From patchwork Fri Aug 13 15:07:19 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 496575 Delivered-To: patch@linaro.org Received: by 2002:a02:cf8a:0:0:0:0:0 with SMTP id w10csp658838jar; Fri, 13 Aug 2021 08:15:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyx8kCY8QRBIcz/+YMNllRf37pAi206NoFNxnHCWQ1QYjGIjenelAP9Z1Y04A/Uf36PeCmm X-Received: by 2002:a5d:534e:: with SMTP id t14mr3796345wrv.109.1628867749328; Fri, 13 Aug 2021 08:15:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628867749; cv=none; d=google.com; s=arc-20160816; b=um1qpqg8tuCw495aQQnkny9GWCPa6cwLEfX38xJxtUYrVAh8AhlsKIkxLhwyjlTfZ/ pMxUZQWpd9xSP2kPJ41guWuPVft+qRiMGCAdWBR1q8jlkapz1ptPUx7RSv/x6JGLPick ArgnQGPL3vEFyAEV5z5QD+lRlh6q2fcIrfrmgnzXZe3bT/yBmJG75oTRQhUS+S2Nh0Bp Vs8VpAF6tQ+UoHSd4Z809KcAffyZoFynnnnq039AYArH4F4vJbwdppyYyqqMIjz+F9f5 aQlx191TQNICEYglaLxegBI5j7gKubDGcO4xWJl9fNbE7F4EkV0HP2zU2maBUmSP5ZcD bCeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=2e4kfklukUQxdfyYJWqVWd2eCM6V+Hn0LJIArcFTHNk=; b=ykQDBn07wxfRNs72Ggerv38ihNV7uUnmOt2A9BUqvttTZyUluvRQoJLYyiVmJ0tI2s eZUTBjZw8w1Cd8Ax/ya5bQ0t50s3R9a4X5l4/BfAiUlevVRd5xGaU0xZlSomXLgs2+m0 6thEZchx6kdVPXuqKkEJ0nHvI25DGA/teRa3jWqcDxnBB3i7scJIOvq3ni4uzaqF1+xE 2EV8y+iPXWWNVpH1ELmerf0rli1NP9NDYZrjujBvSU/8/zDmOEHzmrf1IT3M7wudOZ1H YZxRt+syFibkyxWesB/C0+2lNa90mXOUViETpJfzQRCDNS0/N3IvFpl4/VZQpnsDxA8d 4A6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CgEx+yzl; spf=pass (google.com: domain of stable-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x16si1993208edd.522.2021.08.13.08.15.49; Fri, 13 Aug 2021 08:15:49 -0700 (PDT) Received-SPF: pass (google.com: domain of stable-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CgEx+yzl; spf=pass (google.com: domain of stable-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242795AbhHMPQK (ORCPT + 12 others); Fri, 13 Aug 2021 11:16:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:59064 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241822AbhHMPOj (ORCPT ); Fri, 13 Aug 2021 11:14:39 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id CB0886113C; Fri, 13 Aug 2021 15:14:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1628867652; bh=BcajKMJQd6PiG4fl+SSqsb2Fdc1IAQcX40wnpdS6pHs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CgEx+yzlyxWSenoNkgDlh8hrB1aLtYPUr1jRvzqa91h1n31yrLvqC0FG3DS+NTIqn n4ZGLu+HxbYmA8JwwRGHywO/t3SSAwX8LLpVNogQtP2bBxDngJtnKk/4Ylho+cRcqd hfLgekIB8yYBS4aBbY41ADNsJF/9HNr2MNxe3Upo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sumit Garg , Tyler Hicks , Jens Wiklander , Sasha Levin Subject: [PATCH 5.10 02/19] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag Date: Fri, 13 Aug 2021 17:07:19 +0200 Message-Id: <20210813150522.708120827@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210813150522.623322501@linuxfoundation.org> References: <20210813150522.623322501@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Sumit Garg [ Upstream commit 376e4199e327a5cf29b8ec8fb0f64f3d8b429819 ] Currently TEE_SHM_DMA_BUF flag has been inappropriately used to not register shared memory allocated for private usage by underlying TEE driver: OP-TEE in this case. So rather add a new flag as TEE_SHM_PRIV that can be utilized by underlying TEE drivers for private allocation and usage of shared memory. With this corrected, allow tee_shm_alloc_kernel_buf() to allocate a shared memory region without the backing of dma-buf. Cc: stable@vger.kernel.org Signed-off-by: Sumit Garg Co-developed-by: Tyler Hicks Signed-off-by: Tyler Hicks Reviewed-by: Jens Wiklander Reviewed-by: Sumit Garg Signed-off-by: Jens Wiklander Signed-off-by: Sasha Levin --- drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 3 ++- drivers/tee/optee/rpc.c | 5 +++-- drivers/tee/optee/shm_pool.c | 8 ++++++-- drivers/tee/tee_shm.c | 4 ++-- include/linux/tee_drv.h | 1 + 6 files changed, 15 insertions(+), 8 deletions(-) -- 2.30.2 diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index 1231ce56e712..f8f1594bea43 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -181,7 +181,7 @@ static struct tee_shm *get_msg_arg(struct tee_context *ctx, size_t num_params, struct optee_msg_arg *ma; shm = tee_shm_alloc(ctx, OPTEE_MSG_GET_ARG_SIZE(num_params), - TEE_SHM_MAPPED); + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (IS_ERR(shm)) return shm; diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 7b17248f1527..823a81d8ff0e 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -278,7 +278,8 @@ static void optee_release(struct tee_context *ctx) if (!ctxdata) return; - shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (!IS_ERR(shm)) { arg = tee_shm_get_va(shm, 0); /* diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index 6cbb3643c6c4..9dbdd783d6f2 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -313,7 +313,7 @@ static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx, shm = cmd_alloc_suppl(ctx, sz); break; case OPTEE_MSG_RPC_SHM_TYPE_KERNEL: - shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED | TEE_SHM_PRIV); break; default: arg->ret = TEEC_ERROR_BAD_PARAMETERS; @@ -501,7 +501,8 @@ void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param, switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) { case OPTEE_SMC_RPC_FUNC_ALLOC: - shm = tee_shm_alloc(ctx, param->a1, TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, param->a1, + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (!IS_ERR(shm) && !tee_shm_get_pa(shm, 0, &pa)) { reg_pair_from_64(¶m->a1, ¶m->a2, pa); reg_pair_from_64(¶m->a4, ¶m->a5, diff --git a/drivers/tee/optee/shm_pool.c b/drivers/tee/optee/shm_pool.c index da06ce9b9313..c41a9a501a6e 100644 --- a/drivers/tee/optee/shm_pool.c +++ b/drivers/tee/optee/shm_pool.c @@ -27,7 +27,11 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, shm->paddr = page_to_phys(page); shm->size = PAGE_SIZE << order; - if (shm->flags & TEE_SHM_DMA_BUF) { + /* + * Shared memory private to the OP-TEE driver doesn't need + * to be registered with OP-TEE. + */ + if (!(shm->flags & TEE_SHM_PRIV)) { unsigned int nr_pages = 1 << order, i; struct page **pages; @@ -60,7 +64,7 @@ err: static void pool_op_free(struct tee_shm_pool_mgr *poolm, struct tee_shm *shm) { - if (shm->flags & TEE_SHM_DMA_BUF) + if (!(shm->flags & TEE_SHM_PRIV)) optee_shm_unregister(shm->ctx, shm); free_pages((unsigned long)shm->kaddr, get_order(shm->size)); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index c65e44707cd6..8a9384a64f3e 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -117,7 +117,7 @@ struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags) return ERR_PTR(-EINVAL); } - if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF))) { + if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF | TEE_SHM_PRIV))) { dev_err(teedev->dev.parent, "invalid shm flags 0x%x", flags); return ERR_PTR(-EINVAL); } @@ -207,7 +207,7 @@ EXPORT_SYMBOL_GPL(tee_shm_alloc); */ struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size) { - return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED | TEE_SHM_DMA_BUF); + return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED); } EXPORT_SYMBOL_GPL(tee_shm_alloc_kernel_buf); diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 9b24cc3d3024..459e9a76d7e6 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -27,6 +27,7 @@ #define TEE_SHM_USER_MAPPED BIT(4) /* Memory mapped in user space */ #define TEE_SHM_POOL BIT(5) /* Memory allocated from pool */ #define TEE_SHM_KERNEL_MAPPED BIT(6) /* Memory mapped in kernel space */ +#define TEE_SHM_PRIV BIT(7) /* Memory private to TEE driver */ struct device; struct tee_device;