Skip to content

Commit 31efef6

Browse files
b49020jenswi-linaro
b49020
authored and
jenswi-linaro
committed
KEYS: trusted: tee: Refactor register SHM usage
The OP-TEE driver using the old SMC based ABI permits overlapping shared buffers, but with the new FF-A based ABI each physical page may only be registered once. As the key and blob buffer are allocated adjancently, there is no need for redundant register shared memory invocation. Also, it is incompatibile with FF-A based ABI limitation. So refactor register shared memory implementation to use only single invocation to register both key and blob buffers. Fixes: 4615e5a ("optee: add FF-A support") Reported-by: Jens Wiklander <[email protected]> Signed-off-by: Sumit Garg <[email protected]> Tested-by: Jens Wiklander <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
1 parent aed8040 commit 31efef6

File tree

1 file changed

+20
-44
lines changed

1 file changed

+20
-44
lines changed

security/keys/trusted-keys/trusted_tee.c

Lines changed: 20 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -65,38 +65,30 @@ static int trusted_tee_seal(struct trusted_key_payload *p, char *datablob)
6565
int ret;
6666
struct tee_ioctl_invoke_arg inv_arg;
6767
struct tee_param param[4];
68-
struct tee_shm *reg_shm_in = NULL, *reg_shm_out = NULL;
68+
struct tee_shm *reg_shm = NULL;
6969

7070
memset(&inv_arg, 0, sizeof(inv_arg));
7171
memset(&param, 0, sizeof(param));
7272

73-
reg_shm_in = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
74-
p->key_len);
75-
if (IS_ERR(reg_shm_in)) {
76-
dev_err(pvt_data.dev, "key shm register failed\n");
77-
return PTR_ERR(reg_shm_in);
78-
}
79-
80-
reg_shm_out = tee_shm_register_kernel_buf(pvt_data.ctx, p->blob,
81-
sizeof(p->blob));
82-
if (IS_ERR(reg_shm_out)) {
83-
dev_err(pvt_data.dev, "blob shm register failed\n");
84-
ret = PTR_ERR(reg_shm_out);
85-
goto out;
73+
reg_shm = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
74+
sizeof(p->key) + sizeof(p->blob));
75+
if (IS_ERR(reg_shm)) {
76+
dev_err(pvt_data.dev, "shm register failed\n");
77+
return PTR_ERR(reg_shm);
8678
}
8779

8880
inv_arg.func = TA_CMD_SEAL;
8981
inv_arg.session = pvt_data.session_id;
9082
inv_arg.num_params = 4;
9183

9284
param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT;
93-
param[0].u.memref.shm = reg_shm_in;
85+
param[0].u.memref.shm = reg_shm;
9486
param[0].u.memref.size = p->key_len;
9587
param[0].u.memref.shm_offs = 0;
9688
param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT;
97-
param[1].u.memref.shm = reg_shm_out;
89+
param[1].u.memref.shm = reg_shm;
9890
param[1].u.memref.size = sizeof(p->blob);
99-
param[1].u.memref.shm_offs = 0;
91+
param[1].u.memref.shm_offs = sizeof(p->key);
10092

10193
ret = tee_client_invoke_func(pvt_data.ctx, &inv_arg, param);
10294
if ((ret < 0) || (inv_arg.ret != 0)) {
@@ -107,11 +99,7 @@ static int trusted_tee_seal(struct trusted_key_payload *p, char *datablob)
10799
p->blob_len = param[1].u.memref.size;
108100
}
109101

110-
out:
111-
if (reg_shm_out)
112-
tee_shm_free(reg_shm_out);
113-
if (reg_shm_in)
114-
tee_shm_free(reg_shm_in);
102+
tee_shm_free(reg_shm);
115103

116104
return ret;
117105
}
@@ -124,36 +112,28 @@ static int trusted_tee_unseal(struct trusted_key_payload *p, char *datablob)
124112
int ret;
125113
struct tee_ioctl_invoke_arg inv_arg;
126114
struct tee_param param[4];
127-
struct tee_shm *reg_shm_in = NULL, *reg_shm_out = NULL;
115+
struct tee_shm *reg_shm = NULL;
128116

129117
memset(&inv_arg, 0, sizeof(inv_arg));
130118
memset(&param, 0, sizeof(param));
131119

132-
reg_shm_in = tee_shm_register_kernel_buf(pvt_data.ctx, p->blob,
133-
p->blob_len);
134-
if (IS_ERR(reg_shm_in)) {
135-
dev_err(pvt_data.dev, "blob shm register failed\n");
136-
return PTR_ERR(reg_shm_in);
137-
}
138-
139-
reg_shm_out = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
140-
sizeof(p->key));
141-
if (IS_ERR(reg_shm_out)) {
142-
dev_err(pvt_data.dev, "key shm register failed\n");
143-
ret = PTR_ERR(reg_shm_out);
144-
goto out;
120+
reg_shm = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
121+
sizeof(p->key) + sizeof(p->blob));
122+
if (IS_ERR(reg_shm)) {
123+
dev_err(pvt_data.dev, "shm register failed\n");
124+
return PTR_ERR(reg_shm);
145125
}
146126

147127
inv_arg.func = TA_CMD_UNSEAL;
148128
inv_arg.session = pvt_data.session_id;
149129
inv_arg.num_params = 4;
150130

151131
param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT;
152-
param[0].u.memref.shm = reg_shm_in;
132+
param[0].u.memref.shm = reg_shm;
153133
param[0].u.memref.size = p->blob_len;
154-
param[0].u.memref.shm_offs = 0;
134+
param[0].u.memref.shm_offs = sizeof(p->key);
155135
param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT;
156-
param[1].u.memref.shm = reg_shm_out;
136+
param[1].u.memref.shm = reg_shm;
157137
param[1].u.memref.size = sizeof(p->key);
158138
param[1].u.memref.shm_offs = 0;
159139

@@ -166,11 +146,7 @@ static int trusted_tee_unseal(struct trusted_key_payload *p, char *datablob)
166146
p->key_len = param[1].u.memref.size;
167147
}
168148

169-
out:
170-
if (reg_shm_out)
171-
tee_shm_free(reg_shm_out);
172-
if (reg_shm_in)
173-
tee_shm_free(reg_shm_in);
149+
tee_shm_free(reg_shm);
174150

175151
return ret;
176152
}

0 commit comments

Comments
 (0)