From: David Laight <david.laight.linux@gmail.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: Prachotan Bathi <prachotan.bathi@arm.com>,
Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
Stuart Yoder <stuart.yoder@arm.com>,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v8 2/3] tpm_crb_ffa:Introduce memzero macro to replace memset
Date: Sat, 5 Jul 2025 08:10:03 +0100 [thread overview]
Message-ID: <20250705081003.26409484@pumpkin> (raw)
In-Reply-To: <aGffUrDSjNH6w6rB@kernel.org>
On Fri, 4 Jul 2025 17:04:02 +0300
Jarkko Sakkinen <jarkko@kernel.org> wrote:
> On Fri, Jul 04, 2025 at 11:40:10AM +0100, David Laight wrote:
> > On Fri, 4 Jul 2025 05:56:50 +0300
> > Jarkko Sakkinen <jarkko@kernel.org> wrote:
> >
> > > On Fri, Jul 04, 2025 at 05:45:11AM +0300, Jarkko Sakkinen wrote:
> > ...
> > > > Well, that was some truly misguided advice from my side so all the shame
> > > > here is on me :-) There's no global memzero() and neither explicit
> > > > version makes much sense here. Sorry about that.
> > > >
> > > > I gave it now (actual) thought, and here's what I'd propose:
> > > >
> > > > diff --git a/drivers/char/tpm/tpm_crb_ffa.c b/drivers/char/tpm/tpm_crb_ffa.c
> > > > index 96746d5b03e3..e769f6143a7c 100644
> > > > --- a/drivers/char/tpm/tpm_crb_ffa.c
> > > > +++ b/drivers/char/tpm/tpm_crb_ffa.c
> > > > @@ -203,26 +203,20 @@ static int __tpm_crb_ffa_try_send_receive(unsigned long func_id,
> > > > msg_ops = tpm_crb_ffa->ffa_dev->ops->msg_ops;
> > > >
> > > > if (ffa_partition_supports_direct_req2_recv(tpm_crb_ffa->ffa_dev)) {
> > > > - memzero(&tpm_crb_ffa->direct_msg_data2,
> > > > - sizeof(struct ffa_send_direct_data2));
> > > > -
> > > > - tpm_crb_ffa->direct_msg_data2.data[0] = func_id;
> > > > - tpm_crb_ffa->direct_msg_data2.data[1] = a0;
> > > > - tpm_crb_ffa->direct_msg_data2.data[2] = a1;
> > > > - tpm_crb_ffa->direct_msg_data2.data[3] = a2;
> > > > + tpm_crb_ffa->direct_msg_data2 = (struct ffa_send_direct_data2){
> > > > + .data = { func_id, a0, a1, a2 },
> > > > + };
> >
> > clang has a habit of compiling that as an un-named on-stack structure that
> > is initialised and then memcpy() used to copy it into place.
> > Often not was intended and blows the stack when the structure is large.
> >
> > So probably not a pattern that should be encouraged.
>
> This is interesting observation so I had to do some compilation tests to
> verify the claim just to see how it plays out (and for the sake of
> learning while doing it).
>
> Note that I use GCC for the examples but I have high doubts that clang
> would do worse. Please share the insight if that is a wrong assumption.
It is a clang issue and may only affect builds with some of the 'memory
sanitiser' run-time checks.
Search through the mail archives for issues with overlarge stack frames.
David
>
> OK, so... here's the dissembly (using objdump) for the unchanged version:
>
> ffff8000801805a0: 8b020260 add x0, x19, x2
> ffff8000801805a4: 94011819 bl ffff8000801c6608 <__memset>
> ffff8000801805a8: a9035a75 stp x21, x22, [x19, #48]
> ffff8000801805ac: aa1a03e1 mov x1, x26
> ffff8000801805b0: aa1903e0 mov x0, x25
> ffff8000801805b4: a9047e77 stp x23, xzr, [x19, #64]
>
> [ Off-topic: note that how a2 gets optimized out with the zero register
> so that it is probably a parameter that we don't need at all in the
> first place? ]
>
> However, in the changed version the matching snippet looks factors
> better:
>
> ffff800080180620: a9017c7f stp xzr, xzr, [x3, #16]
> ffff800080180624: f900107f str xzr, [x3, #32]
>
> Further, look at the stack size in the original version:
>
> ffff800080180524 <__tpm_crb_ffa_send_receive.constprop.0>:
> ffff800080180524: a9ba7bfd stp x29, x30, [sp, #-96]!
>
> On the other hand, in the changed version:
>
> ffff800080180524 <__tpm_crb_ffa_send_receive.constprop.0>:
> ffff800080180524: a9bb7bfd stp x29, x30, [sp, #-80]!
>
> I don't know, at least the figures I'm able to measure with my limited
> ARM assembly knowledge look way better.
>
> BR, Jarkko`
>
next prev parent reply other threads:[~2025-07-05 7:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-26 18:45 [PATCH v8 0/3] tpm_crb_ffa: handle tpm busy return code Prachotan Bathi
2025-06-26 18:45 ` [PATCH v8 1/3] tpm_crb_ffa: Fix typos in function name Prachotan Bathi
2025-07-02 21:38 ` Jarkko Sakkinen
2025-06-26 18:45 ` [PATCH v8 2/3] tpm_crb_ffa:Introduce memzero macro to replace memset Prachotan Bathi
2025-07-02 22:16 ` Jarkko Sakkinen
2025-07-03 3:58 ` Prachotan Bathi
2025-07-04 2:45 ` Jarkko Sakkinen
2025-07-04 2:56 ` Jarkko Sakkinen
2025-07-04 10:40 ` David Laight
2025-07-04 14:04 ` Jarkko Sakkinen
2025-07-05 7:10 ` David Laight [this message]
2025-07-05 17:11 ` Jarkko Sakkinen
2025-06-26 18:45 ` [PATCH v8 3/3] tpm_crb_ffa: handle tpm busy return code Prachotan Bathi
2025-07-02 22:22 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250705081003.26409484@pumpkin \
--to=david.laight.linux@gmail.com \
--cc=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=prachotan.bathi@arm.com \
--cc=stuart.yoder@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.