1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
commit dbd71905ba3183e53bcc699813f6061779001c62
Author: Genli Pan <genli.pan@windriver.com>
Date: Mon Dec 15 10:54:04 2014 +0800
obj_list_get_obj() uses a mutex lock to exclusively access to list.
And the lock is released in function obj_list_put(). Usage of this
couple of functions in the following code path cause deadlock.
--------
obj_context_transport_close
obj_list_get_obj
secret_PerformAuth_OIAP
obj_context_get_tcs_api
obj_list_get_obj
...
obj_list_put
Transport_OIAP
obj_context_transport_init
obj_list_get_obj
...
obj_list_put
RPC_ReleaseTransportSigned
obj_list_put
--------
Also fix a potential hung situation, that authorization session didn't been
released even if establish transport session failed. And retrying will
takes up more authorization sessions, until the thread being forced waiting.
Signed-off-by: Genli Pan <genli.pan@windriver.com>
diff --git a/src/tspi/obj_context.c b/src/tspi/obj_context.c
index cb2091e..bcbc4da 100644
--- a/src/tspi/obj_context.c
+++ b/src/tspi/obj_context.c
@@ -1330,6 +1334,7 @@ obj_context_transport_close(TSS_HCONTEXT tspContext,
return TSPERR(TSS_E_INVALID_HANDLE);
context = (struct tr_context_obj *)obj->data;
+ obj_list_put(&context_list);
/* return immediately if we're not in a transport session */
if (!(context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED)) {
@@ -1431,7 +1436,7 @@ obj_context_transport_close(TSS_HCONTEXT tspContext,
done_disabled:
context->flags &= ~TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED;
done:
- obj_list_put(&context_list);
+ //obj_list_put(&context_list);
return result;
}
diff --git a/src/tcs/tcsi_transport.c b/src/tcs/tcsi_transport.c
index ce47e09..98a9d40 100644
--- a/src/tcs/tcsi_transport.c
+++ b/src/tcs/tcsi_transport.c
@@ -77,11 +77,16 @@ TCSP_EstablishTransport_Internal(TCS_CONTEXT_HANDLE hContext,
} else
LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_EstablishTransport, txBlob);
- if ((result = req_mgr_submit_req(txBlob)))
+ if ((result = req_mgr_submit_req(txBlob))) {
+ if (pEncKeyAuth)
+ pEncKeyAuth->fContinueAuthSession = FALSE;
goto done;
+ }
if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ if (pEncKeyAuth)
+ pEncKeyAuth->fContinueAuthSession = FALSE;
goto done;
}
@@ -97,6 +102,8 @@ TCSP_EstablishTransport_Internal(TCS_CONTEXT_HANDLE hContext,
*prgbCurrentTicks = malloc(*ulCurrentTicks);
if (*prgbCurrentTicks == NULL) {
result = TCSERR(TSS_E_OUTOFMEMORY);
+ if (pEncKeyAuth)
+ pEncKeyAuth->fContinueAuthSession = FALSE;
goto done;
}
|
