aboutsummaryrefslogtreecommitdiff
path: root/drivers/tee
AgeCommit message (Collapse)Author
2022-02-08Merge tag 'optee-fixes-for-v5.17' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes OP-TE fixes for v5.17 - Adds error checking in optee_ffa_do_call_with_arg() - Reintroduces an accidentally lost fix for a memref size check - Uses bitmap_free() to free memory obtained with bitmap_zalloc() * tag 'optee-fixes-for-v5.17' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: add error checks in optee_ffa_do_call_with_arg() tee: optee: do not check memref size on return from Secure World optee: Use bitmap_free() to free bitmap Link: https://lore.kernel.org/r/20220126102609.GA1516258@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-02-03optee: use driver internal tee_context for some rpcJens Wiklander
Adds a driver private tee_context by moving the tee_context in struct optee_notif to struct optee. This tee_context was previously used when doing internal calls to secure world to deliver notification. The new driver internal tee_context is now also when allocating driver private shared memory. This decouples the shared memory object from its original tee_context. This is needed when the life time of such a memory allocation outlives the client tee_context. This patch fixes the problem described below: The addition of a shutdown hook by commit f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") introduced a kernel shutdown regression that can be triggered after running the OP-TEE xtest suites. Once the shutdown hook is called it is not possible to communicate any more with the supplicant process because the system is not scheduling task any longer. Thus if the optee driver shutdown path receives a supplicant RPC request from the OP-TEE we will deadlock the kernel's shutdown. Fixes: f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") Fixes: 217e0250cccb ("tee: use reference counting for tee_context") Reported-by: Lars Persson <larper@axis.com> Cc: stable@vger.kernel.org Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24optee: add error checks in optee_ffa_do_call_with_arg()Jens Wiklander
Adds error checking in optee_ffa_do_call_with_arg() for correctness. Fixes: 4615e5a34b95 ("optee: add FF-A support") Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24tee: optee: do not check memref size on return from Secure WorldJerome Forissier
Commit c650b8dc7a79 ("tee: optee: do not check memref size on return from Secure World") was mistakenly lost in commit 4602c5842f64 ("optee: refactor driver with internal callbacks"). Remove the unwanted code again. Fixes: 4602c5842f64 ("optee: refactor driver with internal callbacks") Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24optee: Use bitmap_free() to free bitmapChristophe JAILLET
kfree() and bitmap_free() are the same. But using the latter is more consistent when freeing memory allocated with bitmap_zalloc(). Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-10Merge tag 'drivers-5.17' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM SoC driver updates from Arnd Bergmann: "There are cleanups and minor bugfixes across several SoC specific drivers, for Qualcomm, Samsung, NXP i.MX, AT91, Tegra, Keystone, Renesas, ZynqMP Noteworthy new features are: - The op-tee firmware driver gains support for asynchronous notifications from secure-world firmware. - Qualcomm platforms gain support for new SoC types in various drivers: power domain, cache controller, RPM sleep, soc-info - Samsung SoC drivers gain support for new SoCs in ChipID and PMU, as well as a new USIv2 driver that handles various types of serial communiction (uart, i2c, spi) - Renesas adds support for R-Car S4-8 (R8A779F0) in multiple drivers, as well as memory controller support for RZ/G2L (R9A07G044). - Apple M1 gains support for the PMGR power management driver" * tag 'drivers-5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (94 commits) soc: qcom: rpmh-rsc: Fix typo in a comment soc: qcom: socinfo: Add SM6350 and SM7225 dt-bindings: arm: msm: Don't mark LLCC interrupt as required dt-bindings: firmware: scm: Add SM6350 compatible dt-bindings: arm: msm: Add LLCC for SM6350 soc: qcom: rpmhpd: Sort power-domain definitions and lists soc: qcom: rpmhpd: Remove mx/cx relationship on sc7280 soc: qcom: rpmhpd: Rename rpmhpd struct names soc: qcom: rpmhpd: sm8450: Add the missing .peer for sm8450_cx_ao soc: qcom: socinfo: add SM8450 ID soc: qcom: rpmhpd: Add SM8450 power domains dt-bindings: power: rpmpd: Add SM8450 to rpmpd binding soc: qcom: smem: Update max processor count dt-bindings: arm: qcom: Document SM8450 SoC and boards dt-bindings: firmware: scm: Add SM8450 compatible dt-bindings: arm: cpus: Add kryo780 compatible soc: qcom: rpmpd: Add support for sm6125 dt-bindings: qcom-rpmpd: Add sm6125 power domains soc: qcom: aoss: constify static struct thermal_cooling_device_ops PM: AVS: qcom-cpr: Use div64_ul instead of do_div ...
2021-12-23Merge tag 'arm-fixes-5.16-4' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM SoC fixes from Arnd Bergmann: "This is my last set of fixes for 5.16, including - multiple code fixes for the op-tee firmware driver - Two patches for allwinner SoCs, one fixing the phy mode on a board, the other one fixing a driver bug in the "RSB" bus driver. This was originally targeted for 5.17, but seemed worth moving to 5.16 - Two small fixes for devicetree files on i.MX platforms, resolving problems with ethernet and i2c" * tag 'arm-fixes-5.16-4' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: optee: Suppress false positive kmemleak report in optee_handle_rpc() tee: optee: Fix incorrect page free bug arm64: dts: lx2160a: fix scl-gpios property name tee: handle lookup of shm with reference count 0 ARM: dts: imx6qdl-wandboard: Fix Ethernet support bus: sunxi-rsb: Fix shutdown arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode
2021-12-16optee: Suppress false positive kmemleak report in optee_handle_rpc()Xiaolei Wang
We observed the following kmemleak report: unreferenced object 0xffff000007904500 (size 128): comm "swapper/0", pid 1, jiffies 4294892671 (age 44.036s) hex dump (first 32 bytes): 00 47 90 07 00 00 ff ff 60 00 c0 ff 00 00 00 00 .G......`....... 60 00 80 13 00 80 ff ff a0 00 00 00 00 00 00 00 `............... backtrace: [<000000004c12b1c7>] kmem_cache_alloc+0x1ac/0x2f4 [<000000005d23eb4f>] tee_shm_alloc+0x78/0x230 [<00000000794dd22c>] optee_handle_rpc+0x60/0x6f0 [<00000000d9f7c52d>] optee_do_call_with_arg+0x17c/0x1dc [<00000000c35884da>] optee_open_session+0x128/0x1ec [<000000001748f2ff>] tee_client_open_session+0x28/0x40 [<00000000aecb5389>] optee_enumerate_devices+0x84/0x2a0 [<000000003df18bf1>] optee_probe+0x674/0x6cc [<000000003a4a534a>] platform_drv_probe+0x54/0xb0 [<000000000c51ce7d>] really_probe+0xe4/0x4d0 [<000000002f04c865>] driver_probe_device+0x58/0xc0 [<00000000b485397d>] device_driver_attach+0xc0/0xd0 [<00000000c835f0df>] __driver_attach+0x84/0x124 [<000000008e5a429c>] bus_for_each_dev+0x70/0xc0 [<000000001735e8a8>] driver_attach+0x24/0x30 [<000000006d94b04f>] bus_add_driver+0x104/0x1ec This is not a memory leak because we pass the share memory pointer to secure world and would get it from secure world before releasing it. Signed-off-by: Xiaolei Wang <xiaolei.wang@windriver.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-12-16tee: optee: Fix incorrect page free bugSumit Garg
Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. Fix this by stop modifying the page pointer. Fixes: ec185dd3ab25 ("optee: Fix memory leak when failing to register shm pages") Cc: stable@vger.kernel.org Reported-by: Patrik Lantz <patrik.lantz@axis.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-12-16tee: handle lookup of shm with reference count 0Jens Wiklander
Since the tee subsystem does not keep a strong reference to its idle shared memory buffers, it races with other threads that try to destroy a shared memory through a close of its dma-buf fd or by unmapping the memory. In tee_shm_get_from_id() when a lookup in teedev->idr has been successful, it is possible that the tee_shm is in the dma-buf teardown path, but that path is blocked by the teedev mutex. Since we don't have an API to tell if the tee_shm is in the dma-buf teardown path or not we must find another way of detecting this condition. Fix this by doing the reference counting directly on the tee_shm using a new refcount_t refcount field. dma-buf is replaced by using anon_inode_getfd() instead, this separates the life-cycle of the underlying file from the tee_shm. tee_shm_put() is updated to hold the mutex when decreasing the refcount to 0 and then remove the tee_shm from teedev->idr before releasing the mutex. This means that the tee_shm can never be found unless it has a refcount larger than 0. Fixes: 967c9cca2cc5 ("tee: generic TEE subsystem") Cc: stable@vger.kernel.org Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Reviewed-by: Lars Persson <larper@axis.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Reported-by: Patrik Lantz <patrik.lantz@axis.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-29optee: Fix NULL but dereferenced coccicheck errorYang Li
Eliminate the following coccicheck warning: ./drivers/tee/optee/smc_abi.c:1508:12-15: ERROR: optee is NULL but dereferenced. Reported-by: Abaci Robot <abaci@linux.alibaba.com> Fixes: 6749e69c4dad ("optee: add asynchronous notifications") Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-29tee: amdtee: fix an IS_ERR() vs NULL bugDan Carpenter
The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference. Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17optee: add asynchronous notificationsJens Wiklander
Adds support for asynchronous notifications from secure world to normal world. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing. The protocol is defined in optee_msg.h optee_rpc_cmd.h and optee_smc.h. A notification consists of a 32-bit value which normal world can retrieve using a fastcall into secure world. The value OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF (0) has a special meaning. When this value is sent it means that normal world is supposed to make a yielding call OPTEE_MSG_CMD_DO_BOTTOM_HALF. Notification capability is negotiated while the driver is initialized. If both sides supports these notifications then they are enabled. An interrupt is used to notify the driver that there are asynchronous notifications pending. The maximum needed notification value is communicated at this stage. This allows scaling up when needed. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17optee: separate notification functionsJens Wiklander
Renames struct optee_wait_queue to struct optee_notif and all related functions to optee_notif_*(). The implementation is changed to allow sending a notification from an atomic state, that is from the top half of an interrupt handler. Waiting for keys is currently only used when secure world is waiting for a mutex or condition variable. The old implementation could handle any 32-bit key while this new implementation is restricted to only 8 bits or the maximum value 255. A upper value is needed since a bitmap is allocated to allow an interrupt handler to only set a bit in case the waiter hasn't had the time yet to allocate and register a completion. The keys are currently only representing secure world threads which number usually are never even close to 255 so it should be safe for now. In future ABI updates the maximum value of the key will be communicated while the driver is initializing. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17tee: export teedev_open() and teedev_close_context()Jens Wiklander
Exports the two functions teedev_open() and teedev_close_context() in order to make it easier to create a driver internal struct tee_context. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17tee: fix put order in teedev_close_context()Jens Wiklander
Prior to this patch was teedev_close_context() calling tee_device_put() before teedev_ctx_put() leading to teedev_ctx_release() accessing ctx->teedev just after the reference counter was decreased on the teedev. Fix this by calling teedev_ctx_put() before tee_device_put(). Fixes: 217e0250cccb ("tee: use reference counting for tee_context") Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-16optee: fix kfree NULL pointerLv Ruyi
This patch fixes the following Coccinelle error: drivers/tee/optee/ffa_abi.c: 877: ERROR optee is NULL but dereferenced. If memory allocation fails, optee is null pointer. the code will goto err and release optee. Fixes: 4615e5a34b95 ("optee: add FF-A support") Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: Lv Ruyi <lv.ruyi@zte.com.cn> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> [jw: removed the redundant braces] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-04Merge tag 'char-misc-5.16-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull char/misc driver updates from Greg KH: "Here is the big set of char and misc and other tiny driver subsystem updates for 5.16-rc1. Loads of things in here, all of which have been in linux-next for a while with no reported problems (except for one called out below.) Included are: - habanana labs driver updates, including dma_buf usage, reviewed and acked by the dma_buf maintainers - iio driver update (going through this tree not staging as they really do not belong going through that tree anymore) - counter driver updates - hwmon driver updates that the counter drivers needed, acked by the hwmon maintainer - xillybus driver updates - binder driver updates - extcon driver updates - dma_buf module namespaces added (will cause a build error in arm64 for allmodconfig, but that change is on its way through the drm tree) - lkdtm driver updates - pvpanic driver updates - phy driver updates - virt acrn and nitr_enclaves driver updates - smaller char and misc driver updates" * tag 'char-misc-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (386 commits) comedi: dt9812: fix DMA buffers on stack comedi: ni_usb6501: fix NULL-deref in command paths arm64: errata: Enable TRBE workaround for write to out-of-range address arm64: errata: Enable workaround for TRBE overwrite in FILL mode coresight: trbe: Work around write to out of range coresight: trbe: Make sure we have enough space coresight: trbe: Add a helper to determine the minimum buffer size coresight: trbe: Workaround TRBE errata overwrite in FILL mode coresight: trbe: Add infrastructure for Errata handling coresight: trbe: Allow driver to choose a different alignment coresight: trbe: Decouple buffer base from the hardware base coresight: trbe: Add a helper to pad a given buffer area coresight: trbe: Add a helper to calculate the trace generated coresight: trbe: Defer the probe on offline CPUs coresight: trbe: Fix incorrect access of the sink specific data coresight: etm4x: Add ETM PID for Kryo-5XX coresight: trbe: Prohibit trace before disabling TRBE coresight: trbe: End the AUX handle on truncation coresight: trbe: Do not truncate buffer on IRQ coresight: trbe: Fix handling of spurious interrupts ...
2021-11-02Merge tag 'optee-ffa-fix-for-v5.16' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers Fix spell errors in OP-TEE FF-A driver log messages * tag 'optee-ffa-fix-for-v5.16' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: Fix spelling mistake "reclain" -> "reclaim" Link: https://lore.kernel.org/r/20211028185142.GA2489375@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-10-28optee: Fix spelling mistake "reclain" -> "reclaim"Colin Ian King
There are spelling mistakes in pr_err error messages. Fix them. Fixes: 4615e5a34b95 ("optee: add FF-A support") Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> [jw: added a fixes] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-25dma-buf: move dma-buf symbols into the DMA_BUF module namespaceGreg Kroah-Hartman
In order to better track where in the kernel the dma-buf code is used, put the symbols in the namespace DMA_BUF and modify all users of the symbols to properly import the namespace to not break the build at the same time. Now the output of modinfo shows the use of these symbols, making it easier to watch for users over time: $ modinfo drivers/misc/fastrpc.ko | grep import import_ns: DMA_BUF Cc: "Pan, Xinhui" <Xinhui.Pan@amd.com> Cc: David Airlie <airlied@linux.ie> Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com> Cc: Maxime Ripard <mripard@kernel.org> Cc: Thomas Zimmermann <tzimmermann@suse.de> Cc: Mauro Carvalho Chehab <mchehab@kernel.org> Cc: dri-devel@lists.freedesktop.org Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch> Acked-by: Christian König <christian.koenig@amd.com> Acked-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Sumit Semwal <sumit.semwal@linaro.org> Acked-by: Alex Deucher <alexander.deucher@amd.com> Link: https://lore.kernel.org/r/20211010124628.17691-1-gregkh@linuxfoundation.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-10-21optee: smc_abi.c: add missing #include <linux/mm.h>Jens Wiklander
Adds missing #include <linux/mm.h> drivers/tee/optee/smc_abi.c to fix compile errors like: drivers/tee/optee/smc_abi.c:405:15: error: implicit declaration of function 'page_to_section' [-Werror,-Wimplicit-function-declaration] optee_page = page_to_phys(*pages) + ^ arch/arm/include/asm/memory.h:148:43: note: expanded from macro 'page_to_phys' ^ include/asm-generic/memory_model.h:52:21: note: expanded from macro 'page_to_pfn' ^ include/asm-generic/memory_model.h:35:14: note: expanded from macro '__page_to_pfn' int __sec = page_to_section(__pg); \ ^ drivers/tee/optee/smc_abi.c:405:15: note: did you mean '__nr_to_section'? arch/arm/include/asm/memory.h:148:43: note: expanded from macro 'page_to_phys' ^ include/asm-generic/memory_model.h:52:21: note: expanded from macro 'page_to_pfn' ^ include/asm-generic/memory_model.h:35:14: note: expanded from macro '__page_to_pfn' int __sec = page_to_section(__pg); \ ^ include/linux/mmzone.h:1365:35: note: '__nr_to_section' declared here static inline struct mem_section *__nr_to_section(unsigned long nr) Fixes: c51a564a5b48 ("optee: isolate smc abi") Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Link: https://lore.kernel.org/r/20211021125539.3858495-1-jens.wiklander@linaro.org' Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-10-18optee: add FF-A supportJens Wiklander
Adds support for using FF-A [1] as transport to the OP-TEE driver. Introduces struct optee_msg_param_fmem which carries all information needed when OP-TEE is calling FFA_MEM_RETRIEVE_REQ to get the shared memory reference mapped by the hypervisor in S-EL2. Register usage is also updated to include the information needed. The FF-A part of this driver is enabled if CONFIG_ARM_FFA_TRANSPORT is enabled. [1] https://developer.arm.com/documentation/den0077/latest Acked-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-18optee: isolate smc abiJens Wiklander
Isolate the ABI based on raw SMCs. Code specific to the raw SMC ABI is moved into smc_abi.c. This makes room for other ABIs with a clear separation. The driver changes to use module_init()/module_exit() instead of module_platform_driver(). The platform_driver_register() and platform_driver_unregister() functions called directly to keep the same behavior. This is needed because module_platform_driver() is based on module_driver() which can only be used once in a module. A function optee_rpc_cmd() is factored out from the function handle_rpc_func_cmd() to handle the ABI independent part of RPC processing. This patch is not supposed to change the driver behavior, it's only a matter of reorganizing the code. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-15optee: refactor driver with internal callbacksJens Wiklander
The OP-TEE driver is refactored with three internal callbacks replacing direct calls to optee_from_msg_param(), optee_to_msg_param() and optee_do_call_with_arg(). These functions a central to communicating with OP-TEE in secure world by using the SMC Calling Convention directly. This refactoring makes room for using other primitives to communicate with OP-TEE in secure world while being able to reuse as much as possible from the present driver. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-15optee: simplify optee_release()Jens Wiklander
Simplifies optee_release() with a new helper function, optee_close_session_helper() which has been factored out from optee_close_session(). A separate optee_release_supp() is added for the supplicant device. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-12tee: optee: Fix missing devices unregister during optee_removeSumit Garg
When OP-TEE driver is built as a module, OP-TEE client devices registered on TEE bus during probe should be unregistered during optee_remove. So implement optee_unregister_devices() accordingly. Fixes: c3fa24af9244 ("tee: optee: add TEE bus device enumeration support") Reported-by: Sudeep Holla <sudeep.holla@arm.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-09-14tee/optee/shm_pool: fix application of sizeof to pointerjing yangyang
sizeof when applied to a pointer typed expression gives the size of the pointer. ./drivers/tee/optee/shm_pool.c:38:28-34: ERROR application of sizeof to pointer This issue was detected with the help of Coccinelle. Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org> Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: jing yangyang <jing.yangyang@zte.com.cn> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flagSumit Garg
Currently TEE_SHM_DMA_BUF flag has been inappropriately used to not register shared memory allocated for private usage by underlying TEE driver: OP-TEE in this case. So rather add a new flag as TEE_SHM_PRIV that can be utilized by underlying TEE drivers for private allocation and usage of shared memory. With this corrected, allow tee_shm_alloc_kernel_buf() to allocate a shared memory region without the backing of dma-buf. Cc: stable@vger.kernel.org Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Co-developed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21tee: add tee_shm_alloc_kernel_buf()Jens Wiklander
Adds a new function tee_shm_alloc_kernel_buf() to allocate shared memory from a kernel driver. This function can later be made more lightweight by unnecessary dma-buf export. Cc: stable@vger.kernel.org Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Clear stale cache entries during initializationTyler Hicks
The shm cache could contain invalid addresses if optee_disable_shm_cache() was not called from the .shutdown hook of the previous kernel before a kexec. These addresses could be unmapped or they could point to mapped but unintended locations in memory. Clear the shared memory cache, while being careful to not translate the addresses returned from OPTEE_SMC_DISABLE_SHM_CACHE, during driver initialization. Once all pre-cache shm objects are removed, proceed with enabling the cache so that we know that we can handle cached shm objects with confidence later in the .shutdown hook. Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: fix tee out of memory failure seen during kexec rebootAllen Pais
The following out of memory errors are seen on kexec reboot from the optee core. [ 0.368428] tee_bnxt_fw optee-clnt0: tee_shm_alloc failed [ 0.368461] tee_bnxt_fw: probe of optee-clnt0 failed with error -22 tee_shm_release() is not invoked on dma shm buffer. Implement .shutdown() method to handle the release of the buffers correctly. More info: https://github.com/OP-TEE/optee_os/issues/3637 Cc: stable@vger.kernel.org Signed-off-by: Allen Pais <apais@linux.microsoft.com> Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Refuse to load the driver under the kdump kernelTyler Hicks
Fix a hung task issue, seen when booting the kdump kernel, that is caused by all of the secure world threads being in a permanent suspended state: INFO: task swapper/0:1 blocked for more than 120 seconds. Not tainted 5.4.83 #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. swapper/0 D 0 1 0 0x00000028 Call trace: __switch_to+0xc8/0x118 __schedule+0x2e0/0x700 schedule+0x38/0xb8 schedule_timeout+0x258/0x388 wait_for_completion+0x16c/0x4b8 optee_cq_wait_for_completion+0x28/0xa8 optee_disable_shm_cache+0xb8/0xf8 optee_probe+0x560/0x61c platform_drv_probe+0x58/0xa8 really_probe+0xe0/0x338 driver_probe_device+0x5c/0xf0 device_driver_attach+0x74/0x80 __driver_attach+0x64/0xe0 bus_for_each_dev+0x84/0xd8 driver_attach+0x30/0x40 bus_add_driver+0x188/0x1e8 driver_register+0x64/0x110 __platform_driver_register+0x54/0x60 optee_driver_init+0x20/0x28 do_one_initcall+0x54/0x24c kernel_init_freeable+0x1e8/0x2c0 kernel_init+0x18/0x118 ret_from_fork+0x10/0x18 The invoke_fn hook returned OPTEE_SMC_RETURN_ETHREAD_LIMIT, indicating that the secure world threads were all in a suspended state at the time of the kernel crash. This intermittently prevented the kdump kernel from booting, resulting in a failure to collect the kernel dump. Make kernel dump collection more reliable on systems utilizing OP-TEE by refusing to load the driver under the kdump kernel. Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Fix memory leak when failing to register shm pagesTyler Hicks
Free the previously allocated pages when we encounter an error condition while attempting to register the pages with the secure world. Fixes: a249dd200d03 ("tee: optee: Fix dynamic shm pool allocations") Fixes: 5a769f6ff439 ("optee: Fix multi page dynamic shm pool alloc") Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-06-28Merge tag 'fallthrough-fixes-clang-5.14-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux Pull fallthrough fixes from Gustavo Silva: "Fix many fall-through warnings when building with Clang 12.0.0 and '-Wimplicit-fallthrough' so that we at some point will be able to enable that warning by default" * tag 'fallthrough-fixes-clang-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux: (26 commits) rxrpc: Fix fall-through warnings for Clang drm/nouveau/clk: Fix fall-through warnings for Clang drm/nouveau/therm: Fix fall-through warnings for Clang drm/nouveau: Fix fall-through warnings for Clang xfs: Fix fall-through warnings for Clang xfrm: Fix fall-through warnings for Clang tipc: Fix fall-through warnings for Clang sctp: Fix fall-through warnings for Clang rds: Fix fall-through warnings for Clang net/packet: Fix fall-through warnings for Clang net: netrom: Fix fall-through warnings for Clang ide: Fix fall-through warnings for Clang hwmon: (max6621) Fix fall-through warnings for Clang hwmon: (corsair-cpro) Fix fall-through warnings for Clang firewire: core: Fix fall-through warnings for Clang braille_console: Fix fall-through warnings for Clang ipv4: Fix fall-through warnings for Clang qlcnic: Fix fall-through warnings for Clang bnxt_en: Fix fall-through warnings for Clang netxen_nic: Fix fall-through warnings for Clang ...
2021-06-05Merge tag 'optee-fix-for-v5.13' of ↵Olof Johansson
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes OP-TEE use export_uuid() to copy UUID * tag 'optee-fix-for-v5.13' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: use export_uuid() to copy client UUID Link: https://lore.kernel.org/r/20210518100712.GA449561@jade Signed-off-by: Olof Johansson <olof@lixom.net>
2021-05-18optee: use export_uuid() to copy client UUIDJens Wiklander
Prior to this patch optee_open_session() was making assumptions about the internal format of uuid_t by casting a memory location in a parameter struct to uuid_t *. Fix this using export_uuid() to get a well defined binary representation and also add an octets field in struct optee_msg_param in order to avoid casting. Fixes: c5b4312bea5d ("tee: optee: Add support for session login client UUID generation") Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-05-17tee: Fix fall-through warnings for ClangGustavo A. R. Silva
In preparation to enable -Wimplicit-fallthrough for Clang, fix a warning by explicitly adding a break statement instead of letting the code fall through to the next case. Link: https://github.com/KSPP/linux/issues/115 Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
2021-05-17Merge tag 'amdtee-fixes-for-v5.13' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes AMD-TEE reference count loaded TAs * tag 'amdtee-fixes-for-v5.13' of git://git.linaro.org/people/jens.wiklander/linux-tee: tee: amdtee: unload TA only when its refcount becomes 0 Link: https://lore.kernel.org/r/20210505110850.GA3434209@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-05-05tee: amdtee: unload TA only when its refcount becomes 0Rijo Thomas
Same Trusted Application (TA) can be loaded in multiple TEE contexts. If it is a single instance TA, the TA should not get unloaded from AMD Secure Processor, while it is still in use in another TEE context. Therefore reference count TA and unload it when the count becomes zero. Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver") Reviewed-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com> Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Acked-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-04-26Merge tag 'arm-drivers-5.13' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM SoC driver updates from Arnd Bergmann: "Updates for SoC specific drivers include a few subsystems that have their own maintainers but send them through the soc tree: TEE/OP-TEE: - Add tracepoints around calls to secure world Memory controller drivers: - Minor fixes for Renesas, Exynos, Mediatek and Tegra platforms - Add debug statistics to Tegra20 memory controller - Update Tegra bindings and convert to dtschema ARM SCMI Firmware: - Support for modular SCMI protocols and vendor specific extensions - New SCMI IIO driver - Per-cpu DVFS The other driver changes are all from the platform maintainers directly and reflect the drivers that don't fit into any other subsystem as well as treewide changes for a particular platform. SoCFPGA: - Various cleanups contributed by Krzysztof Kozlowski Mediatek: - add MT8183 support to mutex driver - MMSYS: use per SoC array to describe the possible routing - add MMSYS support for MT8183 and MT8167 - add support for PMIC wrapper with integrated arbiter - add support for MT8192/MT6873 Tegra: - Bug fixes to PMC and clock drivers NXP/i.MX: - Update SCU power domain driver to keep console domain power on. - Add missing ADC1 power domain to SCU power domain driver. - Update comments for single global power domain in SCU power domain driver. - Add i.MX51/i.MX53 unique id support to i.MX SoC driver. NXP/FSL SoC driver updates for v5.13 - Add ACPI support for RCPM driver - Use generic io{read,write} for QE drivers after performance optimized for PowerPC - Fix QBMAN probe to cleanup HW states correctly for kexec - Various cleanup and style fix for QBMAN/QE/GUTS drivers OMAP: - Preparation to use devicetree for genpd - ti-sysc needs iorange check improved when the interconnect target module has no control registers listed - ti-sysc needs to probe l4_wkup and l4_cfg interconnects first to avoid issues with missing resources and unnecessary deferred probe - ti-sysc debug option can now detect more devices - ti-sysc now warns if an old incomplete devicetree data is found as we now rely on it being complete for am3 and 4 - soc init code needs to check for prcm and prm nodes for omap4/5 and dra7 - omap-prm driver needs to enable autoidle retention support for omap4 - omap5 clocks are missing gpmc and ocmc clock registers - pci-dra7xx now needs to use builtin_platform_driver instead of using builtin_platform_driver_probe for deferred probe to work Raspberry Pi: - Fix-up all RPi firmware drivers so as for unbind to happen in an orderly fashion - Support for RPi's PoE hat PWM bus Qualcomm - Improved detection for SCM calling conventions - Support for OEM specific wifi firmware path - Added drivers for SC7280/SM8350: RPMH, LLCC< AOSS QMP" * tag 'arm-drivers-5.13' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (165 commits) soc: aspeed: fix a ternary sign expansion bug memory: mtk-smi: Add device-link between smi-larb and smi-common memory: samsung: exynos5422-dmc: handle clk_set_parent() failure memory: renesas-rpc-if: fix possible NULL pointer dereference of resource clk: socfpga: fix iomem pointer cast on 64-bit soc: aspeed: Adapt to new LPC device tree layout pinctrl: aspeed-g5: Adapt to new LPC device tree layout ipmi: kcs: aspeed: Adapt to new LPC DTS layout ARM: dts: Remove LPC BMC and Host partitions dt-bindings: aspeed-lpc: Remove LPC partitioning soc: fsl: enable acpi support in RCPM driver soc: qcom: mdt_loader: Detect truncated read of segments soc: qcom: mdt_loader: Validate that p_filesz < p_memsz soc: qcom: pdr: Fix error return code in pdr_register_listener firmware: qcom_scm: Fix kernel-doc function names to match firmware: qcom_scm: Suppress sysfs bind attributes firmware: qcom_scm: Workaround lack of "is available" call on SC7180 firmware: qcom_scm: Reduce locking section for __get_convention() firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool Revert "soc: fsl: qe: introduce qe_io{read,write}* wrappers" ...
2021-04-01Merge tag 'optee-memref-size-for-v5.13' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers OP-TEE skip check of returned memref size * tag 'optee-memref-size-for-v5.13' of git://git.linaro.org/people/jens.wiklander/linux-tee: tee: optee: do not check memref size on return from Secure World Link: https://lore.kernel.org/r/20210330110037.GA1166563@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-03-30tee: optee: do not check memref size on return from Secure WorldJerome Forissier
When Secure World returns, it may have changed the size attribute of the memory references passed as [in/out] parameters. The GlobalPlatform TEE Internal Core API specification does not restrict the values that this size can take. In particular, Secure World may increase the value to be larger than the size of the input buffer to indicate that it needs more. Therefore, the size check in optee_from_msg_param() is incorrect and needs to be removed. This fixes a number of failed test cases in the GlobalPlatform TEE Initial Configuratiom Test Suite v2_0_0_0-2017_06_09 when OP-TEE is compiled without dynamic shared memory support (CFG_CORE_DYN_SHM=n). Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Suggested-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-03-30tee: optee: fix build error caused by recent optee tracepoints featureJisheng Zhang
If build kernel without "O=dir", below error will be seen: In file included from drivers/tee/optee/optee_trace.h:67, from drivers/tee/optee/call.c:18: ./include/trace/define_trace.h:95:42: fatal error: ./optee_trace.h: No such file or directory 95 | #include TRACE_INCLUDE(TRACE_INCLUDE_FILE) | ^ compilation terminated. Fix it by adding below line to Makefile: CFLAGS_call.o := -I$(src) Tested with and without "O=dir", both can build successfully. Fixes: 0101947dbcc3 ("tee: optee: add invoke_fn tracepoints") Tested-by: Heiko Thiery <heiko.thiery@gmail.com> Tested-by: Guenter Roeck <linux@roeck-us.net> Reported-by: Guenter Roeck <linux@roeck-us.net> Suggested-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: Jisheng Zhang <Jisheng.Zhang@synaptics.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-03-17module: remove never implemented MODULE_SUPPORTED_DEVICELeon Romanovsky
MODULE_SUPPORTED_DEVICE was added in pre-git era and never was implemented. We can safely remove it, because the kernel has grown to have many more reliable mechanisms to determine if device is supported or not. Signed-off-by: Leon Romanovsky <leonro@nvidia.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2021-03-15tee: optee: add invoke_fn tracepointsJisheng Zhang
Add tracepoints to retrieve information about the invoke_fn. This would help to measure how many invoke_fn are triggered and how long it takes to complete one invoke_fn call. Signed-off-by: Jisheng Zhang <Jisheng.Zhang@synaptics.com> Reviewed-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-02-09Merge tag 'optee-simplify-i2c-access_for-v5.12' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers Simplify i2c acess in OP-TEE driver * tag 'optee-simplify-i2c-access_for-v5.12' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: simplify i2c access Link: https://lore.kernel.org/soc/20210208125853.GA288348%40jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-02-08optee: simplify i2c accessArnd Bergmann
Storing a bogus i2c_client structure on the stack adds overhead and causes a compile-time warning: drivers/tee/optee/rpc.c:493:6: error: stack frame size of 1056 bytes in function 'optee_handle_rpc' [-Werror,-Wframe-larger-than=] void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param, Change the implementation of handle_rpc_func_cmd_i2c_transfer() to open-code the i2c_transfer() call, which makes it easier to read and avoids the warning. Fixes: c05210ab9757 ("drivers: optee: allow op-tee to access devices on the i2c bus") Tested-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-02-03Merge tag 'optee-fix-cond-resched-call-for-v5.12' of ↵Arnd Bergmann
git://git.linaro.org:/people/jens.wiklander/linux-tee into arm/drivers Remove unnecessary need_resched() before cond_resched() * tag 'optee-fix-cond-resched-call-for-v5.12' of git://git.linaro.org:/people/jens.wiklander/linux-tee: tee: optee: remove need_resched() before cond_resched() tee: optee: replace might_sleep with cond_resched Link: https://lore.kernel.org/r/20210203120953.GB3624453@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-02-03tee: optee: remove need_resched() before cond_resched()Jens Wiklander
Testing need_resched() before cond_resched() is not needed as an equivalent test is done internally in cond_resched(). So drop the need_resched() test. Fixes: dcb3b06d9c34 ("tee: optee: replace might_sleep with cond_resched") Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Tested-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>