Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp6186243rwr; Mon, 1 May 2023 18:27:03 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7SvhWmwKwqAiRmvZLejAGrB6CzP4Hi76Ng8hwWfjMXZI+CgRn8yBWJyYeTr+oteP4t/v6C X-Received: by 2002:a17:90b:17d0:b0:23b:2c51:6e7 with SMTP id me16-20020a17090b17d000b0023b2c5106e7mr15860663pjb.21.1682990822686; Mon, 01 May 2023 18:27:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682990822; cv=none; d=google.com; s=arc-20160816; b=JjP1zODIHHti3kOxivsYNWb24LiO4yLEQqumF/X09ErDNASR7vCrfz2EBLA9s8/1t9 L3Gw9v5ibxZnbTCrODBy4f8hvltDYjyX0ONx63xE1jPIVfSP6SQuBjXK6oyEh992adr+ tx3VJYqdX96Hzj4GH6s5q8IFHc70qv/o3akAkyzpHRxFWnbyBU6wGi/0EjpMjvx1G4g/ CPg9v8ZLm1Jl2jyRp+hT3xlhrzNriVogyH7NeGoOwx5+5l/HUGwlkI0/YxjuetTD0N/Y W9LqjA4+XDEEPWIkhO/nMG2zw8TU8icMCxCthb38XCkQ/msUpIZnMKw0GcdMoNN7Hplc wmkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1um58xZnC+f7ac/hyHdVabf3bpzgdVN9gh0KO4xKFfc=; b=aqsYfvQXnXNJ0CSrOEA03E9aopDBpQUvosmHx1uz2D73AgyS78Q+IgwNPlz8A4fqU+ DxE4e3RtqP+TQ6Us2f3POgIWVlwT6Ry24xwbeUqQiEk9XbbC7zaGbIX1J1zo/j+pvC5X szZ0La4XFexrMB+f7OvmAv0darMW5IElq/TCTTx40DZ6pKXqr5t+g9S1qx0zadFr0qyw eXYNgpb1VIx6q7bnjSR3bnlyGQkniDpIHibSQOrkb30R7oG44UcoJtv9xC78nQdqy4dP /wngWH9s0ii7k2IlOWe1+BDlJ07HYFAwVLUFyAT21PEd+xukCXAHeYJ2ZkdDHsuK+jeE 8WDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Yz+c4M9j; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r19-20020a63fc53000000b00520c7b6b833si28437719pgk.161.2023.05.01.18.26.48; Mon, 01 May 2023 18:27:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Yz+c4M9j; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233392AbjEBBQS (ORCPT + 99 others); Mon, 1 May 2023 21:16:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233390AbjEBBQQ (ORCPT ); Mon, 1 May 2023 21:16:16 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D1AB840F0; Mon, 1 May 2023 18:16:14 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 52A8561BCB; Tue, 2 May 2023 01:16:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5F6FCC433EF; Tue, 2 May 2023 01:16:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1682990173; bh=jw3tryjtZVR59Kgi2CPEHZnInV3fijXsH621FDHqksc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Yz+c4M9joX6zWN1bbjXLkOeBSzz8DYu6sRahMvg1Fn4IK7HBLCXzp7r1TD2BJoPWP NaKp45phmW9T1Q8qI4e/rp4pIeZibRVuKf9j/ZUinwU/HbCio4r3MsveQ2KhOvKGvZ qnyjXe10jUq/7r+rg7skmGyPLZngt/hK3bRCvPaswHe6ERIDJ1NLC6NUx+0ck6QE0F azfedMeoi58IKzbHv64oLR0HRgm08moVUV+IHhPpy3OFsQZtxbP1oFFzvkIWxmMfkP 4Mc7+1WxTkidJ/mEX8aeGVhIA4+wxkFdphHXLrhinajORTpG2zjshygfx1BvG4UH24 wGjNPCYO+r5Dg== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Jarkko Sakkinen , Vlastimil Babka , "Jason A . Donenfeld" , Jason Gunthorpe , Jerry Snitselaar , stable@vger.kernel.org Subject: [PATCH v2 2/2] tpm: Prevent hwrng from activating during resume Date: Tue, 2 May 2023 04:15:58 +0300 Message-Id: <20230502011558.10743-3-jarkko@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230502011558.10743-1-jarkko@kernel.org> References: <20230502011558.10743-1-jarkko@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Set TPM_CHIP_FLAG_SUSPENDED in tpm_pm_suspend() and reset in tpm_pm_resume(). While the flag is set, tpm_hwrng() gives back zero bytes. This prevents hwrng from racing during resume. Cc: stable@vger.kernel.org Fixes: 6e592a065d51 ("tpm: Move Linux RNG connection to hwrng") Reviewed-by: Jerry Snitselaar Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm-chip.c | 4 ++++ drivers/char/tpm/tpm-interface.c | 10 ++++++++++ include/linux/tpm.h | 1 + 3 files changed, 15 insertions(+) diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c index c10a4aa97373..cd48033b804a 100644 --- a/drivers/char/tpm/tpm-chip.c +++ b/drivers/char/tpm/tpm-chip.c @@ -571,6 +571,10 @@ static int tpm_hwrng_read(struct hwrng *rng, void *data, size_t max, bool wait) { struct tpm_chip *chip = container_of(rng, struct tpm_chip, hwrng); + /* Give back zero bytes, as TPM chip has not yet fully resumed: */ + if (chip->flags & TPM_CHIP_FLAG_SUSPENDED) + return 0; + return tpm_get_random(chip, data, max); } diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 4463d0018290..586ca10b0d72 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -412,6 +412,8 @@ int tpm_pm_suspend(struct device *dev) } suspended: + chip->flags |= TPM_CHIP_FLAG_SUSPENDED; + if (rc) dev_err(dev, "Ignoring error %d while suspending\n", rc); return 0; @@ -429,6 +431,14 @@ int tpm_pm_resume(struct device *dev) if (chip == NULL) return -ENODEV; + chip->flags &= ~TPM_CHIP_FLAG_SUSPENDED; + + /* + * Guarantee that SUSPENDED is written last, so that hwrng does not + * activate before the chip has been fully resumed. + */ + wmb(); + return 0; } EXPORT_SYMBOL_GPL(tpm_pm_resume); diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 77693389c3f9..6a1e8f157255 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -282,6 +282,7 @@ enum tpm_chip_flags { TPM_CHIP_FLAG_ALWAYS_POWERED = BIT(5), TPM_CHIP_FLAG_FIRMWARE_POWER_MANAGED = BIT(6), TPM_CHIP_FLAG_FIRMWARE_UPGRADE = BIT(7), + TPM_CHIP_FLAG_SUSPENDED = BIT(8), }; #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev) -- 2.39.2