Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp2530033pxj; Mon, 10 May 2021 05:16:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJya8XRgNKPzN0jXpoqK84greEBnELFfKIverDNSCjH0jKlxu1On7I5As3jZo1nIPK2OiXGc X-Received: by 2002:a05:6402:644:: with SMTP id u4mr29102799edx.386.1620649019214; Mon, 10 May 2021 05:16:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620649019; cv=none; d=google.com; s=arc-20160816; b=fwLTp3G6XUMZLyJqNeSKEe94QnuD9pafSKO7+677seFlVGUSqs6DHpbTooUgv3NaCA /WUKeUi+/YyEHIxTGff5YUf9onuym7B9lAHO+NVyxwWwTntVNaEc+r9Qq/g1B8AgHazz pxt+PEDjwwEix28ibt/iPEjRG4kcLIICMwhKof34UysujJa0u5NMM7SvffNCzbNVul3t vyINK2fFeFwkpArtCmehD9/vIgjHk6uARyZj9/AwXz0BdQwzZ8sktxR9MMRcdnnceKHM rInv148aOSjYDxcCEvoqTOS30VLITrr0wtdhL44Uhk8SscUhQfJPIQjojXd3lHurFJoo D5sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=FLCC0oivf8jL3V006wemQiBQInJzSHO4mUnEyY13/D8=; b=RGP131VAY3reh9O9WdpNmVLoZmU+A3IhkHJO3mv1+RjMerpEARha4WcFRF+55XEcvi YLC9Cby7MI4XhfYI13RUNNBtn94kQIOGJV+soHm9bwExuHEe4Kti+7RbG05Xr9cUJT71 2FQa9C3ui1wrMQv0MrOo0x8KFrvzsw4wIc3WiMIUst3pCtVA9OxFCYZVcXiTlHHUovFQ HEijkRXHrSTZJzP4cxMIQQROKvE+UxpouVeEXpVQ1/s+gSBqwwtpKChwDbKDxRrSe1nN yoPpchcUK9TOolDI+Bs/jKK7P7+ZsO/Er45rJz3zMZyqFQx7vUmuvxKQ220a18YUnxpD N4mA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=h4HSWDVp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id mq29si1293309ejc.517.2021.05.10.05.16.35; Mon, 10 May 2021 05:16:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=h4HSWDVp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237987AbhEJMKM (ORCPT + 99 others); Mon, 10 May 2021 08:10:12 -0400 Received: from mail.kernel.org ([198.145.29.99]:46846 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236428AbhEJLIG (ORCPT ); Mon, 10 May 2021 07:08:06 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 1C68961995; Mon, 10 May 2021 11:01:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1620644471; bh=TvCJ+dApuQO5dKe/vFjEAzbVwvO/gojkz3UeLUiLK0Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=h4HSWDVpim7UX5m6W9deZHP7VoSJQE5mL6GP1MnvKCXgKHhNISbRpLbjMGUBceMEl vlFJiEFSqdBYSDkXkZueL9ZsEj+ph8owfxvppfeH3aTUgKSmWOVxfAfj7dKmMeTRK8 IdauIJOSB0my3dc4WxFNDQF/j/cNckbSX/AUvLrU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sumit Garg , Jens Wiklander , Jerome Forissier , Sasha Levin Subject: [PATCH 5.12 096/384] tee: optee: do not check memref size on return from Secure World Date: Mon, 10 May 2021 12:18:05 +0200 Message-Id: <20210510102018.053004477@linuxfoundation.org> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210510102014.849075526@linuxfoundation.org> References: <20210510102014.849075526@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jerome Forissier [ Upstream commit c650b8dc7a7910eb25af0aac1720f778b29e679d ] When Secure World returns, it may have changed the size attribute of the memory references passed as [in/out] parameters. The GlobalPlatform TEE Internal Core API specification does not restrict the values that this size can take. In particular, Secure World may increase the value to be larger than the size of the input buffer to indicate that it needs more. Therefore, the size check in optee_from_msg_param() is incorrect and needs to be removed. This fixes a number of failed test cases in the GlobalPlatform TEE Initial Configuratiom Test Suite v2_0_0_0-2017_06_09 when OP-TEE is compiled without dynamic shared memory support (CFG_CORE_DYN_SHM=n). Reviewed-by: Sumit Garg Suggested-by: Jens Wiklander Signed-off-by: Jerome Forissier Signed-off-by: Jens Wiklander Signed-off-by: Sasha Levin --- drivers/tee/optee/core.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 319a1e701163..ddb8f9ecf307 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -79,16 +79,6 @@ int optee_from_msg_param(struct tee_param *params, size_t num_params, return rc; p->u.memref.shm_offs = mp->u.tmem.buf_ptr - pa; p->u.memref.shm = shm; - - /* Check that the memref is covered by the shm object */ - if (p->u.memref.size) { - size_t o = p->u.memref.shm_offs + - p->u.memref.size - 1; - - rc = tee_shm_get_pa(shm, o, NULL); - if (rc) - return rc; - } break; case OPTEE_MSG_ATTR_TYPE_RMEM_INPUT: case OPTEE_MSG_ATTR_TYPE_RMEM_OUTPUT: -- 2.30.2