Since the addition of session's client UUID generation via commit [1], login via REE kernel method was disallowed. So fix that via passing nill UUID in case of TEE_IOCTL_LOGIN_REE_KERNEL method as well.
Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") [1] Signed-off-by: Sumit Garg sumit.garg@linaro.org --- drivers/tee/tee_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 64637e0..2f6199e 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -200,7 +200,8 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, int name_len; int rc;
- if (connection_method == TEE_IOCTL_LOGIN_PUBLIC) { + if (connection_method == TEE_IOCTL_LOGIN_PUBLIC || + connection_method == TEE_IOCTL_LOGIN_REE_KERNEL) { /* Nil UUID to be passed to TEE environment */ uuid_copy(uuid, &uuid_null); return 0;
Hi Jens,
On Thu, 17 Sep 2020 at 19:10, Sumit Garg sumit.garg@linaro.org wrote:
Since the addition of session's client UUID generation via commit [1], login via REE kernel method was disallowed. So fix that via passing nill UUID in case of TEE_IOCTL_LOGIN_REE_KERNEL method as well.
Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") [1] Signed-off-by: Sumit Garg sumit.garg@linaro.org
drivers/tee/tee_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Would you like to pick up this fix?
-Sumit
diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 64637e0..2f6199e 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -200,7 +200,8 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, int name_len; int rc;
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC) {
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC ||connection_method == TEE_IOCTL_LOGIN_REE_KERNEL) { /* Nil UUID to be passed to TEE environment */ uuid_copy(uuid, &uuid_null); return 0;-- 2.7.4
Hi Sumit,
On Wed, Oct 7, 2020 at 11:27 AM Sumit Garg sumit.garg@linaro.org wrote:
Hi Jens,
On Thu, 17 Sep 2020 at 19:10, Sumit Garg sumit.garg@linaro.org wrote:
Since the addition of session's client UUID generation via commit [1], login via REE kernel method was disallowed. So fix that via passing nill UUID in case of TEE_IOCTL_LOGIN_REE_KERNEL method as well.
Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") [1] Signed-off-by: Sumit Garg sumit.garg@linaro.org
drivers/tee/tee_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Would you like to pick up this fix?
Thanks for the reminder. This looks good to me. I'll pick up this unless someone objects. Vesa, does this look good to you too?
Cheers, Jens
-Sumit
diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 64637e0..2f6199e 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -200,7 +200,8 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, int name_len; int rc;
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC) {
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC ||connection_method == TEE_IOCTL_LOGIN_REE_KERNEL) { /* Nil UUID to be passed to TEE environment */ uuid_copy(uuid, &uuid_null); return 0;-- 2.7.4
Hi,
On 2020-10-08 08:53, Jens Wiklander wrote:
Hi Sumit,
On Wed, Oct 7, 2020 at 11:27 AM Sumit Garg sumit.garg@linaro.org wrote:
Hi Jens,
On Thu, 17 Sep 2020 at 19:10, Sumit Garg sumit.garg@linaro.org wrote:
Since the addition of session's client UUID generation via commit [1], login via REE kernel method was disallowed. So fix that via passing nill UUID in case of TEE_IOCTL_LOGIN_REE_KERNEL method as well.
Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") [1] Signed-off-by: Sumit Garg sumit.garg@linaro.org
drivers/tee/tee_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Would you like to pick up this fix?
Thanks for the reminder. This looks good to me. I'll pick up this unless someone objects. Vesa, does this look good to you too?
Cheers, Jens
Sorry I have been away for a while from the mailing list.
It seems that this is merged -- only thing that came to my mind with this is that:
If we have some kernel protected keys or so -- should we have separate client UUID for kernel operations.
Like when TEE_IOCTL_LOGIN_REE_KERNEL is given then client UUID would be generated for "kernel".
This way we can make sure that kernel owned keys stays for kernel. Nil UUID is kinda reserved for public login.
Thanks, Vesa Jääskeläinen
-Sumit
diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 64637e0..2f6199e 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -200,7 +200,8 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, int name_len; int rc;
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC) {
if (connection_method == TEE_IOCTL_LOGIN_PUBLIC ||connection_method == TEE_IOCTL_LOGIN_REE_KERNEL) { /* Nil UUID to be passed to TEE environment */ uuid_copy(uuid, &uuid_null); return 0;-- 2.7.4
op-tee@lists.trustedfirmware.org
-
Jens Wiklander -
Sumit Garg -
Vesa Jääskeläinen