Skip to content

Add NV index type support and missing NV attributes to NV attribute parser#13

Merged
hyperfinitism merged 1 commit intomainfrom
feature/nv-type-attr
Mar 22, 2026
Merged

Add NV index type support and missing NV attributes to NV attribute parser#13
hyperfinitism merged 1 commit intomainfrom
feature/nv-type-attr

Conversation

@hyperfinitism
Copy link
Owner

@hyperfinitism hyperfinitism commented Mar 22, 2026
edited
Loading

Summary

The NV attribute parser only supported (part of) boolean flags (ownerwrite, ownerread, etc.), although had no way to set the NV index type (bits 4–7 of TPMA_NV). In other words, nvdefine could only create ordinary NV indices. As a result, commands such as nvincrement, nvextend, and nvsetbits would never work with the tools alone.

This PR adds support to parse the nt=<type> argument, and also adds missing writelocked, globallock, no_da, orderly, clear_stclear, readlocked flags.

To improve maintainability, the NV attributes are sorted by bit order.

Examples

NV counter

# Define
tpm2 nvdefine -C o -s 8 -a "ownerwrite|ownerread|nt=counter" 0x01000001

# Increment
tpm2 nvincrement -C o 0x01000001
tpm2 nvincrement -C o 0x01000001

# Read
tpm2 nvread -C o 0x01000001

# Undefine
tpm2 nvundefine -C o 0x01000001

NV bitfield

# Define
tpm2 nvdefine -C o -s 8 -a "ownerwrite|ownerread|nt=bits" 0x01000001

# Set
tpm2 nvsetbits -C o -i 0123456789abcdef 0x01000001

# Read
tpm2 nvread -C o 0x01000001

# Undefine
tpm2 nvundefine -C o 0x01000001

@hyperfinitism hyperfinitism self-assigned this Mar 22, 2026
@hyperfinitism hyperfinitism added the enhancement New feature or request label Mar 22, 2026
@gemini-code-assist
Copy link

gemini-code-assist bot commented Mar 22, 2026

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the functionality of the NV attribute parser by introducing support for specifying NV index types and the no_da flag. These additions enable users to define more complex and specialized NV indices, such as counters and bitfields, directly through the parsing mechanism, which was previously limited to basic boolean flags. This expands the utility of nvdefine and related commands, allowing for a broader range of TPM NV operations.

Highlights

  • NV Index Type Support: Implemented parsing for various NV index types (e.g., "nt=counter", "nt=bits") within the parse_nv_attributes function, allowing for the creation of different NV index behaviors.
  • no_da Flag Addition: Added support for the no_da attribute, enabling the configuration of NV indices to bypass dictionary attack protection.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

  1. Review the Generative AI Prohibited Use Policy, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Mar 22, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request enhances the NV attribute parser by adding support for NV index types (e.g., nt=counter) and the no_da flag. This is a valuable addition that enables more advanced use of NV storage. The implementation is generally sound, but I've identified a critical issue where incorrect numeric values are used for pinfail and pinpass index types, which will lead to incorrect behavior.

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Mar 22, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 432692fdb5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@hyperfinitism hyperfinitism force-pushed the feature/nv-type-attr branch 2 times, most recently from 77df1d7 to ff43c7d Compare March 22, 2026 09:52
@hyperfinitism hyperfinitism changed the title Add NV index type support to attribute parser Add NV index type support and missing NV attributes to NV attribute parser Mar 22, 2026
@hyperfinitism
feat(parse): add NV index type and no_da attribute support
78ff9c4 
Add support for parsing nt=counter/bits/extend/ordinary/pinfail/pinpass.
This enables creating NV counters, NV bitfields, and PCR-like NVs.

Add the following missing NV attributes: writelocked, globallock,
no_da, orderly, clear_stclear, readlocked.

Sort the NV attributes by bit order.

Add both flatcase and snake_case aliases to NV attributes other than
orderly, clear_stclear and read_stclear.

Signed-off-by: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com>
@hyperfinitism hyperfinitism merged commit 2ce572f into main Mar 22, 2026
22 checks passed
@hyperfinitism hyperfinitism added bug Something isn't working and removed bug Something isn't working labels Mar 22, 2026
@hyperfinitism hyperfinitism deleted the feature/nv-type-attr branch March 22, 2026 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@hyperfinitism hyperfinitism

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hyperfinitism