Re: [RFC PATCH 1/4] tpm: Ensure exclusive userspace access when using /dev/tpm<n>

[Jarkko Sakkinen <jarkko@kernel.org>]

On Tue, Sep 02, 2025 at 06:26:49PM +0100, Jonathan McDowell wrote:
> From: Jonathan McDowell <noodles@meta.com>
> 
> There is an is_open lock on /dev/tpm<n> that dates back to at least
> 2013, but it only prevents multiple accesses via *this* interface. It is
> perfectly possible for userspace to use /dev/tpmrm<n>, or the kernel to
> use the internal interfaces, to access the TPM.
> 
> This can cause problems with userspace expecting exclusive access and
> something changing state underneath it, for example while performing a
> TPM firmware upgrade.
> 
> Close the userspace loophole by changing the simple bit lock to a full
> read/write mutex. Direct /dev/tpm<n> access needs an exclusive write
> lock, the resource broker continues to allow concurrent access *except*
> when /dev/tpm<n> is open.
> 
> Signed-off-by: Jonathan McDowell <noodles@meta.com>

I think the rationale makes sense to me as they are different view port
for the exact same hardware instance, and /dev/tpmrm0 scales only within
its own virtual universum.

I don't know what would be the best write up but basically I'd cut the
story shorter a bit and explicitly enumerate these anchoring "hard
reasons". Problems in user space is something that I can imagine that
there is a variety problem but it is more abstract side of this
issue. When you have a smoking gun just point your finger to it
exactly.


> ---
>  drivers/char/tpm/tpm-chip.c  |  1 +
>  drivers/char/tpm/tpm-dev.c   | 14 ++++++++------
>  drivers/char/tpm/tpmrm-dev.c | 20 ++++++++++++++++++--
>  include/linux/tpm.h          |  3 ++-
>  4 files changed, 29 insertions(+), 9 deletions(-)
> 
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index e25daf2396d3..8c8e9054762a 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -338,6 +338,7 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
>  
>  	mutex_init(&chip->tpm_mutex);
>  	init_rwsem(&chip->ops_sem);
> +	init_rwsem(&chip->open_lock);
>  
>  	chip->ops = ops;
>  
> diff --git a/drivers/char/tpm/tpm-dev.c b/drivers/char/tpm/tpm-dev.c
> index 97c94b5e9340..80c4b3f3ad18 100644
> --- a/drivers/char/tpm/tpm-dev.c
> +++ b/drivers/char/tpm/tpm-dev.c
> @@ -22,10 +22,12 @@ static int tpm_open(struct inode *inode, struct file *file)
>  
>  	chip = container_of(inode->i_cdev, struct tpm_chip, cdev);
>  
> -	/* It's assured that the chip will be opened just once,
> -	 * by the check of is_open variable, which is protected
> -	 * by driver_lock. */
> -	if (test_and_set_bit(0, &chip->is_open)) {
> +	/*
> +	 * Only one client is allowed to have /dev/tpm0 open at a time, so we
> +	 * treat it as a write lock. The shared /dev/tpmrm0 is treated as a
> +	 * read lock.
> +	 */
> +	if (!down_write_trylock(&chip->open_lock)) {
>  		dev_dbg(&chip->dev, "Another process owns this TPM\n");
>  		return -EBUSY;
>  	}
> @@ -39,7 +41,7 @@ static int tpm_open(struct inode *inode, struct file *file)
>  	return 0;
>  
>   out:
> -	clear_bit(0, &chip->is_open);
> +	up_write(&chip->open_lock);
>  	return -ENOMEM;
>  }
>  
> @@ -51,7 +53,7 @@ static int tpm_release(struct inode *inode, struct file *file)
>  	struct file_priv *priv = file->private_data;
>  
>  	tpm_common_release(file, priv);
> -	clear_bit(0, &priv->chip->is_open);
> +	up_write(&priv->chip->open_lock);
>  	kfree(priv);
>  
>  	return 0;
> diff --git a/drivers/char/tpm/tpmrm-dev.c b/drivers/char/tpm/tpmrm-dev.c
> index c25df7ea064e..40c139a080b6 100644
> --- a/drivers/char/tpm/tpmrm-dev.c
> +++ b/drivers/char/tpm/tpmrm-dev.c
> @@ -17,19 +17,34 @@ static int tpmrm_open(struct inode *inode, struct file *file)
>  	int rc;
>  
>  	chip = container_of(inode->i_cdev, struct tpm_chip, cdevs);
> +
> +	/*
> +	 * Only one client is allowed to have /dev/tpm0 open at a time, so we
> +	 * treat it as a write lock. The shared /dev/tpmrm0 is treated as a
> +	 * read lock.
> +	 */
> +	if (!down_read_trylock(&chip->open_lock)) {
> +		dev_dbg(&chip->dev, "Another process owns this TPM\n");
> +		return -EBUSY;
> +	}
> +
>  	priv = kzalloc(sizeof(*priv), GFP_KERNEL);
>  	if (priv == NULL)
> -		return -ENOMEM;
> +		goto out;
>  
>  	rc = tpm2_init_space(&priv->space, TPM2_SPACE_BUFFER_SIZE);
>  	if (rc) {
>  		kfree(priv);
> -		return -ENOMEM;
> +		goto out;
>  	}
>  
>  	tpm_common_open(file, chip, &priv->priv, &priv->space);
>  
>  	return 0;
> +
> +out:

nit 

err:

as it is purely for error propagation


> +	up_read(&chip->open_lock);
> +	return -ENOMEM;
>  }
>  
>  static int tpmrm_release(struct inode *inode, struct file *file)
> @@ -40,6 +55,7 @@ static int tpmrm_release(struct inode *inode, struct file *file)
>  	tpm_common_release(file, fpriv);
>  	tpm2_del_space(fpriv->chip, &priv->space);
>  	kfree(priv);
> +	up_read(&fpriv->chip->open_lock);
>  
>  	return 0;
>  }
> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> index b0e9eb5ef022..548362d20b32 100644
> --- a/include/linux/tpm.h
> +++ b/include/linux/tpm.h
> @@ -22,6 +22,7 @@
>  #include <linux/cdev.h>
>  #include <linux/fs.h>
>  #include <linux/highmem.h>
> +#include <linux/rwsem.h>
>  #include <crypto/hash_info.h>
>  #include <crypto/aes.h>
>  
> @@ -168,7 +169,7 @@ struct tpm_chip {
>  	unsigned int flags;
>  
>  	int dev_num;		/* /dev/tpm# */
> -	unsigned long is_open;	/* only one allowed */
> +	struct rw_semaphore open_lock;
>  
>  	char hwrng_name[64];
>  	struct hwrng hwrng;
> -- 
> 2.51.0
> 

BR, Jarkko