From patchwork Wed Dec 23 11:25:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilias Apalodimas X-Patchwork-Id: 347004 Delivered-To: patch@linaro.org Received: by 2002:a02:85a7:0:0:0:0:0 with SMTP id d36csp6113509jai; Wed, 23 Dec 2020 03:25:13 -0800 (PST) X-Google-Smtp-Source: ABdhPJy+Rwik5qKHhqI4T/J4OT5JE4wrhFjL4o5gspq2bjvnwijXMVwZU4U1BpfHQb7bx/eZciE3 X-Received: by 2002:a17:906:8152:: with SMTP id z18mr24285978ejw.317.1608722713340; Wed, 23 Dec 2020 03:25:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608722713; cv=none; d=google.com; s=arc-20160816; b=QZS64Z3SrLxkVWIanHuosRuIPiZvikZYClePo588jttdCBeyRRy9jVPqpOqo2+lLs2 gqQO+JFLyFoQO64q775iY1S+btG/2YLaO3XAvEIXKWrApHm4gYfGF61wZEqkeExfScn0 udYOLrLlucO8+u2WP3BBB1YNDuiy95MPp6HrkgkQCo+0ewzzi60wfwZ+LEmSidKx+epr 1y28mRNZwtBA5YsBfpRR/L/CjOENn4XlAuW++o4b3xbxkZy+0DjnSNc2UiGtB25PKXht dlvo3aSCjmUc57oM23mFv2iEpmui7lRRlmLPNH0R3jba+E4lPpWflHywikT3OK70hnzL oEBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=tfdPVm8iGOj9VF/kxJ2LZ1lKHViIStqxgKjKLi+PJKo=; b=h60XXUoqivDCMwPmqRM6RzMnhJV+3qxdUwl+5P5JodHFyujicFSsZaEQSU1Hko6LHJ ddqOr90P1bLy2fyGMftzluq29PPxSyBCHa4Bc3RSJoUo8bU+5X6tmpeEVQWy/p/vP9g3 DI0Re9vZS5ogit0tXsHB7vlZAnpjMgKpaLVMJLp8q1/TvHKmiVAD5MMx1VbruA88t8c2 lUxYQx2L8q8k7tfljs+hUKY428RIxUw5vCLizcbNBoSdEXzY4Q7jKqkMSecIAKKENIWi qsFyx1FW9XLsvRagpZs3B8AEs1jhrlHY17Dbd9FxYmSo+VALeVsJ6DmAVgr9ran3uvIE O7Xg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gAOAnlX6; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id gb36si11534698ejc.696.2020.12.23.03.25.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Dec 2020 03:25:13 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=gAOAnlX6; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id D5165825EC; Wed, 23 Dec 2020 12:25:09 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="gAOAnlX6"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D1D108273E; Wed, 23 Dec 2020 12:25:07 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id BE6A0806C5 for ; Wed, 23 Dec 2020 12:25:04 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ilias.apalodimas@linaro.org Received: by mail-wr1-x434.google.com with SMTP id c5so18261718wrp.6 for ; Wed, 23 Dec 2020 03:25:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=tfdPVm8iGOj9VF/kxJ2LZ1lKHViIStqxgKjKLi+PJKo=; b=gAOAnlX6s1PV7afHvhpucM6N1CsptJ9TeLZlWHA93VvxKCmjnC1L21efwvEp6U9o8t xZDpralLBvYJFirU3MkFLjNp+/gPTnP68Ah37g0ZKoSHvZwyVAXSuZ0MiFMQXhgzA6/J Xtwu1z45Hv6g5xHq2Z1xqU94pQ/3hyB03xV0KzrzE2w8dEiikpGKnPV7a+yEkvHjxyBK Z/JPKoR+tBaLCIih1DxUwxGrgE98YsfrrEdg1LuKNDT7mmDeU76xumUbvuBRyQJUPtoY 433zaOtrIBUhLKp+FOTiVxby6pZbOl3ZpM6jwjZ3CGdHm+y5rNiBFn/VpJxiVcLnBS1V TofQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=tfdPVm8iGOj9VF/kxJ2LZ1lKHViIStqxgKjKLi+PJKo=; b=cjjaIN99pIuS5mWXhXajvqaOG9/9wjjV4lqggkOrmiv53LuTAFxGg+kaXq+L/ttL5R pABcaRtcgnIDU2CGjksF0G2sS98AGAo8Wut7A2qtIf1pQEqtnS/67QYJ4jniQHy6q/6O vm4QHaNSeemsu6OJZQqujkddjxdtYzbkD0o/MDcsSJmQVw/OSK2J8UyLiH+oobLLA7ad i93HHJZeoHN+kTQQZQAH6Ej5+zhX2kZZgVqZ+wsCtLfVno06dKz0ytGAHwgNefkuMNlw Q79PFpSrC6BycHtDhStgqUfkuEkX5Am88dHDSbH31X9HLACUOUHsYZyaqlKSp0WlRwo2 Tgfg== X-Gm-Message-State: AOAM532kiqgrQbMKLzmyKXHVvE+4f7iNoLLbfypkF+YdvubcYCS4KswA e1vKLAzj1nG3TLXANrOnFGMMcQ== X-Received: by 2002:a5d:530c:: with SMTP id e12mr28819615wrv.54.1608722704330; Wed, 23 Dec 2020 03:25:04 -0800 (PST) Received: from localhost.localdomain (athedsl-4484548.home.otenet.gr. [94.71.57.204]) by smtp.gmail.com with ESMTPSA id c7sm38891938wro.16.2020.12.23.03.25.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Dec 2020 03:25:03 -0800 (PST) From: Ilias Apalodimas To: xypron.glpk@gmx.de Cc: Ilias Apalodimas , Alexander Graf , u-boot@lists.denx.de Subject: [PATCH v2] efi_loader: Extra checks while opening an OPTEE session Date: Wed, 23 Dec 2020 13:25:00 +0200 Message-Id: <20201223112501.58584-1-ilias.apalodimas@linaro.org> X-Mailer: git-send-email 2.30.0.rc1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.3 at phobos.denx.de X-Virus-Status: Clean When opening an OP-TEE session we need to check the internal return value of OP-TEE call arguments as well the return code of the function itself. The code was also ignoring to close the OP-TEE session in case the shared memory registration failed. Fixes: f042e47e8fb43 ("efi_loader: Implement EFI variable handling via OP-TEE") Signed-off-by: Ilias Apalodimas --- changes since v1: - add a goto tag and use it on fails lib/efi_loader/efi_variable_tee.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) -- 2.30.0.rc1 diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c index be6f3dfad469..b8808fdecad3 100644 --- a/lib/efi_loader/efi_variable_tee.c +++ b/lib/efi_loader/efi_variable_tee.c @@ -36,20 +36,29 @@ static int get_connection(struct mm_connection *conn) static const struct tee_optee_ta_uuid uuid = PTA_STMM_UUID; struct udevice *tee = NULL; struct tee_open_session_arg arg; - int rc; + int rc = -ENODEV; tee = tee_find_device(tee, NULL, NULL, NULL); if (!tee) - return -ENODEV; + goto out; memset(&arg, 0, sizeof(arg)); tee_optee_ta_uuid_to_octets(arg.uuid, &uuid); rc = tee_open_session(tee, &arg, 0, NULL); - if (!rc) { - conn->tee = tee; - conn->session = arg.session; + if (rc) + goto out; + + /* Check the internal OP-TEE result */ + if (arg.ret != TEE_SUCCESS) { + rc = -EIO; + goto out; } + conn->tee = tee; + conn->session = arg.session; + + return 0; +out: return rc; } @@ -88,6 +97,7 @@ static efi_status_t optee_mm_communicate(void *comm_buf, ulong dsize) if (tee_shm_register(conn.tee, comm_buf, buf_size, 0, &shm)) { log_err("Unable to register shared memory\n"); + tee_close_session(conn.tee, conn.session); return EFI_UNSUPPORTED; }