Received: by 2002:a05:6a10:8a4d:0:0:0:0 with SMTP id dn13csp960274pxb; Fri, 13 Aug 2021 10:05:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyixIWAT0L9o4sRa04ZrN+O0+JdiJCQWVxREtNaPsq5Mv7//Y8kF7nxzTlQROn8B5CjU3dk X-Received: by 2002:a5d:8541:: with SMTP id b1mr2756064ios.105.1628874343118; Fri, 13 Aug 2021 10:05:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628874343; cv=none; d=google.com; s=arc-20160816; b=XCU8C5w7LPJTb2J/ZLPpuHm0P4uA+7SxJvRO1ABwu/PN18Bvi+D4MPcEaN3VdaAMZG ssMtwKjIF6eqMPHOEhDd0MLReWlHfDnmQ9GvL+Cm2XSNeRXt4OtAzx7/8FaG1rQ4+fvu IKO6Rvw98SnOzyCiLoiSsKXIAnO22SB0tDV2m0rlK9hft5VFod01l+ewAHkBuREbW9Ao 2RK8Ip6/EutEOFuc7Ft2brEiIYcgbER/0zmZeD2jtAZ4WsBYvB7t7jHUx1lQVMYohJqa fHbHBTPSGFc6PwUcvDa16VGtd8cH1uiVYoSv5dIe7vZit4uoJIGHzGQ7DhcKrCCUS+0U MpBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=2e4kfklukUQxdfyYJWqVWd2eCM6V+Hn0LJIArcFTHNk=; b=LzSbVRGEM98u61qVg9DOOp9qYLdPAtEB05Y4TZcIynAbN5Y3IWboCJ69F4iEM/8UNp TtIgmRiN+mFEZf/wDhV20HzgcDxt9HhK/qVKfqDW+Pjmdo9YadE1gDb+2bYsHZqlESRx hZt5iS65mmZBxiep3xr3HfTrUWzT06b3aZw30NlFG1AYVkJZWmHEiIeRz6vRVr+balxN GK6FJiyvKbvo71sfsfGmhaBL4Tirg8uES4FPLlwbIwqMnWg84glRDIWkLvWBXsZck8db RAiwx/CQvWrkQCl/kg1pWYF1EzOVrInl+Ypjf8DxSJA7a8FtPsM2ts35FnxlbjKN5//H BVgg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CgEx+yzl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a5si2302782ioo.37.2021.08.13.10.05.32; Fri, 13 Aug 2021 10:05:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=CgEx+yzl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242575AbhHMPSR (ORCPT + 99 others); Fri, 13 Aug 2021 11:18:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:59064 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241822AbhHMPOj (ORCPT ); Fri, 13 Aug 2021 11:14:39 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id CB0886113C; Fri, 13 Aug 2021 15:14:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1628867652; bh=BcajKMJQd6PiG4fl+SSqsb2Fdc1IAQcX40wnpdS6pHs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CgEx+yzlyxWSenoNkgDlh8hrB1aLtYPUr1jRvzqa91h1n31yrLvqC0FG3DS+NTIqn n4ZGLu+HxbYmA8JwwRGHywO/t3SSAwX8LLpVNogQtP2bBxDngJtnKk/4Ylho+cRcqd hfLgekIB8yYBS4aBbY41ADNsJF/9HNr2MNxe3Upo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sumit Garg , Tyler Hicks , Jens Wiklander , Sasha Levin Subject: [PATCH 5.10 02/19] tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag Date: Fri, 13 Aug 2021 17:07:19 +0200 Message-Id: <20210813150522.708120827@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210813150522.623322501@linuxfoundation.org> References: <20210813150522.623322501@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sumit Garg [ Upstream commit 376e4199e327a5cf29b8ec8fb0f64f3d8b429819 ] Currently TEE_SHM_DMA_BUF flag has been inappropriately used to not register shared memory allocated for private usage by underlying TEE driver: OP-TEE in this case. So rather add a new flag as TEE_SHM_PRIV that can be utilized by underlying TEE drivers for private allocation and usage of shared memory. With this corrected, allow tee_shm_alloc_kernel_buf() to allocate a shared memory region without the backing of dma-buf. Cc: stable@vger.kernel.org Signed-off-by: Sumit Garg Co-developed-by: Tyler Hicks Signed-off-by: Tyler Hicks Reviewed-by: Jens Wiklander Reviewed-by: Sumit Garg Signed-off-by: Jens Wiklander Signed-off-by: Sasha Levin --- drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 3 ++- drivers/tee/optee/rpc.c | 5 +++-- drivers/tee/optee/shm_pool.c | 8 ++++++-- drivers/tee/tee_shm.c | 4 ++-- include/linux/tee_drv.h | 1 + 6 files changed, 15 insertions(+), 8 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index 1231ce56e712..f8f1594bea43 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -181,7 +181,7 @@ static struct tee_shm *get_msg_arg(struct tee_context *ctx, size_t num_params, struct optee_msg_arg *ma; shm = tee_shm_alloc(ctx, OPTEE_MSG_GET_ARG_SIZE(num_params), - TEE_SHM_MAPPED); + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (IS_ERR(shm)) return shm; diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 7b17248f1527..823a81d8ff0e 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -278,7 +278,8 @@ static void optee_release(struct tee_context *ctx) if (!ctxdata) return; - shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (!IS_ERR(shm)) { arg = tee_shm_get_va(shm, 0); /* diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index 6cbb3643c6c4..9dbdd783d6f2 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -313,7 +313,7 @@ static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx, shm = cmd_alloc_suppl(ctx, sz); break; case OPTEE_MSG_RPC_SHM_TYPE_KERNEL: - shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED | TEE_SHM_PRIV); break; default: arg->ret = TEEC_ERROR_BAD_PARAMETERS; @@ -501,7 +501,8 @@ void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param, switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) { case OPTEE_SMC_RPC_FUNC_ALLOC: - shm = tee_shm_alloc(ctx, param->a1, TEE_SHM_MAPPED); + shm = tee_shm_alloc(ctx, param->a1, + TEE_SHM_MAPPED | TEE_SHM_PRIV); if (!IS_ERR(shm) && !tee_shm_get_pa(shm, 0, &pa)) { reg_pair_from_64(¶m->a1, ¶m->a2, pa); reg_pair_from_64(¶m->a4, ¶m->a5, diff --git a/drivers/tee/optee/shm_pool.c b/drivers/tee/optee/shm_pool.c index da06ce9b9313..c41a9a501a6e 100644 --- a/drivers/tee/optee/shm_pool.c +++ b/drivers/tee/optee/shm_pool.c @@ -27,7 +27,11 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, shm->paddr = page_to_phys(page); shm->size = PAGE_SIZE << order; - if (shm->flags & TEE_SHM_DMA_BUF) { + /* + * Shared memory private to the OP-TEE driver doesn't need + * to be registered with OP-TEE. + */ + if (!(shm->flags & TEE_SHM_PRIV)) { unsigned int nr_pages = 1 << order, i; struct page **pages; @@ -60,7 +64,7 @@ err: static void pool_op_free(struct tee_shm_pool_mgr *poolm, struct tee_shm *shm) { - if (shm->flags & TEE_SHM_DMA_BUF) + if (!(shm->flags & TEE_SHM_PRIV)) optee_shm_unregister(shm->ctx, shm); free_pages((unsigned long)shm->kaddr, get_order(shm->size)); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index c65e44707cd6..8a9384a64f3e 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -117,7 +117,7 @@ struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags) return ERR_PTR(-EINVAL); } - if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF))) { + if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF | TEE_SHM_PRIV))) { dev_err(teedev->dev.parent, "invalid shm flags 0x%x", flags); return ERR_PTR(-EINVAL); } @@ -207,7 +207,7 @@ EXPORT_SYMBOL_GPL(tee_shm_alloc); */ struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size) { - return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED | TEE_SHM_DMA_BUF); + return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED); } EXPORT_SYMBOL_GPL(tee_shm_alloc_kernel_buf); diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 9b24cc3d3024..459e9a76d7e6 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -27,6 +27,7 @@ #define TEE_SHM_USER_MAPPED BIT(4) /* Memory mapped in user space */ #define TEE_SHM_POOL BIT(5) /* Memory allocated from pool */ #define TEE_SHM_KERNEL_MAPPED BIT(6) /* Memory mapped in kernel space */ +#define TEE_SHM_PRIV BIT(7) /* Memory private to TEE driver */ struct device; struct tee_device; -- 2.30.2