Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2124340imm; Mon, 28 May 2018 02:03:06 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrSmL9xcPFeaxzTAiEPc8+L8aZAn+xxJzRcbMsMHVecIvf+XCmWhGV2jkpsog+H+0yFnSCS X-Received: by 2002:a63:9711:: with SMTP id n17-v6mr10139083pge.431.1527498185926; Mon, 28 May 2018 02:03:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527498185; cv=none; d=google.com; s=arc-20160816; b=WTZ+1HOzKQHL4aHAsDFaHRCtPZni8uSatzN1Clv+4uVYkTFhFqBI2eovTs20znnPh/ V4mCS8Gb77fuIDa9ePfZXI3FgUMphRWfIcjpRMigtW3WH+0DL232BkZZzCwWcOkvnSB8 gj/IIRumi/BV/kBlbzlOZtVjtFYP+FLOZQqEc7XEjas2yUlxabOSb0yRajeLVja2EVdx BzbzVzP+Ua0ei09wFz/drVIcbw3qnqZI2sKmn6mtai6FJSYlNRd0b1dvVsr4QrGWkS83 je/v8F20VhFLJWTCEkbl/++G0coPHrPw8CJdqv1pavkxhYq84ZQDZRvPS6XpB146YiGI Ov7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:mail-followup-to:reply-to:message-id:subject:cc:to:from :date:arc-authentication-results; bh=5YnOeb4nAqtfifQAkoH/8AATD8ARpsjZKBnSS2oL5hI=; b=oQIFgfka5II+msET+bpP/phHcF8/DPEMjRSH1Et9X5UEq1CY3za1laknAmk0kX+bxA SHJRSSsTyScTGkZWYki/GrQSt6aY0i0K85/zZdRNoCH9ZtJwbjGeuRkpx92g41ur800j Dv/YjRT3dFXHgASLVsfoqk9tIWmQ+qI+7Lk3PhTiTsf+EzaT5xB2FI2iJaeAPFpoOFre 3ZZQLfp5qtzQf8gBIdJSNACs0TBfWnM1iIWRN/cGd2L/QBzrcmq4KyyapF+7rN27MAj2 mQe/jdxa9NyKTLao1LDUaMmQ0djl1nS08r0NYd7vbnbsYl1bjAl3RwtdckIg7ZMBR3c+ ADxw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 91-v6si29402634ply.55.2018.05.28.02.02.50; Mon, 28 May 2018 02:03:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754324AbeE1JBz (ORCPT + 99 others); Mon, 28 May 2018 05:01:55 -0400 Received: from mx1.redhat.com ([209.132.183.28]:60178 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932102AbeE1JBs (ORCPT ); Mon, 28 May 2018 05:01:48 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 62DA430B68BD; Mon, 28 May 2018 09:01:48 +0000 (UTC) Received: from localhost (ovpn-116-222.phx2.redhat.com [10.3.116.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 13A925D6A8; Mon, 28 May 2018 09:01:48 +0000 (UTC) Date: Mon, 28 May 2018 02:01:47 -0700 From: Jerry Snitselaar To: Laurent Bigonville Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Jarkko Sakkinen , Peter Huewe , Jason Gunthorpe Subject: Re: [PATCH] tpm_tis: verify locality released before returning from release_locality Message-ID: <20180528090147.yjuup2jved7geumv@cantor> Reply-To: Jerry Snitselaar Mail-Followup-To: Laurent Bigonville , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Jarkko Sakkinen , Peter Huewe , Jason Gunthorpe References: <20180505195453.10431-1-jsnitsel@redhat.com> <20180505200315.x7jt33j7psizmfyi@cantor> <06d7794e-125b-85da-72af-c386d999341c@debian.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <06d7794e-125b-85da-72af-c386d999341c@debian.org> User-Agent: NeoMutt/20180512 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Mon, 28 May 2018 09:01:48 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon May 28 18, Laurent Bigonville wrote: >Hello, > >Top posting, sorry. > >I don't know if I did it well to include the "Tested-by" tag because I >don't see that the patch has landed in linus branch already. > >And as far as I understand, this will not be in the upcoming 4.17 >release as we are already late in the cycle? > >Kind regards, > >Laurent Bigonville > It should go into his branch during the merge window for 4.18. > >Le 11/05/18 ? 21:02, Laurent Bigonville a ?crit?: >>Le 05/05/18 ? 22:03, Jerry Snitselaar a ?crit?: >>>On Sat May 05 18, Jerry Snitselaar wrote: >>>>For certain tpm chips releasing locality can take long enough that a >>>>subsequent call to request_locality will see the locality as being >>>>active when the access register is read in check_locality. So check >>>>that the locality has been released before returning from >>>>release_locality. >>>> >>>>Cc: Jarkko Sakkinen >>>>Cc: Peter Huewe >>>>Cc: Jason Gunthorpe >>>>Reported-by: Laurent Bigonville >>>>Signed-off-by: Jerry Snitselaar >>Tested-by: Laurent Bigonville >>>>--- >>>>drivers/char/tpm/tpm_tis_core.c | 47 >>>>++++++++++++++++++++++++++++++++++++++++- >>>>1 file changed, 46 insertions(+), 1 deletion(-) >>>> >>>>diff --git a/drivers/char/tpm/tpm_tis_core.c >>>>b/drivers/char/tpm/tpm_tis_core.c >>>>index 5a1f47b43947..d547cd309dbd 100644 >>>>--- a/drivers/char/tpm/tpm_tis_core.c >>>>+++ b/drivers/char/tpm/tpm_tis_core.c >>>>@@ -143,13 +143,58 @@ static bool check_locality(struct tpm_chip >>>>*chip, int l) >>>>????return false; >>>>} >>>> >>>>+static bool locality_inactive(struct tpm_chip *chip, int l) >>>>+{ >>>>+??? struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >>>>+??? int rc; >>>>+??? u8 access; >>>>+ >>>>+??? rc = tpm_tis_read8(priv, TPM_ACCESS(l), &access); >>>>+??? if (rc < 0) >>>>+??????? return false; >>>>+ >>>>+??? if ((access & (TPM_ACCESS_VALID | TPM_ACCESS_ACTIVE_LOCALITY)) >>>>+??????? == TPM_ACCESS_VALID) >>>>+??????? return true; >>>>+ >>>>+??? return false; >>>>+} >>>>+ >>>>static int release_locality(struct tpm_chip *chip, int l) >>>>{ >>>>????struct tpm_tis_data *priv = dev_get_drvdata(&chip->dev); >>>>+??? unsigned long stop, timeout; >>>>+??? long rc; >>>> >>>>????tpm_tis_write8(priv, TPM_ACCESS(l), TPM_ACCESS_ACTIVE_LOCALITY); >>>> >>>>-??? return 0; >>>>+??? stop = jiffies + chip->timeout_a; >>>>+ >>>>+??? if (chip->flags & TPM_CHIP_FLAG_IRQ) { >>>>+again: >>>>+??????? timeout = stop - jiffies; >>>>+??????? if ((long)timeout <= 0) >>>>+??????????? return -1; >>>>+ >>>>+??????? rc = wait_event_interruptible_timeout(priv->int_queue, >>>>+????????????????????????????? (locality_inactive(chip, l)), >>>>+????????????????????????????? timeout); >>>>+ >>>>+??????? if (rc > 0) >>>>+??????????? return 0; >>>>+ >>>>+??????? if (rc == -ERESTARTSYS && freezing(current)) { >>>>+??????????? clear_thread_flag(TIF_SIGPENDING); >>>>+??????????? goto again; >>>>+??????? } >>>>+??? } else { >>>>+??????? do { >>>>+??????????? if (locality_inactive(chip, l)) >>>>+??????????????? return 0; >>>>+??????????? tpm_msleep(TPM_TIMEOUT); >>>>+??????? } while (time_before(jiffies, stop)); >>>>+??? } >>>>+??? return -1; >>>>} >>>> >>>>static int request_locality(struct tpm_chip *chip, int l) >>>>-- >>>>2.15.0 >>>> >>> >>>Laurent, >>> >>>Can you try this patch with your system since it is the one >>>that has exhibited the problem so far. I've tested on a >>>tpm2.0 and tpm1.2 system here. >>> >>>Regards, >>>Jerry >> >