From: Jonathan McDowell <noodles@earth.li>
To: "Michal Suchánek" <msuchanek@suse.de>
Cc: Jarkko Sakkinen <jarkko@kernel.org>, linux-integrity@vger.kernel.org
Subject: Re: TPM operation times out (very rarely)
Date: Mon, 10 Feb 2025 16:13:43 +0000 [thread overview]
Message-ID: <Z6olt1NHonKkamtM@earth.li> (raw)
In-Reply-To: <Z6XZN3U5nmb6qu9u@kitsune.suse.cz>
[-- Attachment #1: Type: text/plain, Size: 2051 bytes --]
On Fri, Feb 07, 2025 at 10:58:15AM +0100, Michal Suchánek wrote:
> On Fri, Feb 07, 2025 at 09:47:13AM +0000, Jonathan McDowell wrote:
> > On Fri, Feb 07, 2025 at 10:40:16AM +0100, Michal Suchánek wrote:
> > > On Fri, Feb 07, 2025 at 09:26:16AM +0000, Jonathan McDowell wrote:
> > > > So just to clarify, this more recent patch is working around a situation
> > > > where the status register gets stuck and needs a complete retry of the
> > > > command send - it's an Infineon errata, not something that would be
> > > > fixed with a longer timeout.
> > > >
> > > > We see what looks like Michal's issue with timeouts as well, I just
> > > > haven't made the step of instrumenting it all the way he has.
> > >
> > > And I haven't seen the issue that needs re-sending the command so far.
> >
> > Your SLB9672 is on the latest firmware, which I believe fixes the
> > problem.
> >
> > > Maybe it happens even less frequently than the excessive processing
> > > time.
> > >
> > > Fully restarting the syscall would fix both issues but manual restart of
> > > the userspace task reportedly did not work so I have my doubts that
> > > this method with returning from the syscall would be effective.
> >
> > Hmmm. I wonder if e3aaebcbb7c6b403416f442d1de70d437ce313a7 (tpm: Clean
> > up TPM space after command failure) would help the userspace restart
>
> It's backported to the frankenkernel already so it would not help this
> particular case.
>
> Unfortunately, it's not clear what the userspace task does, and why it
> would not complete after the first failure.
>
> Would need to come up with some way of tracing it.
FWIW bpftrace is great for this. I'm using the attached script as a
basis for investigations. Obviously the timings it reports are the whole
command rather than just the wait for status, but over a long period it
can then show you the latency histogram. (Run it in one terminal, do TPM
stuff elsewhere, hit Ctrl-C when you're done and it dumps the
histogram.)
J.
--
101 things you can't have too much of : 47 - More coffee.
[-- Attachment #2: tpm-tracing.bt --]
[-- Type: text/plain, Size: 1040 bytes --]
#!/usr/bin/bpftrace
struct tpm_header {
uint8_t tag[2];
uint8_t length[4];
uint8_t ordinal[4];
}
struct tpm_buf {
uint32_t flags;
uint32_t length;
struct tpm_header *hdr;
}
kprobe:tpm_transmit_cmd
{
$buf = (struct tpm_buf *) arg1;
printf("%s (0x%02X%02X%02X%02X) (%s)\n", comm,
$buf->hdr->ordinal[0],
$buf->hdr->ordinal[1],
$buf->hdr->ordinal[2],
$buf->hdr->ordinal[3],
str(arg3));
}
kprobe:tpm_transmit
{
$hdr = (struct tpm_header *) arg1;
$cmd = $hdr->ordinal[0] << 24 | $hdr->ordinal[1] << 16 |
$hdr->ordinal[2] << 8 | $hdr->ordinal[3];
@start[tid] = nsecs;
@tpmcmd[tid] = $cmd;
}
kretprobe:tpm_transmit
/@start[tid]/ {
$dur = nsecs - @start[tid];
@cmdhist[@tpmcmd[tid]] = hist($dur);
printf("%s (0x%08X): %d (%d ns)\n", comm, @tpmcmd[tid], retval, $dur);
delete(@start[tid]);
delete(@tpmcmd[tid]);
}
next prev parent reply other threads:[~2025-02-10 16:13 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-29 15:27 TPM operation times out (very rarely) Michal Suchánek
2025-01-29 16:02 ` Jonathan McDowell
2025-01-29 16:20 ` Michal Suchánek
2025-01-29 17:14 ` Jonathan McDowell
2025-01-29 17:25 ` Michal Suchánek
2025-01-30 23:31 ` Jarkko Sakkinen
2025-01-31 8:35 ` Michal Suchánek
2025-01-31 10:25 ` Jarkko Sakkinen
2025-01-31 13:02 ` Michal Suchánek
2025-01-31 17:12 ` Jarkko Sakkinen
2025-01-31 17:28 ` Michal Suchánek
2025-01-31 19:31 ` Jarkko Sakkinen
2025-02-05 13:26 ` Michal Suchánek
2025-02-05 13:45 ` Michal Suchánek
2025-02-05 14:29 ` Jonathan McDowell
2025-02-05 15:29 ` Michal Suchánek
2025-02-06 20:35 ` Jarkko Sakkinen
2025-02-07 9:26 ` Jonathan McDowell
2025-02-07 9:40 ` Michal Suchánek
2025-02-07 9:47 ` Jonathan McDowell
2025-02-07 9:58 ` Michal Suchánek
2025-02-10 16:13 ` Jonathan McDowell [this message]
2025-02-10 17:30 ` Jarkko Sakkinen
2025-02-08 20:29 ` Jarkko Sakkinen
2025-02-10 16:18 ` Jonathan McDowell
2025-02-10 17:32 ` Jarkko Sakkinen
2025-02-24 13:04 ` Michal Suchánek
2025-03-01 2:13 ` Jarkko Sakkinen
2025-03-05 12:20 ` Michal Suchánek
2025-03-06 22:29 ` Jarkko Sakkinen
2025-03-27 12:57 ` Michal Suchánek
2025-03-27 13:15 ` Jarkko Sakkinen
2025-02-19 22:29 ` Jonathan McDowell
2025-02-20 8:42 ` Michal Suchánek
2025-02-21 12:44 ` Jonathan McDowell
2025-02-24 12:21 ` Michal Suchánek
2025-02-24 12:56 ` Michal Suchánek
2025-03-01 2:03 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z6olt1NHonKkamtM@earth.li \
--to=noodles@earth.li \
--cc=jarkko@kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=msuchanek@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).