From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>,
linux-integrity@vger.kernel.org, Peter Huewe <peterhuewe@gmx.de>
Subject: Re: [PATCH] tpm_tis: Add a check for invalid status
Date: Wed, 30 Sep 2020 04:40:15 +0300 [thread overview]
Message-ID: <20200930014004.GC808399@linux.intel.com> (raw)
In-Reply-To: <20200930013754.GB808399@linux.intel.com>
On Wed, Sep 30, 2020 at 04:37:58AM +0300, Jarkko Sakkinen wrote:
> On Mon, Sep 28, 2020 at 02:15:33PM -0700, James Bottomley wrote:
> > On Mon, 2020-09-28 at 15:33 -0300, Jason Gunthorpe wrote:
> > > On Mon, Sep 28, 2020 at 11:00:12AM -0700, James Bottomley wrote:
> > > > Some TIS based TPMs can return 0xff to status reads if the locality
> > > > hasn't been properly requested. Detect this condition by checking
> > > > the bits that the TIS spec specifies must return zero are clear and
> > > > return zero in that case. Also drop a warning so the problem can
> > > > be identified in the calling path and fixed (usually a missing
> > > > try_get_ops()).
> > > >
> > > > Signed-off-by: James Bottomley <
> > > > James.Bottomley@HansenPartnership.com>
> > > >
> > > > This is the patch I've been using to catch and kill all the points
> > > > in the stack where we're not properly using get/put ops on the tpm
> > > > chip.
> > >
> > > If this is a problem add a lockdep on ops_sem in various places too?
> >
> > It's not really possible because of the init issue with checking the
> > interrupt. That originally had no locking at all (it doesn't need any
> > because the TPM device isn't publicly exposed at the point the check is
> > done). If the patch to add get/put around the tpm2_get_tpm_pt is
> > acceptable, then perhaps we could because I think that's the last
> > unguarded use of tpm_tis_status.
> >
> > James
>
> I think this sanity check would not hurt at all.
>
> We should also improve the testing coverage. E.g. there is zero coverage
> for trusted keys. It can easily lead weird conclusions if there is no
> common test to run.
>
> I touched that over here:
>
> https://lore.kernel.org/linux-integrity/20200929225841.GA805025@linux.intel.com/
>
> Anyway, I will apply this for sure.
>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Has been applied.
/Jarkko
prev parent reply other threads:[~2020-09-30 1:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 18:00 [PATCH] tpm_tis: Add a check for invalid status James Bottomley
2020-09-28 18:33 ` Jason Gunthorpe
2020-09-28 21:15 ` James Bottomley
2020-09-30 1:37 ` Jarkko Sakkinen
2020-09-30 1:40 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200930014004.GC808399@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=peterhuewe@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).