On Thu, May 25, 2017 at 04:04:24PM -0400, Stefan Berger wrote:
On 05/25/2017 11:50 AM, Jason Gunthorpe wrote:The driver must always be able to process requests until
On Thu, May 25, 2017 at 09:12:36AM -0400, Stefan Berger wrote:In this function here.
The tpm2_shutdown does not work with the VTPM proxy driver since theThis seems strange to me..
function only gets called when the backend file descriptor is already
closed and at this point no data can be sent anymore. A proper shutdown
would have to be initated by a user space application, such as a container
management stack, that sends the command via the character device before
terminating the TPM emulator.
To avoid the tpm2_shutdown we introduce a TPM_CHIP_FLAG_NO_SHUTDOWN flag
that only the VTPM proxy driver sets. This also avoids misleading kernel
log messages.
Why isn't ops null if the fd has gone away?
What is the call flow that hits this?
static void tpm_del_char_device(struct tpm_chip *chip)
{
cdev_device_del(&chip->cdev, &chip->dev);
/* Make the chip unavailable. */
mutex_lock(&idr_lock);
idr_replace(&dev_nums_idr, NULL, chip->dev_num);
mutex_unlock(&idr_lock);
/* Make the driver uncallable. */
down_write(&chip->ops_sem);
if (chip->flags & TPM_CHIP_FLAG_TPM2)
tpm2_shutdown(chip, TPM2_SU_CLEAR);
chip->ops = NULL;
up_write(&chip->ops_sem);
}
The request cannot be deliver because the anonymous fd has been closed
already.
tpm_del_char_device completes, so this is triggering an existing bug
in vtpm. This change in core behvior is not going to fix the bug.
eg a request from sysfs/etc could come in between vtpm fd closure and
tpm_del_char_device, and it still must be handled properly.
I guess you need to have transmit command fail fast once the fd is
closed.