[PATCH 0/2] Fix tee: optee: add dynamic shared memory support

List overview All Threads
Download

newer

older

OP-TEE 3.0.0

VM management in OP-TEE

Jens Wiklander

28 Dec 2017 28 Dec '17

3:38 p.m.

Hi,

These two patches complements the previously posted patchset "tee: optee: add dynamic shared memory support" https://lwn.net/Articles/740242/

Tests are added to see that the registered shared memory cache attributes are compatible with OP-TEE in secure world. Under normal circumstances they will be compatible, but if memory has been previously mapped from a device with special page attributes it could lead to trouble.

Thanks, Jens

Jens Wiklander (2): tee: add start argument to shm_register callback tee: optee: check type of registered shared memory

drivers/tee/optee/call.c | 50 +++++++++++++++++++++++++++++++++++---- drivers/tee/optee/optee_private.h | 6 +++-- drivers/tee/tee_shm.c | 2 +- include/linux/tee_drv.h | 3 ++- 4 files changed, 53 insertions(+), 8 deletions(-)

-- 2.14.1

Show replies by date

Jens Wiklander

28 Dec 28 Dec

3:38 p.m.

New subject: [PATCH 1/2] tee: add start argument to shm_register callback

Adds a start argument to the shm_register callback to allow the callback to check memory type of the passed pages.

Signed-off-by: Jens Wiklander jens.wiklander@linaro.org --- drivers/tee/optee/call.c | 6 ++++-- drivers/tee/optee/optee_private.h | 6 ++++-- drivers/tee/tee_shm.c | 2 +- include/linux/tee_drv.h | 3 ++- 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index e675e82ff095..d61c14b788f2 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -536,7 +536,8 @@ void optee_free_pages_list(void *list, size_t num_entries) }

int optee_shm_register(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages) + struct page **pages, size_t num_pages, + unsigned long start) { struct tee_shm *shm_arg = NULL; struct optee_msg_arg *msg_arg; @@ -606,7 +607,8 @@ int optee_shm_unregister(struct tee_context *ctx, struct tee_shm *shm) }

int optee_shm_register_supp(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages) + struct page **pages, size_t num_pages, + unsigned long start) { /* * We don't want to register supplicant memory in OP-TEE. diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index de7962ebc1b6..f04930879762 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -173,11 +173,13 @@ void optee_enable_shm_cache(struct optee *optee); void optee_disable_shm_cache(struct optee *optee);

int optee_shm_register(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages); + struct page **pages, size_t num_pages, + unsigned long start); int optee_shm_unregister(struct tee_context *ctx, struct tee_shm *shm);

int optee_shm_register_supp(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages); + struct page **pages, size_t num_pages, + unsigned long start); int optee_shm_unregister_supp(struct tee_context *ctx, struct tee_shm *shm);

int optee_from_msg_param(struct tee_param *params, size_t num_params, diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index 04e1b8b37046..6a17b02ada5e 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -299,7 +299,7 @@ struct tee_shm *tee_shm_register(struct tee_context *ctx, unsigned long addr, }

rc = teedev->desc->ops->shm_register(ctx, shm, shm->pages, - shm->num_pages); + shm->num_pages, start); if (rc) { ret = ERR_PTR(rc); goto err; diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index a1d7f467657c..230a1ebbf3bc 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -108,7 +108,8 @@ struct tee_driver_ops { int (*supp_send)(struct tee_context *ctx, u32 ret, u32 num_params, struct tee_param *param); int (*shm_register)(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages); + struct page **pages, size_t num_pages, + unsigned long start); int (*shm_unregister)(struct tee_context *ctx, struct tee_shm *shm); };

-- 2.14.1

Jens Wiklander

3:38 p.m.

New subject: [PATCH 2/2] tee: optee: check type of registered shared memory

Checks the memory type of the pages to be registered as shared memory. Only normal cached memory is allowed.

Signed-off-by: Jens Wiklander jens.wiklander@linaro.org --- drivers/tee/optee/call.c | 44 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 2 deletions(-)

diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index d61c14b788f2..47b12b7fd02d 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -16,6 +16,7 @@ #include <linux/device.h> #include <linux/err.h> #include <linux/errno.h> +#include <linux/mm.h> #include <linux/slab.h> #include <linux/tee_drv.h> #include <linux/types.h> @@ -535,6 +536,41 @@ void optee_free_pages_list(void *list, size_t num_entries) free_pages_exact(list, get_pages_list_size(num_entries)); }

+static bool is_normal_memory(pgprot_t p) +{ +#if defined(CONFIG_ARM) + return (pgprot_val(p) & L_PTE_MT_MASK) == L_PTE_MT_WRITEALLOC; +#elif defined(CONFIG_ARM64) + return (pgprot_val(p) & PTE_ATTRINDX_MASK) == PTE_ATTRINDX(MT_NORMAL); +#else +#error "Unuspported architecture" +#endif +} + +static int __check_mem_type(struct vm_area_struct *vma, unsigned long end) +{ + while (vma && is_normal_memory(vma->vm_page_prot)) { + if (vma->vm_end >= end) + return 0; + vma = vma->vm_next; + } + + return -EINVAL; +} + +static int check_mem_type(unsigned long start, size_t num_pages) +{ + struct mm_struct *mm = current->mm; + int rc; + + down_read(&mm->mmap_sem); + rc = __check_mem_type(find_vma(mm, start), + start + num_pages * PAGE_SIZE); + up_read(&mm->mmap_sem); + + return rc; +} + int optee_shm_register(struct tee_context *ctx, struct tee_shm *shm, struct page **pages, size_t num_pages, unsigned long start) @@ -543,11 +579,15 @@ int optee_shm_register(struct tee_context *ctx, struct tee_shm *shm, struct optee_msg_arg *msg_arg; u64 *pages_list; phys_addr_t msg_parg; - int rc = 0; + int rc;

if (!num_pages) return -EINVAL;

+ rc = check_mem_type(start, num_pages); + if (rc) + return rc; + pages_list = optee_allocate_pages_list(num_pages); if (!pages_list) return -ENOMEM; @@ -614,7 +654,7 @@ int optee_shm_register_supp(struct tee_context *ctx, struct tee_shm *shm, * We don't want to register supplicant memory in OP-TEE. * Instead information about it will be passed in RPC code. */ - return 0; + return check_mem_type(start, num_pages); }

int optee_shm_unregister_supp(struct tee_context *ctx, struct tee_shm *shm)

-- 2.14.1

2323

days inactive

2323

days old

tee-dev@lists.linaro.org

2 comments

participants

tags (0)

participants (1)

Jens Wiklander