From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>,
linux-integrity@vger.kernel.org, Peter Huewe <peterhuewe@gmx.de>
Subject: Re: [PATCH] tpm_tis: Add a check for invalid status
Date: Wed, 30 Sep 2020 04:37:54 +0300 [thread overview]
Message-ID: <20200930013754.GB808399@linux.intel.com> (raw)
In-Reply-To: <f0dcade667d226e982db89389fd0d86368c67ba9.camel@HansenPartnership.com>
On Mon, Sep 28, 2020 at 02:15:33PM -0700, James Bottomley wrote:
> On Mon, 2020-09-28 at 15:33 -0300, Jason Gunthorpe wrote:
> > On Mon, Sep 28, 2020 at 11:00:12AM -0700, James Bottomley wrote:
> > > Some TIS based TPMs can return 0xff to status reads if the locality
> > > hasn't been properly requested. Detect this condition by checking
> > > the bits that the TIS spec specifies must return zero are clear and
> > > return zero in that case. Also drop a warning so the problem can
> > > be identified in the calling path and fixed (usually a missing
> > > try_get_ops()).
> > >
> > > Signed-off-by: James Bottomley <
> > > James.Bottomley@HansenPartnership.com>
> > >
> > > This is the patch I've been using to catch and kill all the points
> > > in the stack where we're not properly using get/put ops on the tpm
> > > chip.
> >
> > If this is a problem add a lockdep on ops_sem in various places too?
>
> It's not really possible because of the init issue with checking the
> interrupt. That originally had no locking at all (it doesn't need any
> because the TPM device isn't publicly exposed at the point the check is
> done). If the patch to add get/put around the tpm2_get_tpm_pt is
> acceptable, then perhaps we could because I think that's the last
> unguarded use of tpm_tis_status.
>
> James
I think this sanity check would not hurt at all.
We should also improve the testing coverage. E.g. there is zero coverage
for trusted keys. It can easily lead weird conclusions if there is no
common test to run.
I touched that over here:
https://lore.kernel.org/linux-integrity/20200929225841.GA805025@linux.intel.com/
Anyway, I will apply this for sure.
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
next prev parent reply other threads:[~2020-09-30 1:38 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 18:00 [PATCH] tpm_tis: Add a check for invalid status James Bottomley
2020-09-28 18:33 ` Jason Gunthorpe
2020-09-28 21:15 ` James Bottomley
2020-09-30 1:37 ` Jarkko Sakkinen [this message]
2020-09-30 1:40 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200930013754.GB808399@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=peterhuewe@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).