Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp133721rdb; Wed, 29 Nov 2023 23:55:16 -0800 (PST) X-Google-Smtp-Source: AGHT+IEr6UE7my3JCK6Ts+XTv0BytMzneSlabgRA5WQeL16wQf0v8fq49ozvoaRqSUged1phz7We X-Received: by 2002:a05:6358:78c:b0:16b:c63d:5dfe with SMTP id n12-20020a056358078c00b0016bc63d5dfemr24563106rwj.16.1701330915943; Wed, 29 Nov 2023 23:55:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701330915; cv=none; d=google.com; s=arc-20160816; b=FpfRN9UZTE31Cknr2xACTC5miyKIOqbZri6f+ZiISgTGMX1p9nz0MlA7+LeBzOmQaM bZ22cSr/xIo54vgD80aC9Vdt6MVye+b8aBRaXdml71ypvU4d+f/NptvjCB/mXvZhtKk9 lEySk9v6w4CYmQNanz58zfHuL6zrUklsS/HP2LjfWD2N74RYo03AfgV3PlmgNOOsS0Xs rhJryfAu6JGehVkX2bM13mENnKZSXrxxpGdpSSGDV5pVW+KAuln4ius0cnhrxkkeE0ZR uF78zxM4K0G6NQxa5K4E2biBGPIVgOfowaGMZNkS0c75jEjMOYpIwVavBo9yoRBsRfL8 8xlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=bDKAg1oWtzfrgq97MaNgCMwcFK/3NQBpNHoe9HbhccM=; fh=n7eWtNURMAu7NfBS2YVFJrGfWgmrmA8YJx015mm4V6g=; b=i/U2rZdc2+TwZPNLaO0z3YVYSpcMRezSdPhyS/KLJki9apPQK+fo+iuvCcVJZyCk2m mAOHALl8SV8pl0HpIP1nbwtLD2J/jROCDtFMmcwOI4rD1W57L0rgJnuWB6rm73Ars2Qi UR4LAZwl05IMBdshJGd4Xp9hCksFc/1/LoRIe+aXu36CKdV/zmoQf3G1XMk5QeQO5Dps ko6t0j5vblgWbF9mUeu/Sudct38uPk6fDymQQCKEhAdRSqynt/RoR1NfAdbJ7nSpQ3A1 5F4kosT2b9Y684Vkr3UgJ23Vytu2guBtD9s+INkzkRUuljQ/C6+xrBRWHC2dSuX4B9o1 R71g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=i7eLfhdB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id t190-20020a6381c7000000b005bdfb94f475si741030pgd.637.2023.11.29.23.55.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Nov 2023 23:55:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=i7eLfhdB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 6C53680B7AF4; Wed, 29 Nov 2023 23:55:12 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229971AbjK3Hy4 (ORCPT + 99 others); Thu, 30 Nov 2023 02:54:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35270 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229596AbjK3Hyz (ORCPT ); Thu, 30 Nov 2023 02:54:55 -0500 Received: from mail-ua1-x92a.google.com (mail-ua1-x92a.google.com [IPv6:2607:f8b0:4864:20::92a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 436A7A3 for ; Wed, 29 Nov 2023 23:55:01 -0800 (PST) Received: by mail-ua1-x92a.google.com with SMTP id a1e0cc1a2514c-7bb3e55c120so220250241.0 for ; Wed, 29 Nov 2023 23:55:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1701330900; x=1701935700; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=bDKAg1oWtzfrgq97MaNgCMwcFK/3NQBpNHoe9HbhccM=; b=i7eLfhdBFSMSktdlLBJ/IA/1MAR3QqU7YJabHU/KkXGM9wsLW4KBVZu17yys2qhMjT wKYfZcBXSAoiefWuRUJdxeLwNihpKErhVK3ilv+Xj3/kn53J/RXcUsZ7TtxSHYUUj3MF ozZGBOPWn7NVWTJJs1IDUHkglmjWWheIgtdNY0Vp7plu8D3wufOrywPVsdvxgH9CtGi+ 91n6u8TUqSr9sBEv+/p3ieL4d1jSNcPu/GiPCJNjjY9xEIDg1c/YNezEjAua8XU73g0Y IarA/ZBFdGYeV4kX+iMRvgX1h7u1gfaryFF6uPgSw6EcGByvc0gDAbd/7vH2BXmveenZ xy4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701330900; x=1701935700; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bDKAg1oWtzfrgq97MaNgCMwcFK/3NQBpNHoe9HbhccM=; b=iqrF+2V5zmZq9H+vOIp5WnhxzqkBYsLv2/gy/VzZFHj8OzsAwDDl3hGi1Xc4fByf2R rdbjHyzt+pas7V1tusJFVThQ4zBYm2q4+I5VRMKbps9XnvaHPpZCIi0VOZmfTRpR6rrr Rs5SAfs6auiuqRwsT/YlbeEaBIhOZ5b3jk924eYq0rBt7kt4v9pcJkoQmUOdYenx2O09 bIajBF17eNgw6Cxiw7OlTuIUUtW55K3GiGhAwMcOrq0RqOzPxgUfwe0ax26N63s5Pj6N UNk5yfkkYFbTibDeKziJD8X63sU04Lns4BFkcrEZuHJbyDozyTD9OwKyjlzd7gWM5+wW 3lDw== X-Gm-Message-State: AOJu0YxytEm9VWwkJ7qFnkCwlgpbVolE9EK9Od7sFTFqKhUyWQkpVFwv 33VVSfiTgAAey7Ey7H6W86xf27jGhoaDoSARQILCBQ== X-Received: by 2002:a1f:4982:0:b0:4b2:8efa:65df with SMTP id w124-20020a1f4982000000b004b28efa65dfmr3539451vka.14.1701330900302; Wed, 29 Nov 2023 23:55:00 -0800 (PST) MIME-Version: 1.0 References: <20231129164439.1130903-1-arnaud.pouliquen@foss.st.com> In-Reply-To: <20231129164439.1130903-1-arnaud.pouliquen@foss.st.com> From: Sumit Garg Date: Thu, 30 Nov 2023 13:24:49 +0530 Message-ID: Subject: Re: [PATCH v4] tee: Use iov_iter to better support shared buffer registration To: Arnaud Pouliquen Cc: Jens Wiklander , Christoph Hellwig , op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 29 Nov 2023 23:55:12 -0800 (PST) On Wed, 29 Nov 2023 at 22:15, Arnaud Pouliquen wrote: > > Currently it's not possible to register kernel buffers with TEE > which are allocated via vmalloc. > > Use iov_iter and associated helper functions to manage the page > registration for all type of memories. > > Suggested-by: Christoph Hellwig > Signed-off-by: Arnaud Pouliquen > --- > Update from V3 to V4: > - improve commit message, > - use import_ubuf() instead of iov_iter_init(), > - move shm_get_kernel_pages in register_shm_helper, > - put back untagged_addr in register_shm_helper(), > - move the comment related to pin pages from shm_get_kernel_pages() > to register_shm_helper(). > > Update from V2 to V3: > - break lines longer than 80 columns. > > Update from V1 to V2: > - replace ITER_SOURCE by ITER_DEST flag in tee_shm_register_user_buf(), > - replace IS_ERR_OR NULL(shm) by IS_ERR(shm) in tee_shm_register_user_buf(). > > V1: > The support of buffer registration allocated with vmalloc is no more > available since c83900393aa1 ("tee: Remove vmalloc page support"). > > This patch is an alternative to a revert and resulted from a discussion > with Christopher Hellwig [1]. > > This patch has been tested using xtest tool in optee qemu environment [2] > and using the series related to the remoteproc tee that should be > proposed soon [3]. > > References: > [1] https://lore.kernel.org/linux-arm-kernel/18a8528d-7d9d-6ed0-0045-5ee47dd39fb2@foss.st.com/T/#m8ec683c44fcd9b69c2aee42eaed0793afac9dd18in > [2] https://optee.readthedocs.io/en/latest/building/devices/qemu.html#build-instructions > [3] https://lore.kernel.org/linux-arm-kernel/18a8528d-7d9d-6ed0-0045-5ee47dd39fb2@foss.st.com/T/#maca0a1fc897aadd54c7deac432e11473fe970d1d > --- > drivers/tee/tee_shm.c | 83 ++++++++++++++++++++++++------------------- > 1 file changed, 46 insertions(+), 37 deletions(-) > > diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c > index 673cf0359494..ac73e8143233 100644 > --- a/drivers/tee/tee_shm.c > +++ b/drivers/tee/tee_shm.c > @@ -22,23 +22,12 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) > put_page(pages[n]); > } > > -static int shm_get_kernel_pages(unsigned long start, size_t page_count, > - struct page **pages) > +static void shm_get_kernel_pages(struct page **pages, size_t page_count) > { > - struct page *page; > size_t n; > > - if (WARN_ON_ONCE(is_vmalloc_addr((void *)start) || > - is_kmap_addr((void *)start))) > - return -EINVAL; > - > - page = virt_to_page((void *)start); > - for (n = 0; n < page_count; n++) { > - pages[n] = page + n; > + for (n = 0; n < page_count; n++) > get_page(pages[n]); > - } > - > - return page_count; > } > > static void release_registered_pages(struct tee_shm *shm) > @@ -214,13 +203,14 @@ struct tee_shm *tee_shm_alloc_priv_buf(struct tee_context *ctx, size_t size) > EXPORT_SYMBOL_GPL(tee_shm_alloc_priv_buf); > > static struct tee_shm * > -register_shm_helper(struct tee_context *ctx, unsigned long addr, > - size_t length, u32 flags, int id) > +register_shm_helper(struct tee_context *ctx, struct iov_iter *iter, u32 flags, > + int id) > { > struct tee_device *teedev = ctx->teedev; > struct tee_shm *shm; > - unsigned long start; > - size_t num_pages; > + unsigned long start, addr; > + size_t num_pages, off; > + ssize_t len; > void *ret; > int rc; > > @@ -245,31 +235,38 @@ register_shm_helper(struct tee_context *ctx, unsigned long addr, > shm->flags = flags; > shm->ctx = ctx; > shm->id = id; > - addr = untagged_addr(addr); > + addr = untagged_addr((unsigned long)iter_iov_addr(iter)); > start = rounddown(addr, PAGE_SIZE); > - shm->offset = addr - start; > - shm->size = length; > - num_pages = (roundup(addr + length, PAGE_SIZE) - start) / PAGE_SIZE; > + num_pages = iov_iter_npages(iter, INT_MAX); > + if (!num_pages) { > + ret = ERR_PTR(-ENOMEM); > + goto err_ctx_put; > + } > + > shm->pages = kcalloc(num_pages, sizeof(*shm->pages), GFP_KERNEL); > if (!shm->pages) { > ret = ERR_PTR(-ENOMEM); > goto err_free_shm; > } > > - if (flags & TEE_SHM_USER_MAPPED) > - rc = pin_user_pages_fast(start, num_pages, FOLL_WRITE, > - shm->pages); > - else > - rc = shm_get_kernel_pages(start, num_pages, shm->pages); > - if (rc > 0) > - shm->num_pages = rc; > - if (rc != num_pages) { > - if (rc >= 0) > - rc = -ENOMEM; > - ret = ERR_PTR(rc); > - goto err_put_shm_pages; > + len = iov_iter_extract_pages(iter, &shm->pages, LONG_MAX, num_pages, 0, > + &off); > + if (unlikely(len <= 0)) { > + ret = len ? ERR_PTR(len) : ERR_PTR(-ENOMEM); > + goto err_free_shm_pages; > } > > + /* > + * iov_iter_extract_kvec_pages does not get reference on the pages, > + * get a pin on them. I think you meant: "get a reference on them". But I don't see the value of this comment since iov_iter_extract_kvec_pages() already has been commented properly as follows: /* * Extract a list of virtually contiguous pages from an ITER_KVEC iterator. * This does not get references on the pages, nor does it get a pin on them. */ > + */ > + if (iov_iter_is_kvec(iter)) > + shm_get_kernel_pages(shm->pages, num_pages); > + > + shm->offset = off; > + shm->size = len; > + shm->num_pages = num_pages; > + > rc = teedev->desc->ops->shm_register(ctx, shm, shm->pages, > shm->num_pages, start); > if (rc) { > @@ -279,10 +276,11 @@ register_shm_helper(struct tee_context *ctx, unsigned long addr, > > return shm; > err_put_shm_pages: > - if (flags & TEE_SHM_USER_MAPPED) > + if (!iov_iter_is_kvec(iter)) > unpin_user_pages(shm->pages, shm->num_pages); > else > shm_put_kernel_pages(shm->pages, shm->num_pages); > +err_free_shm_pages: > kfree(shm->pages); > err_free_shm: > kfree(shm); > @@ -307,8 +305,9 @@ struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, > u32 flags = TEE_SHM_USER_MAPPED | TEE_SHM_DYNAMIC; > struct tee_device *teedev = ctx->teedev; > struct tee_shm *shm; > + struct iov_iter iter; > void *ret; > - int id; > + int id, err; > > if (!access_ok((void __user *)addr, length)) > return ERR_PTR(-EFAULT); > @@ -319,7 +318,11 @@ struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, > if (id < 0) > return ERR_PTR(id); > > - shm = register_shm_helper(ctx, addr, length, flags, id); > + err = import_ubuf(ITER_DEST, (void __user *)addr, length, &iter); As I mentioned in a previous review, import_ubuf() already does the access_ok() check, so we don't need the extra access_ok() check above. Also, you should move import_ubuf() to be the first invocation within this API. -Sumit > + if (err) > + return ERR_PTR(err); > + > + shm = register_shm_helper(ctx, &iter, flags, id); > if (IS_ERR(shm)) { > mutex_lock(&teedev->mutex); > idr_remove(&teedev->idr, id); > @@ -352,8 +355,14 @@ struct tee_shm *tee_shm_register_kernel_buf(struct tee_context *ctx, > void *addr, size_t length) > { > u32 flags = TEE_SHM_DYNAMIC; > + struct kvec kvec; > + struct iov_iter iter; > + > + kvec.iov_base = addr; > + kvec.iov_len = length; > + iov_iter_kvec(&iter, ITER_DEST, &kvec, 1, length); > > - return register_shm_helper(ctx, (unsigned long)addr, length, flags, -1); > + return register_shm_helper(ctx, &iter, flags, -1); > } > EXPORT_SYMBOL_GPL(tee_shm_register_kernel_buf); > > -- > 2.25.1 >