Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 236aca70 authored by Sumit Garg's avatar Sumit Garg Committed by Greg Kroah-Hartman
Browse files

tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag 



[ Upstream commit 376e4199e327a5cf29b8ec8fb0f64f3d8b429819 ]

Currently TEE_SHM_DMA_BUF flag has been inappropriately used to not
register shared memory allocated for private usage by underlying TEE
driver: OP-TEE in this case. So rather add a new flag as TEE_SHM_PRIV
that can be utilized by underlying TEE drivers for private allocation
and usage of shared memory.

With this corrected, allow tee_shm_alloc_kernel_buf() to allocate a
shared memory region without the backing of dma-buf.

Cc: stable@vger.kernel.org
Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
Co-developed-by: default avatarTyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: default avatarTyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: default avatarJens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: default avatarSumit Garg <sumit.garg@linaro.org>
Signed-off-by: default avatarJens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 5b774238

drivers/tee/optee/call.c

+1 −1
Original line number Diff line number Diff line
@@ -181,7 +181,7 @@ static struct tee_shm *get_msg_arg(struct tee_context *ctx, size_t num_params, 
	struct optee_msg_arg *ma;



	shm = tee_shm_alloc(ctx, OPTEE_MSG_GET_ARG_SIZE(num_params),

			    TEE_SHM_MAPPED);

			    TEE_SHM_MAPPED | TEE_SHM_PRIV);

	if (IS_ERR(shm))

		return shm;

drivers/tee/optee/core.c

+2 −1
Original line number Diff line number Diff line
@@ -254,7 +254,8 @@ static void optee_release(struct tee_context *ctx) 
	if (!ctxdata)

		return;



	shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), TEE_SHM_MAPPED);

	shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg),

			    TEE_SHM_MAPPED | TEE_SHM_PRIV);

	if (!IS_ERR(shm)) {

		arg = tee_shm_get_va(shm, 0);

		/*

drivers/tee/optee/rpc.c

+3 −2
Original line number Diff line number Diff line
@@ -220,7 +220,7 @@ static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx, 
		shm = cmd_alloc_suppl(ctx, sz);

		break;

	case OPTEE_MSG_RPC_SHM_TYPE_KERNEL:

		shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED);

		shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED | TEE_SHM_PRIV);

		break;

	default:

		arg->ret = TEEC_ERROR_BAD_PARAMETERS;
@@ -405,7 +405,8 @@ void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param, 


	switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) {

	case OPTEE_SMC_RPC_FUNC_ALLOC:

		shm = tee_shm_alloc(ctx, param->a1, TEE_SHM_MAPPED);

		shm = tee_shm_alloc(ctx, param->a1,

				    TEE_SHM_MAPPED | TEE_SHM_PRIV);

		if (!IS_ERR(shm) && !tee_shm_get_pa(shm, 0, &pa)) {

			reg_pair_from_64(&param->a1, &param->a2, pa);

			reg_pair_from_64(&param->a4, &param->a5,

drivers/tee/optee/shm_pool.c

+6 −2
Original line number Diff line number Diff line
@@ -27,7 +27,11 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, 
	shm->paddr = page_to_phys(page);

	shm->size = PAGE_SIZE << order;



	if (shm->flags & TEE_SHM_DMA_BUF) {

	/*

	 * Shared memory private to the OP-TEE driver doesn't need

	 * to be registered with OP-TEE.

	 */

	if (!(shm->flags & TEE_SHM_PRIV)) {

		unsigned int nr_pages = 1 << order, i;

		struct page **pages;
@@ -60,7 +64,7 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, 
static void pool_op_free(struct tee_shm_pool_mgr *poolm,

			 struct tee_shm *shm)

{

	if (shm->flags & TEE_SHM_DMA_BUF)

	if (!(shm->flags & TEE_SHM_PRIV))

		optee_shm_unregister(shm->ctx, shm);



	free_pages((unsigned long)shm->kaddr, get_order(shm->size));

drivers/tee/tee_shm.c

+2 −2
Original line number Diff line number Diff line
@@ -117,7 +117,7 @@ static struct tee_shm *__tee_shm_alloc(struct tee_context *ctx, 
		return ERR_PTR(-EINVAL);

	}



	if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF))) {

	if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF | TEE_SHM_PRIV))) {

		dev_err(teedev->dev.parent, "invalid shm flags 0x%x", flags);

		return ERR_PTR(-EINVAL);

	}
@@ -233,7 +233,7 @@ EXPORT_SYMBOL_GPL(tee_shm_priv_alloc); 
 */

struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size)

{

	return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED | TEE_SHM_DMA_BUF);

	return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED);

}

EXPORT_SYMBOL_GPL(tee_shm_alloc_kernel_buf);