWA=="],"X-MC-Unique":"nkxX8wUvMmiAgqfhR6OFxg-1","X-Mimecast-MFC-AGG-ID":"nkxX8wUvMmiAgqfhR6OFxg_1776155373","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1776155373; x=1776760173;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=W2rAN5fPcIF7SrGv2GjPwSusr1gYWjyFYBjsVcpDLcI=;\n b=hvvGs4SlcaIIfhxIiNugQskF0BDxo1vgGdx0AzIpPVJipqKH5gVdqC26G9TYbVq2qY\n 5KT34j0uGQXHw95Rwurr7lqWr92wbIucT62L3XwWXlKY48N6OFF3ohlm2QP1YNV1pNxb\n CsRCROI4hQY/tEbtycPhEKSsvEYoO3A25ITIO7/BPAa2wDixyXpih3XoV4meXh4Uizsu\n jX6ScVrRcp8k8otD9y+6eR5hLdZHBV1bADqC89FhC6PV6WX326P/dHr8i15BRTTUwHZW\n nL3cDKLdmioru6DIDLHsC7FaGzEoPIpQNiF6Vwp4VfYM4lMM3GI9eyNhx98rNcI33VWv\n 3L7g==","X-Gm-Message-State":"AOJu0YxWzuN2EIfaE8i84oJBwTBOCCS95npjXmrW88prrhkyTGU+8m9U\n ZOHFsunzd4i8KvPMrDvRQKVGy2VR6RrYHb9TEvquiGl2xMIQr8w4WwWfAc9je7Wwvw5nYhMcHyY\n tAlcEECP1M7elAoIP2wqbnOiZEBm4RxtoKSz7scH4Ss+PEdQ4QyCdJ/yk4NU0rJGygGkU6j9qms\n DpnWWPlP57W55Bqi6d0GA1AnPVsesKpgp7+7XNTtc=","X-Gm-Gg":"AeBDiesW9SaDiCsA9M1m3ITAIYHD0cZV3aBDFhgNe4PThpx98lY8T+y5+0pELw+93c9\n MbHL6jHNNgVsPzLtnNFJKd2gCOWR1orhdhnwcJeJL8kX/8P3f68uJl3Ga34SB3Yh95OV3L79IpD\n MadKNquwYXTcNOqxJIoQesqF0NqPItL71gvtnWt/GdTgD7f+Er0cCJKcCVeeTC0UUajbHESchC+\n 0S+v2XfubZ2oUx0v+iFeOXHXtMo8LWHROI3kaIalXnBJzqJZIMqGmRJ+zrOtRLnFTz15iMjWJaL\n Id+0M2gdkRwY83bJLQa6LaIUqCAPGxcxfEG9Z9xF0yL6CsHIsnCLRU+3KeRUf43LZqIoBEFJVtx\n i4GkisumjGO3GfyeivAN4rukB14TVMEG6ZszMrn9IK9ah0pah0sM3aHLzpp/bq7M=","X-Received":["by 2002:a17:903:2b05:b0:2b2:ccfb:8387 with SMTP id\n d9443c01a7336-2b2d5a3fab3mr169636755ad.28.1776155372993;\n Tue, 14 Apr 2026 01:29:32 -0700 (PDT)","by 2002:a17:903:2b05:b0:2b2:ccfb:8387 with SMTP id\n d9443c01a7336-2b2d5a3fab3mr169636405ad.28.1776155372387;\n Tue, 14 Apr 2026 01:29:32 -0700 (PDT)"],"From":"Arun Menon <armenon@redhat.com>","To":"qemu-devel@nongnu.org","Cc":"Yanan Wang <wangyanan55@huawei.com>, Ani Sinha <anisinha@redhat.com>,\n \"Michael S. Tsirkin\" <mst@redhat.com>, =?utf-8?q?Philippe_Mathieu-Daud?=\n\t=?utf-8?q?=C3=A9?= <philmd@linaro.org>,\n Stefan Berger <stefanb@linux.vnet.ibm.com>,\n Paolo Bonzini <pbonzini@redhat.com>,\n Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,\n Zhao Liu <zhao1.liu@intel.com>, marcandre.lureau@redhat.com,\n Igor Mammedov <imammedo@redhat.com>, Laurent Vivier <lvivier@redhat.com>,\n Fabiano Rosas <farosas@suse.de>, Arun Menon <armenon@redhat.com>","Subject":"[PATCH v4 00/10] hw/tpm: CRB chunking capability to handle PQC","Date":"Tue, 14 Apr 2026 13:59:05 +0530","Message-ID":"<20260414082915.112122-1-armenon@redhat.com>","X-Mailer":"git-send-email 2.53.0","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"utf-8\"","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=170.10.133.124; envelope-from=armenon@redhat.com;\n helo=us-smtp-delivery-124.mimecast.com","X-Spam_score_int":"-25","X-Spam_score":"-2.6","X-Spam_bar":"--","X-Spam_report":"(-2.6 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.54,\n DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001,\n RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001,\n SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development <qemu-devel.nongnu.org>","List-Unsubscribe":"<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>","List-Archive":"<https://lists.nongnu.org/archive/html/qemu-devel>","List-Post":"<mailto:qemu-devel@nongnu.org>","List-Help":"<mailto:qemu-devel-request@nongnu.org?subject=help>","List-Subscribe":"<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"The move to Post Quantum Cryptography (PQC) changes how we manage\nmemory buffers. Unlike classic crypto algorithms like RSA or ECC which\nused small keys and signatures, PQC algorithms require larger buffers.\n\nThe new version of TCG TPM v185 (currently under review [1]) supports\nsending data/commands in chunks for the CRB (Command Response Buffer)\ninterface. This is in line with the initiative to support PQC algorithms.\n\nThis series implements the logic to send and receive data from the\nlinux guest to the TPM backend in chunks, thereby allowing the\nguest to send larger data buffers. We introduce 2 new control registers\ncalled nextChunk and crbRspRetry that will control the START. We also\nadd the CRB Interface Identifier called CapCRBChunk that is set to 1\nindicating that the device supports chunking. The default maximum\nchunk/buffer size is 3968 (4096 - 128) bytes.\n\nDuring a send operation, the guest driver places data in the CRB buffer\nand signals nextChunk for each segment until the final chunk is reached.\nUpon receiving the START signal, QEMU appends the final chunk to its\ninternal buffer and dispatches the complete command to the TPM backend.\n\nFor responses, the backend's output is buffered. The guest consumes the\nfirst chunk once the START bit is cleared. Subsequent chunks are\nretrieved by the guest toggling the nextChunk bit, which advances the\ninternal buffer offset and populates the CRB data window.\n\nFor this to work, the linux guest tpm driver will also have to\na) probe if CRB chunking is supported\nb) send data in chunks if the command length exceeds the chunk size.\nc) receive data in chunks by sending a nextChunk signal and accumulate.\nThese patches are posted upstream:\nhttps://lore.kernel.org/lkml/20260324181244.17741-1-armenon@redhat.com/\n\nDependencies:\nThis series has a hard dependency on the following patches currently on\nthe mailing list. They must be applied first for this series to function\ncorrectly:\n1. [PATCH 1/2] migration/vmstate: Add VMState support for GByteArray\n   Link: https://lore.kernel.org/all/20260406115247.4879-2-armenon@redhat.com/\n2. [PATCH for-11.1] hw: add compat machines for 11.1\n   Link: https://lore.kernel.org/all/20260331140347.653404-1-cohuck@redhat.com/\n\n[1] https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p07_rc1_121225.pdf\n\nv4\n--\n- Add migration blocker to prevent data loss and new hw_compat property\n  called cap_chunk. The chunking feature is now only visible to machine\n  type 11.1 and higher.\n- Rename invoke to Start, to comply with the TCG TPM specification.\n- Use g_clear_pointer for safety.\n\nv3\n--\nPatches 1-6\n- Fix the issue with subsequent nextChunk signal from the guest while\n  the TPM backend is not done processing the previous request.\n- Add tpm_crb_unrealize() to clear buffers\n- Update hw_compat to 11.1.\n- Use newly introduced GByteArray VMStateInfo for migration.\nPatches 7-10\n- Add Stefan Berger's patches for swtpm profile support, TPM TIS\n  migration support with extended buffer and related tests.\n  NOTE: I have removed the \"WIP\" prefix and the \"TODO\" regarding dynamic\n  allocation from Stefan's final patch, as the static 8192-byte limit is\n  sufficient for the current requirements and passes all local testing.\n\nv2\n--\n- Add the VM migration support.\n- Increase the TIS TPM interface max buffer size to 8192.\n\nBased-on: <20260331140347.653404-1-cohuck@redhat.com>\nBased-on: <20260406115247.4879-2-armenon@redhat.com>\n\nArun Menon (6):\n  hw/tpm: Add TPM CRB chunking fields\n  hw/tpm: Refactor CRB_CTRL_START register access\n  hw/tpm: Add internal buffer state for chunking\n  hw/tpm: Implement TPM CRB chunking logic\n  test/qtest: Add test for tpm crb chunking\n  hw/tpm: Add support for VM migration with TPM CRB chunking\n\nStefan Berger (4):\n  qtests: Enable starting swtpm with a given profile\n  tests: Use ML-DSA-87 operations to caused large TPM transfers with CRB\n  tpm: Extend TPM TIS buffer size to 8192 bytes\n  tests: Use ML-DSA-87 operations to caused large TPM transfers with TIS\n\n hw/core/machine.c                |   5 +-\n hw/tpm/tpm_crb.c                 | 237 ++++++++++++++++++++++++++++---\n hw/tpm/tpm_tis.h                 |   2 +\n hw/tpm/tpm_tis_common.c          |  23 +++\n hw/tpm/tpm_tis_i2c.c             |  24 +++-\n hw/tpm/tpm_tis_isa.c             |  24 +++-\n hw/tpm/tpm_tis_sysbus.c          |  24 +++-\n include/hw/acpi/tpm.h            |   5 +-\n tests/qtest/tpm-crb-swtpm-test.c |  11 ++\n tests/qtest/tpm-tests.c          | 102 ++++++++++++-\n tests/qtest/tpm-tests.h          |   4 +\n tests/qtest/tpm-tis-swtpm-test.c |  11 ++\n tests/qtest/tpm-util.c           | 156 +++++++++++++++++---\n tests/qtest/tpm-util.h           |  10 +-\n 14 files changed, 591 insertions(+), 47 deletions(-)"}