Re: [PATCH v2] tpm: tpm2-space: Resize session and context buffers dynamically

From: Stefan Berger <stefanb@linux.ibm.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: linux-integrity@vger.kernel.org,
	James Bottomley <James.Bottomley@HansenPartnership.com>,
	Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
	Arnd Bergmann <arnd@arndb.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Jerry Snitselaar <jsnitsel@redhat.com>,
	Sumit Garg <sumit.garg@linaro.org>,
	Alexey Klimov <aklimov@redhat.com>,
	open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2] tpm: tpm2-space: Resize session and context buffers dynamically
Date: Fri, 26 Jun 2020 08:16:45 -0400	[thread overview]
Message-ID: <5d786bca-6a0f-0c7f-e856-04dac2f280f6@linux.ibm.com> (raw)
In-Reply-To: <20200626114815.GA5847@linux.intel.com>

On 6/26/20 7:48 AM, Jarkko Sakkinen wrote:
> On Thu, Jun 25, 2020 at 05:27:50PM -0400, Stefan Berger wrote:
>> On 6/25/20 5:25 PM, Jarkko Sakkinen wrote:
>>> On Thu, Jun 25, 2020 at 08:41:18AM -0400, Stefan Berger wrote:
>>>> On 6/25/20 12:38 AM, Jarkko Sakkinen wrote:
>>>>> Re-allocate context and session buffers when needed. Scale them in page
>>>>> increments so that the reallocation is only seldomly required, and thus
>>>>> causes minimal stress to the system. Add a static maximum limit of four
>>>>> pages for buffer sizes.
>>>>>
>>>>> Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
>>>>> Suggested-by: Stefan Berger <stefanb@linux.ibm.com>
>>>>> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>> You don't want to try a fixes tag? None of the previous versions of this
>>>> code will work with newer versions of the TPM 2 then...
>>> It's not a regression.
>> Ok, so distros will have to backport it.
> Now that you mentioned PPC64 in some other email that would make this a
> regression since x86 provides less space for keys than PPC64.
>
> I studied PPC64 a bit and it actually allows max 256 kB page size, which
> is too much for us, given that there is no accounting implemented for
> TPM spaces (so far, should be done eventually).
>
> So to summarize: 0 the idea would decrease the limit on PPC64 and
> increase it on ther arch's.  `
>
> Dynamic scaling is over to top for fixing the issue, which means that I
> will just define static size of 16 kB for the buffer. We can reconsider
> it if we hit the roof again.

16kb is plenty of space for years to come. Maybe just enlarge the buffer 
for the regression and then do dynamic allocation as the final solution 
for the tip. I can try to test compile it on one or two long term stable 
kernels. Hopefully it applies cleanly. Simple test just in case you had 
a setup with a VM and libtpms master:

# echo hi | clevis encrypt tpm2 '{"key":"rsa"}' | clevis decrypt
hi

This only works once patched, gets stuck in the decrypt step otherwise.

    Stefan

>
> /Jarkko