@gromit I’m happy to do the patch for tpm2_get_random(). It’s kind of fun task anyhow and I think my approach is legit (and tried and tested given this is how memory reclaimers in simplest possible terms).

I was already blown away of the power of eBPF when I found this randomly while fixing another bug. It’s pretty hard to predict performance issues, and now I’m even more blown up and amazed because I had a half-baked solution ready for the oven before there even was a problem ;-)

#bpf #ebpf

@gromit I’m happy to do the patch for tpm2_get_random(). It’s kind of fun task anyhow and I think my approach is legit (and tried and tested given this is how memory reclaimers in simplest possible terms).

I was already blown away of the power of eBPF when I found this randomly while fixing another bug. It’s pretty hard to predict performance issues, and now I’m even more blown up and amazed because I had a half-baked solution ready for the oven before there even was a problem ;-)

#bpf #ebpf

#Fedora has the parts of #LibreOffice in the default install that I never ever use and lacks exactly the only part that I ever do actually use: LibreOffice Draw.

It is actually good. I try to be sometimes a cool kid and do something with Inkscape but the unfortunate truth is that I don't have talent for making visuals.

Most of drawings I've done last 10 years have ended up been made with Draw through exclusion process:

1. First I think that "this is THE day that I'll master Inkspace, I'm so excited". It should go without saying but yeah both experience and results end up being a nightmare.
2. Then I write these Mermaid and realize that the approach just plain does not work for me. I don't what it is but my thoughts both fly. I prefer writing code when it is actual source code going either upstream or production, not fake code with horrible syntax.
3. Web tools, well, not a fan, and this is universal but I often try them only to realize that I think best offline. They are horrible experience that I totally dislike from the bottom of my heart.
4. yED is kind of interesting but no.https://bugzilla.kernel.org/show_bug.cgi?id=219383
5. LibreOffice Draw: OK I cannot say that I like this but I neither can say I dislike this so let's draw the damn picture. Not the most exciting task in my life, can't say I love this, but I get something done that I'm only mildly ashamed of.

This is it how it goes every single time.

@gromit i don't know but i don't mind getting a report :-) this was great discussion BTW. i had made a theory without experience any "visible issue" just looking at traces. So it is like already in the half-way... thank you!

@gromit Thanks for asking. I randomly noticed this with custom eBPF traces while debugging the boot-time issue. It is just a guess but this does add more and longer wait states here and there so theoretically could be related but obviously I cannot promise that.

@gromit i might actually might have hunch for this but have been unmotivated to move forward before these patches are merged. One thing at a time IMHO, especially with performance fixes.
NOTE: this is a hyphothesis.

tpm2_get_random() needs to be reconsidered with encryption as hwrng calls it often enough and there's now more overhead.

It pulls entropy in small chunks subtracting the length in the look like you would use read() syscall from user space. This is not right. This leads to small and variable size exchanges and yeah generally that equates to an inefficient implemenation with bad latency properties.

A better implementation would build on two concepts:

1. Have a pool "struct tpm2_random_pool" per caller with a fixed-size buffer in page granularity. E.g. hwrng end of TPM driver would have an instance. This would be exta argument for tpm2_get_random().
2. Have low and high watermarks (or thresholds) for triggering the pull from the chip so that it does not start to throttle.

Normally when the call is made entropy is served from the pool. When going below low water mark a thread (e.g. kthread, workqueue) is woken and less entropy is returned to the caller. Thread then fills the pool with fixes-size requests up until it goes above the high watermark.

I've posted my first patch set early on when the bug was recognized and also reporter confirmed that my fixes do in fact sort out the issue. There's been already some push to also sort some IMA issue but it is chaos if you start to include tons of random fixes to a single patch only because nobody pays any attention.

So I will work on that random pool patch after and also promise not to do anything before my first patch set has landed. With those ideas anyone who wants send me e.g. an RFC patch that I'm happy to give feedback.

@vbabka @hyeyoo @ljs @lkundrak i have some incredibly inefficient workflows in some tasks that i do every week at least, and i know it. actually to level up in workflows, hanging out with students and new comers in the industry is really the best way to fix that side. they always know latest shit :D

@vbabka @ljs @hyeyoo @lkundrak need look into that. i've so far used only "b4 am"... that's was the example command I saw when i first time heard about b4 years ago and have been since motivating myself to spend 15 minutes with the man page ;-)

@ljs @hyeyoo @lkundrak right, thanks for the explanation!

i had this machine as a brick for a while, became lazy and did only QEMU, a few perf glitches went through my screening, so addressing that not happening ever again, and start doing regular hardware tests. QEMU is both blessing and a curse ;-)

@ljs @hyeyoo @lkundrak ofc at min tested-by

@ljs @hyeyoo @lkundrak did the trick, thanks ;-) yeah, point here was that it was a patch set with kselftest to test that i have all testing shenanigans installed in fedora, thus grabbed my attention (was looking something out of my sandbox).

@ljs @hyeyoo @lkundrak I'd like to run the self-test on the hardware. Can you point to the branch containing the patches, I can add a remote.

@ljs @hyeyoo @lkundrak I was breathing life back to NUC7CJYH with to be a kernel testing target and needed some random kernel patches to feed and this came in Mastodon, thus the collision ;-) Feel free to CC the patch set tho (next version with a kselftest). Right and one review comment: put the baseline commit ID or tag to the cover letter

It's an old NUC with the most inefficient Celeron CPU one could imagine, incoherent mixture of hardware feature from both desktop and server lineups and generally super shitty x86 from Intel. Thus, has been my main target for years if QEMU won't do...

@ljs @lkundrak @hyeyoo

there's a glitch:

Applying: mm: pagewalk: add the ability to install PTEs
Applying: mm: add PTE_MARKER_GUARD PTE marker
Applying: mm: madvise: implement lightweight guard page mechanism
Applying: selftests/mm: add self tests for guard page feature
error: sha1 information is lacking or useless (tools/testing/selftests/mm/.gitignore).
error: could not build fake ancestor
Patch failed at 0004 selftests/mm: add self tests for guard page feature
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"

HEAD is v6.12-rc4

Updated, added back a klog message and some cc spread. The bug triples boot time on at least some #AMD machine but I guess it does not matter 🤷

https://lore.kernel.org/linux-integrity/20241021053921.33274-1-jarkko@kernel.org/

#linux #kernel

not there yet plus no zsh auto-completion

this quite a nice alt client for pass: https://github.com/timvisee/prs

KICK3 is quite bad. I already disliked previously in KICK2 the on-board effects, and it add only more of that cruft. Less features is also a feature I guess :-) ... and it looks damn ugly too. KickDrum is more fresh and the harmonic EQ is great in it: https://audija.com/plugins #Bitwig #BitwigStudio #MusicProduction

A draft for fix: https://github.com/latchset/clevis/issues/494#issuecomment-2423871740

https://github.com/latchset/clevis/issues/494#issue-2599170196