From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: "Mantas Mikulėnas" <grawity@gmail.com>,
linux-integrity@vger.kernel.org,
"Tadeusz Struk" <tadeusz.struk@intel.com>,
"Jarkko Sakkinen" <jarkko.sakkinen@linux.intel.com>
Subject: Re: Kernel 5.0 regression in /dev/tpm0 access
Date: Sat, 09 Mar 2019 14:44:27 -0800 [thread overview]
Message-ID: <1552171467.3442.13.camel@HansenPartnership.com> (raw)
In-Reply-To: <1552168908.3442.5.camel@HansenPartnership.com>
On Sat, 2019-03-09 at 14:01 -0800, James Bottomley wrote:
> On Sat, 2019-03-09 at 22:48 +0200, Mantas Mikulėnas wrote:
[...]
> openat(AT_FDCWD, "/dev/tpmrm0", O_RDWR) = 3
> write(3,
> "\200\1\0\0\0\26\0\0\1z\0\0\0\0\0\0\0\0\0\0\0@", 22) = 22
> read(3,
> "\200\1\0\0\0\235\0\0\0\0\0\0\0\0\0\0\0\0\27\0\1\0\0\0\t\0\4\0\0\0\4\
> 0"
> ..., 4096) = 157
> close(3)
>
> So we do a simple write command and read the return (which simply
> hangs until the TPM is ready with the data). We don't poll like your
> application does above, so it seems obvious that the break must be in
> the polling code.
OK, so the polled sequence should be
write()
poll()
read()
So I think this condition in tpm_common_poll is the problem:
if (!priv->response_read || priv->response_length)
mask = EPOLLIN | EPOLLRDNORM;
If something wakes poll_wait() before the command returns, that
condition is true because we set response_read to false in write(). So
I think poll_wait() is returning prematurely.
The reason you don't often see the problem under tracing is that if the
queued work has time to execute *before* poll returns, it's taken the
mutex and the read() will block until the command completes trying to
acquire the mutex. If you're fast enough, the queue doesn't run, the
mutex isn't taken and read acquires it and returns with no data.
I think the fix may be to make poll only return POLLIN if we have a
response_length, so
if (priv->response_length)
mask = EPOLLIN | EPOLLRDNORM;
That way the calling program will get POLLOUT and go back to re-polling
until we have data.
James
next prev parent reply other threads:[~2019-03-09 22:44 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-09 20:48 Kernel 5.0 regression in /dev/tpm0 access Mantas Mikulėnas
2019-03-09 22:01 ` James Bottomley
2019-03-09 22:44 ` James Bottomley [this message]
2019-03-11 13:09 ` Jarkko Sakkinen
2019-03-12 22:42 ` Tadeusz Struk
2019-03-12 22:50 ` James Bottomley
2019-03-13 14:00 ` Jarkko Sakkinen
2019-03-13 13:59 ` Jarkko Sakkinen
2019-03-17 13:22 ` Jarkko Sakkinen
2019-03-18 15:50 ` Tadeusz Struk
2019-03-20 9:58 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1552171467.3442.13.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=grawity@gmail.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=tadeusz.struk@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.