Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2113069imm; Mon, 28 May 2018 01:47:03 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpI7s4hfgh9Kh35r9FG0Hgwu6w398nrUUNzK7ZuWUYKzUJnd/A4hm55lYpIa0IP8F1r8jw9 X-Received: by 2002:a65:53c9:: with SMTP id z9-v6mr9871082pgr.356.1527497223942; Mon, 28 May 2018 01:47:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527497223; cv=none; d=google.com; s=arc-20160816; b=WjZTuOfPcJV7xr5XF8DZL+5x8g8ZjG+1UnqDuC2QDDV7ECV6yU/KDGSJjny/7jLgGa qz5hTgbzEiqGWVUoiS328CJ2fK63YzVWlPyaXfqMU3xIINpTBmZ7X2Jsw3828KpQSdy6 QRvNJcPHwB84vkZUs8EFSn8vbJmFPENMvJS3RFoFW/m0F+zEFTXEn1oRtQ42kkbDYkff KVuzBrWOWBUTmMm4xNZCj16R1u5xMLzZrLSrv+wihh6NZJhkQhdEChCJyaPH/AcpiUnB FFKyCPMU9qGxg7DKkaQ9urhJeHv9X3t/APFm40xd595jPlDBdpSIekH+HjXHjzQBxWiX 6+3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:references:to:from:subject:arc-authentication-results; bh=BRDIj1ta0TkXQJ1nGKZg6cEpAHVc59q8cFEUeW83S80=; b=MEn+lSHIypkYgnkz/6ZOtlXcmoN7vIcjEmNgDWWvoT5Dq9dyF+8gGBev5+DwDbT1b/ GzZlGD/mke0ecNhWKv/8633yKceSiCBhdxAAgPWQ0ZrHAKVp9TA03yO9qt4jlXC2KI0U ddgrmBIDUH3nAQyBMlVl6MY3ptFNpHaE0ZUPbtwEwUXcC0MpTwTK9eVBqNgrexos591z hJ9qCeV7uhHB2W6EBYIPBXNboyZqFbSSJxGBgCdhkuNYu5ldaI3T6zEUrAqDCr4qHB3U oCQbPIhASi231jtJiCHRKp0aejGhE/mnuUSz4jO2wAexQi9iJzmPFBiDZkKJsHlXdSqq V0mQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k72-v6si30900663pfa.53.2018.05.28.01.46.49; Mon, 28 May 2018 01:47:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754104AbeE1IpU (ORCPT + 99 others); Mon, 28 May 2018 04:45:20 -0400 Received: from anor.bigon.be ([91.121.173.99]:45705 "EHLO anor.bigon.be" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754029AbeE1IpS (ORCPT ); Mon, 28 May 2018 04:45:18 -0400 Received: from anor.bigon.be (localhost.localdomain [127.0.0.1]) by anor.bigon.be (Postfix) with ESMTP id 332E71A071; Mon, 28 May 2018 10:45:16 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at bigon.be Received: from anor.bigon.be ([127.0.0.1]) by anor.bigon.be (anor.bigon.be [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id LpgUeWA9rWcO; Mon, 28 May 2018 10:44:53 +0200 (CEST) Received: from [10.20.225.173] (unknown [193.53.238.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: bigon) by anor.bigon.be (Postfix) with ESMTPSA id 346A71A055; Mon, 28 May 2018 10:44:53 +0200 (CEST) Subject: Re: [PATCH] tpm_tis: verify locality released before returning from release_locality From: Laurent Bigonville To: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Jarkko Sakkinen , Peter Huewe , Jason Gunthorpe References: <20180505195453.10431-1-jsnitsel@redhat.com> <20180505200315.x7jt33j7psizmfyi@cantor> Message-ID: <06d7794e-125b-85da-72af-c386d999341c@debian.org> Date: Mon, 28 May 2018 10:44:52 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, Top posting, sorry. I don't know if I did it well to include the "Tested-by" tag because I don't see that the patch has landed in linus branch already. And as far as I understand, this will not be in the upcoming 4.17 release as we are already late in the cycle? Kind regards, Laurent Bigonville Le 11/05/18 à 21:02, Laurent Bigonville a écrit : > Le 05/05/18 à 22:03, Jerry Snitselaar a écrit : >> On Sat May 05 18, Jerry Snitselaar wrote: >>> For certain tpm chips releasing locality can take long enough that a >>> subsequent call to request_locality will see the locality as being >>> active when the access register is read in check_locality. So check >>> that the locality has been released before returning from >>> release_locality. >>> >>> Cc: Jarkko Sakkinen >>> Cc: Peter Huewe >>> Cc: Jason Gunthorpe >>> Reported-by: Laurent Bigonville >>> Signed-off-by: Jerry Snitselaar > Tested-by: Laurent Bigonville >>> --- >>> drivers/char/tpm/tpm_tis_core.c | 47 >>> ++++++++++++++++++++++++++++++++++++++++- >>> 1 file changed, 46 insertions(+), 1 deletion(-) >>> >>> diff --git a/drivers/char/tpm/tpm_tis_core.c >>> b/drivers/char/tpm/tpm_tis_core.c >>> index 5a1f47b43947..d547cd309dbd 100644 >>> --- a/drivers/char/tpm/tpm_tis_core.c >>> +++ b/drivers/char/tpm/tpm_tis_core.c >>> @@ -143,13 +143,58 @@ static bool check_locality(struct tpm_chip >>> *chip, int l) >>>     return false; >>> } >>> >>> +static bool locality_inactive(struct tpm_chip *chip, int l) >>> +{ >>> +    struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >>> +    int rc; >>> +    u8 access; >>> + >>> +    rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access); >>> +    if (rc < 0) >>> +        return false; >>> + >>> +    if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY)) >>> +        == TPM_ACCESS_VALID) >>> +        return true; >>> + >>> +    return false; >>> +} >>> + >>> static int release_locality(struct tpm_chip *chip, int l) >>> { >>>     struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >>> +    unsigned long stop, timeout; >>> +    long rc; >>> >>>     tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY); >>> >>> -    return 0; >>> +    stop = jiffies + chip->timeout_a; >>> + >>> +    if (chip->flags & TPM_CHIP_FLAG_IRQ) { >>> +again: >>> +        timeout = stop - jiffies; >>> +        if ((long)timeout <= 0) >>> +            return -1; >>> + >>> +        rc = wait_event_interruptible_timeout(priv->int_queue, >>> +                              (locality_inactive(chip, l)), >>> +                              timeout); >>> + >>> +        if (rc > 0) >>> +            return 0; >>> + >>> +        if (rc == -ERESTARTSYS && freezing(current)) { >>> +            clear_thread_flag(TIF_SIGPENDING); >>> +            goto again; >>> +        } >>> +    } else { >>> +        do { >>> +            if (locality_inactive(chip, l)) >>> +                return 0; >>> +            tpm_msleep(TPM_TIMEOUT); >>> +        } while (time_before(jiffies, stop)); >>> +    } >>> +    return -1; >>> } >>> >>> static int request_locality(struct tpm_chip *chip, int l) >>> -- >>> 2.15.0 >>> >> >> Laurent, >> >> Can you try this patch with your system since it is the one >> that has exhibited the problem so far. I've tested on a >> tpm2.0 and tpm1.2 system here. >> >> Regards, >> Jerry >