Re: [REGRESSION][BISECTED] tpm: Popping noise in USB headphones since 1b6d7f9eb150

From: Jarkko Sakkinen
Date: Tue Dec 03 2024 - 01:38:12 EST


On Mon Dec 2, 2024 at 11:15 PM CET, Stefan Berger wrote:
>
>
> On 11/29/24 9:44 PM, Jarkko Sakkinen wrote:
> > On Tue Nov 26, 2024 at 1:42 PM EET, Christian Heusel wrote:
> >> On 24/10/25 05:47PM, Jarkko Sakkinen wrote:
> >>> Yeah, this is on the list.
> >>>
> >>> See: https://bugzilla.kernel.org/show_bug.cgi?id=219383#c5
> >>>
> >>> I had a fix for the AMD boot-time issue already over a month ago
> >>> but unfortunately took time to get enough feedback.
> >>>
> >>> BR, Jarkko
> >>
> >> I'm not sure if this is supposed to be fixed, but AFAIK we hoped that
> >> the patchset that was mentioned in bugzilla also helped this issue.
> >>
> >> The reporter said that the bug is still present in 6.12.1, so this might
> >> need further poking 🤔
> >
> > I'd suggest a workaround for the time being.
> >
> > In 6.12 we added this for (heavy) IMA use:
> >
> > tpm.disable_pcr_integrity= [HW,TPM]
> > Do not protect PCR registers from unintended physical
> > access, or interposers in the bus by the means of
> > having an integrity protected session wrapped around
> > TPM2_PCR_Extend command. Consider this in a situation
> > where TPM is heavily utilized by IMA, thus protection
> > causing a major performance hit, and the space where
> > machines are deployed is by other means guarded.
> >
> > Similarly it might make sense to have "tpm.disable_random_integrity"
> > that disables the feature introduced by the failing commit.
> >
>
> I am wondering what could be the not-so-obvious root cause for this?
> Could it be due to a (TPM or RNG-related) lock? I guess the audio
> popping could occur if an application cannot meet timing requirements
> when it runs into some sort of blocking lock...

I'm travelling this week. I'll take a look in detail next weke. Obvious
thing is that latency has rised on getting the result for TPM2_GetRandom
but it should sleep while waiting. I.e. not sure what causes "busyness".

I think in general having disable_* for trusted keys, random and PCR
extension i.e. features that bus integrity protection touches would
be great for debugging these issues in all cases.

BR, Jarkko