Received: by 10.192.165.148 with SMTP id m20csp1475647imm; Sat, 5 May 2018 13:03:40 -0700 (PDT) X-Google-Smtp-Source: AB8JxZq0NzmcsWTZGiDPYkyEaOOHLG4lwbO/QG6uDx9y04e8vqz+YFkUBajIM1QRiMzy6VrfFnDw X-Received: by 2002:a17:902:700a:: with SMTP id y10-v6mr32869958plk.265.1525550620796; Sat, 05 May 2018 13:03:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525550620; cv=none; d=google.com; s=arc-20160816; b=aiY8x/1AVt2SrVfGbhVPFpWnWHHSktJj3lTk0JbauMxW70EzuUy2wBVldOjilSXUox /284zFPue84vQ3VOD/QknubzHDQc+5/G31KcgJvlyY/tVxAVQD65NnhGImAPA60xwNYr NZtrKSLOR+N7eWTGGM21hCPKUaYwVW7X4GsIw4tlJzxkKCn/wVlJ8g2xRqJEjxq6seot s8EOVswR5BpoDeocnqOy3YCniq4dw4vnUzzS1lcxEj0g2xg7qQt80ab8oiGV5vY12T2x XXk4yvffI5udIw3j6c453q7JUagz6W9c/YQb9VPIn6mCGQr21LJmTJprFj4HM4RblJp7 Mkjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :reply-to:message-id:subject:cc:to:from:date :arc-authentication-results; bh=GqejcwTgRBixK4hQ90xXzst1aCbaklKKJilcvaO+i/8=; b=pbVdC+dlS/dmPHA//4mQ895LK/USUHwO3PqLhxNKOENG1g+W3XfRVmErFm1mbs+DeN eqJGnSJw9VopH8ax0arwneMsDlhBdZeN4CAn9Jcf52p1TsRbS88bLwu6VlX4dHmqrhbn P2yLblTQ9QsPzQYjzmFw9mLczip05tohEL73hcKXndVcA7Xq9as8YII4szB3OKfdTdbO yNypkwEYIhXnTv0iP6jiREo5hKxxdzaIH+5Ts2nxW0hldeQdg/3uQyzs5lprGetwIwgs UTxqIxETtfqNBWYkPOUuQsZhbnwTgznO6Ifyd74bA77BqdIF4pIYi7ePCti9dMc3UnCk WcDw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b5-v6si10696494ple.417.2018.05.05.13.03.26; Sat, 05 May 2018 13:03:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751785AbeEEUDS (ORCPT + 99 others); Sat, 5 May 2018 16:03:18 -0400 Received: from mx1.redhat.com ([209.132.183.28]:33562 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751183AbeEEUDQ (ORCPT ); Sat, 5 May 2018 16:03:16 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 11518300239A; Sat, 5 May 2018 20:03:16 +0000 (UTC) Received: from localhost (ovpn-116-34.phx2.redhat.com [10.3.116.34]) by smtp.corp.redhat.com (Postfix) with ESMTP id E7DEA89D10; Sat, 5 May 2018 20:03:15 +0000 (UTC) Date: Sat, 5 May 2018 13:03:15 -0700 From: Jerry Snitselaar To: linux-integrity@vger.kernel.org, Laurent Bigonville Cc: linux-kernel@vger.kernel.org, Jarkko Sakkinen , Peter Huewe , Jason Gunthorpe Subject: Re: [PATCH] tpm_tis: verify locality released before returning from release_locality Message-ID: <20180505200315.x7jt33j7psizmfyi@cantor> Reply-To: Jerry Snitselaar Mail-Followup-To: linux-integrity@vger.kernel.org, Laurent Bigonville , linux-kernel@vger.kernel.org, Jarkko Sakkinen , Peter Huewe , Jason Gunthorpe References: <20180505195453.10431-1-jsnitsel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20180505195453.10431-1-jsnitsel@redhat.com> User-Agent: NeoMutt/20180323 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Sat, 05 May 2018 20:03:16 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat May 05 18, Jerry Snitselaar wrote: >For certain tpm chips releasing locality can take long enough that a >subsequent call to request_locality will see the locality as being >active when the access register is read in check_locality. So check >that the locality has been released before returning from >release_locality. > >Cc: Jarkko Sakkinen >Cc: Peter Huewe >Cc: Jason Gunthorpe >Reported-by: Laurent Bigonville >Signed-off-by: Jerry Snitselaar >--- > drivers/char/tpm/tpm_tis_core.c | 47 ++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 46 insertions(+), 1 deletion(-) > >diff --git a/drivers/char/tpm/tpm_tis_core.c b/drivers/char/tpm/tpm_tis_core.c >index 5a1f47b43947..d547cd309dbd 100644 >--- a/drivers/char/tpm/tpm_tis_core.c >+++ b/drivers/char/tpm/tpm_tis_core.c >@@ -143,13 +143,58 @@ static bool check_locality(struct tpm_chip *chip, int l) > return false; > } > >+static bool locality_inactive(struct tpm_chip *chip, int l) >+{ >+ struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >+ int rc; >+ u8 access; >+ >+ rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access); >+ if (rc < 0) >+ return false; >+ >+ if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY)) >+ == TPM_ACCESS_VALID) >+ return true; >+ >+ return false; >+} >+ > static int release_locality(struct tpm_chip *chip, int l) > { > struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >+ unsigned long stop, timeout; >+ long rc; > > tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY); > >- return 0; >+ stop = jiffies + chip->timeout_a; >+ >+ if (chip->flags & TPM_CHIP_FLAG_IRQ) { >+again: >+ timeout = stop - jiffies; >+ if ((long)timeout <= 0) >+ return -1; >+ >+ rc = wait_event_interruptible_timeout(priv->int_queue, >+ (locality_inactive(chip, l)), >+ timeout); >+ >+ if (rc > 0) >+ return 0; >+ >+ if (rc == -ERESTARTSYS && freezing(current)) { >+ clear_thread_flag(TIF_SIGPENDING); >+ goto again; >+ } >+ } else { >+ do { >+ if (locality_inactive(chip, l)) >+ return 0; >+ tpm_msleep(TPM_TIMEOUT); >+ } while (time_before(jiffies, stop)); >+ } >+ return -1; > } > > static int request_locality(struct tpm_chip *chip, int l) >-- >2.15.0 > Laurent, Can you try this patch with your system since it is the one that has exhibited the problem so far. I've tested on a tpm2.0 and tpm1.2 system here. Regards, Jerry