From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Stefan Berger" Subject: Re: [PATCH v5 4/5] Initialize TPM and get durations and timeouts Date: Sun, 14 Feb 2016 01:37:08 -0500 Message-ID: <201602140637.u1E6baNX028563@d03av04.boulder.ibm.com> References: <201602111534.u1BFYvRs019573@d01av03.pok.ibm.com> <20160211181208.GA6285@obsidianresearch.com> <201602111911.u1BJB2nK017410@d01av03.pok.ibm.com> <20160211194810.GA24211@obsidianresearch.com> <201602112210.u1BMAYPe015452@d03av01.boulder.ibm.com> <20160211221822.GA16304@obsidianresearch.com> <201602112226.u1BMQZ59031657@d01av02.pok.ibm.com> <20160211235611.GB16304@obsidianresearch.com> <201602120356.u1C3usEe002034@d03av04.boulder.ibm.com> <201602121813.u1CIDu4O015272@d01av01.pok.ibm.com> <20160212183415.GA4289@obsidianresearch.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1877858074929885965==" Return-path: In-Reply-To: <20160212183415.GA4289-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Jason Gunthorpe Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org, tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org, dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org List-Id: tpmdd-devel@lists.sourceforge.net --===============1877858074929885965== Content-Type: multipart/alternative; boundary="=_alternative 0024647585257F59_=" --=_alternative 0024647585257F59_= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="US-ASCII" Jason Gunthorpe wrote on 02/12/2016=20 01:34:15 PM: >=20 > On Fri, Feb 12, 2016 at 01:13:39PM -0500, Stefan Berger wrote: > > Stefan Berger/Watson/IBM@IBMUS wrote on 02/11/2016 10:56:47 PM: > > > > > > Jason Gunthorpe wrote on 02/11/ > > > 2016 06:56:11 PM: > > > > > > > > > > > > > > On Thu, Feb 11, 2016 at 05:26:24PM -0500, Stefan Berger wrote: > > > > > > > > > > What is the point of tpmm=5Fchip=5Fdev? > > > > > So that the usage model of the chip is the same. We get=20 this > > in the > > > > > tpm-vtpm.c with tpm=5Falloc=5Fchip + tpmm=5Fchip=5Fdev whil= e all > > others can > > > > > call tpmm=5Fchip=5Falloc, which combines the two. > > > > > > > > No need, just don't use devm in vtpm, that is even better. The > > > > standard devm idiom is a with and without version. > > > > > > Updated the branch. Are you going to upstream your patch?=20 Otherwise > > > I would just add your Signed-off-by to it if that's ok ? > > > > > > [1]https://github.com/stefanberger/linux/tree/vtpm-driver.v3 > > I converted tpm-chip.c to use IDA as well. > > A test for 4096 vTPM instances: > > for ((i =3D 0; i < 4096; i++)); do ./vtpmctrl & done >=20 > Yeah, that looks good, thanks for doing this >=20 With the IDR I ran into the problem that TPM core driver and backend now=20 share the ID and create their device names with it. What can happen is=20 that the core driver gives up ID 123, while the vTPM driver still has the=20 device name vtpms123 registered with sysfs. Now the next device is=20 created, ID 123 is recycled by the core driver, and it bombs while the=20 vTPM driver again tries to register vtpm123 that still hasn't been=20 unregistered. One can trigger this problem with lots of concurrency (see=20 below) and then the whole system even locks up. I don't know how to solve=20 this ID issue in an easier way than having an IDR in the core driver and=20 an IDA in the vTPM driver and so handling the IDs independently. This in=20 turn makes the split of tpmm=5Fchip=5Falloc / tpm=5Fchip=5Falloc unnecessar= y since=20 we don't need the ID from the chip anymore. Now the below test runs=20 stable. for pid in $(ps aux | grep vtpm | gawk '{print $2}'); do kill -9 $pid;=20 done ; for ((i =3D0; i< 8192; i++)); do ./vtpmctrl &>/dev/null & done Stefan --=_alternative 0024647585257F59_= Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="US-ASCII" Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> wrote on 02/12/2016 01:34:15 PM:

>
> On Fri, Feb 12, 2016 = at 01:13:39PM -0500, Stefan Berger wrote:
> >    Stefan = Berger/Watson/IBM@IBMUS wrote on 02/11/2016 10:56:47 PM:
> >    >
> >    > = Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> wrote on 02/11/
> >    > 2016 06:56:11 PM:
> &g= t;    >
> >    >
> >   &nb= sp;> >
> >    > > On Thu, Feb 11, 2016 at 05= :26:24PM -0500, Stefan Berger wrote:
> >    > >
> >  = ;  > > >    > What is the point of tpmm=5Fchip=5Fdev?
> >    > > >    = ;So that the usage model of the chip is the same. We get this
> >    in the
&g= t; >    > > >    tpm-vtpm.c with tpm=5Fallo= c=5Fchip + tpmm=5Fchip=5Fdev while all
> >    others can
> = >    > > >    call tpmm=5Fchip=5Falloc, which combines the two.
> >    > >
> > &n= bsp;  > > No need, just don't use devm in vtpm, that is even better. The
> >    > > standard devm = idiom is a with and without version.
> >    >
> >    > Upda= ted the branch. Are you going to upstream your patch? Otherwise
> >    > I would just add your = Signed-off-by to it if that's ok ?
> >    >
> >    > [= 1]https://github.com/stefanberger/linux/tree/vtpm= -driver.v3
> >    I c= onverted tpm-chip.c to use IDA as well.
> >    A test fo= r 4096 vTPM instances:
> >    for ((i =3D 0; i < 4096= ; i++)); do ./vtpmctrl & done
>
> Yeah, that looks good, thanks for doing this
> =

With the IDR I ran into the problem = that TPM core driver and backend now share the ID and create their device names with it. What can happen is that the core driver gives up ID 123, while the vTPM driver still has the device name vtpms123 registered with sysfs. Now the next device is created, ID 123 is recycled by the core driver, and it bombs while the vTPM driver again tries to register vtpm123 that still hasn't been unregistered. One can trigger this problem with lots of concurr= ency (see below) and then the whole system even locks up. I don't know how to solve this ID issue in an easier way than having an IDR in the core driver and an IDA in the vTPM driver and so handling the IDs independently. This in turn makes the split of tpmm=5Fchip=5Falloc / tpm=5Fchip=5Falloc unneces= sary since we don't need the ID from the chip anymore. Now the below test runs stable.


for p= id in $(ps aux | grep vtpm | gawk '{print $2}'); do kill -9 $pid; done ; for ((i =3D0; i< 8192; i++= )); do ./vtpmctrl &>/dev/null & done

 Stefan

--=_alternative 0024647585257F59_=-- --===============1877858074929885965== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 --===============1877858074929885965== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ tpmdd-devel mailing list tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org https://lists.sourceforge.net/lists/listinfo/tpmdd-devel --===============1877858074929885965==--