Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc)

[PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Stefan Berger <stefanb@linux.ibm.com> · 2021-12-12
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Sachin Sant <hidden> · 2021-12-20
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Tyrel Datwyler <tyreld@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Stefan Berger <stefanb@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Jason Gunthorpe <jgg@ziepe.ca> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Stefan Berger <stefanb@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Tyrel Datwyler <tyreld@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Tyrel Datwyler <tyreld@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Jarkko Sakkinen <jarkko@kernel.org> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Stefan Berger <stefanb@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Stefan Berger <stefanb@linux.ibm.com> · 2021-12-21
Re: [PATCH] tpm: Fix kexec crash due to access to ops NULL pointer (powerpc) · Jarkko Sakkinen <jarkko@kernel.org> · 2021-12-29

From: Jason Gunthorpe <jgg@ziepe.ca>
Date: 2021-12-21 01:13:25
Also in: linux-integrity, linuxppc-dev, lkml

On Mon, Dec 20, 2021 at 08:05:58PM -0500, Stefan Berger wrote:

quoted hunk ↗ jump to hunk

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index ddaeceb7e109..4cb908349b31 100644
+++ b/drivers/char/tpm/tpm-chip.c

@@ -473,15 +473,8 @@ static void tpm_del_char_device(struct tpm_chip *chip)

        mutex_unlock(&idr_lock);

        /* Make the driver uncallable. */
-       down_write(&chip->ops_sem);
-       if (chip->flags & TPM_CHIP_FLAG_TPM2) {
-               if (!tpm_chip_start(chip)) {
-                       tpm2_shutdown(chip, TPM2_SU_CLEAR);
-                       tpm_chip_stop(chip);
-               }
-       }
-       chip->ops = NULL;
-       up_write(&chip->ops_sem);
+       if (chip->ops)

ops cannot be read without locking

Jason

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help