Received: by 10.192.165.148 with SMTP id m20csp1475647imm;
        Sat, 5 May 2018 13:03:40 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZq0NzmcsWTZGiDPYkyEaOOHLG4lwbO/QG6uDx9y04e8vqz+YFkUBajIM1QRiMzy6VrfFnDw
X-Received: by 2002:a17:902:700a:: with SMTP id y10-v6mr32869958plk.265.1525550620796;
        Sat, 05 May 2018 13:03:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1525550620; cv=none;
        d=google.com; s=arc-20160816;
        b=aiY8x/1AVt2SrVfGbhVPFpWnWHHSktJj3lTk0JbauMxW70EzuUy2wBVldOjilSXUox
         /284zFPue84vQ3VOD/QknubzHDQc+5/G31KcgJvlyY/tVxAVQD65NnhGImAPA60xwNYr
         NZtrKSLOR+N7eWTGGM21hCPKUaYwVW7X4GsIw4tlJzxkKCn/wVlJ8g2xRqJEjxq6seot
         s8EOVswR5BpoDeocnqOy3YCniq4dw4vnUzzS1lcxEj0g2xg7qQt80ab8oiGV5vY12T2x
         XXk4yvffI5udIw3j6c453q7JUagz6W9c/YQb9VPIn6mCGQr21LJmTJprFj4HM4RblJp7
         Mkjg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:mail-followup-to
         :reply-to:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=GqejcwTgRBixK4hQ90xXzst1aCbaklKKJilcvaO+i/8=;
        b=pbVdC+dlS/dmPHA//4mQ895LK/USUHwO3PqLhxNKOENG1g+W3XfRVmErFm1mbs+DeN
         eqJGnSJw9VopH8ax0arwneMsDlhBdZeN4CAn9Jcf52p1TsRbS88bLwu6VlX4dHmqrhbn
         P2yLblTQ9QsPzQYjzmFw9mLczip05tohEL73hcKXndVcA7Xq9as8YII4szB3OKfdTdbO
         yNypkwEYIhXnTv0iP6jiREo5hKxxdzaIH+5Ts2nxW0hldeQdg/3uQyzs5lprGetwIwgs
         UTxqIxETtfqNBWYkPOUuQsZhbnwTgznO6Ifyd74bA77BqdIF4pIYi7ePCti9dMc3UnCk
         WcDw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b5-v6si10696494ple.417.2018.05.05.13.03.26;
        Sat, 05 May 2018 13:03:40 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751785AbeEEUDS (ORCPT <rfc822;kkoh.linux@gmail.com>
        + 99 others); Sat, 5 May 2018 16:03:18 -0400
Received: from mx1.redhat.com ([209.132.183.28]:33562 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751183AbeEEUDQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 5 May 2018 16:03:16 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id 11518300239A;
        Sat,  5 May 2018 20:03:16 +0000 (UTC)
Received: from localhost (ovpn-116-34.phx2.redhat.com [10.3.116.34])
        by smtp.corp.redhat.com (Postfix) with ESMTP id E7DEA89D10;
        Sat,  5 May 2018 20:03:15 +0000 (UTC)
Date:   Sat, 5 May 2018 13:03:15 -0700
From:   Jerry Snitselaar <jsnitsel@redhat.com>
To:     linux-integrity@vger.kernel.org,
        Laurent Bigonville <bigon@debian.org>
Cc:     linux-kernel@vger.kernel.org,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>
Subject: Re: [PATCH] tpm_tis: verify locality released before returning from
 release_locality
Message-ID: <20180505200315.x7jt33j7psizmfyi@cantor>
Reply-To: Jerry Snitselaar <jsnitsel@redhat.com>
Mail-Followup-To: linux-integrity@vger.kernel.org,
        Laurent Bigonville <bigon@debian.org>, linux-kernel@vger.kernel.org,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>
References: <20180505195453.10431-1-jsnitsel@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <20180505195453.10431-1-jsnitsel@redhat.com>
User-Agent: NeoMutt/20180323
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Sat, 05 May 2018 20:03:16 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat May 05 18, Jerry Snitselaar wrote:
>For certain tpm chips releasing locality can take long enough that a
>subsequent call to request_locality will see the locality as being
>active when the access register is read in check_locality. So check
>that the locality has been released before returning from
>release_locality.
>
>Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>Cc: Peter Huewe <peterhuewe@gmx.de>
>Cc: Jason Gunthorpe <jgg@ziepe.ca>
>Reported-by: Laurent Bigonville <bigon@debian.org>
>Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
>---
> drivers/char/tpm/tpm_tis_core.c | 47 ++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 46 insertions(+), 1 deletion(-)
>
>diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c
>index 5a1f47b43947..d547cd309dbd 100644
>--- a/drivers/char/tpm/tpm_tis_core.c
>+++ b/drivers/char/tpm/tpm_tis_core.c
>@@ -143,13 +143,58 @@ static bool check_locality(struct tpm_chip *chip, int l)
> 	return false;
> }
>
>+static bool locality_inactive(struct tpm_chip *chip, int l)
>+{
>+	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>+	int rc;
>+	u8 access;
>+
>+	rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access);
>+	if (rc < 0)
>+		return false;
>+
>+	if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY))
>+	    == TPM_ACCESS_VALID)
>+		return true;
>+
>+	return false;
>+}
>+
> static int release_locality(struct tpm_chip *chip, int l)
> {
> 	struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev);
>+	unsigned long stop, timeout;
>+	long rc;
>
> 	tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY);
>
>-	return 0;
>+	stop = jiffies + chip->timeout_a;
>+
>+	if (chip->flags & TPM_CHIP_FLAG_IRQ) {
>+again:
>+		timeout = stop - jiffies;
>+		if ((long)timeout <= 0)
>+			return -1;
>+
>+		rc = wait_event_interruptible_timeout(priv->int_queue,
>+						      (locality_inactive(chip, l)),
>+						      timeout);
>+
>+		if (rc > 0)
>+			return 0;
>+
>+		if (rc == -ERESTARTSYS && freezing(current)) {
>+			clear_thread_flag(TIF_SIGPENDING);
>+			goto again;
>+		}
>+	} else {
>+		do {
>+			if (locality_inactive(chip, l))
>+				return 0;
>+			tpm_msleep(TPM_TIMEOUT);
>+		} while (time_before(jiffies, stop));
>+	}
>+	return -1;
> }
>
> static int request_locality(struct tpm_chip *chip, int l)
>-- 
>2.15.0
>

Laurent,

Can you try this patch with your system since it is the one
that has exhibited the problem so far. I've tested on a
tpm2.0 and tpm1.2 system here.

Regards,
Jerry