On 03/22/2018 05:39 PM, Jason Gunthorpe wrote:
On Thu, Mar 22, 2018 at 12:20:33PM -0400, Stefan Berger wrote:
I tried to convert the IMA code to look up a TPM chip and use it until
shutdown, when it releases it before device_shutdown(). Ideally this would
work but because of xen-front's resume code it doesn't. There the chip is
unregistered upon domU resume (tpmfront_resume calls tpmfron_remove) and for
that reason IMA cannot be holding onto that chip until shutdown.
Well removing the TPM during resume seems totally wrong, don't do
that.
though that's what seems to be happening:
static int tpmfront_remove(struct xenbus_device *dev)
{
struct tpm_chip *chip = dev_get_drvdata(&dev->dev);
struct tpm_private *priv = dev_get_drvdata(&chip->dev);
tpm_chip_unregister(chip); <---- chip is gone
upon resume
ring_free(priv);
dev_set_drvdata(&chip->dev, NULL); <---- no additional
get_device in this code; chip should be freed by now;
return 0;
}
static int tpmfront_resume(struct xenbus_device *dev)
{
/* A suspend/resume/migrate will interrupt a vTPM anyway */
tpmfront_remove(dev);
return tpmfront_probe(dev, NULL);
}
Jason
