lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 16 Feb 2024 22:07:12 +0000
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Paul Menzel" <pmenzel@...gen.mpg.de>, "Peter Huewe" <peterhuewe@....de>
Cc: <linux-integrity@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: Re: init_tis() takes 50 ms on Dell XPS 13 9360 – almost 10 % of whole time until initrd

On Wed Feb 14, 2024 at 3:10 PM UTC, Paul Menzel wrote:
> Dear Linux folks,
>
>
> Trying to optimize the boot time of Linux on the Dell XPS 13 9360, 
> probing of MSFT0101:00 takes 52 ms, making `init_tis()` taking almost 10 
> % alone until starting the initrd:
>
>      [    0.000000] Linux version 6.8.0-rc4 
> (build@...emianrhapsody.molgen.mpg.de) (gcc (Debian 13.2.0-13) 13.2.0, 
> GNU ld (GNU Binutils for Debian) 2.42) #20 SMP PREEMPT_DYNAMIC Mon Feb 
> 12 09:40:49 CET 2024
>      […]
>      [    0.000000] DMI: Dell Inc. XPS 13 9360/0596KF, BIOS 2.21.0 
> 06/02/2022
>      […]
>      [    0.320057] calling  init_tis+0x0/0x100 @ 1
>      [    0.332190] tpm_tis MSFT0101:00: 2.0 TPM (device-id 0xFE, rev-id 4)
>      [    0.372164] probe of MSFT0101:00 returned 0 after 52101 usecs
>      [    0.372186] initcall init_tis+0x0/0x100 returned 0 after 52127 usecs
>      […]
>      [    0.588643] Freeing unused decrypted memory: 2036K
>      [    0.589068] Freeing unused kernel image (initmem) memory: 3976K
>      [    0.606115] Write protecting the kernel read-only data: 22528k
>      [    0.606527] Freeing unused kernel image (rodata/data gap) 
> memory: 276K
>      [    0.652327] x86/mm: Checked W+X mappings: passed, no W+X pages 
> found.
>      [    0.652329] x86/mm: Checking user space page tables
>      [    0.695968] x86/mm: Checked W+X mappings: passed, no W+X pages 
> found.
>      [    0.696104] Run /init as init process
>      […]
>
> For users, where boot time is most important, can this be moved out of 
> the hot path somehow?

It can't be IRQ probing as IRQ's are *disabled* by default. So we can
disclose that.

I think the delay is caused by tpm2_probe(), which is called by
tpm_tis_core_init(). It sends an idempotent TPM2 command to the TPM
chip to know whether it is TPM 1.x or TPM2 chip.

That detection is definitely required.

Even some other subsystems in the kernel require to know the correct
TPM version, like hwrng and IMA.

> Kind regards,
>
> Paul

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ