| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Aug 2014 07:14:03 +0000 (UTC)
From: Scot Doyle <lkml14@...tdoyle.com>
To: Peter Huewe <peterhuewe@....de>, Ashley Lai <ashley@...leylai.com>,
Marcel Selhorst <tpmdd@...horst.net>
cc: Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
Stefan Berger <stefanb@...ux.vnet.ibm.com>,
Luigi Semenzato <semenzato@...gle.com>,
tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: [PATCH] tpm: fix interrupt timeouts
commit 4c663cfc523a88d97a8309b04a089c27dc57fd7e
wait: fix false timeouts when using wait_event_timeout()
changed the semantics of wait_event_interruptible_timeout so that a
condition check is performed after timeout and 1 is returned if true.
The TPM chip may not send interrupts even though the tpm module is
attempting to receive interrupts. In this case, after the module
sends a command to the TPM chip it performs a blocking wait on the
interrupt queue. No interrupts are sent from the chip, the queue is
not woken up and the blocking wait times out. Despite timing out,
the command has completed and the condition check performed by
wait_event_interruptible_timeout after timeout is true, resulting in
a return value of 1. Since the expected return value on timeout is 0
the timeout is not detected.
To fix, assume a return value of 1 or less indicates an elapsed
timeout. It is possible for the return value to be 1 after receiving
an interrupt, but this should be rare. The condition is not double-
checked because of possible side effects.
Signed-off-by: Scot Doyle
---
Patch for wait_event_interruptible_timeout documentation:
https://lkml.kernel.org/g/alpine.LNX.2.11.1408241710070.6462@localhost.localdomain
drivers/char/tpm/tpm-interface.c | 2 +-
drivers/char/tpm/tpm_i2c_nuvoton.c | 2 +-
drivers/char/tpm/tpm_tis.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 6af1700..cceda56 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -863,7 +863,7 @@ again:
wait_for_tpm_stat_cond(chip, mask, check_cancel,
&canceled),
timeout);
- if (rc > 0) {
+ if (rc > 1) {
if (canceled)
return -ECANCELED;
return 0;
diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c
index 7b158ef..fce0c70 100644
--- a/drivers/char/tpm/tpm_i2c_nuvoton.c
+++ b/drivers/char/tpm/tpm_i2c_nuvoton.c
@@ -185,7 +185,7 @@ static int i2c_nuvoton_wait_for_stat(struct tpm_chip *chip, u8 mask, u8 value,
rc = wait_event_interruptible_timeout(*queue,
cur_intrs != priv->intrs,
timeout);
- if (rc > 0)
+ if (rc > 1)
return 0;
/* At this point we know that the SINT pin is asserted, so we
* do not need to do i2c_nuvoton_check_status */
diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
index 2c46734..6cb0f7a 100644
--- a/drivers/char/tpm/tpm_tis.c
+++ b/drivers/char/tpm/tpm_tis.c
@@ -158,7 +158,7 @@ again:
(check_locality
(chip, l) >= 0),
timeout);
- if (rc > 0)
+ if (rc > 1)
return l;
if (rc == -ERESTARTSYS && freezing(current)) {
clear_thread_flag(TIF_SIGPENDING);
--
2.0.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists