From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E10AC43441 for ; Fri, 16 Nov 2018 12:32:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 381072086A for ; Fri, 16 Nov 2018 12:32:20 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 381072086A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-integrity-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728079AbeKPWoa (ORCPT ); Fri, 16 Nov 2018 17:44:30 -0500 Received: from mga14.intel.com ([192.55.52.115]:53886 "EHLO mga14.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727868AbeKPWoa (ORCPT ); Fri, 16 Nov 2018 17:44:30 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 16 Nov 2018 04:32:16 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,240,1539673200"; d="scan'208";a="89834013" Received: from unknown (HELO localhost) ([10.249.254.90]) by orsmga007.jf.intel.com with ESMTP; 16 Nov 2018 04:32:11 -0800 Date: Fri, 16 Nov 2018 14:32:09 +0200 From: Jarkko Sakkinen To: Stefan Berger Cc: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, James Bottomley , Tomas Winkler , Tadeusz Struk , Stefan Berger , Nayna Jain , Peter Huewe , Jason Gunthorpe , Arnd Bergmann , Greg Kroah-Hartman , open list Subject: Re: [PATCH v7 15/17] tpm: introduce tpm_chip_start() and tpm_chip_stop() Message-ID: <20181116123130.GB6445@linux.intel.com> References: <20181113183620.27447-1-jarkko.sakkinen@linux.intel.com> <20181113183620.27447-16-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org On Tue, Nov 13, 2018 at 08:56:51PM -0500, Stefan Berger wrote: > On 11/13/18 5:34 PM, Stefan Berger wrote: > > On 11/13/18 1:36 PM, Jarkko Sakkinen wrote: > > > Encapsulate power gating and locality functionality to tpm_chip_start() > > > and tpm_chip_stop() in order to clean up the branching mess in > > > tpm_transmit(). > > > > > > I ran the vtpm proxy test suite on this series and got this error when > > running it with 'make check-j5' > > (https://github.com/stefanberger/linux-vtpm-tests). > > > > It's was actually difficult to hit this bug since I ran it with -j1 , > > -j2 and so on before. > > This is the diff against your nested branch that fixes this bug and the > other issue I found: > > diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c > index 46aa68756bac..42bce9bc41b1 100644 > --- a/drivers/char/tpm/tpm-chip.c > +++ b/drivers/char/tpm/tpm-chip.c > @@ -155,7 +155,13 @@ int tpm_try_get_ops(struct tpm_chip *chip) >          goto out_lock; > >      mutex_lock(&chip->tpm_mutex); > -    return tpm_chip_start(chip); > +    rc = tpm_chip_start(chip); > +    if (rc) > +        goto out_unlock; > +    return 0; > + > +out_unlock: > +    mutex_unlock(&chip->tpm_mutex); >  out_lock: >      up_read(&chip->ops_sem); >      put_device(&chip->dev); > diff --git a/drivers/char/tpm/tpm-interface.c > b/drivers/char/tpm/tpm-interface.c > index 5e3d5e95ea46..c3260ae8aca3 100644 > --- a/drivers/char/tpm/tpm-interface.c > +++ b/drivers/char/tpm/tpm-interface.c > @@ -167,6 +167,8 @@ ssize_t tpm_transmit(struct tpm_chip *chip, u8 *buf, > size_t bufsiz) >      for (;;) { >          ret = tpm_try_transmit(chip, buf, bufsiz); > > +        if (ret < 0) > +            break; >          rc = be32_to_cpu(header->return_code); >          if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) >              break; > > > > > > > > > > > [ 3003.838138] BUG: unable to handle kernel NULL pointer dereference at > > 0000000000000000 > > [ 3003.838806] PGD 0 P4D 0 > > [ 3003.838806] Oops: 0010 [#1] SMP PTI > > [ 3003.840394] CPU: 3 PID: 111 Comm: kworker/3:1 Not tainted 4.20.0-rc2+ > > #6 > > [ 3003.840394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), > > BIOS rel-1.11.0-50-g14221cd-dirty-20181018_164544-sbct-4.pok.ibm.com > > 04/01/2014 > > [ 3003.840394] Workqueue: tpm-vtpm vtpm_proxy_work > > [ 3003.840394] RIP: 0010:          (null) > > [ 3003.840394] Code: Bad RIP value. > > [ 3003.840394] RSP: 0018:ffffa6e6816d7e10 EFLAGS: 00010246 > > [ 3003.840394] RAX: 00000000ffffffe0 RBX: ffff9698077ad000 RCX: > > 0000000000000006 > > [ 3003.840394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: > > ffff9698077ad000 > > [ 3003.840394] RBP: ffff9698077ad000 R08: fffff59bc6172d08 R09: > > 0000000000000000 > > [ 3003.840394] R10: 0000000000000000 R11: 0000000000000000 R12: > > ffff9698b78f0700 > > [ 3003.840394] R13: ffff9698b78fbc00 R14: 0000000000000000 R15: > > ffff9697f8ea10f8 > > [ 3003.840394] FS:  0000000000000000(0000) GS:ffff9698b78c0000(0000) > > knlGS:0000000000000000 > > [ 3003.840394] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > > [ 3003.840394] CR2: ffffffffffffffd6 CR3: 0000000190606000 CR4: > > 00000000000006e0 > > [ 3003.840394] Call Trace: > > [ 3003.840394]  ? tpm_chip_start+0xb8/0xe0 > > [ 3003.840394]  ? tpm_chip_register+0x15/0x240 > > [ 3003.840394]  ? vtpm_proxy_work+0x15/0x30 > > [ 3003.840394]  ? process_one_work+0x237/0x5c0 > > [ 3003.840394]  ? worker_thread+0x1d5/0x390 > > [ 3003.840394]  ? process_one_work+0x5c0/0x5c0 > > [ 3003.840394]  ? kthread+0x11e/0x140 > > [ 3003.840394]  ? kthread_park+0x90/0x90 > > [ 3003.840394]  ? ret_from_fork+0x3a/0x50 > > [ 3003.840394] Modules linked in: xt_CHECKSUM ipt_MASQUERADE tun > > nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter > > ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat > > ebtable_broute bridge stp llc ip6table_nat nf_nat_ipv6 ip6table_mangle > > ip6table_raw ip6table_security iptable_nat nf_nat_ipv4 nf_nat > > nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_mangle > > iptable_raw iptable_security ebtable_filter ebtables ip6table_filter > > ip6_tables sunrpc virtio_gpu ttm drm_kms_helper drm joydev syscopyarea > > sysfillrect sysimgblt pcspkr virtio_balloon i2c_piix4 fb_sys_fops > > virtio_net net_failover virtio_console failover virtio_blk crc32c_intel > > virtio_pci serio_raw ata_generic virtio_ring virtio pata_acpi floppy > > qemu_fw_cfg > > [ 3003.840394] CR2: 0000000000000000 > > [ 3003.840394] ---[ end trace 29e5990b605a7ccb ]--- > > [ 3003.840394] RIP: 0010:          (null) > > [ 3003.840394] Code: Bad RIP value. > > [ 3003.840394] RSP: 0018:ffffa6e6816d7e10 EFLAGS: 00010246 > > [ 3003.840394] RAX: 00000000ffffffe0 RBX: ffff9698077ad000 RCX: > > 0000000000000006 > > [ 3003.840394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: > > ffff9698077ad000 > > [ 3003.840394] RBP: ffff9698077ad000 R08: fffff59bc6172d08 R09: > > 0000000000000000 > > [ 3003.840394] R10: 0000000000000000 R11: 0000000000000000 R12: > > ffff9698b78f0700 > > [ 3003.840394] R13: ffff9698b78fbc00 R14: 0000000000000000 R15: > > ffff9697f8ea10f8 > > [ 3003.840394] FS:  0000000000000000(0000) GS:ffff9698b78c0000(0000) > > knlGS:0000000000000000 > > [ 3003.840394] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > > [ 3003.840394] CR2: ffffffffffffffd6 CR3: 0000000190606000 CR4: > > 00000000000006e0 > > [ 3003.840394] BUG: sleeping function called from invalid context at > > ./include/linux/percpu-rwsem.h:34 > > [ 3003.840394] in_atomic(): 0, irqs_disabled(): 1, pid: 111, name: > > kworker/3:1 > > [ 3003.840394] INFO: lockdep is turned off. > > [ 3003.840394] irq event stamp: 165206 > > [ 3003.840394] hardirqs last  enabled at (165205): [] > > free_unref_page+0xf3/0x1f0 > > [ 3003.840394] hardirqs last disabled at (165206): [] > > trace_hardirqs_off_thunk+0x1a/0x1c > > [ 3003.840394] softirqs last  enabled at (165182): [] > > peernet2id+0x41/0x50 > > [ 3003.840394] softirqs last disabled at (165180): [] > > peernet2id+0x22/0x50 > > [ 3003.840394] CPU: 3 PID: 111 Comm: kworker/3:1 Tainted: G D           > > 4.20.0-rc2+ #6 > > [ 3003.840394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), > > BIOS rel-1.11.0-50-g14221cd-dirty-20181018_164544-sbct-4.pok.ibm.com > > 04/01/2014 > > [ 3003.840394] Workqueue: tpm-vtpm vtpm_proxy_work > > [ 3003.840394] Call Trace: > > [ 3003.840394]  dump_stack+0x67/0x9b > > [ 3003.840394]  ___might_sleep+0x149/0x230 > > [ 3003.840394]  exit_signals+0x20/0x210 > > [ 3003.840394]  ? worker_thread+0x1d5/0x390 > > [ 3003.840394]  do_exit+0xa0/0xc70 > > [ 3003.840394]  ? process_one_work+0x5c0/0x5c0 > > [ 3003.840394]  ? kthread+0x11e/0x140 > > [ 3003.840394]  rewind_stack_do_exit+0x17/0x20 > > [ 3004.389582] tpm tpm1803: tpm_try_transmit: tpm_send: error -14 > > > > > > > > > > Signed-off-by: Jarkko Sakkinen > > > --- > > >   drivers/char/tpm/tpm-chip.c      | 110 +++++++++++++++++++++++++++++++ > > >   drivers/char/tpm/tpm-interface.c |  87 +----------------------- > > >   drivers/char/tpm/tpm.h           |   2 + > > >   3 files changed, 115 insertions(+), 84 deletions(-) > > > > > > diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c > > > index 157505b0f755..65f1561eba81 100644 > > > --- a/drivers/char/tpm/tpm-chip.c > > > +++ b/drivers/char/tpm/tpm-chip.c > > > @@ -37,6 +37,116 @@ struct class *tpm_class; > > >   struct class *tpmrm_class; > > >   dev_t tpm_devt; > > > > > > +static int tpm_request_locality(struct tpm_chip *chip, unsigned int > > > flags) > > > +{ > > > +    int rc; > > > + > > > +    if (flags & TPM_TRANSMIT_NESTED) > > > +        return 0; > > > + > > > +    if (!chip->ops->request_locality) > > > +        return 0; > > > + > > > +    rc = chip->ops->request_locality(chip, 0); > > > +    if (rc < 0) > > > +        return rc; > > > + > > > +    chip->locality = rc; > > > +    return 0; > > > +} > > > + > > > +static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned > > > int flags) > > > +{ > > > +    int rc; > > > + > > > +    if (flags & TPM_TRANSMIT_NESTED) > > > +        return; > > > + > > > +    if (!chip->ops->relinquish_locality) > > > +        return; > > > + > > > +    rc = chip->ops->relinquish_locality(chip, chip->locality); > > > +    if (rc) > > > +        dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); > > > + > > > +    chip->locality = -1; > > > +} > > > + > > > +static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags) > > > +{ > > > +    if (flags & TPM_TRANSMIT_NESTED) > > > +        return 0; > > > + > > > +    if (!chip->ops->cmd_ready) > > > +        return 0; > > > + > > > +    return chip->ops->cmd_ready(chip); > > > +} > > > + > > > +static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags) > > > +{ > > > +    if (flags & TPM_TRANSMIT_NESTED) > > > +        return 0; > > > + > > > +    if (!chip->ops->go_idle) > > > +        return 0; > > > + > > > +    return chip->ops->go_idle(chip); > > > +} > > > + > > > +/** > > > + * tpm_chip_start() - power on the TPM > > > + * @chip:    a TPM chip to use > > > + * @flags:    TPM transmit flags > > > + * > > > + * Return: > > > + * * The response length    - OK > > > + * * -errno            - A system error > > > + */ > > > +int tpm_chip_start(struct tpm_chip *chip, unsigned int flags) > > > +{ > > > +    int ret; > > > + > > > +    if (chip->ops->clk_enable) > > > +        chip->ops->clk_enable(chip, true); > > > + > > > +    if (chip->locality == -1) { > > > +        ret = tpm_request_locality(chip, flags); > > > +        if (ret) { > > > +            chip->ops->clk_enable(chip, false); > > > +            return ret; > > > +        } > > > +    } > > > + > > > +    ret = tpm_cmd_ready(chip, flags); > > > +    if (ret) { > > > +        tpm_relinquish_locality(chip, flags); > > > +        if (chip->ops->clk_enable) > > > +            chip->ops->clk_enable(chip, false); > > > +        return ret; > > > +    } > > > + > > > +    return 0; > > > +} > > > + > > > +/** > > > + * tpm_chip_stop() - power off the TPM > > > + * @chip:    a TPM chip to use > > > + * @flags:    TPM transmit flags > > > + * > > > + * Return: > > > + * * The response length    - OK > > > + * * -errno            - A system error > > > + */ > > > +void tpm_chip_stop(struct tpm_chip *chip, unsigned int flags) > > > +{ > > > +    tpm_go_idle(chip, flags); > > > +    tpm_relinquish_locality(chip, flags); > > > +    if (chip->ops->clk_enable) > > > +        chip->ops->clk_enable(chip, false); > > > +} > > > + > > > + > > >   /** > > >    * tpm_try_get_ops() - Get a ref to the tpm_chip > > >    * @chip: Chip to ref > > > diff --git a/drivers/char/tpm/tpm-interface.c > > > b/drivers/char/tpm/tpm-interface.c > > > index 5865b9671d20..888c9923fca1 100644 > > > --- a/drivers/char/tpm/tpm-interface.c > > > +++ b/drivers/char/tpm/tpm-interface.c > > > @@ -62,64 +62,6 @@ unsigned long tpm_calc_ordinal_duration(struct > > > tpm_chip *chip, u32 ordinal) > > >   } > > >   EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); > > > > > > -static int tpm_request_locality(struct tpm_chip *chip, unsigned int > > > flags) > > > -{ > > > -    int rc; > > > - > > > -    if (flags & TPM_TRANSMIT_NESTED) > > > -        return 0; > > > - > > > -    if (!chip->ops->request_locality) > > > -        return 0; > > > - > > > -    rc = chip->ops->request_locality(chip, 0); > > > -    if (rc < 0) > > > -        return rc; > > > - > > > -    chip->locality = rc; > > > - > > > -    return 0; > > > -} > > > - > > > -static void tpm_relinquish_locality(struct tpm_chip *chip, unsigned > > > int flags) > > > -{ > > > -    int rc; > > > - > > > -    if (flags & TPM_TRANSMIT_NESTED) > > > -        return; > > > - > > > -    if (!chip->ops->relinquish_locality) > > > -        return; > > > - > > > -    rc = chip->ops->relinquish_locality(chip, chip->locality); > > > -    if (rc) > > > -        dev_err(&chip->dev, "%s: : error %d\n", __func__, rc); > > > - > > > -    chip->locality = -1; > > > -} > > > - > > > -static int tpm_cmd_ready(struct tpm_chip *chip, unsigned int flags) > > > -{ > > > -    if (flags & TPM_TRANSMIT_NESTED) > > > -        return 0; > > > - > > > -    if (!chip->ops->cmd_ready) > > > -        return 0; > > > - > > > -    return chip->ops->cmd_ready(chip); > > > -} > > > - > > > -static int tpm_go_idle(struct tpm_chip *chip, unsigned int flags) > > > -{ > > > -    if (flags & TPM_TRANSMIT_NESTED) > > > -        return 0; > > > - > > > -    if (!chip->ops->go_idle) > > > -        return 0; > > > - > > > -    return chip->ops->go_idle(chip); > > > -} > > > - > > >   static ssize_t tpm_try_transmit(struct tpm_chip *chip, u8 *buf, > > > size_t bufsiz, > > >                   unsigned int flags) > > >   { > > > @@ -212,7 +154,6 @@ ssize_t tpm_transmit(struct tpm_chip *chip, u8 > > > *buf, size_t bufsiz, > > >       /* space for header and handles */ > > >       u8 save[TPM_HEADER_SIZE + 3*sizeof(u32)]; > > >       unsigned int delay_msec = TPM2_DURATION_SHORT; > > > -    bool has_locality = false; > > >       u32 rc = 0; > > >       ssize_t ret; > > >       const size_t save_size = min(sizeof(save), bufsiz); > > > @@ -227,34 +168,12 @@ ssize_t tpm_transmit(struct tpm_chip *chip, u8 > > > *buf, size_t bufsiz, > > >       memcpy(save, buf, save_size); > > > > > >       for (;;) { > > > -        if (chip->ops->clk_enable != NULL) > > > -            chip->ops->clk_enable(chip, true); > > > - > > > -        if (chip->locality == -1) { > > > -            ret = tpm_request_locality(chip, flags); > > > -            if (ret) > > > -                goto out_locality; > > > -            has_locality = true; > > > -        } > > > - > > > -        ret = tpm_cmd_ready(chip, flags); > > > +        ret = tpm_chip_start(chip, flags); > > >           if (ret) > > > -            goto out_locality; > > > - > > > +            return ret; > > >           ret = tpm_try_transmit(chip, buf, bufsiz, flags); > > > +        tpm_chip_stop(chip, flags); > > > > > > -        /* This may fail but do not override ret. */ > > > -        tpm_go_idle(chip, flags); > > > - > > > -out_locality: > > > -        if (has_locality) > > > -            tpm_relinquish_locality(chip, flags); > > > - > > > -        if (chip->ops->clk_enable != NULL) > > > -            chip->ops->clk_enable(chip, false); > > > - > > > -        if (ret < 0) > > > -            break; > > >           rc = be32_to_cpu(header->return_code); > > >           if (rc != TPM2_RC_RETRY && rc != TPM2_RC_TESTING) > > >               break; > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > > > index c7c06de651a0..c42a75710b70 100644 > > > --- a/drivers/char/tpm/tpm.h > > > +++ b/drivers/char/tpm/tpm.h > > > @@ -523,6 +523,8 @@ static inline void tpm_msleep(unsigned int > > > delay_msec) > > >                delay_msec * 1000); > > >   }; > > > > > > +int tpm_chip_start(struct tpm_chip *chip, unsigned int flags); > > > +void tpm_chip_stop(struct tpm_chip *chip, unsigned int flags); > > >   struct tpm_chip *tpm_find_get_ops(struct tpm_chip *chip); > > >   __must_check int tpm_try_get_ops(struct tpm_chip *chip); > > >   void tpm_put_ops(struct tpm_chip *chip); > > > > > Thank you! /Jarkko