From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Mario.Limonciello@dell.com, peterhuewe@gmx.de,
jarkko.sakkinen@linux.intel.com, jgg@ziepe.ca
Cc: arnd@arndb.de, gregkh@linuxfoundation.org,
linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org,
jeffrin@rajagiritech.edu.in, alex@guzman.io
Subject: Re: [PATCH] tpm: Revert "tpm: fix invalid locking in NONBLOCKING mode"
Date: Tue, 26 May 2020 12:38:44 -0700 [thread overview]
Message-ID: <1590521924.15108.1.camel@HansenPartnership.com> (raw)
In-Reply-To: <ccf055cbf1a14f28bc95a6b02e29a2f6@AUSX13MPC105.AMER.DELL.COM>
On Tue, 2020-05-26 at 19:23 +0000, Mario.Limonciello@dell.com wrote:
> > On Tue, 2020-05-26 at 13:32 -0500, Mario Limonciello wrote:
> > > This reverts commit d23d12484307b40eea549b8a858f5fffad913897.
> > >
> > > This commit has caused regressions for the XPS 9560 containing
> > > a Nuvoton TPM.
> >
> > Presumably this is using the tis driver?
>
> Correct.
>
> >
> > > As mentioned by the reporter all TPM2 commands are failing with:
> > > ERROR:tcti:src/tss2-tcti/tcti-
> > > device.c:290:tcti_device_receive()
> > > Failed to read response from fd 3, got errno 1: Operation not
> > > permitted
> > >
> > > The reporter bisected this issue back to this commit which was
> > > backported to stable as commit 4d6ebc4.
> >
> > I think the problem is request_locality ... for some inexplicable
> > reason a failure there returns -1, which is EPERM to user space.
> >
> > That seems to be a bug in the async code since everything else
> > gives a ESPIPE error if tpm_try_get_ops fails ... at least no-one
> > assumes it gives back a sensible return code.
> >
> > What I think is happening is that with the patch the TPM goes
> > through a quick sequence of request, relinquish, request,
> > relinquish and it's the third request which is failing (likely
> > timing out). Without the patch, the patch there's only one
> > request,relinquish cycle because the ops are held while the async
> > work is executed. I have a vague recollection that there is a
> > problem with too many locality request in quick succession, but
> > I'll defer to Jason, who I think understands the intricacies of
> > localities better than I do.
>
> Thanks, I don't pretend to understand the nuances of this particular
> code, but I was hoping that the request to revert got some attention
> since Alex's kernel Bugzilla and message a few months ago to linux
> integrity weren't.
>
> >
> > If that's the problem, the solution looks simple enough: just move
> > the ops get down because the priv state is already protected by the
> > buffer mutex
>
> Yeah, if that works for Alex's situation it certainly sounds like a
> better solution than reverting this patch as this patch actually does
> fix a problem reported by Jeffrin originally.
>
> Could you propose a specific patch that Alex and Jeffrin can perhaps
> both try?
Um, what's wrong with the one I originally attached and which you quote
below? It's only compile tested, but I think it will work, if the
theory is correct.
James
> >
> > James
> >
> > ---
> >
> > diff --git a/drivers/char/tpm/tpm-dev-common.c
> > b/drivers/char/tpm/tpm-dev-
> > common.c
> > index 87f449340202..1784530b8387 100644
> > --- a/drivers/char/tpm/tpm-dev-common.c
> > +++ b/drivers/char/tpm/tpm-dev-common.c
> > @@ -189,15 +189,6 @@ ssize_t tpm_common_write(struct file *file,
> > const char
> > __user *buf,
> > goto out;
> > }
> >
> > - /* atomic tpm command send and result receive. We only
> > hold the ops
> > - * lock during this period so that the tpm can be
> > unregistered even if
> > - * the char dev is held open.
> > - */
> > - if (tpm_try_get_ops(priv->chip)) {
> > - ret = -EPIPE;
> > - goto out;
> > - }
> > -
> > priv->response_length = 0;
> > priv->response_read = false;
> > *off = 0;
> > @@ -211,11 +202,19 @@ ssize_t tpm_common_write(struct file *file,
> > const char
> > __user *buf,
> > if (file->f_flags & O_NONBLOCK) {
> > priv->command_enqueued = true;
> > queue_work(tpm_dev_wq, &priv->async_work);
> > - tpm_put_ops(priv->chip);
> > mutex_unlock(&priv->buffer_mutex);
> > return size;
> > }
> >
> > + /* atomic tpm command send and result receive. We only
> > hold the ops
> > + * lock during this period so that the tpm can be
> > unregistered even if
> > + * the char dev is held open.
> > + */
> > + if (tpm_try_get_ops(priv->chip)) {
> > + ret = -EPIPE;
> > + goto out;
> > + }
> > +
> > ret = tpm_dev_transmit(priv->chip, priv->space, priv-
> > > data_buffer,
> >
> > sizeof(priv->data_buffer));
> > tpm_put_ops(priv->chip);
next prev parent reply other threads:[~2020-05-26 19:38 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-26 18:32 [PATCH] tpm: Revert "tpm: fix invalid locking in NONBLOCKING mode" Mario Limonciello
2020-05-26 19:14 ` James Bottomley
2020-05-26 19:23 ` Mario.Limonciello
2020-05-26 19:38 ` James Bottomley [this message]
2020-05-26 22:19 ` Alex Guzman
2020-05-26 23:06 ` James Bottomley
2020-05-26 23:31 ` Alex Guzman
2020-05-27 0:18 ` James Bottomley
2020-05-27 20:09 ` Jarkko Sakkinen
2020-05-27 20:18 ` Mario.Limonciello
2020-05-28 0:43 ` Jarkko Sakkinen
2020-05-28 0:59 ` Mario.Limonciello
2020-05-28 6:53 ` Jarkko Sakkinen
2020-05-27 20:15 ` Jarkko Sakkinen
2020-05-28 1:10 ` Alex Guzman
2020-05-28 6:54 ` Jarkko Sakkinen
2020-05-28 22:33 ` James Bottomley
2020-05-26 19:39 ` Tadeusz Struk
2020-05-26 20:00 ` James Bottomley
2020-05-26 21:33 ` Tadeusz Struk
2020-05-26 22:34 ` Alex Guzman
2020-05-28 0:30 ` Jarkko Sakkinen
2020-05-28 4:40 ` Tadeusz Struk
2020-05-28 6:55 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1590521924.15108.1.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=Mario.Limonciello@dell.com \
--cc=alex@guzman.io \
--cc=arnd@arndb.de \
--cc=gregkh@linuxfoundation.org \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jeffrin@rajagiritech.edu.in \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).