Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 270e738a authored by Anmolpreet Kaur's avatar Anmolpreet Kaur
Browse files

qseecom: Proper handling of unmapping dmabuf 



After unmapping the dmabuf, the pointers for dmabuf
and sg lists should be explicitly made NULL. This
change takes care of releasing the already unmapped
dma buf pointers and sg pointers.

Change-Id: Ia33231af761eddbdd6f71fda2c16b37289724b2e
Signed-off-by: default avatarAnmolpreet Kaur <anmolpre@codeaurora.org>
parent dd22fab7

drivers/misc/qseecom.c

+42 −11
Original line number Diff line number Diff line
@@ -2,7 +2,7 @@ 
/*

 * QTI Secure Execution Environment Communicator (QSEECOM) driver

 *

 * Copyright (c) 2012-2019, The Linux Foundation. All rights reserved.

 * Copyright (c) 2012-2020, The Linux Foundation. All rights reserved.

 */



#define pr_fmt(fmt) "QSEECOM: %s: " fmt, __func__
@@ -191,6 +191,13 @@ struct sglist_info { 
#define MAKE_WHITELIST_VERSION(major, minor, patch) \

	(((major & 0x3FF) << 22) | ((minor & 0x3FF) << 12) | (patch & 0xFFF))



#define MAKE_NULL(sgt, attach, dmabuf) do {\

				sgt = NULL;\

				attach = NULL;\

				dmabuf = NULL;\

				} while (0)





struct qseecom_registered_listener_list {

	struct list_head                 list;

	struct qseecom_register_listener_req svc;
@@ -1422,6 +1429,7 @@ static int qseecom_vaddr_map(int ion_fd, 
err_unmap:

	dma_buf_end_cpu_access(new_dma_buf, DMA_BIDIRECTIONAL);

	qseecom_dmabuf_unmap(new_sgt, new_attach, new_dma_buf);

	MAKE_NULL(*sgt, *attach, *dmabuf);

err:

	return ret;

}
@@ -1496,9 +1504,11 @@ static int __qseecom_set_sb_memory(struct qseecom_registered_listener_list *svc, 
	}

	return 0;

err:

	if (svc->dmabuf)

	if (svc->dmabuf) {

		qseecom_vaddr_unmap(svc->sb_virt, svc->sgt, svc->attach,

			svc->dmabuf);

		MAKE_NULL(svc->sgt, svc->attach, svc->dmabuf);

	}

	return ret;

}
@@ -1624,9 +1634,11 @@ static int __qseecom_unregister_listener(struct qseecom_dev_handle *data, 
	}



exit:

	if (ptr_svc->dmabuf)

	if (ptr_svc->dmabuf) {

		qseecom_vaddr_unmap(ptr_svc->sb_virt,

			ptr_svc->sgt, ptr_svc->attach, ptr_svc->dmabuf);

		MAKE_NULL(ptr_svc->sgt, ptr_svc->attach, ptr_svc->dmabuf);

	}

	__qseecom_free_tzbuf(&ptr_svc->sglistinfo_shm);

	list_del(&ptr_svc->list);

	kzfree(ptr_svc);
@@ -2028,9 +2040,12 @@ static int qseecom_set_client_mem_param(struct qseecom_dev_handle *data, 


	return ret;

exit:

	if (data->client.dmabuf)

	if (data->client.dmabuf) {

		qseecom_vaddr_unmap(data->client.sb_virt, data->client.sgt,

			 data->client.attach, data->client.dmabuf);

		MAKE_NULL(data->client.sgt,

			data->client.attach, data->client.dmabuf);

	}

	return ret;

}
@@ -2972,8 +2987,10 @@ static int qseecom_load_app(struct qseecom_dev_handle *data, void __user *argp) 


loadapp_err:

	__qseecom_disable_clk_scale_down(data);

	if (dmabuf)

	if (dmabuf) {

		qseecom_vaddr_unmap(vaddr, sgt, attach, dmabuf);

		MAKE_NULL(sgt, attach, dmabuf);

	}

enable_clk_err:

	if (qseecom.support_bus_scaling) {

		mutex_lock(&qsee_bw_mutex);
@@ -3117,9 +3134,12 @@ static int qseecom_unload_app(struct qseecom_dev_handle *data, 
	}



unload_exit:

	if (data->client.dmabuf)

	if (data->client.dmabuf) {

		qseecom_vaddr_unmap(data->client.sb_virt, data->client.sgt,

			data->client.attach, data->client.dmabuf);

		MAKE_NULL(data->client.sgt,

			data->client.attach, data->client.dmabuf);

	}

	data->released = true;

	return ret;

}
@@ -4052,8 +4072,10 @@ static int __qseecom_update_cmd_buf(void *msg, bool cleanup, 
	}

	return ret;

err:

	if (!IS_ERR_OR_NULL(sg_ptr))

	if (!IS_ERR_OR_NULL(sg_ptr)) {

		qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);

		MAKE_NULL(sg_ptr, attach, dmabuf);

	}

	return -ENOMEM;

}
@@ -4291,8 +4313,10 @@ static int __qseecom_update_cmd_buf_64(void *msg, bool cleanup, 
				data->client.sec_buf_fd[i].size,

				data->client.sec_buf_fd[i].vbase,

				data->client.sec_buf_fd[i].pbase);

	if (!IS_ERR_OR_NULL(sg_ptr))

	if (!IS_ERR_OR_NULL(sg_ptr)) {

		qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);

		MAKE_NULL(sg_ptr, attach, dmabuf);

	}

	return -ENOMEM;

}
@@ -5852,8 +5876,10 @@ static int qseecom_load_external_elf(struct qseecom_dev_handle *data, 
	}



exit_cpu_restore:

	if (dmabuf)

	if (dmabuf) {

		qseecom_vaddr_unmap(va, sgt, attach, dmabuf);

		MAKE_NULL(sgt, attach, dmabuf);

	}

	return ret;

}
@@ -7104,8 +7130,10 @@ static int __qseecom_update_qteec_req_buf(struct qseecom_qteec_modfd_req *req, 
	}

	return ret;

err:

	if (!IS_ERR_OR_NULL(sg_ptr))

	if (!IS_ERR_OR_NULL(sg_ptr)) {

		qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);

		MAKE_NULL(sg_ptr, attach, dmabuf);

	}

	return -ENOMEM;

}
@@ -8300,10 +8328,13 @@ static int qseecom_release(struct inode *inode, struct file *file) 
			break;

		case QSEECOM_SECURE_SERVICE:

		case QSEECOM_GENERIC:

			if (data->client.dmabuf)

			if (data->client.dmabuf) {

				qseecom_vaddr_unmap(data->client.sb_virt,

					data->client.sgt, data->client.attach,

					data->client.dmabuf);

				MAKE_NULL(data->client.sgt, data->client.attach,

					data->client.dmabuf);

			}

			break;

		case QSEECOM_UNAVAILABLE_CLIENT_APP:

			break;