From: Jarkko Sakkinen <jarkko@kernel.org>
To: David Laight <david.laight.linux@gmail.com>
Cc: Prachotan Bathi <prachotan.bathi@arm.com>,
Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
Stuart Yoder <stuart.yoder@arm.com>,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v8 2/3] tpm_crb_ffa:Introduce memzero macro to replace memset
Date: Sat, 5 Jul 2025 20:11:52 +0300 [thread overview]
Message-ID: <aGlc2I9YGgPyc3lO@kernel.org> (raw)
In-Reply-To: <20250705081003.26409484@pumpkin>
On Sat, Jul 05, 2025 at 08:10:03AM +0100, David Laight wrote:
> On Fri, 4 Jul 2025 17:04:02 +0300
> Jarkko Sakkinen <jarkko@kernel.org> wrote:
>
> > On Fri, Jul 04, 2025 at 11:40:10AM +0100, David Laight wrote:
> > > On Fri, 4 Jul 2025 05:56:50 +0300
> > > Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > >
> > > > On Fri, Jul 04, 2025 at 05:45:11AM +0300, Jarkko Sakkinen wrote:
> > > ...
> > > > > Well, that was some truly misguided advice from my side so all the shame
> > > > > here is on me :-) There's no global memzero() and neither explicit
> > > > > version makes much sense here. Sorry about that.
> > > > >
> > > > > I gave it now (actual) thought, and here's what I'd propose:
> > > > >
> > > > > diff --git a/drivers/char/tpm/tpm_crb_ffa.c b/drivers/char/tpm/tpm_crb_ffa.c
> > > > > index 96746d5b03e3..e769f6143a7c 100644
> > > > > --- a/drivers/char/tpm/tpm_crb_ffa.c
> > > > > +++ b/drivers/char/tpm/tpm_crb_ffa.c
> > > > > @@ -203,26 +203,20 @@ static int __tpm_crb_ffa_try_send_receive(unsigned long func_id,
> > > > > msg_ops = tpm_crb_ffa->ffa_dev->ops->msg_ops;
> > > > >
> > > > > if (ffa_partition_supports_direct_req2_recv(tpm_crb_ffa->ffa_dev)) {
> > > > > - memzero(&tpm_crb_ffa->direct_msg_data2,
> > > > > - sizeof(struct ffa_send_direct_data2));
> > > > > -
> > > > > - tpm_crb_ffa->direct_msg_data2.data[0] = func_id;
> > > > > - tpm_crb_ffa->direct_msg_data2.data[1] = a0;
> > > > > - tpm_crb_ffa->direct_msg_data2.data[2] = a1;
> > > > > - tpm_crb_ffa->direct_msg_data2.data[3] = a2;
> > > > > + tpm_crb_ffa->direct_msg_data2 = (struct ffa_send_direct_data2){
> > > > > + .data = { func_id, a0, a1, a2 },
> > > > > + };
> > >
> > > clang has a habit of compiling that as an un-named on-stack structure that
> > > is initialised and then memcpy() used to copy it into place.
> > > Often not was intended and blows the stack when the structure is large.
> > >
> > > So probably not a pattern that should be encouraged.
> >
> > This is interesting observation so I had to do some compilation tests to
> > verify the claim just to see how it plays out (and for the sake of
> > learning while doing it).
> >
> > Note that I use GCC for the examples but I have high doubts that clang
> > would do worse. Please share the insight if that is a wrong assumption.
>
> It is a clang issue and may only affect builds with some of the 'memory
> sanitiser' run-time checks.
> Search through the mail archives for issues with overlarge stack frames.
If clang really did that, it would cost at worst 40 bytes of stack (aka
the size of struct ffa_send_direct_data. And if there is an issue, it
absolutely will get fixed.
That does not weight over making a code change that makes the most sense
for Linux in the long-term. And to add, I did show both the code and
the figures to support my claim.
>
> David
BR, Jarkko
next prev parent reply other threads:[~2025-07-05 17:11 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-26 18:45 [PATCH v8 0/3] tpm_crb_ffa: handle tpm busy return code Prachotan Bathi
2025-06-26 18:45 ` [PATCH v8 1/3] tpm_crb_ffa: Fix typos in function name Prachotan Bathi
2025-07-02 21:38 ` Jarkko Sakkinen
2025-06-26 18:45 ` [PATCH v8 2/3] tpm_crb_ffa:Introduce memzero macro to replace memset Prachotan Bathi
2025-07-02 22:16 ` Jarkko Sakkinen
2025-07-03 3:58 ` Prachotan Bathi
2025-07-04 2:45 ` Jarkko Sakkinen
2025-07-04 2:56 ` Jarkko Sakkinen
2025-07-04 10:40 ` David Laight
2025-07-04 14:04 ` Jarkko Sakkinen
2025-07-05 7:10 ` David Laight
2025-07-05 17:11 ` Jarkko Sakkinen [this message]
2025-06-26 18:45 ` [PATCH v8 3/3] tpm_crb_ffa: handle tpm busy return code Prachotan Bathi
2025-07-02 22:22 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aGlc2I9YGgPyc3lO@kernel.org \
--to=jarkko@kernel.org \
--cc=david.laight.linux@gmail.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=prachotan.bathi@arm.com \
--cc=stuart.yoder@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).