lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <D61UX1CMHLZ5.27V9844S1S1D0@kernel.org>
Date: Tue, 03 Dec 2024 07:38:02 +0100
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Stefan Berger" <stefanb@...ux.ibm.com>, "Christian Heusel"
 <christian@...sel.eu>
Cc: "Peter Huewe" <peterhuewe@....de>, "Jason Gunthorpe" <jgg@...pe.ca>,
 "James Bottomley" <James.Bottomley@...senpartnership.com>,
 <linux-integrity@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
 <regressions@...ts.linux.dev>
Subject: Re: [REGRESSION][BISECTED] tpm: Popping noise in USB headphones
 since 1b6d7f9eb150

On Mon Dec 2, 2024 at 11:15 PM CET, Stefan Berger wrote:
>
>
> On 11/29/24 9:44 PM, Jarkko Sakkinen wrote:
> > On Tue Nov 26, 2024 at 1:42 PM EET, Christian Heusel wrote:
> >> On 24/10/25 05:47PM, Jarkko Sakkinen wrote:
> >>> Yeah, this is on the list.
> >>>
> >>> See: https://bugzilla.kernel.org/show_bug.cgi?id=219383#c5
> >>>
> >>> I had a fix for the AMD boot-time issue already over a month ago
> >>> but unfortunately took time to get enough feedback.
> >>>
> >>> BR, Jarkko
> >>
> >> I'm not sure if this is supposed to be fixed, but AFAIK we hoped that
> >> the patchset that was mentioned in bugzilla also helped this issue.
> >>
> >> The reporter said that the bug is still present in 6.12.1, so this might
> >> need further poking 🤔
> > 
> > I'd suggest a workaround for the time being.
> > 
> > In 6.12 we added this for (heavy) IMA use:
> > 
> > tpm.disable_pcr_integrity= [HW,TPM]
> >                          Do not protect PCR registers from unintended physical
> >                          access, or interposers in the bus by the means of
> >                          having an integrity protected session wrapped around
> >                          TPM2_PCR_Extend command. Consider this in a situation
> >                          where TPM is heavily utilized by IMA, thus protection
> >                          causing a major performance hit, and the space where
> >                          machines are deployed is by other means guarded.
> > 
> > Similarly it might make sense to have "tpm.disable_random_integrity"
> > that disables the feature introduced by the failing commit.
> > 
>
> I am wondering what could be the not-so-obvious root cause for this? 
> Could it be due to a (TPM or RNG-related) lock? I guess the audio 
> popping could occur if an application cannot meet timing requirements 
> when it runs into some sort of blocking lock...

I'm travelling this week. I'll take a look in detail next weke. Obvious
thing is that latency has rised on getting the result for TPM2_GetRandom
but it should sleep while waiting. I.e. not sure what causes "busyness".

I think in general having disable_* for trusted keys, random and PCR
extension i.e. features that bus integrity protection touches would
be great for debugging these issues in all cases.

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ