All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jarkko Sakkinen <jarkko@kernel.org>
To: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-integrity@vger.kernel.org,
	"Frédéric Jouen" <fjouen@sealsq.com>,
	"Peter Huewe" <peterhuewe@gmx.de>,
	"Jason Gunthorpe" <jgg@ziepe.ca>,
	"James Bottomley" <James.Bottomley@hansenpartnership.com>,
	"Mimi Zohar" <zohar@linux.ibm.com>,
	"David Howells" <dhowells@redhat.com>,
	"Paul Moore" <paul@paul-moore.com>,
	"James Morris" <jmorris@namei.org>,
	"open list" <linux-kernel@vger.kernel.org>,
	"open list:KEYS-TRUSTED" <keyrings@vger.kernel.org>,
	"open list:SECURITY SUBSYSTEM"
	<linux-security-module@vger.kernel.org>
Subject: Re: [PATCH v2] tpm: use a map for tpm2_calc_ordinal_duration()
Date: Fri, 19 Sep 2025 10:05:58 +0300	[thread overview]
Message-ID: <aM0A1hceUC-RJdo8@kernel.org> (raw)
In-Reply-To: <aMzSyCQks3NlMhPI@mail.hallyn.com>

On Thu, Sep 18, 2025 at 10:49:28PM -0500, Serge E. Hallyn wrote:
> On Thu, Sep 18, 2025 at 10:30:18PM +0300, Jarkko Sakkinen wrote:
> > The current shenanigans for duration calculation introduce too much
> > complexity for a trivial problem, and further the code is hard to patch and
> > maintain.
> > 
> > Address these issues with a flat look-up table, which is easy to understand
> > and patch. If leaf driver specific patching is required in future, it is
> > easy enough to make a copy of this table during driver initialization and
> > add the chip parameter back.
> > 
> > 'chip->duration' is retained for TPM 1.x.
> > 
> > As the first entry for this new behavior address TCG spec update mentioned
> > in this issue:
> > 
> > https://github.com/raspberrypi/linux/issues/7054
> > 
> > Therefore, for TPM_SelfTest the duration is set to 3000 ms.
> > 
> > This does not categorize a as bug, given that this is introduced to the
> > spec after the feature was originally made.
> > 
> > Cc: Frédéric Jouen <fjouen@sealsq.com>
> > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
> 
> fwiw (which shouldn't be much) looks good to me, but two questions,
> one here and one below.
> 
> First, it looks like in the existing code it is possible for a tpm2
> chip to set its own timeouts and then set the TPM_CHIP_FLAG_HAVE_TIMEOUTS
> flag to avoid using the defaults, but I don't see anything using that
> in-tree.  Is it possible that there are out of tree drivers that will be
> sabotaged here?  Or am I misunderstanding that completely?

Good questions, and I can brief a bit about the context of the
pre-existing art and this change.

This complexity was formed in 2014 when I originally developed TPM2
support and the only available testing plaform was early Intel PTT with
a flakky version of TPM2 support (e.g., no localities).

Since then we haven't had per leaf-driver divergence.

Further, I think that this type of layout is actually a  better fit if
we ever need to quirks for command durations for a particular device, as
then we can migrate to "copy and patch" semantics i.e., have a copy of
this map in the chip structure.

As per out-of-tree drivers, it's unfortunate reality of out-of-tree
drivers :-) However, this will definitely add some extra work, when
backporting fixes (not overwhelmingly much).

BR, Jarkko

  reply	other threads:[~2025-09-19  7:06 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-18 19:30 [PATCH v2] tpm: use a map for tpm2_calc_ordinal_duration() Jarkko Sakkinen
2025-09-18 19:37 ` Jarkko Sakkinen
2025-09-19  3:49 ` Serge E. Hallyn
2025-09-19  7:05   ` Jarkko Sakkinen [this message]
2025-09-19 14:47     ` Serge E. Hallyn
2026-06-08 14:46   ` Benoit HOUYERE
2026-06-09 15:44     ` Jarkko Sakkinen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aM0A1hceUC-RJdo8@kernel.org \
    --to=jarkko@kernel.org \
    --cc=James.Bottomley@hansenpartnership.com \
    --cc=dhowells@redhat.com \
    --cc=fjouen@sealsq.com \
    --cc=jgg@ziepe.ca \
    --cc=jmorris@namei.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=peterhuewe@gmx.de \
    --cc=serge@hallyn.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.