Following the recent Nuvoton patch submitted by Mimi Zohar:

https://sourceforge.net/p/tpmdd/mailman/message/35685260/

 

Based on this work, I decided to apply a similar modification to the generic TPM drivers in the kernel.

The patch simply replaces all msleep function calls with usleep_range calls in the generic drivers. As a former patch already exists for the Nuvoton TPM, it is therefore not included in this new patch.

 

Tested with an Infineon TPM 1.2, using the generic tpm-tis module, for a thousand PCR extends, we see results going from 1m57s unpatched to 40s with the new patch. We obtain similar results when using the original and patched tpm_infineon driver, which is also part of the patch.

Similarly with a STM TPM 2.0, using the CRB driver, it takes about 20ms per extend unpatched and around 7ms with the new patch.

 

Note that the PCR consistency is untouched with this patch, each TPM has been tested with 10 million extends and the aggregated PCR value is continuously verified to be correct.

 

As an extension of this work, this could potentially and easily be applied to other vendor's drivers. Still, these changes are not included in the proposed patch as they are untested.

 

Thanks,

Hamza ATTAK.