- OP-TEE - lists.trustedfirmware.org

[PATCH] tee: make tee_shm_register_kernel_buf vmalloc supported

by Phil Chang

In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> --- drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 40 ++++++++++++++++++++++++++++------------ 2 files changed, 29 insertions(+), 13 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..2082e632adff 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1ca..861403588485 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -23,22 +23,38 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) static int shm_get_kernel_pages(unsigned long start, size_t page_count, struct page **pages) { - struct kvec *kiov; - size_t n; int rc; - kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); - if (!kiov) - return -ENOMEM; - - for (n = 0; n < page_count; n++) { - kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); - kiov[n].iov_len = PAGE_SIZE; + if (is_vmalloc_addr((void *)start)) { + struct page *page; + int i; + + for (i = 0; i < page_count; i++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * i)); + if (!page) + return -ENOMEM; + + get_page(page); + pages[i] = page; + } + rc = page_count; + } else { + struct kvec *kiov; + size_t n; + + kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); + if (!kiov) + return -ENOMEM; + + for (n = 0; n < page_count; n++) { + kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); + kiov[n].iov_len = PAGE_SIZE; + } + + rc = get_kernel_pages(kiov, page_count, 0, pages); + kfree(kiov); } - rc = get_kernel_pages(kiov, page_count, 0, pages); - kfree(kiov); - return rc; } -- 2.25.1

3 years, 11 months

2
1
0 0

[PATCH] tee: amdtee: Make use of the helper macro LIST_HEAD()

by Cai Huoqing

Replace "struct list_head head = LIST_HEAD_INIT(head)" with "LIST_HEAD(head)" to simplify the code. Signed-off-by: Cai Huoqing <cai.huoqing(a)linux.dev> --- drivers/tee/amdtee/call.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/amdtee/call.c b/drivers/tee/amdtee/call.c index 07f36ac834c8..cec6e70f0ac9 100644 --- a/drivers/tee/amdtee/call.c +++ b/drivers/tee/amdtee/call.c @@ -122,7 +122,7 @@ static int amd_params_to_tee_params(struct tee_param *tee, u32 count, } static DEFINE_MUTEX(ta_refcount_mutex); -static struct list_head ta_list = LIST_HEAD_INIT(ta_list); +static LIST_HEAD(ta_list); static u32 get_ta_refcount(u32 ta_handle) { -- 2.25.1

3 years, 11 months

3
2
0 0

[GIT PULL] OP-TEE another fix for v5.17

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small OP-TEE driver fix taking care of a broken return code in the error path of the two probe functions in the OP-TEE driver. Please note that this pull request is on top of the previously just merged patch which introduced the problem fixed here. Thanks, Jens The following changes since commit aceeafefff736057e8f93f19bbfbef26abd94604: optee: use driver internal tee_context for some rpc (2022-02-03 13:36:32 +0100) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix2-for-v5.17 for you to fetch changes up to 40eb0dcf4114cbfff4d207890fa5a19e82da9fdc: tee: optee: fix error return code in probe function (2022-02-14 12:36:48 +0100) ---------------------------------------------------------------- OP-TEE fix error return code in probe functions ---------------------------------------------------------------- Yang Yingliang (1): tee: optee: fix error return code in probe function drivers/tee/optee/ffa_abi.c | 4 +++- drivers/tee/optee/smc_abi.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-)

3 years, 11 months

1
0
0 0

[PATCH -next] tee: optee: fix error return code in probe function

by Yang Yingliang

If teedev_open() fails, probe function need return error code. Fixes: aceeafefff73 ("optee: use driver internal tee_context for some rpc") Reported-by: Hulk Robot <hulkci(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- drivers/tee/optee/ffa_abi.c | 4 +++- drivers/tee/optee/smc_abi.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index f2bf6c61197f..f744ab15bf2c 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -869,8 +869,10 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee_supp_init(&optee->supp); ffa_dev_set_drvdata(ffa_dev, optee); ctx = teedev_open(optee->teedev); - if (IS_ERR(ctx)) + if (IS_ERR(ctx)) { + rc = PTR_ERR(ctx); goto err_rhashtable_free; + } optee->ctx = ctx; rc = optee_notif_init(optee, OPTEE_DEFAULT_MAX_NOTIF_VALUE); if (rc) diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 1a55339c7072..c517d310249f 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -1417,8 +1417,10 @@ static int optee_probe(struct platform_device *pdev) platform_set_drvdata(pdev, optee); ctx = teedev_open(optee->teedev); - if (IS_ERR(ctx)) + if (IS_ERR(ctx)) { + rc = PTR_ERR(ctx); goto err_supp_uninit; + } optee->ctx = ctx; rc = optee_notif_init(optee, max_notif_value); if (rc) -- 2.25.1

3 years, 11 months

2
1
0 0

[PATCH] optee: make tee_shm_register vmalloc supported

by Phil Chang

This patch allowed the tee shm use vmalloc area buffer. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> --- Hi, In some low-memory devices, it's hard to aquire large-orders pages, this pathes is allowed user use scatter pages to register shm. Thanks. drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index b25cc1fac945..937bcc7df8e4 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index 499fccba3d74..31d0c10485ff 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -195,6 +195,20 @@ struct tee_shm *tee_shm_register(struct tee_context *ctx, unsigned long addr, if (flags & TEE_SHM_USER_MAPPED) { rc = pin_user_pages_fast(start, num_pages, FOLL_WRITE, shm->pages); + } else if (is_vmalloc_addr((void *)start)) { + struct page *page; + int i; + + for (i = 0; i < num_pages; i++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * i)); + if (!page) { + ret = ERR_PTR(-ENOMEM); + goto err; + } + get_page(page); + shm->pages[i] = page; + } + rc = num_pages; } else { struct kvec *kiov; int i; -- 2.25.1

4 years

2
1
0 0

[GIT PULL] OP-TEE fix for v5.17

by Jens Wiklander

Hello arm-soc maintainers, Please pull this OP-TEE driver fix which decouples driver private shared memory objects from the original tee_context. This fixes the root cause of a shutdown problem where the driver would dead-lock waiting for tee-supplicant. Thanks, Jens The following changes since commit 26291c54e111ff6ba87a164d85d4a4e134b7315c: Linux 5.17-rc2 (2022-01-30 15:37:07 +0200) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix-for-v5.17 for you to fetch changes up to aceeafefff736057e8f93f19bbfbef26abd94604: optee: use driver internal tee_context for some rpc (2022-02-03 13:36:32 +0100) ---------------------------------------------------------------- OP-TEE fix shutdown problems ---------------------------------------------------------------- Jens Wiklander (1): optee: use driver internal tee_context for some rpc drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 77 ++++++++++++++++++++++----------------- drivers/tee/optee/optee_private.h | 5 ++- drivers/tee/optee/smc_abi.c | 48 +++++++++--------------- 4 files changed, 64 insertions(+), 67 deletions(-)

4 years

1
0
0 0

[PATCH] optee: use driver internal tee_contex for some rpc

by Jens Wiklander

Adds a driver private tee_context by moving the tee_context in struct optee_notif to struct optee. This tee_context was previously used when doing internal calls to secure world to deliver notification. The new driver internal tee_context is now also when allocating driver private shared memory. This decouples the shared memory object from its original tee_context. This is needed when the life time of such a memory allocation outlives the client tee_context. This patch fixes the problem described below: The addition of a shutdown hook by commit f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") introduced a kernel shutdown regression that can be triggered after running the OP-TEE xtest suites. Once the shutdown hook is called it is not possible to communicate any more with the supplicant process because the system is not scheduling task any longer. Thus if the optee driver shutdown path receives a supplicant RPC request from the OP-TEE we will deadlock the kernel's shutdown. Fixes: f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") Fixes: 217e0250cccb ("tee: use reference counting for tee_context") Reported-by: Lars Persson <larper(a)axis.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> --- This patch is from "optee: add driver private tee_context" and "optee: use driver internal tee_contex for some rpc" in [1] combined into one patch for easier tracking. It turned out that those two patches fixes reported problem so I'm breaking out this from the patchset in order to target it for the v5.17. [1] https://lore.kernel.org/lkml/20220125162938.838382-1-jens.wiklander@linaro.… drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 77 +++++++++++++++++-------------- drivers/tee/optee/optee_private.h | 5 +- drivers/tee/optee/smc_abi.c | 48 +++++++------------ 4 files changed, 64 insertions(+), 67 deletions(-) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 1ca320885fad..17a6f51d3089 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -158,6 +158,7 @@ void optee_remove_common(struct optee *optee) optee_unregister_devices(); optee_notif_uninit(optee); + teedev_close_context(optee->ctx); /* * The two devices have to be unregistered before we can free the * other resources. diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index 20a1b1a3d965..545f61af1248 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -424,6 +424,7 @@ static struct tee_shm_pool_mgr *optee_ffa_shm_pool_alloc_pages(void) */ static void handle_ffa_rpc_func_cmd_shm_alloc(struct tee_context *ctx, + struct optee *optee, struct optee_msg_arg *arg) { struct tee_shm *shm; @@ -439,7 +440,7 @@ static void handle_ffa_rpc_func_cmd_shm_alloc(struct tee_context *ctx, shm = optee_rpc_cmd_alloc_suppl(ctx, arg->params[0].u.value.b); break; case OPTEE_RPC_SHM_TYPE_KERNEL: - shm = tee_shm_alloc(ctx, arg->params[0].u.value.b, + shm = tee_shm_alloc(optee->ctx, arg->params[0].u.value.b, TEE_SHM_MAPPED | TEE_SHM_PRIV); break; default: @@ -493,14 +494,13 @@ static void handle_ffa_rpc_func_cmd_shm_free(struct tee_context *ctx, } static void handle_ffa_rpc_func_cmd(struct tee_context *ctx, + struct optee *optee, struct optee_msg_arg *arg) { - struct optee *optee = tee_get_drvdata(ctx->teedev); - arg->ret_origin = TEEC_ORIGIN_COMMS; switch (arg->cmd) { case OPTEE_RPC_CMD_SHM_ALLOC: - handle_ffa_rpc_func_cmd_shm_alloc(ctx, arg); + handle_ffa_rpc_func_cmd_shm_alloc(ctx, optee, arg); break; case OPTEE_RPC_CMD_SHM_FREE: handle_ffa_rpc_func_cmd_shm_free(ctx, optee, arg); @@ -510,12 +510,12 @@ static void handle_ffa_rpc_func_cmd(struct tee_context *ctx, } } -static void optee_handle_ffa_rpc(struct tee_context *ctx, u32 cmd, - struct optee_msg_arg *arg) +static void optee_handle_ffa_rpc(struct tee_context *ctx, struct optee *optee, + u32 cmd, struct optee_msg_arg *arg) { switch (cmd) { case OPTEE_FFA_YIELDING_CALL_RETURN_RPC_CMD: - handle_ffa_rpc_func_cmd(ctx, arg); + handle_ffa_rpc_func_cmd(ctx, optee, arg); break; case OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT: /* Interrupt delivered by now */ @@ -582,7 +582,7 @@ static int optee_ffa_yielding_call(struct tee_context *ctx, * above. */ cond_resched(); - optee_handle_ffa_rpc(ctx, data->data1, rpc_arg); + optee_handle_ffa_rpc(ctx, optee, data->data1, rpc_arg); cmd = OPTEE_FFA_YIELDING_CALL_RESUME; data->data0 = cmd; data->data1 = 0; @@ -793,7 +793,9 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) { const struct ffa_dev_ops *ffa_ops; unsigned int rpc_arg_count; + struct tee_shm_pool *pool; struct tee_device *teedev; + struct tee_context *ctx; struct optee *optee; int rc; @@ -813,12 +815,12 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) if (!optee) return -ENOMEM; - optee->pool = optee_ffa_config_dyn_shm(); - if (IS_ERR(optee->pool)) { - rc = PTR_ERR(optee->pool); - optee->pool = NULL; - goto err; + pool = optee_ffa_config_dyn_shm(); + if (IS_ERR(pool)) { + rc = PTR_ERR(pool); + goto err_free_optee; } + optee->pool = pool; optee->ops = &optee_ffa_ops; optee->ffa.ffa_dev = ffa_dev; @@ -829,7 +831,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee); if (IS_ERR(teedev)) { rc = PTR_ERR(teedev); - goto err; + goto err_free_pool; } optee->teedev = teedev; @@ -837,50 +839,57 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee); if (IS_ERR(teedev)) { rc = PTR_ERR(teedev); - goto err; + goto err_unreg_teedev; } optee->supp_teedev = teedev; rc = tee_device_register(optee->teedev); if (rc) - goto err; + goto err_unreg_supp_teedev; rc = tee_device_register(optee->supp_teedev); if (rc) - goto err; + goto err_unreg_supp_teedev; rc = rhashtable_init(&optee->ffa.global_ids, &shm_rhash_params); if (rc) - goto err; + goto err_unreg_supp_teedev; mutex_init(&optee->ffa.mutex); mutex_init(&optee->call_queue.mutex); INIT_LIST_HEAD(&optee->call_queue.waiters); optee_supp_init(&optee->supp); ffa_dev_set_drvdata(ffa_dev, optee); + ctx = teedev_open(optee->teedev); + if (IS_ERR(ctx)) + goto err_rhashtable_free; + optee->ctx = ctx; rc = optee_notif_init(optee, OPTEE_DEFAULT_MAX_NOTIF_VALUE); - if (rc) { - optee_ffa_remove(ffa_dev); - return rc; - } + if (rc) + goto err_close_ctx; rc = optee_enumerate_devices(PTA_CMD_GET_DEVICES); - if (rc) { - optee_ffa_remove(ffa_dev); - return rc; - } + if (rc) + goto err_unregister_devices; pr_info("initialized driver\n"); return 0; -err: - /* - * tee_device_unregister() is safe to call even if the - * devices hasn't been registered with - * tee_device_register() yet. - */ + +err_unregister_devices: + optee_unregister_devices(); + optee_notif_uninit(optee); +err_close_ctx: + teedev_close_context(ctx); +err_rhashtable_free: + rhashtable_free_and_destroy(&optee->ffa.global_ids, rh_free_fn, NULL); + optee_supp_uninit(&optee->supp); + mutex_destroy(&optee->call_queue.mutex); +err_unreg_supp_teedev: tee_device_unregister(optee->supp_teedev); +err_unreg_teedev: tee_device_unregister(optee->teedev); - if (optee->pool) - tee_shm_pool_free(optee->pool); +err_free_pool: + tee_shm_pool_free(pool); +err_free_optee: kfree(optee); return rc; } diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index 46f74ab07c7e..92bc47bef95f 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -53,7 +53,6 @@ struct optee_call_queue { struct optee_notif { u_int max_key; - struct tee_context *ctx; /* Serializes access to the elements below in this struct */ spinlock_t lock; struct list_head db; @@ -134,9 +133,10 @@ struct optee_ops { /** * struct optee - main service struct * @supp_teedev: supplicant device + * @teedev: client device * @ops: internal callbacks for different ways to reach secure * world - * @teedev: client device + * @ctx: driver internal TEE context * @smc: specific to SMC ABI * @ffa: specific to FF-A ABI * @call_queue: queue of threads waiting to call @invoke_fn @@ -152,6 +152,7 @@ struct optee { struct tee_device *supp_teedev; struct tee_device *teedev; const struct optee_ops *ops; + struct tee_context *ctx; union { struct optee_smc smc; struct optee_ffa ffa; diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 449d6a72d289..bacd1a1d79ee 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -622,6 +622,7 @@ static void handle_rpc_func_cmd_shm_free(struct tee_context *ctx, } static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx, + struct optee *optee, struct optee_msg_arg *arg, struct optee_call_ctx *call_ctx) { @@ -651,7 +652,8 @@ static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx, shm = optee_rpc_cmd_alloc_suppl(ctx, sz); break; case OPTEE_RPC_SHM_TYPE_KERNEL: - shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED | TEE_SHM_PRIV); + shm = tee_shm_alloc(optee->ctx, sz, + TEE_SHM_MAPPED | TEE_SHM_PRIV); break; default: arg->ret = TEEC_ERROR_BAD_PARAMETERS; @@ -747,7 +749,7 @@ static void handle_rpc_func_cmd(struct tee_context *ctx, struct optee *optee, switch (arg->cmd) { case OPTEE_RPC_CMD_SHM_ALLOC: free_pages_list(call_ctx); - handle_rpc_func_cmd_shm_alloc(ctx, arg, call_ctx); + handle_rpc_func_cmd_shm_alloc(ctx, optee, arg, call_ctx); break; case OPTEE_RPC_CMD_SHM_FREE: handle_rpc_func_cmd_shm_free(ctx, arg); @@ -776,7 +778,7 @@ static void optee_handle_rpc(struct tee_context *ctx, switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) { case OPTEE_SMC_RPC_FUNC_ALLOC: - shm = tee_shm_alloc(ctx, param->a1, + shm = tee_shm_alloc(optee->ctx, param->a1, TEE_SHM_MAPPED | TEE_SHM_PRIV); if (!IS_ERR(shm) && !tee_shm_get_pa(shm, 0, &pa)) { reg_pair_from_64(&param->a1, &param->a2, pa); @@ -954,57 +956,34 @@ static irqreturn_t notif_irq_thread_fn(int irq, void *dev_id) { struct optee *optee = dev_id; - optee_smc_do_bottom_half(optee->notif.ctx); + optee_smc_do_bottom_half(optee->ctx); return IRQ_HANDLED; } static int optee_smc_notif_init_irq(struct optee *optee, u_int irq) { - struct tee_context *ctx; int rc; - ctx = teedev_open(optee->teedev); - if (IS_ERR(ctx)) - return PTR_ERR(ctx); - - optee->notif.ctx = ctx; rc = request_threaded_irq(irq, notif_irq_handler, notif_irq_thread_fn, 0, "optee_notification", optee); if (rc) - goto err_close_ctx; + return rc; optee->smc.notif_irq = irq; return 0; - -err_close_ctx: - teedev_close_context(optee->notif.ctx); - optee->notif.ctx = NULL; - - return rc; } static void optee_smc_notif_uninit_irq(struct optee *optee) { - if (optee->notif.ctx) { - optee_smc_stop_async_notif(optee->notif.ctx); + if (optee->smc.sec_caps & OPTEE_SMC_SEC_CAP_ASYNC_NOTIF) { + optee_smc_stop_async_notif(optee->ctx); if (optee->smc.notif_irq) { free_irq(optee->smc.notif_irq, optee); irq_dispose_mapping(optee->smc.notif_irq); } - - /* - * The thread normally working with optee->notif.ctx was - * stopped with free_irq() above. - * - * Note we're not using teedev_close_context() or - * tee_client_close_context() since we have already called - * tee_device_put() while initializing to avoid a circular - * reference counting. - */ - teedev_close_context(optee->notif.ctx); } } @@ -1366,6 +1345,7 @@ static int optee_probe(struct platform_device *pdev) struct optee *optee = NULL; void *memremaped_shm = NULL; struct tee_device *teedev; + struct tee_context *ctx; u32 max_notif_value; u32 sec_caps; int rc; @@ -1446,9 +1426,13 @@ static int optee_probe(struct platform_device *pdev) optee->pool = pool; platform_set_drvdata(pdev, optee); + ctx = teedev_open(optee->teedev); + if (IS_ERR(ctx)) + goto err_supp_uninit; + optee->ctx = ctx; rc = optee_notif_init(optee, max_notif_value); if (rc) - goto err_supp_uninit; + goto err_close_ctx; if (sec_caps & OPTEE_SMC_SEC_CAP_ASYNC_NOTIF) { unsigned int irq; @@ -1496,6 +1480,8 @@ static int optee_probe(struct platform_device *pdev) optee_unregister_devices(); err_notif_uninit: optee_notif_uninit(optee); +err_close_ctx: + teedev_close_context(ctx); err_supp_uninit: optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); -- 2.31.1

4 years

2
2
0 0

OP-TEE 3.16.0 has been released

by Jens Wiklander

Hi, I'm pleased to announce that OP-TEE version 3.16.0 is now available. As usual, the list of changes can be found in the changelog [1]. A bit thank you to everyone who participated with contributions and helping out with testing the release [2]. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/optee_os/pull/5094/commits/c73f274f1ecacd7553e7ec… Regards, Jens

4 years

2
1
0 0

[PATCH v3 00/12] tee: shared memory updates

by Jens Wiklander

Hi all, This patchset is a general cleanup of shared memory handling in the TEE subsystem. Until now has the in-kernel tee clients used tee_shm_alloc() and tee_shm_register() to share memory with secure world. These two function exposes via a flags parameter a bit more of the internals of the TEE subsystem than one would like. So in order to make things easier are those two functions replaced by few functions which should provide better abstraction. Two in-kernel tee clients are updated to use these new functions. The shared memory pool handling is simplified, an internal matter for the two TEE drivers OP-TEE and AMDTEE. An OP-TEE driver internal tee_context is added to handle shared memory allocations received via RPC, for instance the argument structure needed to make more complex RPC requests. The tee_context used when doing such a memory allocation must be kept until the memory is freed. With this we can avoid keeping a tee_context of a client around for longer than necessary. In the v1 review it was suggested [1] to allow physically non-contiguous memory allocations by the drivers. It turned out to be harder than anticipated so I'll save that for a separate patch. This patchset is also available at [2]. Thanks, Jens [1] https://lore.kernel.org/linux-arm-kernel/20210609145811.GJ4910@sequoia/ [2] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=tee_shm_v3 v2->v3: * Make tee_shm_alloc_user_buf() and tee_shm_register_user_buf() internal and don't export them to the drivers. * Rename tee_shm_alloc_priv_kernel_buf() to tee_shm_alloc_priv_buf() * Adressing comments on variable names and choice of types in "tee: replace tee_shm_register()" * Adding detailed explaination on alignment in "tee: simplify shm pool handling" * Added Sumits R-B on a few of the patches v1->v2: * The commits three "tee: add tee_shm_alloc_kernel_buf()", "tpm_ftpm_tee: use tee_shm_alloc_kernel_buf()" and "firmware: tee_bnxt: use tee_shm_alloc_kernel_buf()" has been merged some time ago as part of another patchset. * Another in-kernel tee client is updated with the commit "KEYS: trusted: tee: use tee_shm_register_kernel_buf()" * tee_shm_alloc_anon_kernel_buf() is replaced with an easier to use function tee_shm_alloc_priv_kernel_buf() and tee_shm_free_anon_kernel_buf() has been dropped. * A driver internal struct tee_context is used to when doing driver internal calls to secure world. * Adds patches to replace tee_shm_register() in a similar way as how tee_shm_alloc() is replaced. * A patch is added to clean up the TEE_SHM_* flags * Fixed a warning reported by kernel test robot <lkp(a)intel.com> Jens Wiklander (12): hwrng: optee-rng: use tee_shm_alloc_kernel_buf() tee: remove unused tee_shm_pool_alloc_res_mem() tee: add tee_shm_alloc_user_buf() tee: simplify shm pool handling tee: replace tee_shm_alloc() optee: add driver private tee_context optee: use driver internal tee_contex for some rpc optee: add optee_pool_op_free_helper() tee: add tee_shm_register_{user,kernel}_buf() KEYS: trusted: tee: use tee_shm_register_kernel_buf() tee: replace tee_shm_register() tee: refactor TEE_SHM_* flags drivers/char/hw_random/optee-rng.c | 6 +- drivers/tee/amdtee/shm_pool.c | 55 ++-- drivers/tee/optee/Kconfig | 8 - drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 22 +- drivers/tee/optee/device.c | 5 +- drivers/tee/optee/ffa_abi.c | 136 ++++------ drivers/tee/optee/optee_private.h | 12 +- drivers/tee/optee/smc_abi.c | 159 +++-------- drivers/tee/tee_core.c | 5 +- drivers/tee/tee_private.h | 15 +- drivers/tee/tee_shm.c | 320 +++++++++++++++-------- drivers/tee/tee_shm_pool.c | 162 +++--------- include/linux/tee_drv.h | 138 +++------- security/keys/trusted-keys/trusted_tee.c | 23 +- 15 files changed, 438 insertions(+), 630 deletions(-) -- 2.31.1

4 years

2
25
0 0

[PATCH v2] optee: Do not send requests to supplicant during shutdown

by Lars Persson

The addition of a shutdown hook by commit f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") introduced a kernel shutdown regression that can be triggered after running the xtest suites. Once the shutdown hook is called it is not possible to communicate any more with the supplicant process because the system is not scheduling task any longer. Thus if the optee driver shutdown path receives a supplicant RPC request from the OP-TEE we will deadlock the kernel's shutdown. This unexpected event will in fact occur after the xtest suite has been run. It seems some cached SHM kept alive a context object which in turn kept alive a session towards a PTA or TA. Closing the session results in a socket RPC command being sent back from OP-TEE. This sequence of events is captured by a 5.15 kernel annotated with extra prints: Calling OPTEE_SMC_DISABLE_SHM_CACHE OPTEE_SMC_DISABLE_SHM_CACHE returned 0 freeing SHM ptr 0xFFFFFF8001079380 Calling OPTEE_SMC_DISABLE_SHM_CACHE OPTEE_SMC_DISABLE_SHM_CACHE returned 0 freeing SHM ptr 0xFFFFFF8001CC5580 Calling OPTEE_SMC_DISABLE_SHM_CACHE OPTEE_SMC_DISABLE_SHM_CACHE returned 0 freeing SHM ptr 0xFFFFFF8006308A80 Calling OPTEE_SMC_DISABLE_SHM_CACHE OPTEE_SMC_DISABLE_SHM_CACHE returned 0 freeing SHM ptr 0xFFFFFF8006308B00 optee: optee_handle_rpc: a0=0XFFFF0000 a1=0XA0 a2=0X0 optee: optee_handle_rpc: a0=0XFFFF0005 a1=0XFFFFFF80 a2=0X61E6500 optee: handle_rpc_func_cmd: cmd = 0XA optee_supp_thrd_req: func=0XA Introduce a shutdown state in the optee device object to return an immediate error to all RPC requests in the shutdown path. Fixes: f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") Signed-off-by: Lars Persson <larper(a)axis.com> --- drivers/tee/optee/optee_private.h | 1 + drivers/tee/optee/smc_abi.c | 5 ++++- drivers/tee/optee/supp.c | 8 ++++++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index 46f74ab07c7e..9eb72931e11f 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -162,6 +162,7 @@ struct optee { struct tee_shm_pool *pool; unsigned int rpc_arg_count; bool scan_bus_done; + bool shutting_down; struct workqueue_struct *scan_bus_wq; struct work_struct scan_bus_work; }; diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 449d6a72d289..10af747da816 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -1356,7 +1356,10 @@ static int optee_smc_remove(struct platform_device *pdev) */ static void optee_shutdown(struct platform_device *pdev) { - optee_disable_shm_cache(platform_get_drvdata(pdev)); + struct optee *optee = platform_get_drvdata(pdev); + + optee->shutting_down = true; + optee_disable_shm_cache(optee); } static int optee_probe(struct platform_device *pdev) diff --git a/drivers/tee/optee/supp.c b/drivers/tee/optee/supp.c index 322a543b8c27..801b4ec659e8 100644 --- a/drivers/tee/optee/supp.c +++ b/drivers/tee/optee/supp.c @@ -83,6 +83,14 @@ u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params, bool interruptable; u32 ret; + /* + * When the system is shutting down we cannot talk + * to the supplicant anymore even if we seem to have + * an open session to it. + */ + if (optee->shutting_down) + return TEEC_ERROR_COMMUNICATION; + /* * Return in case there is no supplicant available and * non-blocking request. -- 2.30.2

4 years

4
7
0 0

2026

2025

2024

2023

2022

2021

2020

OP-TEE