From: nayna@linux.vnet.ibm.com (Nayna)
To: linux-security-module@vger.kernel.org
Subject: [PATCH] tpm: improve tpm_tis send() performance by ignoring burstcount
Date: Mon, 7 Aug 2017 19:55:49 +0530 [thread overview]
Message-ID: <5988786D.3080301@linux.vnet.ibm.com> (raw)
In-Reply-To: <E37DFCB0-2E74-45F6-B2DF-70EF59F310BC@gmx.de>
On 08/07/2017 05:22 PM, Peter Huewe wrote:
>
>
> Am 7. August 2017 13:46:32 MESZ schrieb Nayna Jain <nayna@linux.vnet.ibm.com>:
>> The TPM burstcount status indicates the number of bytes that can
>> be sent to the TPM without causing bus wait states. Effectively,
>> it is the number of empty bytes in the command FIFO. Further,
>> some TPMs have a static burstcount, when the value remains zero
>> until the entire FIFO is empty.
>>
>> This patch ignores burstcount, permitting wait states, and thus
>> writes the command as fast as the TPM can accept the bytes.
>> The performance of a 34 byte extend on a TPM 1.2 improved from
>> 52 msec to 11 msec.
>>
>> Suggested-by: Ken Goldman <kgold@linux.vnet.ibm.com> in
>> conjunction with the TPM Device Driver work group.
>> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
>> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
>
> Are you sure this is a good idea?
> On lpc systems this more or less stalls the bus, including keyboard/mouse (if connected via superio lpc).
Thanks Peter for quick response.
I actually meant to post this patch as RFC. Sorry, missed that.
It was meant to be a starting place for the discussion related to
burst_count.
>
> On which systems have you tested this?
> Spi/Lpc? Architecture?
Tested it with LPC on x86.
>
> This might not be noticable for small transfers, but think about much larger transfers....
I did the following testing:
* Ran a script with 1000 extends. This was to test continuous extends
which are generally in large numbers when IMA is enabled.
* Ran a command to ask TPM to hash big size file like 1MB. This was to
test the long command.
In both of the above cases, I didn't face any tpm specific errors.
Is there any test-script or test-cases which I can try to test the
scenario(stalling the bus, including keyboard/mouse) with the patch ?
Thanks & Regards,
- Nayna
>
> Imho: NACK from my side.
>
> Thanks,
> Peter
>
>> ---
>> drivers/char/tpm/tpm_tis_core.c | 45
>> ++---------------------------------------
>> 1 file changed, 2 insertions(+), 43 deletions(-)
>>
>> diff --git a/drivers/char/tpm/tpm_tis_core.c
>> b/drivers/char/tpm/tpm_tis_core.c
>> index b617b2eeb080..478cbc0f61c3 100644
>> --- a/drivers/char/tpm/tpm_tis_core.c
>> +++ b/drivers/char/tpm/tpm_tis_core.c
>> @@ -255,9 +255,7 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8
>> *buf, size_t count)
>> static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t
>> len)
>> {
>> struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>> - int rc, status, burstcnt;
>> - size_t count = 0;
>> - bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
>> + int rc, status;
>>
>> status = tpm_tis_status(chip);
>> if ((status & TPM_STS_COMMAND_READY) == 0) {
>> @@ -270,49 +268,10 @@ static int tpm_tis_send_data(struct tpm_chip
>> *chip, u8 *buf, size_t len)
>> }
>> }
>>
>> - while (count < len - 1) {
>> - burstcnt = get_burstcount(chip);
>> - if (burstcnt < 0) {
>> - dev_err(&chip->dev, "Unable to read burstcount\n");
>> - rc = burstcnt;
>> - goto out_err;
>> - }
>> - burstcnt = min_t(int, burstcnt, len - count - 1);
>> - rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
>> - burstcnt, buf + count);
>> - if (rc < 0)
>> - goto out_err;
>> -
>> - count += burstcnt;
>> -
>> - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> - &priv->int_queue, false) < 0) {
>> - rc = -ETIME;
>> - goto out_err;
>> - }
>> - status = tpm_tis_status(chip);
>> - if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
>> - rc = -EIO;
>> - goto out_err;
>> - }
>> - }
>> -
>> - /* write last byte */
>> - rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
>> + rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), len,
>> buf);
>> if (rc < 0)
>> goto out_err;
>>
>> - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> - &priv->int_queue, false) < 0) {
>> - rc = -ETIME;
>> - goto out_err;
>> - }
>> - status = tpm_tis_status(chip);
>> - if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
>> - rc = -EIO;
>> - goto out_err;
>> - }
>> -
>> return 0;
>>
>> out_err:
>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Nayna <nayna@linux.vnet.ibm.com>
To: Peter Huewe <peterhuewe@gmx.de>, tpmdd-devel@lists.sourceforge.net
Cc: tpmdd@selhorst.net, jarkko.sakkinen@linux.intel.com,
jgunthorpe@obsidianresearch.com,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-ima-devel@lists.sourceforge.net, patrickc@us.ibm.com
Subject: Re: [PATCH] tpm: improve tpm_tis send() performance by ignoring burstcount
Date: Mon, 7 Aug 2017 19:55:49 +0530 [thread overview]
Message-ID: <5988786D.3080301@linux.vnet.ibm.com> (raw)
In-Reply-To: <E37DFCB0-2E74-45F6-B2DF-70EF59F310BC@gmx.de>
On 08/07/2017 05:22 PM, Peter Huewe wrote:
>
>
> Am 7. August 2017 13:46:32 MESZ schrieb Nayna Jain <nayna@linux.vnet.ibm.com>:
>> The TPM burstcount status indicates the number of bytes that can
>> be sent to the TPM without causing bus wait states. Effectively,
>> it is the number of empty bytes in the command FIFO. Further,
>> some TPMs have a static burstcount, when the value remains zero
>> until the entire FIFO is empty.
>>
>> This patch ignores burstcount, permitting wait states, and thus
>> writes the command as fast as the TPM can accept the bytes.
>> The performance of a 34 byte extend on a TPM 1.2 improved from
>> 52 msec to 11 msec.
>>
>> Suggested-by: Ken Goldman <kgold@linux.vnet.ibm.com> in
>> conjunction with the TPM Device Driver work group.
>> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
>> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
>
> Are you sure this is a good idea?
> On lpc systems this more or less stalls the bus, including keyboard/mouse (if connected via superio lpc).
Thanks Peter for quick response.
I actually meant to post this patch as RFC. Sorry, missed that.
It was meant to be a starting place for the discussion related to
burst_count.
>
> On which systems have you tested this?
> Spi/Lpc? Architecture?
Tested it with LPC on x86.
>
> This might not be noticable for small transfers, but think about much larger transfers....
I did the following testing:
* Ran a script with 1000 extends. This was to test continuous extends
which are generally in large numbers when IMA is enabled.
* Ran a command to ask TPM to hash big size file like 1MB. This was to
test the long command.
In both of the above cases, I didn't face any tpm specific errors.
Is there any test-script or test-cases which I can try to test the
scenario(stalling the bus, including keyboard/mouse) with the patch ?
Thanks & Regards,
- Nayna
>
> Imho: NACK from my side.
>
> Thanks,
> Peter
>
>> ---
>> drivers/char/tpm/tpm_tis_core.c | 45
>> ++---------------------------------------
>> 1 file changed, 2 insertions(+), 43 deletions(-)
>>
>> diff --git a/drivers/char/tpm/tpm_tis_core.c
>> b/drivers/char/tpm/tpm_tis_core.c
>> index b617b2eeb080..478cbc0f61c3 100644
>> --- a/drivers/char/tpm/tpm_tis_core.c
>> +++ b/drivers/char/tpm/tpm_tis_core.c
>> @@ -255,9 +255,7 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8
>> *buf, size_t count)
>> static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t
>> len)
>> {
>> struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>> - int rc, status, burstcnt;
>> - size_t count = 0;
>> - bool itpm = priv->flags & TPM_TIS_ITPM_WORKAROUND;
>> + int rc, status;
>>
>> status = tpm_tis_status(chip);
>> if ((status & TPM_STS_COMMAND_READY) == 0) {
>> @@ -270,49 +268,10 @@ static int tpm_tis_send_data(struct tpm_chip
>> *chip, u8 *buf, size_t len)
>> }
>> }
>>
>> - while (count < len - 1) {
>> - burstcnt = get_burstcount(chip);
>> - if (burstcnt < 0) {
>> - dev_err(&chip->dev, "Unable to read burstcount\n");
>> - rc = burstcnt;
>> - goto out_err;
>> - }
>> - burstcnt = min_t(int, burstcnt, len - count - 1);
>> - rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality),
>> - burstcnt, buf + count);
>> - if (rc < 0)
>> - goto out_err;
>> -
>> - count += burstcnt;
>> -
>> - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> - &priv->int_queue, false) < 0) {
>> - rc = -ETIME;
>> - goto out_err;
>> - }
>> - status = tpm_tis_status(chip);
>> - if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
>> - rc = -EIO;
>> - goto out_err;
>> - }
>> - }
>> -
>> - /* write last byte */
>> - rc = tpm_tis_write8(priv, TPM_DATA_FIFO(priv->locality), buf[count]);
>> + rc = tpm_tis_write_bytes(priv, TPM_DATA_FIFO(priv->locality), len,
>> buf);
>> if (rc < 0)
>> goto out_err;
>>
>> - if (wait_for_tpm_stat(chip, TPM_STS_VALID, chip->timeout_c,
>> - &priv->int_queue, false) < 0) {
>> - rc = -ETIME;
>> - goto out_err;
>> - }
>> - status = tpm_tis_status(chip);
>> - if (!itpm && (status & TPM_STS_DATA_EXPECT) != 0) {
>> - rc = -EIO;
>> - goto out_err;
>> - }
>> -
>> return 0;
>>
>> out_err:
>
next prev parent reply other threads:[~2017-08-07 14:25 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-07 11:46 [PATCH] tpm: improve tpm_tis send() performance by ignoring burstcount Nayna Jain
2017-08-07 11:46 ` Nayna Jain
2017-08-07 11:52 ` Peter Huewe
2017-08-07 11:52 ` Peter Huewe
2017-08-07 14:25 ` Nayna [this message]
2017-08-07 14:25 ` Nayna
2017-08-08 21:50 ` Jarkko Sakkinen
2017-08-08 21:50 ` Jarkko Sakkinen
2017-08-08 19:11 ` Jarkko Sakkinen
2017-08-08 19:11 ` Jarkko Sakkinen
2017-08-09 20:23 ` [tpmdd-devel] " Ken Goldman
2017-08-09 20:23 ` Ken Goldman
2017-08-09 20:23 ` Ken Goldman
2017-08-09 20:43 ` Aw: " Peter Huewe
2017-08-09 20:43 ` Peter Huewe
2017-08-11 21:54 ` Ken Goldman
2017-08-11 21:54 ` Ken Goldman
2017-08-11 21:54 ` Ken Goldman
[not found] ` <20170814101046.5hqrkaqmfvl7ugwj@linux.intel.com>
2017-08-16 19:51 ` Ken Goldman
2017-08-16 19:51 ` Ken Goldman
2017-08-16 19:51 ` Ken Goldman
2017-08-09 20:25 ` Ken Goldman
2017-08-09 20:25 ` Ken Goldman
2017-08-09 20:25 ` Ken Goldman
2017-08-09 21:00 ` Aw: " Peter Huewe
2017-08-09 21:00 ` Peter Huewe
2017-08-11 11:14 ` Jarkko Sakkinen
2017-08-11 11:14 ` Jarkko Sakkinen
2017-08-11 15:30 ` Mimi Zohar
2017-08-11 15:30 ` Mimi Zohar
2017-08-14 10:51 ` Jarkko Sakkinen
2017-08-14 10:51 ` Jarkko Sakkinen
2017-08-14 10:56 ` Jarkko Sakkinen
2017-08-14 10:56 ` Jarkko Sakkinen
2017-08-14 12:03 ` Mimi Zohar
2017-08-14 12:03 ` Mimi Zohar
2017-08-15 6:08 ` Jarkko Sakkinen
2017-08-15 6:08 ` Jarkko Sakkinen
2017-08-14 12:12 ` Mimi Zohar
2017-08-14 12:12 ` Mimi Zohar
2017-08-15 6:09 ` Jarkko Sakkinen
2017-08-15 6:09 ` Jarkko Sakkinen
2017-08-11 21:32 ` Aw: " Ken Goldman
2017-08-11 21:32 ` Ken Goldman
2017-08-11 21:32 ` Ken Goldman
2017-08-13 23:53 ` msuchanek
2017-08-13 23:53 ` msuchanek
2017-08-15 22:02 ` Ken Goldman
2017-08-15 22:02 ` Ken Goldman
2017-08-15 22:02 ` Ken Goldman
2017-08-16 10:24 ` Michal Suchánek
2017-08-16 10:24 ` Michal Suchánek
2017-08-11 21:42 ` [Linux-ima-devel] " Ken Goldman
2017-08-11 21:42 ` Ken Goldman
2017-08-11 21:42 ` Ken Goldman
2017-08-08 19:07 ` Jarkko Sakkinen
2017-08-08 19:07 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5988786D.3080301@linux.vnet.ibm.com \
--to=nayna@linux.vnet.ibm.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.