diff mbox series

[1/3] tpm: Disable TCG_TPM2_HMAC by default

Message ID 20240519235122.3380-2-jarkko@kernel.org (mailing list archive)
State New, archived
Headers show
Series KEYS: trusted: bug fixes | expand

Commit Message

Jarkko Sakkinen May 19, 2024, 11:51 p.m. UTC
Causes performance drop in initialization so needs to be opt-in.
Distributors are capable of opt-in enabling this. Could be also handled by
kernel-command line in the future.

Reported-by: Vitor Soares <ivitro@gmail.com>
Closes: https://lore.kernel.org/linux-integrity/bf67346ef623ff3c452c4f968b7d900911e250c3.camel@gmail.com/#t
Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
 drivers/char/tpm/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Vitor Soares May 21, 2024, 7:03 a.m. UTC | #1
Hi Jarkko,

On Mon, 2024-05-20 at 02:51 +0300, Jarkko Sakkinen wrote:
> Causes performance drop in initialization so needs to be opt-in.
> Distributors are capable of opt-in enabling this. Could be also handled by
> kernel-command line in the future.
> 
> Reported-by: Vitor Soares <ivitro@gmail.com>
> Closes:
> https://lore.kernel.org/linux-integrity/bf67346ef623ff3c452c4f968b7d900911e250c3.camel@gmail.com/#t
> Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation")
> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
> ---
>  drivers/char/tpm/Kconfig | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index e63a6a17793c..db41301e63f2 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -29,7 +29,7 @@ if TCG_TPM
>  
>  config TCG_TPM2_HMAC
>         bool "Use HMAC and encrypted transactions on the TPM bus"
> -       default y
> +       default n
>         select CRYPTO_ECDH
>         select CRYPTO_LIB_AESCFB
>         select CRYPTO_LIB_SHA256

I did the test on my side, and with TCG_TPM2_HMAC set to "n" the time to probe
tpm_tis_spi driver has reduced to:
real    0m2.009s
user    0m0.001s
sys     0m0.019s

Thanks for your help.

Best regards,
Vitor Soares
Jarkko Sakkinen May 21, 2024, 7:10 a.m. UTC | #2
On Tue May 21, 2024 at 10:03 AM EEST, Vitor Soares wrote:
> Hi Jarkko,
>
> On Mon, 2024-05-20 at 02:51 +0300, Jarkko Sakkinen wrote:
> > Causes performance drop in initialization so needs to be opt-in.
> > Distributors are capable of opt-in enabling this. Could be also handled by
> > kernel-command line in the future.
> > 
> > Reported-by: Vitor Soares <ivitro@gmail.com>
> > Closes:
> > https://lore.kernel.org/linux-integrity/bf67346ef623ff3c452c4f968b7d900911e250c3.camel@gmail.com/#t
> > Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation")
> > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
> > ---
> >  drivers/char/tpm/Kconfig | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> > index e63a6a17793c..db41301e63f2 100644
> > --- a/drivers/char/tpm/Kconfig
> > +++ b/drivers/char/tpm/Kconfig
> > @@ -29,7 +29,7 @@ if TCG_TPM
> >  
> >  config TCG_TPM2_HMAC
> >         bool "Use HMAC and encrypted transactions on the TPM bus"
> > -       default y
> > +       default n
> >         select CRYPTO_ECDH
> >         select CRYPTO_LIB_AESCFB
> >         select CRYPTO_LIB_SHA256
>
> I did the test on my side, and with TCG_TPM2_HMAC set to "n" the time to probe
> tpm_tis_spi driver has reduced to:
> real    0m2.009s
> user    0m0.001s
> sys     0m0.019s
>
> Thanks for your help.
>
> Best regards,
> Vitor Soares

Yeah, well overall benefits still weight a lot. Primary keys are
obviously essential for any use of TPM, so better idea might then
just disable the whole TPM if this does not scale.

But as James pointed out in some other response it is not objectively
clear where performance hit is. I guess it would make sense to analyze
how much hmac vs w/o hmac in the pipe costs for TPM commands.

This benchmark could be done in user space using /dev/tpm0.

Anyway, I did not include this to my PR, which I already sent to Linus.
If anyone wants to make kernel command-line option for hmac, I'm willing
to review that (no bandwidth to do it myself).

BR, Jarkko
James Bottomley May 21, 2024, 12:33 p.m. UTC | #3
On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> This benchmark could be done in user space using /dev/tpm0.

Let's actually try that.  If you have the ibmtss installed, the command
to time primary key generation from userspace on your tpm is

time tsscreateprimary -hi n -ecc nistp256


And just for chuckles and grins, try it in the owner hierarchy as well
(sometimes slow TPMs cache this)

time tsscreateprimary -hi o -ecc nistp256

And if you have tpm2 tools, the above commands should be:

time tpm2_createprimary -C n -G ecc256
time tpm2_createprimary -C o -G ecc256

James
Jarkko Sakkinen May 21, 2024, 1 p.m. UTC | #4
On Tue May 21, 2024 at 3:33 PM EEST, James Bottomley wrote:
> On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > This benchmark could be done in user space using /dev/tpm0.
>
> Let's actually try that.  If you have the ibmtss installed, the command
> to time primary key generation from userspace on your tpm is
>
> time tsscreateprimary -hi n -ecc nistp256
>
>
> And just for chuckles and grins, try it in the owner hierarchy as well
> (sometimes slow TPMs cache this)
>
> time tsscreateprimary -hi o -ecc nistp256
>
> And if you have tpm2 tools, the above commands should be:
>
> time tpm2_createprimary -C n -G ecc256
> time tpm2_createprimary -C o -G ecc256

Thanks, I definitely want to try these in my NUC7. I can try both
stacks and it is pretty good test machine because it is old'ish
and slow ;-)

I'm also thinking differently than when I put out this pull request.
I honestly think that it must be weird use case to use TPM with
a machine that dies with a HMAC pipe. It makes no sense to me and
I think we should focus on common sense here.

I could imagine one use case: pre-production hardware that is not
yet in ASIC. But in that case you would probably build your kernel
picking exactly the right options. I mean it is only a default
after all.

I think we could add this:

	default X86 || ARM64

This pretty covers the spectrum where HMAC does make sense by
default. We can always relax it but this does not really take
away the legit user base from the feature.

It would be a huge bottleneck to make HMAC also opt-in because
the stuff it adds makes a lot of sense when build on top. E.g.
the asymmetric key patch set that I sent within early week was
made possible by all this great work that you've done.

So yeah, I'd like to send the above Kconfig changes, but that
is all I want to do this at this point.

> James

BR, Jarkko
Jarkko Sakkinen May 21, 2024, 1:11 p.m. UTC | #5
On Tue May 21, 2024 at 4:00 PM EEST, Jarkko Sakkinen wrote:
> On Tue May 21, 2024 at 3:33 PM EEST, James Bottomley wrote:
> > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > This benchmark could be done in user space using /dev/tpm0.
> >
> > Let's actually try that.  If you have the ibmtss installed, the command
> > to time primary key generation from userspace on your tpm is
> >
> > time tsscreateprimary -hi n -ecc nistp256
> >
> >
> > And just for chuckles and grins, try it in the owner hierarchy as well
> > (sometimes slow TPMs cache this)
> >
> > time tsscreateprimary -hi o -ecc nistp256
> >
> > And if you have tpm2 tools, the above commands should be:
> >
> > time tpm2_createprimary -C n -G ecc256
> > time tpm2_createprimary -C o -G ecc256
>
> Thanks, I definitely want to try these in my NUC7. I can try both
> stacks and it is pretty good test machine because it is old'ish
> and slow ;-)
>
> I'm also thinking differently than when I put out this pull request.
> I honestly think that it must be weird use case to use TPM with
> a machine that dies with a HMAC pipe. It makes no sense to me and
> I think we should focus on common sense here.
>
> I could imagine one use case: pre-production hardware that is not
> yet in ASIC. But in that case you would probably build your kernel
> picking exactly the right options. I mean it is only a default
> after all.
>
> I think we could add this:
>
> 	default X86 || ARM64
>
> This pretty covers the spectrum where HMAC does make sense by
> default. We can always relax it but this does not really take
> away the legit user base from the feature.
>
> It would be a huge bottleneck to make HMAC also opt-in because
> the stuff it adds makes a lot of sense when build on top. E.g.
> the asymmetric key patch set that I sent within early week was
> made possible by all this great work that you've done.
>
> So yeah, I'd like to send the above Kconfig changes, but that
> is all I want to do this at this point.

Patch is out (lore link was not yet available):

https://lkml.org/lkml/2024/5/21/583

BR, Jarkko
Jarkko Sakkinen May 21, 2024, 1:16 p.m. UTC | #6
On Tue May 21, 2024 at 4:11 PM EEST, Jarkko Sakkinen wrote:
> On Tue May 21, 2024 at 4:00 PM EEST, Jarkko Sakkinen wrote:
> > On Tue May 21, 2024 at 3:33 PM EEST, James Bottomley wrote:
> > > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > > This benchmark could be done in user space using /dev/tpm0.
> > >
> > > Let's actually try that.  If you have the ibmtss installed, the command
> > > to time primary key generation from userspace on your tpm is
> > >
> > > time tsscreateprimary -hi n -ecc nistp256
> > >
> > >
> > > And just for chuckles and grins, try it in the owner hierarchy as well
> > > (sometimes slow TPMs cache this)
> > >
> > > time tsscreateprimary -hi o -ecc nistp256
> > >
> > > And if you have tpm2 tools, the above commands should be:
> > >
> > > time tpm2_createprimary -C n -G ecc256
> > > time tpm2_createprimary -C o -G ecc256
> >
> > Thanks, I definitely want to try these in my NUC7. I can try both
> > stacks and it is pretty good test machine because it is old'ish
> > and slow ;-)
> >
> > I'm also thinking differently than when I put out this pull request.
> > I honestly think that it must be weird use case to use TPM with
> > a machine that dies with a HMAC pipe. It makes no sense to me and
> > I think we should focus on common sense here.
> >
> > I could imagine one use case: pre-production hardware that is not
> > yet in ASIC. But in that case you would probably build your kernel
> > picking exactly the right options. I mean it is only a default
> > after all.
> >
> > I think we could add this:
> >
> > 	default X86 || ARM64
> >
> > This pretty covers the spectrum where HMAC does make sense by
> > default. We can always relax it but this does not really take
> > away the legit user base from the feature.
> >
> > It would be a huge bottleneck to make HMAC also opt-in because
> > the stuff it adds makes a lot of sense when build on top. E.g.
> > the asymmetric key patch set that I sent within early week was
> > made possible by all this great work that you've done.
> >
> > So yeah, I'd like to send the above Kconfig changes, but that
> > is all I want to do this at this point.
>
> Patch is out (lore link was not yet available):
>
> https://lkml.org/lkml/2024/5/21/583

Right also: TCG_TPM is neither default in x86 defconfig. So it would
require two switches turned on to get basic TPM support ongoing. So
yeah, I think we're in a sweet spot with above patch.

BR, Jarkko
Vitor Soares May 22, 2024, 8:18 a.m. UTC | #7
On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > This benchmark could be done in user space using /dev/tpm0.
> 
> Let's actually try that.  If you have the ibmtss installed, the command
> to time primary key generation from userspace on your tpm is
> 
> time tsscreateprimary -hi n -ecc nistp256
> 
> 
> And just for chuckles and grins, try it in the owner hierarchy as well
> (sometimes slow TPMs cache this)
> 
> time tsscreateprimary -hi o -ecc nistp256
> 
> And if you have tpm2 tools, the above commands should be:
> 
> time tpm2_createprimary -C n -G ecc256
> time tpm2_createprimary -C o -G ecc256
> 
> James
> 
> 

Testing on an arm64 platform I get the following results.

hmac disabled:
  time modprobe tpm_tis_spi
  real    0m2.776s
  user    0m0.006s
  sys     0m0.015s

  time tpm2_createprimary -C n -G ecc256
  real    0m0.686s
  user    0m0.044s
  sys     0m0.025s

  time tpm2_createprimary -C o -G ecc256
  real    0m0.638s
  user    0m0.048s
  sys     0m0.009s


hmac enabled:
  time modprobe tpm_tis_spi
  real    8m5.840s
  user    0m0.005s
  sys     0m0.018s


  time tpm2_createprimary -C n -G ecc256
  real    5m27.678s
  user    0m0.059s
  sys     0m0.009s

  (after first command)
  real    0m0.395s
  user    0m0.040s
  sys     0m0.015s

  time tpm2_createprimary -C o -G ecc256
  real    0m0.418s
  user    0m0.049s
  sys     0m0.009s

hmac enabled + patches applied
  time modprobe tpm_tis_spi
  real    8m6.663s
  user    0m0.000s
  sys     0m0.021s


  time tpm2_createprimary -C n -G ecc256
  real    7m24.662s
  user    0m0.048s
  sys     0m0.022s

  (after first command)
  real    0m0.395s
  user    0m0.047s
  sys     0m0.009s

  time tpm2_createprimary -C o -G ecc256
  real    0m0.404s
  user    0m0.046s
  sys     0m0.012s


Regards,
Vitor Soares
Jarkko Sakkinen May 22, 2024, 12:01 p.m. UTC | #8
On Wed May 22, 2024 at 11:18 AM EEST, Vitor Soares wrote:
> On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > This benchmark could be done in user space using /dev/tpm0.
> > 
> > Let's actually try that.  If you have the ibmtss installed, the command
> > to time primary key generation from userspace on your tpm is
> > 
> > time tsscreateprimary -hi n -ecc nistp256
> > 
> > 
> > And just for chuckles and grins, try it in the owner hierarchy as well
> > (sometimes slow TPMs cache this)
> > 
> > time tsscreateprimary -hi o -ecc nistp256
> > 
> > And if you have tpm2 tools, the above commands should be:
> > 
> > time tpm2_createprimary -C n -G ecc256
> > time tpm2_createprimary -C o -G ecc256
> > 
> > James
> > 
> > 
>
> Testing on an arm64 platform I get the following results.

OK, appreciate these results. I try to get mine this week, if I can
allocate some bandwidth but latest early next week. The Intel CPU
I'll be testing is Intel Celeron J4025:

https://www.intel.com/content/www/us/en/products/sku/197307/intel-celeron-processor-j4025-4m-cache-up-to-2-90-ghz/specifications.html

So if things work reasonably fast with this, then I think we can
enable the feature at least on X86_64 by default, and make it
opt-in for other arch's.

I sent already this patch but holding with PR up until rc1 is
out so that there is some window to act:

https://lore.kernel.org/linux-integrity/20240521130921.15028-1-jarkko@kernel.org/

If I need to send an updated patch ("default X86_64") and rip
transcrip from below results.

But to do that correctly I'd need to know at least:

1. What is the aarch64 platform you are using?
2. What kind of TPM you are using and how is it connect?

Obviously if I make this decision, I'll put you as "Reported-by".

>
> hmac disabled:
>   time modprobe tpm_tis_spi
>   real    0m2.776s
>   user    0m0.006s
>   sys     0m0.015s
>
>   time tpm2_createprimary -C n -G ecc256
>   real    0m0.686s
>   user    0m0.044s
>   sys     0m0.025s
>
>   time tpm2_createprimary -C o -G ecc256
>   real    0m0.638s
>   user    0m0.048s
>   sys     0m0.009s
>
>
> hmac enabled:
>   time modprobe tpm_tis_spi
>   real    8m5.840s
>   user    0m0.005s
>   sys     0m0.018s
>
>
>   time tpm2_createprimary -C n -G ecc256
>   real    5m27.678s
>   user    0m0.059s
>   sys     0m0.009s
>
>   (after first command)
>   real    0m0.395s
>   user    0m0.040s
>   sys     0m0.015s
>
>   time tpm2_createprimary -C o -G ecc256
>   real    0m0.418s
>   user    0m0.049s
>   sys     0m0.009s
>
> hmac enabled + patches applied
>   time modprobe tpm_tis_spi
>   real    8m6.663s
>   user    0m0.000s
>   sys     0m0.021s
>
>
>   time tpm2_createprimary -C n -G ecc256
>   real    7m24.662s
>   user    0m0.048s
>   sys     0m0.022s
>
>   (after first command)
>   real    0m0.395s
>   user    0m0.047s
>   sys     0m0.009s
>
>   time tpm2_createprimary -C o -G ecc256
>   real    0m0.404s
>   user    0m0.046s
>   sys     0m0.012s
>
>
> Regards,
> Vitor Soares

BR, Jarkko
Vitor Soares May 22, 2024, 1:17 p.m. UTC | #9
On Wed, 2024-05-22 at 15:01 +0300, Jarkko Sakkinen wrote:
> On Wed May 22, 2024 at 11:18 AM EEST, Vitor Soares wrote:
> > On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > > This benchmark could be done in user space using /dev/tpm0.
> > > 
> > > Let's actually try that.  If you have the ibmtss installed, the command
> > > to time primary key generation from userspace on your tpm is
> > > 
> > > time tsscreateprimary -hi n -ecc nistp256
> > > 
> > > 
> > > And just for chuckles and grins, try it in the owner hierarchy as well
> > > (sometimes slow TPMs cache this)
> > > 
> > > time tsscreateprimary -hi o -ecc nistp256
> > > 
> > > And if you have tpm2 tools, the above commands should be:
> > > 
> > > time tpm2_createprimary -C n -G ecc256
> > > time tpm2_createprimary -C o -G ecc256
> > > 
> > > James
> > > 
> > > 
> > 
> > Testing on an arm64 platform I get the following results.
> 
> OK, appreciate these results. I try to get mine this week, if I can
> allocate some bandwidth but latest early next week. The Intel CPU
> I'll be testing is Intel Celeron J4025:
> 
> https://www.intel.com/content/www/us/en/products/sku/197307/intel-celeron-processor-j4025-4m-cache-up-to-2-90-ghz/specifications.html
> 
> So if things work reasonably fast with this, then I think we can
> enable the feature at least on X86_64 by default, and make it
> opt-in for other arch's.
> 
> I sent already this patch but holding with PR up until rc1 is
> out so that there is some window to act:
> 
> https://lore.kernel.org/linux-integrity/20240521130921.15028-1-jarkko@kernel.org/
> 
> If I need to send an updated patch ("default X86_64") and rip
> transcrip from below results.
> 
> But to do that correctly I'd need to know at least:
> 
> 1. What is the aarch64 platform you are using?

I was testing this on the Toradex Verdin iMX8MM SoM.

> 2. What kind of TPM you are using and how is it connect?

TPM device is the ATTPM20P connect through the SPI at speed of 36 MHz.
The bus is shared with a CAN controller (MCP251xFD), so both mues work together.

The dts looks like:
tpm1: tpm@1 {
        compatible = "atmel,attpm20p", "tcg,tpm_tis-spi";
        interrupts-extended = <&gpio1 7 IRQ_TYPE_LEVEL_LOW>;
        pinctrl-0 = <&pinctrl_can2_int>;
        pinctrl-names = "default";
        reg = <1>;
        spi-max-frequency = <36000000>;
};

Regards,
Vitor Soares

> 
> Obviously if I make this decision, I'll put you as "Reported-by".
> 
>
Vitor Soares May 22, 2024, 1:31 p.m. UTC | #10
On Wed, 2024-05-22 at 14:17 +0100, Vitor Soares wrote:
> On Wed, 2024-05-22 at 15:01 +0300, Jarkko Sakkinen wrote:
> > On Wed May 22, 2024 at 11:18 AM EEST, Vitor Soares wrote:
> > > On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > > > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > > > This benchmark could be done in user space using /dev/tpm0.
> > > > 
> > > > Let's actually try that.  If you have the ibmtss installed, the command
> > > > to time primary key generation from userspace on your tpm is
> > > > 
> > > > time tsscreateprimary -hi n -ecc nistp256
> > > > 
> > > > 
> > > > And just for chuckles and grins, try it in the owner hierarchy as well
> > > > (sometimes slow TPMs cache this)
> > > > 
> > > > time tsscreateprimary -hi o -ecc nistp256
> > > > 
> > > > And if you have tpm2 tools, the above commands should be:
> > > > 
> > > > time tpm2_createprimary -C n -G ecc256
> > > > time tpm2_createprimary -C o -G ecc256
> > > > 
> > > > James
> > > > 
> > > > 
> > > 
> > > Testing on an arm64 platform I get the following results.
> > 
> > OK, appreciate these results. I try to get mine this week, if I can
> > allocate some bandwidth but latest early next week. The Intel CPU
> > I'll be testing is Intel Celeron J4025:
> > 
> > https://www.intel.com/content/www/us/en/products/sku/197307/intel-celeron-processor-j4025-4m-cache-up-to-2-90-ghz/specifications.html
> > 
> > So if things work reasonably fast with this, then I think we can
> > enable the feature at least on X86_64 by default, and make it
> > opt-in for other arch's.
> > 
> > I sent already this patch but holding with PR up until rc1 is
> > out so that there is some window to act:
> > 
> > https://lore.kernel.org/linux-integrity/20240521130921.15028-1-jarkko@kernel.org/
> > 
> > If I need to send an updated patch ("default X86_64") and rip
> > transcrip from below results.
> > 
> > But to do that correctly I'd need to know at least:
> > 
> > 1. What is the aarch64 platform you are using?
> 
> I was testing this on the Toradex Verdin iMX8MM SoM.
> 
> > 2. What kind of TPM you are using and how is it connect?
> 
> TPM device is the ATTPM20P connect through the SPI at speed of 36 MHz.
> The bus is shared with a CAN controller (MCP251xFD), so both mues work
> together.
> 
> The dts looks like:
> tpm1: tpm@1 {
>         compatible = "atmel,attpm20p", "tcg,tpm_tis-spi";
>         interrupts-extended = <&gpio1 7 IRQ_TYPE_LEVEL_LOW>;
>         pinctrl-0 = <&pinctrl_can2_int>;
>         pinctrl-names = "default";
>         reg = <1>;
>         spi-max-frequency = <36000000>;
> };
> 
> Regards,
> Vitor Soares

For the sake of clarity, the timing tests were done without CAN enabled.

> 
> > 
> > Obviously if I make this decision, I'll put you as "Reported-by".
> > 
> > 
>
James Bottomley May 22, 2024, 1:35 p.m. UTC | #11
On Wed, 2024-05-22 at 09:18 +0100, Vitor Soares wrote:
> On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > This benchmark could be done in user space using /dev/tpm0.
> > 
> > Let's actually try that.  If you have the ibmtss installed, the
> > command to time primary key generation from userspace on your tpm
> > is
> > 
> > time tsscreateprimary -hi n -ecc nistp256
> > 
> > 
> > And just for chuckles and grins, try it in the owner hierarchy as
> > well (sometimes slow TPMs cache this)
> > 
> > time tsscreateprimary -hi o -ecc nistp256
> > 
> > And if you have tpm2 tools, the above commands should be:
> > 
> > time tpm2_createprimary -C n -G ecc256
> > time tpm2_createprimary -C o -G ecc256
> > 
> > James
> > 
> > 
> 
> Testing on an arm64 platform I get the following results.
> 
> hmac disabled:
>   time modprobe tpm_tis_spi
>   real    0m2.776s
>   user    0m0.006s
>   sys     0m0.015s
> 
>   time tpm2_createprimary -C n -G ecc256
>   real    0m0.686s
>   user    0m0.044s
>   sys     0m0.025s
> 
>   time tpm2_createprimary -C o -G ecc256
>   real    0m0.638s
>   user    0m0.048s
>   sys     0m0.009s
> 
> 
> hmac enabled:
>   time modprobe tpm_tis_spi
>   real    8m5.840s
>   user    0m0.005s
>   sys     0m0.018s
> 
> 
>   time tpm2_createprimary -C n -G ecc256
>   real    5m27.678s
>   user    0m0.059s
>   sys     0m0.009s
> 
>   (after first command)
>   real    0m0.395s
>   user    0m0.040s
>   sys     0m0.015s
> 
>   time tpm2_createprimary -C o -G ecc256
>   real    0m0.418s
>   user    0m0.049s
>   sys     0m0.009s

That's interesting: it suggests the create primary is fast (as
expected) but that the TPM is blocked for some reason.  Is there
anything else in dmesg if you do

dmesg|grep -i tpm

?

Unfortunately we don't really do timeouts on our end (we have the TPM
do it instead), but we could instrument your kernel with command and
time sent and returned.  That may tell us where the problem lies.

Regards,

James
Jarkko Sakkinen May 22, 2024, 2:11 p.m. UTC | #12
On Wed May 22, 2024 at 4:17 PM EEST, Vitor Soares wrote:
> > 1. What is the aarch64 platform you are using?
>
> I was testing this on the Toradex Verdin iMX8MM SoM.
>
> > 2. What kind of TPM you are using and how is it connect?
>
> TPM device is the ATTPM20P connect through the SPI at speed of 36 MHz.
> The bus is shared with a CAN controller (MCP251xFD), so both mues work together.
>
> The dts looks like:
> tpm1: tpm@1 {
>         compatible = "atmel,attpm20p", "tcg,tpm_tis-spi";
>         interrupts-extended = <&gpio1 7 IRQ_TYPE_LEVEL_LOW>;
>         pinctrl-0 = <&pinctrl_can2_int>;
>         pinctrl-names = "default";
>         reg = <1>;
>         spi-max-frequency = <36000000>;
> };

Thank you, this exactly what I was looking for. Don't expect any
improvement to the situation before rc1 is out. It is better to
investigate the situation a bit first.

E.g. some people test with fTPM TEE so this was pretty essential
to know that it is a chip going through.

For tpm_crb we should actually disable HMAC at some point. It is
essentially a performance regression for it.

BR, Jarkko
Jarkko Sakkinen May 22, 2024, 2:13 p.m. UTC | #13
On Wed May 22, 2024 at 4:35 PM EEST, James Bottomley wrote:
> On Wed, 2024-05-22 at 09:18 +0100, Vitor Soares wrote:
> > On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > > This benchmark could be done in user space using /dev/tpm0.
> > > 
> > > Let's actually try that.  If you have the ibmtss installed, the
> > > command to time primary key generation from userspace on your tpm
> > > is
> > > 
> > > time tsscreateprimary -hi n -ecc nistp256
> > > 
> > > 
> > > And just for chuckles and grins, try it in the owner hierarchy as
> > > well (sometimes slow TPMs cache this)
> > > 
> > > time tsscreateprimary -hi o -ecc nistp256
> > > 
> > > And if you have tpm2 tools, the above commands should be:
> > > 
> > > time tpm2_createprimary -C n -G ecc256
> > > time tpm2_createprimary -C o -G ecc256
> > > 
> > > James
> > > 
> > > 
> > 
> > Testing on an arm64 platform I get the following results.
> > 
> > hmac disabled:
> >   time modprobe tpm_tis_spi
> >   real    0m2.776s
> >   user    0m0.006s
> >   sys     0m0.015s
> > 
> >   time tpm2_createprimary -C n -G ecc256
> >   real    0m0.686s
> >   user    0m0.044s
> >   sys     0m0.025s
> > 
> >   time tpm2_createprimary -C o -G ecc256
> >   real    0m0.638s
> >   user    0m0.048s
> >   sys     0m0.009s
> > 
> > 
> > hmac enabled:
> >   time modprobe tpm_tis_spi
> >   real    8m5.840s
> >   user    0m0.005s
> >   sys     0m0.018s
> > 
> > 
> >   time tpm2_createprimary -C n -G ecc256
> >   real    5m27.678s
> >   user    0m0.059s
> >   sys     0m0.009s
> > 
> >   (after first command)
> >   real    0m0.395s
> >   user    0m0.040s
> >   sys     0m0.015s
> > 
> >   time tpm2_createprimary -C o -G ecc256
> >   real    0m0.418s
> >   user    0m0.049s
> >   sys     0m0.009s
>
> That's interesting: it suggests the create primary is fast (as
> expected) but that the TPM is blocked for some reason.  Is there
> anything else in dmesg if you do
>
> dmesg|grep -i tpm
>
> ?
>
> Unfortunately we don't really do timeouts on our end (we have the TPM
> do it instead), but we could instrument your kernel with command and
> time sent and returned.  That may tell us where the problem lies.

If there was possibility to use bpftrace it is trivial to get histogram
of time used where. I can bake a script but I need to know first if it
is available in the first place before going through that trouble.

BR, Jarkko
James Bottomley May 22, 2024, 2:20 p.m. UTC | #14
On Wed, 2024-05-22 at 17:11 +0300, Jarkko Sakkinen wrote:
> For tpm_crb we should actually disable HMAC at some point. It is
> essentially a performance regression for it.

You'd think that, because of the shared buffer and no bus, but you
never quite know.  For instance several confidential computing early
implementations used the crb interface set up by qemu (i.e. over shared
buffers which are readable by the host).  For them the only way to get
security is with sessions.  Even with the default Intel CRB, the TPM
transaction isn't handled directly by the main CPU, it's offloaded to
the ME (which we all know google loves because of its tight security
boundary).  It is entirely possible to imagine a software interposer
running in the ME snooping the CRB buffer.  A very different type of
attack from the LPB interposer, but plausible non the less.

James
Jarkko Sakkinen May 22, 2024, 2:39 p.m. UTC | #15
On Wed May 22, 2024 at 5:20 PM EEST, James Bottomley wrote:
> On Wed, 2024-05-22 at 17:11 +0300, Jarkko Sakkinen wrote:
> > For tpm_crb we should actually disable HMAC at some point. It is
> > essentially a performance regression for it.
>
> You'd think that, because of the shared buffer and no bus, but you
> never quite know.  For instance several confidential computing early
> implementations used the crb interface set up by qemu (i.e. over shared
> buffers which are readable by the host).  For them the only way to get
> security is with sessions.  Even with the default Intel CRB, the TPM
> transaction isn't handled directly by the main CPU, it's offloaded to
> the ME (which we all know google loves because of its tight security
> boundary).  It is entirely possible to imagine a software interposer
> running in the ME snooping the CRB buffer.  A very different type of
> attack from the LPB interposer, but plausible non the less.
>
> James

Should have put "consider". I've tested with crb and spi and have
not noticed anything get stuck. One more reason to run tests with
that Celeron CPU from 2018...

BR, Jarkko
Vitor Soares May 22, 2024, 2:58 p.m. UTC | #16
On Wed, 2024-05-22 at 17:13 +0300, Jarkko Sakkinen wrote:
> On Wed May 22, 2024 at 4:35 PM EEST, James Bottomley wrote:
> > On Wed, 2024-05-22 at 09:18 +0100, Vitor Soares wrote:
> > > On Tue, 2024-05-21 at 08:33 -0400, James Bottomley wrote:
> > > > On Tue, 2024-05-21 at 10:10 +0300, Jarkko Sakkinen wrote:
> > > > > This benchmark could be done in user space using /dev/tpm0.
> > > > 
> > > > Let's actually try that.  If you have the ibmtss installed, the
> > > > command to time primary key generation from userspace on your tpm
> > > > is
> > > > 
> > > > time tsscreateprimary -hi n -ecc nistp256
> > > > 
> > > > 
> > > > And just for chuckles and grins, try it in the owner hierarchy as
> > > > well (sometimes slow TPMs cache this)
> > > > 
> > > > time tsscreateprimary -hi o -ecc nistp256
> > > > 
> > > > And if you have tpm2 tools, the above commands should be:
> > > > 
> > > > time tpm2_createprimary -C n -G ecc256
> > > > time tpm2_createprimary -C o -G ecc256
> > > > 
> > > > James
> > > > 
> > > > 
> > > 
> > > Testing on an arm64 platform I get the following results.
> > > 
> > > hmac disabled:
> > >   time modprobe tpm_tis_spi
> > >   real    0m2.776s
> > >   user    0m0.006s
> > >   sys     0m0.015s
> > > 
> > >   time tpm2_createprimary -C n -G ecc256
> > >   real    0m0.686s
> > >   user    0m0.044s
> > >   sys     0m0.025s
> > > 
> > >   time tpm2_createprimary -C o -G ecc256
> > >   real    0m0.638s
> > >   user    0m0.048s
> > >   sys     0m0.009s
> > > 
> > > 
> > > hmac enabled:
> > >   time modprobe tpm_tis_spi
> > >   real    8m5.840s
> > >   user    0m0.005s
> > >   sys     0m0.018s
> > > 
> > > 
> > >   time tpm2_createprimary -C n -G ecc256
> > >   real    5m27.678s
> > >   user    0m0.059s
> > >   sys     0m0.009s
> > > 
> > >   (after first command)
> > >   real    0m0.395s
> > >   user    0m0.040s
> > >   sys     0m0.015s
> > > 
> > >   time tpm2_createprimary -C o -G ecc256
> > >   real    0m0.418s
> > >   user    0m0.049s
> > >   sys     0m0.009s
> > 
> > That's interesting: it suggests the create primary is fast (as
> > expected) but that the TPM is blocked for some reason.  Is there
> > anything else in dmesg if you do
> > 
> > dmesg|grep -i tpm
> > 
> > ?
> > 
> > Unfortunately we don't really do timeouts on our end (we have the TPM
> > do it instead), but we could instrument your kernel with command and
> > time sent and returned.  That may tell us where the problem lies.
> 
> If there was possibility to use bpftrace it is trivial to get histogram
> of time used where. I can bake a script but I need to know first if it
> is available in the first place before going through that trouble.
> 
> BR, Jarkko

I did run with ftrace, but need some more time to go through it.

Here the step I did:
kernel config:
  CONFIG_FUNCTION_TRACER
  CONFIG_FUNCTION_GRAPH_TRACER

ftrace:
  # set filters
  echo tpm* > set_ftrace_filter

  # set tracer
  echo function_graph > current_tracer

  # take the sample
  echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on

regards,
Vitor Soares
Jarkko Sakkinen May 22, 2024, 4:11 p.m. UTC | #17
On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> I did run with ftrace, but need some more time to go through it.
>
> Here the step I did:
> kernel config:
>   CONFIG_FUNCTION_TRACER
>   CONFIG_FUNCTION_GRAPH_TRACER
>
> ftrace:
>   # set filters
>   echo tpm* > set_ftrace_filter
>
>   # set tracer
>   echo function_graph > current_tracer
>
>   # take the sample
>   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
>
> regards,
> Vitor Soares

I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.

After I have that setup, I'll develop a perf test either with perf or
bpftrace. I'll come back with the possible CONFIG_* that should be in
place in your kernel. Might take up until next week as I have some
conference stuff to prepare but I try to have stuff ready early next
week.

No need to rush with this as long as possible patches go to rc2 or rc3.
Let's do a proper analysis instead.

In the meantime you could check if you get perf and/or bpftrace to 
your image that use to boot up your device. Preferably both but
please inform about this.

Fair enough?

BR, Jarkko
Vitor Soares May 23, 2024, 7:59 a.m. UTC | #18
On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > I did run with ftrace, but need some more time to go through it.
> > 
> > Here the step I did:
> > kernel config:
> >   CONFIG_FUNCTION_TRACER
> >   CONFIG_FUNCTION_GRAPH_TRACER
> > 
> > ftrace:
> >   # set filters
> >   echo tpm* > set_ftrace_filter
> > 
> >   # set tracer
> >   echo function_graph > current_tracer
> > 
> >   # take the sample
> >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
> > 
> > regards,
> > Vitor Soares
> 
> I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.
> 
> After I have that setup, I'll develop a perf test either with perf or
> bpftrace. I'll come back with the possible CONFIG_* that should be in
> place in your kernel. Might take up until next week as I have some
> conference stuff to prepare but I try to have stuff ready early next
> week.
> 
> No need to rush with this as long as possible patches go to rc2 or rc3.
> Let's do a proper analysis instead.
> 
> In the meantime you could check if you get perf and/or bpftrace to 
> your image that use to boot up your device. Preferably both but
> please inform about this.
> 

I already have perf running, for the bpftrace I might not be able to help.

Regards,
Vitor Soares

> Fair enough?
> 
> BR, Jarkko
Jarkko Sakkinen May 27, 2024, 2:51 p.m. UTC | #19
On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > I did run with ftrace, but need some more time to go through it.
> > > 
> > > Here the step I did:
> > > kernel config:
> > >   CONFIG_FUNCTION_TRACER
> > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > 
> > > ftrace:
> > >   # set filters
> > >   echo tpm* > set_ftrace_filter
> > > 
> > >   # set tracer
> > >   echo function_graph > current_tracer
> > > 
> > >   # take the sample
> > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
> > > 
> > > regards,
> > > Vitor Soares
> > 
> > I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.
> > 
> > After I have that setup, I'll develop a perf test either with perf or
> > bpftrace. I'll come back with the possible CONFIG_* that should be in
> > place in your kernel. Might take up until next week as I have some
> > conference stuff to prepare but I try to have stuff ready early next
> > week.
> > 
> > No need to rush with this as long as possible patches go to rc2 or rc3.
> > Let's do a proper analysis instead.
> > 
> > In the meantime you could check if you get perf and/or bpftrace to 
> > your image that use to boot up your device. Preferably both but
> > please inform about this.
> > 
>
> I already have perf running, for the bpftrace I might not be able to help.

The interesting function to look at with/without hmac is probably
tpm2_get_random().

I attached a patch that removes hmac shenigans out of tpm2_get_random()
for the sake of proper comparative testing.

BR, Jarkko
Jarkko Sakkinen May 27, 2024, 3:01 p.m. UTC | #20
On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > I did run with ftrace, but need some more time to go through it.
> > > > 
> > > > Here the step I did:
> > > > kernel config:
> > > >   CONFIG_FUNCTION_TRACER
> > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > 
> > > > ftrace:
> > > >   # set filters
> > > >   echo tpm* > set_ftrace_filter
> > > > 
> > > >   # set tracer
> > > >   echo function_graph > current_tracer
> > > > 
> > > >   # take the sample
> > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
> > > > 
> > > > regards,
> > > > Vitor Soares
> > > 
> > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.
> > > 
> > > After I have that setup, I'll develop a perf test either with perf or
> > > bpftrace. I'll come back with the possible CONFIG_* that should be in
> > > place in your kernel. Might take up until next week as I have some
> > > conference stuff to prepare but I try to have stuff ready early next
> > > week.
> > > 
> > > No need to rush with this as long as possible patches go to rc2 or rc3.
> > > Let's do a proper analysis instead.
> > > 
> > > In the meantime you could check if you get perf and/or bpftrace to 
> > > your image that use to boot up your device. Preferably both but
> > > please inform about this.
> > > 
> >
> > I already have perf running, for the bpftrace I might not be able to help.
>
> The interesting function to look at with/without hmac is probably
> tpm2_get_random().
>
> I attached a patch that removes hmac shenigans out of tpm2_get_random()
> for the sake of proper comparative testing.

Other thing that we need to measure is to split the cost into
two parts:

1. Handshake, i.e. setting up and shutdowning a session.
2. Transaction, payload TPM command.

This could be done by setting up couple of kprobes_events:

  payload_event: tpm2_get_random() etc.
  hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session() etc.

And just summing up the time for a boot to get a cost for hmac.

I'd use bootconfig for this:

https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html

So I've made up plans how measure the incident but not sure when I
have time to pro-actively work on a benchmark (thus sharing details).

So I think with just proper bootconfig wtih no other tools uses this
can be measured.

BR, Jarkko
Jarkko Sakkinen May 27, 2024, 3:12 p.m. UTC | #21
On Mon May 27, 2024 at 6:01 PM EEST, Jarkko Sakkinen wrote:
> On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> > On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > > I did run with ftrace, but need some more time to go through it.
> > > > > 
> > > > > Here the step I did:
> > > > > kernel config:
> > > > >   CONFIG_FUNCTION_TRACER
> > > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > > 
> > > > > ftrace:
> > > > >   # set filters
> > > > >   echo tpm* > set_ftrace_filter
> > > > > 
> > > > >   # set tracer
> > > > >   echo function_graph > current_tracer
> > > > > 
> > > > >   # take the sample
> > > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
> > > > > 
> > > > > regards,
> > > > > Vitor Soares
> > > > 
> > > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.
> > > > 
> > > > After I have that setup, I'll develop a perf test either with perf or
> > > > bpftrace. I'll come back with the possible CONFIG_* that should be in
> > > > place in your kernel. Might take up until next week as I have some
> > > > conference stuff to prepare but I try to have stuff ready early next
> > > > week.
> > > > 
> > > > No need to rush with this as long as possible patches go to rc2 or rc3.
> > > > Let's do a proper analysis instead.
> > > > 
> > > > In the meantime you could check if you get perf and/or bpftrace to 
> > > > your image that use to boot up your device. Preferably both but
> > > > please inform about this.
> > > > 
> > >
> > > I already have perf running, for the bpftrace I might not be able to help.
> >
> > The interesting function to look at with/without hmac is probably
> > tpm2_get_random().
> >
> > I attached a patch that removes hmac shenigans out of tpm2_get_random()
> > for the sake of proper comparative testing.
>
> Other thing that we need to measure is to split the cost into
> two parts:
>
> 1. Handshake, i.e. setting up and shutdowning a session.
> 2. Transaction, payload TPM command.
>
> This could be done by setting up couple of kprobes_events:
>
>   payload_event: tpm2_get_random() etc.
>   hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session() etc.
>
> And just summing up the time for a boot to get a cost for hmac.
>
> I'd use bootconfig for this:
>
> https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html
>
> So I've made up plans how measure the incident but not sure when I
> have time to pro-actively work on a benchmark (thus sharing details).
>
> So I think with just proper bootconfig wtih no other tools uses this
> can be measured.


I'll disable this for anything else than X86_64 by default, and put
such patch to my next pull request.

Someone needs to do the perf analysis properly based on the above
descriptions. I cannot commit my time to promise them to get the
perf regressions fixed by time. I can only commit on limiting the
feature ;-)

It is thus better be conservative and reconsider opt-in post 6.10.
X86_64 is safeplay because even in that 2018 NUC7 based on Celeron,
hmac is just fine.

BR, Jarkko
Jarkko Sakkinen May 27, 2024, 3:34 p.m. UTC | #22
On Mon May 27, 2024 at 6:12 PM EEST, Jarkko Sakkinen wrote:
> On Mon May 27, 2024 at 6:01 PM EEST, Jarkko Sakkinen wrote:
> > On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> > > On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > > > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > > > I did run with ftrace, but need some more time to go through it.
> > > > > > 
> > > > > > Here the step I did:
> > > > > > kernel config:
> > > > > >   CONFIG_FUNCTION_TRACER
> > > > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > > > 
> > > > > > ftrace:
> > > > > >   # set filters
> > > > > >   echo tpm* > set_ftrace_filter
> > > > > > 
> > > > > >   # set tracer
> > > > > >   echo function_graph > current_tracer
> > > > > > 
> > > > > >   # take the sample
> > > > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0 > tracing_on
> > > > > > 
> > > > > > regards,
> > > > > > Vitor Soares
> > > > > 
> > > > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with v6.10 contents.
> > > > > 
> > > > > After I have that setup, I'll develop a perf test either with perf or
> > > > > bpftrace. I'll come back with the possible CONFIG_* that should be in
> > > > > place in your kernel. Might take up until next week as I have some
> > > > > conference stuff to prepare but I try to have stuff ready early next
> > > > > week.
> > > > > 
> > > > > No need to rush with this as long as possible patches go to rc2 or rc3.
> > > > > Let's do a proper analysis instead.
> > > > > 
> > > > > In the meantime you could check if you get perf and/or bpftrace to 
> > > > > your image that use to boot up your device. Preferably both but
> > > > > please inform about this.
> > > > > 
> > > >
> > > > I already have perf running, for the bpftrace I might not be able to help.
> > >
> > > The interesting function to look at with/without hmac is probably
> > > tpm2_get_random().
> > >
> > > I attached a patch that removes hmac shenigans out of tpm2_get_random()
> > > for the sake of proper comparative testing.
> >
> > Other thing that we need to measure is to split the cost into
> > two parts:
> >
> > 1. Handshake, i.e. setting up and shutdowning a session.
> > 2. Transaction, payload TPM command.
> >
> > This could be done by setting up couple of kprobes_events:
> >
> >   payload_event: tpm2_get_random() etc.
> >   hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session() etc.
> >
> > And just summing up the time for a boot to get a cost for hmac.
> >
> > I'd use bootconfig for this:
> >
> > https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html
> >
> > So I've made up plans how measure the incident but not sure when I
> > have time to pro-actively work on a benchmark (thus sharing details).
> >
> > So I think with just proper bootconfig wtih no other tools uses this
> > can be measured.
>
>
> I'll disable this for anything else than X86_64 by default, and put
> such patch to my next pull request.
>
> Someone needs to do the perf analysis properly based on the above
> descriptions. I cannot commit my time to promise them to get the
> perf regressions fixed by time. I can only commit on limiting the
> feature ;-)
>
> It is thus better be conservative and reconsider opt-in post 6.10.
> X86_64 is safeplay because even in that 2018 NUC7 based on Celeron,
> hmac is just fine.

While looking at code I started to wanted what was the reasoning
for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
It should really be in tpm2-sessions.c and named something like
TPM2_NULL_KEY_OA or similar.

Obfuscation *on purpose* by definition... Since I see such spots (liked
e.g. tpm_buf_parameters() to name another instance) sprinkled, I've
pretty much locked in the decision to limit hmac to x86_64. It is right
thing to do given not so great maturity level.

Whatever on x86_64 I'm confident we can fix for sure any issue but
cannot make such analysis on other platforms.

BR, Jarkko
James Bottomley May 27, 2024, 5:57 p.m. UTC | #23
On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> On Mon May 27, 2024 at 6:12 PM EEST, Jarkko Sakkinen wrote:
> > On Mon May 27, 2024 at 6:01 PM EEST, Jarkko Sakkinen wrote:
> > > On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> > > > On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > > > > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > > > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > > > > I did run with ftrace, but need some more time to go
> > > > > > > through it.
> > > > > > > 
> > > > > > > Here the step I did:
> > > > > > > kernel config:
> > > > > > >   CONFIG_FUNCTION_TRACER
> > > > > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > > > > 
> > > > > > > ftrace:
> > > > > > >   # set filters
> > > > > > >   echo tpm* > set_ftrace_filter
> > > > > > > 
> > > > > > >   # set tracer
> > > > > > >   echo function_graph > current_tracer
> > > > > > > 
> > > > > > >   # take the sample
> > > > > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0
> > > > > > > > tracing_on
> > > > > > > 
> > > > > > > regards,
> > > > > > > Vitor Soares
> > > > > > 
> > > > > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with
> > > > > > v6.10 contents.
> > > > > > 
> > > > > > After I have that setup, I'll develop a perf test either
> > > > > > with perf or
> > > > > > bpftrace. I'll come back with the possible CONFIG_* that
> > > > > > should be in
> > > > > > place in your kernel. Might take up until next week as I
> > > > > > have some
> > > > > > conference stuff to prepare but I try to have stuff ready
> > > > > > early next
> > > > > > week.
> > > > > > 
> > > > > > No need to rush with this as long as possible patches go to
> > > > > > rc2 or rc3.
> > > > > > Let's do a proper analysis instead.
> > > > > > 
> > > > > > In the meantime you could check if you get perf and/or
> > > > > > bpftrace to 
> > > > > > your image that use to boot up your device. Preferably both
> > > > > > but
> > > > > > please inform about this.
> > > > > > 
> > > > > 
> > > > > I already have perf running, for the bpftrace I might not be
> > > > > able to help.
> > > > 
> > > > The interesting function to look at with/without hmac is
> > > > probably
> > > > tpm2_get_random().
> > > > 
> > > > I attached a patch that removes hmac shenigans out of
> > > > tpm2_get_random()
> > > > for the sake of proper comparative testing.
> > > 
> > > Other thing that we need to measure is to split the cost into
> > > two parts:
> > > 
> > > 1. Handshake, i.e. setting up and shutdowning a session.
> > > 2. Transaction, payload TPM command.
> > > 
> > > This could be done by setting up couple of kprobes_events:
> > > 
> > >   payload_event: tpm2_get_random() etc.
> > >   hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session()
> > > etc.
> > > 
> > > And just summing up the time for a boot to get a cost for hmac.
> > > 
> > > I'd use bootconfig for this:
> > > 
> > > https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html
> > > 
> > > So I've made up plans how measure the incident but not sure when
> > > I
> > > have time to pro-actively work on a benchmark (thus sharing
> > > details).
> > > 
> > > So I think with just proper bootconfig wtih no other tools uses
> > > this
> > > can be measured.
> > 
> > 
> > I'll disable this for anything else than X86_64 by default, and put
> > such patch to my next pull request.
> > 
> > Someone needs to do the perf analysis properly based on the above
> > descriptions. I cannot commit my time to promise them to get the
> > perf regressions fixed by time. I can only commit on limiting the
> > feature ;-)
> > 
> > It is thus better be conservative and reconsider opt-in post 6.10.
> > X86_64 is safeplay because even in that 2018 NUC7 based on Celeron,
> > hmac is just fine.
> 
> While looking at code I started to wanted what was the reasoning
> for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
> It should really be in tpm2-sessions.c and named something like
> TPM2_NULL_KEY_OA or similar.

Well, because you asked for it. I originally had all the flags spelled
out and I'm not a fan of this obscurity, but you have to do stuff like
this to get patches accepted:

https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/

James
Jarkko Sakkinen May 27, 2024, 7:53 p.m. UTC | #24
On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > On Mon May 27, 2024 at 6:12 PM EEST, Jarkko Sakkinen wrote:
> > > On Mon May 27, 2024 at 6:01 PM EEST, Jarkko Sakkinen wrote:
> > > > On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> > > > > On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > > > > > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > > > > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > > > > > I did run with ftrace, but need some more time to go
> > > > > > > > through it.
> > > > > > > > 
> > > > > > > > Here the step I did:
> > > > > > > > kernel config:
> > > > > > > >   CONFIG_FUNCTION_TRACER
> > > > > > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > > > > > 
> > > > > > > > ftrace:
> > > > > > > >   # set filters
> > > > > > > >   echo tpm* > set_ftrace_filter
> > > > > > > > 
> > > > > > > >   # set tracer
> > > > > > > >   echo function_graph > current_tracer
> > > > > > > > 
> > > > > > > >   # take the sample
> > > > > > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0
> > > > > > > > > tracing_on
> > > > > > > > 
> > > > > > > > regards,
> > > > > > > > Vitor Soares
> > > > > > > 
> > > > > > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with
> > > > > > > v6.10 contents.
> > > > > > > 
> > > > > > > After I have that setup, I'll develop a perf test either
> > > > > > > with perf or
> > > > > > > bpftrace. I'll come back with the possible CONFIG_* that
> > > > > > > should be in
> > > > > > > place in your kernel. Might take up until next week as I
> > > > > > > have some
> > > > > > > conference stuff to prepare but I try to have stuff ready
> > > > > > > early next
> > > > > > > week.
> > > > > > > 
> > > > > > > No need to rush with this as long as possible patches go to
> > > > > > > rc2 or rc3.
> > > > > > > Let's do a proper analysis instead.
> > > > > > > 
> > > > > > > In the meantime you could check if you get perf and/or
> > > > > > > bpftrace to 
> > > > > > > your image that use to boot up your device. Preferably both
> > > > > > > but
> > > > > > > please inform about this.
> > > > > > > 
> > > > > > 
> > > > > > I already have perf running, for the bpftrace I might not be
> > > > > > able to help.
> > > > > 
> > > > > The interesting function to look at with/without hmac is
> > > > > probably
> > > > > tpm2_get_random().
> > > > > 
> > > > > I attached a patch that removes hmac shenigans out of
> > > > > tpm2_get_random()
> > > > > for the sake of proper comparative testing.
> > > > 
> > > > Other thing that we need to measure is to split the cost into
> > > > two parts:
> > > > 
> > > > 1. Handshake, i.e. setting up and shutdowning a session.
> > > > 2. Transaction, payload TPM command.
> > > > 
> > > > This could be done by setting up couple of kprobes_events:
> > > > 
> > > >   payload_event: tpm2_get_random() etc.
> > > >   hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session()
> > > > etc.
> > > > 
> > > > And just summing up the time for a boot to get a cost for hmac.
> > > > 
> > > > I'd use bootconfig for this:
> > > > 
> > > > https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html
> > > > 
> > > > So I've made up plans how measure the incident but not sure when
> > > > I
> > > > have time to pro-actively work on a benchmark (thus sharing
> > > > details).
> > > > 
> > > > So I think with just proper bootconfig wtih no other tools uses
> > > > this
> > > > can be measured.
> > > 
> > > 
> > > I'll disable this for anything else than X86_64 by default, and put
> > > such patch to my next pull request.
> > > 
> > > Someone needs to do the perf analysis properly based on the above
> > > descriptions. I cannot commit my time to promise them to get the
> > > perf regressions fixed by time. I can only commit on limiting the
> > > feature ;-)
> > > 
> > > It is thus better be conservative and reconsider opt-in post 6.10.
> > > X86_64 is safeplay because even in that 2018 NUC7 based on Celeron,
> > > hmac is just fine.
> > 
> > While looking at code I started to wanted what was the reasoning
> > for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
> > It should really be in tpm2-sessions.c and named something like
> > TPM2_NULL_KEY_OA or similar.
>
> Well, because you asked for it. I originally had all the flags spelled
> out and I'm not a fan of this obscurity, but you have to do stuff like
> this to get patches accepted:
>
> https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/

I still think the constant does make sense.

The current constant does not really imply that it is for the null key,
it is defined in the wrong file and has no actual legit documentation
to go with it.

BR, Jarkko
Jarkko Sakkinen May 27, 2024, 8:01 p.m. UTC | #25
On Mon May 27, 2024 at 10:53 PM EEST, Jarkko Sakkinen wrote:
> On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > > On Mon May 27, 2024 at 6:12 PM EEST, Jarkko Sakkinen wrote:
> > > > On Mon May 27, 2024 at 6:01 PM EEST, Jarkko Sakkinen wrote:
> > > > > On Mon May 27, 2024 at 5:51 PM EEST, Jarkko Sakkinen wrote:
> > > > > > On Thu May 23, 2024 at 10:59 AM EEST, Vitor Soares wrote:
> > > > > > > On Wed, 2024-05-22 at 19:11 +0300, Jarkko Sakkinen wrote:
> > > > > > > > On Wed May 22, 2024 at 5:58 PM EEST, Vitor Soares wrote:
> > > > > > > > > I did run with ftrace, but need some more time to go
> > > > > > > > > through it.
> > > > > > > > > 
> > > > > > > > > Here the step I did:
> > > > > > > > > kernel config:
> > > > > > > > >   CONFIG_FUNCTION_TRACER
> > > > > > > > >   CONFIG_FUNCTION_GRAPH_TRACER
> > > > > > > > > 
> > > > > > > > > ftrace:
> > > > > > > > >   # set filters
> > > > > > > > >   echo tpm* > set_ftrace_filter
> > > > > > > > > 
> > > > > > > > >   # set tracer
> > > > > > > > >   echo function_graph > current_tracer
> > > > > > > > > 
> > > > > > > > >   # take the sample
> > > > > > > > >   echo 1 > tracing_on; time modprobe tpm_tis_spi; echo 0
> > > > > > > > > > tracing_on
> > > > > > > > > 
> > > > > > > > > regards,
> > > > > > > > > Vitor Soares
> > > > > > > > 
> > > > > > > > I'm now compiling distro kernel (OpenSUSE) for NUC7 with
> > > > > > > > v6.10 contents.
> > > > > > > > 
> > > > > > > > After I have that setup, I'll develop a perf test either
> > > > > > > > with perf or
> > > > > > > > bpftrace. I'll come back with the possible CONFIG_* that
> > > > > > > > should be in
> > > > > > > > place in your kernel. Might take up until next week as I
> > > > > > > > have some
> > > > > > > > conference stuff to prepare but I try to have stuff ready
> > > > > > > > early next
> > > > > > > > week.
> > > > > > > > 
> > > > > > > > No need to rush with this as long as possible patches go to
> > > > > > > > rc2 or rc3.
> > > > > > > > Let's do a proper analysis instead.
> > > > > > > > 
> > > > > > > > In the meantime you could check if you get perf and/or
> > > > > > > > bpftrace to 
> > > > > > > > your image that use to boot up your device. Preferably both
> > > > > > > > but
> > > > > > > > please inform about this.
> > > > > > > > 
> > > > > > > 
> > > > > > > I already have perf running, for the bpftrace I might not be
> > > > > > > able to help.
> > > > > > 
> > > > > > The interesting function to look at with/without hmac is
> > > > > > probably
> > > > > > tpm2_get_random().
> > > > > > 
> > > > > > I attached a patch that removes hmac shenigans out of
> > > > > > tpm2_get_random()
> > > > > > for the sake of proper comparative testing.
> > > > > 
> > > > > Other thing that we need to measure is to split the cost into
> > > > > two parts:
> > > > > 
> > > > > 1. Handshake, i.e. setting up and shutdowning a session.
> > > > > 2. Transaction, payload TPM command.
> > > > > 
> > > > > This could be done by setting up couple of kprobes_events:
> > > > > 
> > > > >   payload_event: tpm2_get_random() etc.
> > > > >   hmac_event: tpm2_start_auth_session(), tpm2_end_auth_session()
> > > > > etc.
> > > > > 
> > > > > And just summing up the time for a boot to get a cost for hmac.
> > > > > 
> > > > > I'd use bootconfig for this:
> > > > > 
> > > > > https://www.kernel.org/doc/html/v6.9/trace/boottime-trace.html
> > > > > 
> > > > > So I've made up plans how measure the incident but not sure when
> > > > > I
> > > > > have time to pro-actively work on a benchmark (thus sharing
> > > > > details).
> > > > > 
> > > > > So I think with just proper bootconfig wtih no other tools uses
> > > > > this
> > > > > can be measured.
> > > > 
> > > > 
> > > > I'll disable this for anything else than X86_64 by default, and put
> > > > such patch to my next pull request.
> > > > 
> > > > Someone needs to do the perf analysis properly based on the above
> > > > descriptions. I cannot commit my time to promise them to get the
> > > > perf regressions fixed by time. I can only commit on limiting the
> > > > feature ;-)
> > > > 
> > > > It is thus better be conservative and reconsider opt-in post 6.10.
> > > > X86_64 is safeplay because even in that 2018 NUC7 based on Celeron,
> > > > hmac is just fine.
> > > 
> > > While looking at code I started to wanted what was the reasoning
> > > for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
> > > It should really be in tpm2-sessions.c and named something like
> > > TPM2_NULL_KEY_OA or similar.
> >
> > Well, because you asked for it. I originally had all the flags spelled
> > out and I'm not a fan of this obscurity, but you have to do stuff like
> > this to get patches accepted:
> >
> > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
>
> I still think the constant does make sense.
>
> The current constant does not really imply that it is for the null key,
> it is defined in the wrong file and has no actual legit documentation
> to go with it.

Thus, being conservative and enabling only for x86_64 is pretty balanced
choice for v6.10. The feature really needs to mature before widening the
scope.

The only platform I'm confident is x86_64 because even the old NUC did
good job, so for that part I'm not too worried. Otherwise, it would be
pure guesswork to unconditionally eanble for all arch's.

Those who want to turn the feature  on,still can but we should not make
that decision for them. E.g. perhaps PowerPC could do this but I don't
have any hardware to test it out, and have zero usage reports.

Obviously can be reconsidered to future kernel versions but right now
this feels like the most legit way to act.

BR, Jarkko
James Bottomley May 27, 2024, 9:36 p.m. UTC | #26
On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
[...]
> > > While looking at code I started to wanted what was the reasoning
> > > for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
> > > It should really be in tpm2-sessions.c and named something like
> > > TPM2_NULL_KEY_OA or similar.
> > 
> > Well, because you asked for it. I originally had all the flags
> > spelled out and I'm not a fan of this obscurity, but you have to do
> > stuff like this to get patches accepted:
> > 
> > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> 
> I still think the constant does make sense.

I'm not so sure.  The TCG simply defines it as a collection of flags
and every TPM tool set I've seen simply uses a list of flags as well. 
The original design was that the template would be in this one place
and everything else would call into it.  I think the reason all
template construction looks similar is for ease of auditing (it's easy
to get things, particularly the flags, wrong).

If it only has one use case, it should be spelled out but if someone
else would use it then it should be in the tpm.h shared header.

> The current constant does not really imply that it is for the null
> key,

Well, it isn't exactly: it's the required flag set for all primaries.

James

>  it is defined in the wrong file and has no actual legit
> documentation to go with it.
Jarkko Sakkinen May 27, 2024, 11:17 p.m. UTC | #27
On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:
> On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> > On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> [...]
> > > > While looking at code I started to wanted what was the reasoning
> > > > for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.
> > > > It should really be in tpm2-sessions.c and named something like
> > > > TPM2_NULL_KEY_OA or similar.
> > > 
> > > Well, because you asked for it. I originally had all the flags
> > > spelled out and I'm not a fan of this obscurity, but you have to do
> > > stuff like this to get patches accepted:
> > > 
> > > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> > 
> > I still think the constant does make sense.
>
> I'm not so sure.  The TCG simply defines it as a collection of flags
> and every TPM tool set I've seen simply uses a list of flags as well. 
> The original design was that the template would be in this one place
> and everything else would call into it.  I think the reason all
> template construction looks similar is for ease of auditing (it's easy
> to get things, particularly the flags, wrong).
>
> If it only has one use case, it should be spelled out but if someone
> else would use it then it should be in the tpm.h shared header.

It is used only in tpm2-sessions.c and for the null key so there it
should be. And it is also lacking the associated documentation. Now
both name and context it is used is lost.

BR, Jarkko
James Bottomley May 27, 2024, 11:44 p.m. UTC | #28
On Tue, 2024-05-28 at 02:17 +0300, Jarkko Sakkinen wrote:
> On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:
> > On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> > > On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > > > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > [...]
> > > > > While looking at code I started to wanted what was the
> > > > > reasoning for adding *undocumented* "TPM2_OA_TMPL" in
> > > > > include/linux/tpm.h.It should really be in tpm2-sessions.c
> > > > > and named something like TPM2_NULL_KEY_OA or similar.
> > > > 
> > > > Well, because you asked for it. I originally had all the flags
> > > > spelled out and I'm not a fan of this obscurity, but you have
> > > > to do stuff like this to get patches accepted:
> > > > 
> > > > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> > > 
> > > I still think the constant does make sense.
> > 
> > I'm not so sure.  The TCG simply defines it as a collection of
> > flags and every TPM tool set I've seen simply uses a list of flags
> > as well.  The original design was that the template would be in
> > this one place and everything else would call into it.  I think the
> > reason all template construction looks similar is for ease of
> > auditing (it's easy to get things, particularly the flags, wrong).
> > 
> > If it only has one use case, it should be spelled out but if
> > someone else would use it then it should be in the tpm.h shared
> > header.
> 
> It is used only in tpm2-sessions.c and for the null key so there it
> should be. And it is also lacking the associated documentation. Now
> both name and context it is used is lost.

The comment above the whole thing says what it is and where it comes
from:

	/*
	 * create the template.  Note: in order for userspace to
	 * verify the security of the system, it will have to create
	 * and certify this NULL primary, meaning all the template
	 * parameters will have to be identical, so conform exactly to
	 * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC
	 * key H template (H has zero size unique points)
	 */

If we put the broken out flags back it's all fully documented.

James
Jarkko Sakkinen May 28, 2024, 1:04 a.m. UTC | #29
On Tue May 28, 2024 at 2:44 AM EEST, James Bottomley wrote:
> On Tue, 2024-05-28 at 02:17 +0300, Jarkko Sakkinen wrote:
> > On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:
> > > On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> > > > On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > > > > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > > [...]
> > > > > > While looking at code I started to wanted what was the
> > > > > > reasoning for adding *undocumented* "TPM2_OA_TMPL" in
> > > > > > include/linux/tpm.h.It should really be in tpm2-sessions.c
> > > > > > and named something like TPM2_NULL_KEY_OA or similar.
> > > > > 
> > > > > Well, because you asked for it. I originally had all the flags
> > > > > spelled out and I'm not a fan of this obscurity, but you have
> > > > > to do stuff like this to get patches accepted:
> > > > > 
> > > > > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> > > > 
> > > > I still think the constant does make sense.
> > > 
> > > I'm not so sure.  The TCG simply defines it as a collection of
> > > flags and every TPM tool set I've seen simply uses a list of flags
> > > as well.  The original design was that the template would be in
> > > this one place and everything else would call into it.  I think the
> > > reason all template construction looks similar is for ease of
> > > auditing (it's easy to get things, particularly the flags, wrong).
> > > 
> > > If it only has one use case, it should be spelled out but if
> > > someone else would use it then it should be in the tpm.h shared
> > > header.
> > 
> > It is used only in tpm2-sessions.c and for the null key so there it
> > should be. And it is also lacking the associated documentation. Now
> > both name and context it is used is lost.
>
> The comment above the whole thing says what it is and where it comes
> from:
>
> 	/*
> 	 * create the template.  Note: in order for userspace to
> 	 * verify the security of the system, it will have to create
> 	 * and certify this NULL primary, meaning all the template
> 	 * parameters will have to be identical, so conform exactly to
> 	 * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC
> 	 * key H template (H has zero size unique points)
> 	 */
>
> If we put the broken out flags back it's all fully documented.

Not the most productive conclusion when refusing to follow properly a
trivial request in the review feedback tbh.

BR, Jarkko
Jarkko Sakkinen May 28, 2024, 1:07 a.m. UTC | #30
On Tue May 28, 2024 at 4:04 AM EEST, Jarkko Sakkinen wrote:
> On Tue May 28, 2024 at 2:44 AM EEST, James Bottomley wrote:
> > On Tue, 2024-05-28 at 02:17 +0300, Jarkko Sakkinen wrote:
> > > On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:
> > > > On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> > > > > On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > > > > > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > > > [...]
> > > > > > > While looking at code I started to wanted what was the
> > > > > > > reasoning for adding *undocumented* "TPM2_OA_TMPL" in
> > > > > > > include/linux/tpm.h.It should really be in tpm2-sessions.c
> > > > > > > and named something like TPM2_NULL_KEY_OA or similar.
> > > > > > 
> > > > > > Well, because you asked for it. I originally had all the flags
> > > > > > spelled out and I'm not a fan of this obscurity, but you have
> > > > > > to do stuff like this to get patches accepted:
> > > > > > 
> > > > > > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> > > > > 
> > > > > I still think the constant does make sense.
> > > > 
> > > > I'm not so sure.  The TCG simply defines it as a collection of
> > > > flags and every TPM tool set I've seen simply uses a list of flags
> > > > as well.  The original design was that the template would be in
> > > > this one place and everything else would call into it.  I think the
> > > > reason all template construction looks similar is for ease of
> > > > auditing (it's easy to get things, particularly the flags, wrong).
> > > > 
> > > > If it only has one use case, it should be spelled out but if
> > > > someone else would use it then it should be in the tpm.h shared
> > > > header.
> > > 
> > > It is used only in tpm2-sessions.c and for the null key so there it
> > > should be. And it is also lacking the associated documentation. Now
> > > both name and context it is used is lost.
> >
> > The comment above the whole thing says what it is and where it comes
> > from:
> >
> > 	/*
> > 	 * create the template.  Note: in order for userspace to
> > 	 * verify the security of the system, it will have to create
> > 	 * and certify this NULL primary, meaning all the template
> > 	 * parameters will have to be identical, so conform exactly to
> > 	 * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC
> > 	 * key H template (H has zero size unique points)
> > 	 */
> >
> > If we put the broken out flags back it's all fully documented.
>
> Not the most productive conclusion when refusing to follow properly a
> trivial request in the review feedback tbh.

In any case this particular constant can be revisited when otherwise
changes happen in the area. It is what it is for the time being. I
just need to use more strict and dense filter when check the patch
revisions next time.

BR, Jarkko
diff mbox series

Patch

diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index e63a6a17793c..db41301e63f2 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -29,7 +29,7 @@  if TCG_TPM
 
 config TCG_TPM2_HMAC
 	bool "Use HMAC and encrypted transactions on the TPM bus"
-	default y
+	default n
 	select CRYPTO_ECDH
 	select CRYPTO_LIB_AESCFB
 	select CRYPTO_LIB_SHA256