lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YoKQchfJ//FUws7i@kernel.org>
Date:   Mon, 16 May 2022 20:57:06 +0300
From:   Jarkko Sakkinen <jarkko@...nel.org>
To:     James Bottomley <James.Bottomley@...senpartnership.com>
Cc:     Mimi Zohar <zohar@...ux.ibm.com>,
        Johannes Holland <johannes.holland@...ineon.com>,
        Nayna <nayna@...ux.vnet.ibm.com>,
        linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
        peterhuewe@....de, jgg@...pe.ca
Subject: Re: [PATCH] tpm: sleep at least <...> ms in tpm_msleep()

On Thu, May 12, 2022 at 08:32:55AM -0400, James Bottomley wrote:
> On Thu, 2022-05-12 at 08:21 -0400, Mimi Zohar wrote:
> > On Wed, 2022-05-11 at 18:16 +0300, Jarkko Sakkinen wrote:
> > > On Tue, May 10, 2022 at 01:29:03PM +0200, Johannes Holland wrote:
> > > > To comply with protocol requirements, minimum polling times must
> > > > often
> > > > be adhered to. Therefore, a macro like tpm_msleep() should sleep
> > > > at
> > > > least the given amount of time (not up to the given period). Have
> > > > tpm_msleep() sleep at least the given number of milliseconds.
> > > > 
> > > > Signed-off-by: Johannes Holland <johannes.holland@...ineon.com>
> > > > ---
> > > >  drivers/char/tpm/tpm.h | 4 ++--
> > > >  1 file changed, 2 insertions(+), 2 deletions(-)
> > > > 
> > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> > > > index 2163c6ee0d36..0971b55fffe3 100644
> > > > --- a/drivers/char/tpm/tpm.h
> > > > +++ b/drivers/char/tpm/tpm.h
> > > > @@ -185,8 +185,8 @@ int tpm_pm_resume(struct device *dev);
> > > >  
> > > >  static inline void tpm_msleep(unsigned int delay_msec)
> > > >  {
> > > > -	usleep_range((delay_msec * 1000) - TPM_TIMEOUT_RANGE_US,
> > > > -		     delay_msec * 1000);
> > > > +	usleep_range(delay_msec * 1000, (delay_msec * 1000)
> > > > +		     + TPM_TIMEOUT_RANGE_US);
> > > >  };
> > > >  
> > > >  int tpm_chip_start(struct tpm_chip *chip);
> > > > -- 
> > > > 2.34.1
> > > > 
> > > 
> > > For this I would really like to hear a 2nd opinion from Nayna and
> > > Mimi.
> > 
> > This patch reverts commit 5ef924d9e2e8 ("tpm: use tpm_msleep() value
> > as max delay").    Are you experiencing TPM issues that require it?
> 
> I am:
> 
> https://lore.kernel.org/linux-integrity/1531328689.3260.8.camel@HansenPartnership.com/
> 
> I'm about 24h into a soak test of the patch with no TPM failure so far.
> I think it probably needs to run another 24h just to be sure, but it
> does seem the theory is sound (my TPM gets annoyed by being poked too
> soon) so reverting 5ef924d9e2e8 looks to be the correct action.  The
> only other ways I've found to fix this are either revert the
> usleep_range patch altogether or increase the timings:
> 
> https://lore.kernel.org/linux-integrity/1531329074.3260.9.camel@HansenPartnership.com/
> 
> Which obviously pushes the min past whatever issue my TPM is having
> even with 5ef924d9e2e8 applied.
> 
> Given that even the commit message for 5ef924d9e2e8 admits it only
> shaves about 12% off the TPM response time, that would appear to be an
> optimization too far if it's going to cause some TPMs to fail.
> 
> James

What if TPM started with the timings as they are now and use the
"reverted" timings if coming up too early?  The question here is
though,  is such complexity worth of anything or should we just
revert and do nothing else.

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ