[PATCH] tpm: ibmvtpm: Avoid error message when process gets signal while waiting

Jarkko Sakkinen jarkko at kernel.org
Fri Jul 30 00:57:44 UTC 2021


On Thu, Jul 29, 2021 at 09:39:18AM -0400, Stefan Berger wrote:
> 
> On 7/28/21 5:50 PM, Jarkko Sakkinen wrote:
> > On Mon, Jul 26, 2021 at 11:00:51PM -0400, Stefan Berger wrote:
> > > On 7/26/21 10:42 PM, Jarkko Sakkinen wrote:
> > > > On Mon, Jul 12, 2021 at 12:25:05PM -0400, Stefan Berger wrote:
> > > > > From: Stefan Berger <stefanb at linux.ibm.com>
> > > > > 
> > > > > When rngd is run as root then lots of these types of message will appear
> > > > > in the kernel log if the TPM has been configure to provide random bytes:
> > > > > 
> > > > > [ 7406.275163] tpm tpm0: tpm_transmit: tpm_recv: error -4
> > > > > 
> > > > > The issue is caused by the following call that is interrupted while
> > > > > waiting for the TPM's response.
> > > > > 
> > > > > sig = wait_event_interruptible(ibmvtpm->wq,
> > > > >                                  !ibmvtpm->tpm_processing_cmd);
> > > > > 
> > > > > The solution is to use wait_event() instead.
> > > > Why?
> > > So it becomes uninterruptible and these error messages go away.
> > We do not want to make a process uninterruptible. That would prevent
> > killing it.
> 
> I guess we'll have to go back to this one then:
> https://www.spinics.net/lists/linux-integrity/msg16741.html

Makes a heck lot more sense.

There's a typo in the commit message: PM_STATUS_BUSY 

Also the commit message lacks explanation of this change completely:

@@ -690,8 +688,15 @@ static int tpm_ibmvtpm_probe(struct vio_dev *vio_dev,
 		goto init_irq_cleanup;
 	}
 
-	if (!strcmp(id->compat, "IBM,vtpm20")) {
+
+	if (!strcmp(id->compat, "IBM,vtpm20"))
 		chip->flags |= TPM_CHIP_FLAG_TPM2;
+
+	rc = tpm_get_timeouts(chip);
+	if (rc)
+		goto init_irq_cleanup;
+
+	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
 		rc = tpm2_get_cc_attrs_tbl(chip);

The last paragraph should be rewritten in imperative form.

Finally, you could simplify the fix by simply changing the type of
tpm_processing_cmd to u8, and just set it to 'true' and 'false',
which will set the first bit.

/Jarkko



More information about the Linux-security-module-archive mailing list