On Sat, Mar 09, 2019 at 02:44:27PM -0800, James Bottomley wrote: > OK, so the polled sequence should be > > write() > poll() > read() > > So I think this condition in tpm_common_poll is the problem: > > if (!priv->response_read || priv->response_length) > mask = EPOLLIN | EPOLLRDNORM; Tadeusz, why on earth the code does not lock buffer_mutex?? Just noticed when I checked the function in question. It is an awful bug alone. Maybe I'm missing something but that is the root cause for this mess i.e. race condition with tpm_common_write(). I'm sorry for not noticing that during the review process :-( So obviously wrong... /Jarkko
