- OP-TEE - lists.trustedfirmware.org

[PATCH] tee: amdtee: fix an IS_ERR() vs NULL bug

by Dan Carpenter

The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference. Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> --- drivers/tee/amdtee/core.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c index da6b88e80dc0..297dc62bca29 100644 --- a/drivers/tee/amdtee/core.c +++ b/drivers/tee/amdtee/core.c @@ -203,9 +203,8 @@ static int copy_ta_binary(struct tee_context *ctx, void *ptr, void **ta, *ta_size = roundup(fw->size, PAGE_SIZE); *ta = (void *)__get_free_pages(GFP_KERNEL, get_order(*ta_size)); - if (IS_ERR(*ta)) { - pr_err("%s: get_free_pages failed 0x%llx\n", __func__, - (u64)*ta); + if (!*ta) { + pr_err("%s: get_free_pages failed\n", __func__); rc = -ENOMEM; goto rel_fw; } -- 2.20.1

4 years

3
2
0 0

[PATCH -next v2] optee: Fix NULL but dereferenced coccicheck error

by Yang Li

Eliminate the following coccicheck warning: ./drivers/tee/optee/smc_abi.c:1508:12-15: ERROR: optee is NULL but dereferenced. Reported-by: Abaci Robot <abaci(a)linux.alibaba.com> Fixes: 'commit 6749e69c4dad ("optee: add asynchronous notifications")' Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com> --- change in v2: --According to Jens's suggestion fixed as: if (memremaped_shm) memunmap(memremaped_shm); drivers/tee/optee/smc_abi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 92759d7..d7c8235 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -1505,8 +1505,8 @@ static int optee_probe(struct platform_device *pdev) kfree(optee); err_free_pool: tee_shm_pool_free(pool); - if (optee->smc.memremaped_shm) - memunmap(optee->smc.memremaped_shm); + if (memremaped_shm) + memunmap(memremaped_shm); return rc; } -- 1.8.3.1

4 years

2
1
0 0

Re: [PATCH] tee: amdtee: fix an IS_ERR() vs NULL bug

by Dan Carpenter

On Mon, Nov 29, 2021 at 04:31:51PM +0800, 994605959 wrote: > maybe try this? > - if (IS_ERR(*ta)) { > - pr_err("%s: get_free_pages failed 0x%llx\n", __func__, > - (u64)*ta); > + if (IS_ERR(ta)) { > + pr_err("%s: get_free_pages failed %p\n", __func__, ta); No, what you are suggesting is totally wrong. You are checking the wrong variable for the wrong thing. regards, dan carpenter

4 years

1
0
0 0

Linaro OP-TEE Contributions (LOC) monthly meeting November 2021

by Ruchika Gupta

Hi, OP-TEE Contributions (LOC) monthly meeting is planned for Thursday Nov 25 @17.00 (UTC+2). Following topic is on the agenda: - Walkthrough of proposal on sharing of hardware resources between multiple secure entities - Jens Wiklander. If you have any other topics you'd like to discuss, please let us know and we can schedule them. Meeting details: --------------- Date/time: Nov 25(a)16.00 (UTC) https://everytimezone.com/s/a43c71b2 Connection details: https://www.trustedfirmware.org/meetings/ Meeting notes: http://bit.ly/loc-notes Regards, Ruchika on behalf of the Linaro OP-TEE team

4 years

1
2
0 0

[PATCH -next] optee: Fix NULL but dereferenced coccicheck error

by Yang Li

Eliminate the following coccicheck warning: ./drivers/tee/optee/smc_abi.c:1508:12-15: ERROR: optee is NULL but dereferenced. Reported-by: Abaci Robot <abaci(a)linux.alibaba.com> Fixes: 'commit 6749e69c4dad ("optee: add asynchronous notifications")' Signed-off-by: Yang Li <yang.lee(a)linux.alibaba.com> --- drivers/tee/optee/smc_abi.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 92759d7..1f471ff 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -1505,8 +1505,6 @@ static int optee_probe(struct platform_device *pdev) kfree(optee); err_free_pool: tee_shm_pool_free(pool); - if (optee->smc.memremaped_shm) - memunmap(optee->smc.memremaped_shm); return rc; } -- 1.8.3.1

4 years, 1 month

2
1
0 0

Embedded DT (CFG_EMBED_DT) with dynamic shared memory (CFG_CORE_DYN_SHM) in optee-os

by John Linn

It appears that dynamic shared memory does not work with an embedded DT, but I'm likely missing something. I have it working fine with an external DT. There is a bit of interaction in kernel/boot.c with the two configuration options and my testing is not seeing it work with 3.14 and master looks the same viewing it. get_external_fdt() is called which does not work with the embedded DT it appears to me. Any hints or advice? Thanks John #ifdef CFG_CORE_DYN_SHM static void discover_nsec_memory(void) { struct core_mmu_phys_mem *mem; const struct core_mmu_phys_mem *mem_begin = NULL; const struct core_mmu_phys_mem *mem_end = NULL; size_t nelems; void *fdt = get_external_dt(); if (fdt) { mem = get_nsec_memory(fdt, &nelems); if (mem) { core_mmu_set_discovered_nsec_ddr(mem, nelems); return; } DMSG("No non-secure memory found in FDT"); } mem_begin = phys_ddr_overall_begin; mem_end = phys_ddr_overall_end; nelems = mem_end - mem_begin; if (nelems) { /* * Platform cannot use both register_ddr() and the now * deprecated register_dynamic_shm(). */ assert(phys_ddr_overall_compat_begin == phys_ddr_overall_compat_end); } else { mem_begin = phys_ddr_overall_compat_begin; mem_end = phys_ddr_overall_compat_end; nelems = mem_end - mem_begin; if (!nelems) return; This email and any attachments are intended for the sole use of the named recipient(s) and contain(s) confidential information that may be proprietary, privileged or copyrighted under applicable law. If you are not the intended recipient, do not read, copy, or forward this email message or any attachments. Delete this email message and any attachments immediately.

4 years, 1 month

1
0
0 0

[GIT PULL] OP-TEE fix for v5.16

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small OP-TEE driver fix to avoid a possible NULL pointer dereference in the error handling path of a probe function. Thanks, Jens The following changes since commit fa55b7dcdc43c1aa1ba12bca9d2dd4318c2a0dbf: Linux 5.16-rc1 (2021-11-14 13:56:52 -0800) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix-for-v5.16 for you to fetch changes up to c23ca66a4dadb6f050dc57358bc8d57a747c35bf: optee: fix kfree NULL pointer (2021-11-16 14:41:23 +0100) ---------------------------------------------------------------- Fix possible NULL pointer dereference in OP-TEE driver ---------------------------------------------------------------- Lv Ruyi (1): optee: fix kfree NULL pointer drivers/tee/optee/ffa_abi.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-)

4 years, 1 month

1
0
0 0

[PATCH] optee: fix kfree NULL pointer

by cgel.zte＠gmail.com

From: Lv Ruyi <lv.ruyi(a)zte.com.cn> This patch fixes the following Coccinelle error: drivers/tee/optee/ffa_abi.c: 877: ERROR optee is NULL but dereferenced. If memory allocation fails, optee is null pointer. the code will goto err and release optee. Reported-by: Zeal Robot <zealci(a)zte.com.cn> Signed-off-by: Lv Ruyi <lv.ruyi(a)zte.com.cn> --- drivers/tee/optee/ffa_abi.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index 6defd1ec982a..8d9d189557f9 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -811,8 +811,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee = kzalloc(sizeof(*optee), GFP_KERNEL); if (!optee) { - rc = -ENOMEM; - goto err; + return -ENOMEM; } optee->pool = optee_ffa_config_dyn_shm(); if (IS_ERR(optee->pool)) { -- 2.25.1

4 years, 1 month

3
2
0 0

[PATCH v3 0/6] Asynchronous notifications from secure world

by Jens Wiklander

Hi all, This adds support for asynchronous notifications from OP-TEE in secure world to the OP-TEE driver. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing. An interrupt is used to notify the driver that there are asynchronous notifications pending. v2->v3: * Rebased on v5.14-rc2 which made the patch "dt-bindings: arm: Convert optee binding to json-schema" from the V2 patch set obsolete. * Applied Ard's Acked-by on "optee: add asynchronous notifications" v1->v2: * Added documentation * Converted optee bindings to json-schema and added interrupt property * Configure notification interrupt from DT instead of getting it from secure world, suggested by Ard Biesheuvel <ardb(a)kernel.org>. Thanks, Jens Jens Wiklander (6): docs: staging/tee.rst: add a section on OP-TEE notifications dt-bindings: arm: optee: add interrupt property tee: fix put order in teedev_close_context() tee: add tee_dev_open_helper() primitive optee: separate notification functions optee: add asynchronous notifications .../arm/firmware/linaro,optee-tz.yaml | 4 + Documentation/staging/tee.rst | 27 +++ drivers/tee/optee/Makefile | 1 + drivers/tee/optee/call.c | 27 +++ drivers/tee/optee/core.c | 87 +++++-- drivers/tee/optee/notif.c | 226 ++++++++++++++++++ drivers/tee/optee/optee_msg.h | 9 + drivers/tee/optee/optee_private.h | 23 +- drivers/tee/optee/optee_rpc_cmd.h | 31 +-- drivers/tee/optee/optee_smc.h | 75 +++++- drivers/tee/optee/rpc.c | 73 +----- drivers/tee/tee_core.c | 37 ++- include/linux/tee_drv.h | 27 +++ 13 files changed, 523 insertions(+), 124 deletions(-) create mode 100644 drivers/tee/optee/notif.c -- 2.31.1

4 years, 1 month

3
12
0 0

[PATCH v8 0/6] Asynchronous notifications from secure world

by Jens Wiklander

Hi all, This adds support for asynchronous notifications from OP-TEE in secure world to the OP-TEE driver. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing. An edge-triggered interrupt is used to notify the driver that there are asynchronous notifications pending. Only the SMC based ABI of the OP-TEE driver gains asynchronous notifications. Future support for asynchronous notifications in the FF-A based ABI will rely on APIs which are expected to be provided by the FF-A driver in a not too distant future. This patchset is also available at https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=async_not… v7->v8: * Fixed an error in "dt-bindings: arm: optee: add interrupt property" reported by Rob's bot. * "optee: add asynchronous notifications": - Fixed a few spell errors in comments - Added a missing optee_unregister_devices() in the cleanup path of optee_probe(). - Added Sumit's Reviewed-by v6->v7: * Rebased on 4615e5a34b95 ("optee: add FF-A support") in https://git.kernel.org/pub/scm/linux/kernel/git/soc/soc.git with 34f3c67b8178 ("optee: smc_abi.c: add missing #include <linux/mm.h>") cherry-picked on top. This allows to resolve the conflicts with pull request "[GIT PULL] OP-TEE FF-A for V5.16" * Factored out the interrupt handling added in "optee: add asynchronous notifications" to only go into smb_abi.c. A different approach is expected with FF-A once it has asynchronous notifications. * Addressed review comments from Sumit Garg: - Replaced 0 and 1 with the macros GIC_SPI and IRQ_TYPE_EDGE_RISING in the example in the bindings. - Replaced the magic number to optee_notif_init() with OPTEE_DEFAULT_MAX_NOTIF_VALUE in the commit "optee: separate notification functions" - Switched back to tagged error path in optee_probe() - Fixed a few nits in "optee: add asynchronous notifications" - Applied Sumit's Reviewed-by on all commits but the last, "optee: add asynchronous notifications" v5->v6: * Rebased on v5.15-rc2 * Replaced "tee: add tee_dev_open_helper() primitive" with "tee: export teedev_open() and teedev_close_context()" since it turned out that the normal teedev functions could be used instead as noted by Sumit. * Changed "optee: add asynchronous notifications" to use the exported teedev_open() and teedev_close_context() functions instead. v4->v5: * Rebased on v5.14-rc7 * Updated documentation to clarify that one interrupt may represent multiple notifications as requested. * Applied Marc's and Rob's tags v3->v4: * Clarfied the expected type of interrypt is edge-triggered, both in the normal documentation and in the DT bindings as requested. v2->v3: * Rebased on v5.14-rc2 which made the patch "dt-bindings: arm: Convert optee binding to json-schema" from the V2 patch set obsolete. * Applied Ard's Acked-by on "optee: add asynchronous notifications" v1->v2: * Added documentation * Converted optee bindings to json-schema and added interrupt property * Configure notification interrupt from DT instead of getting it from secure world, suggested by Ard Biesheuvel <ardb(a)kernel.org>. Thanks, Jens Jens Wiklander (6): docs: staging/tee.rst: add a section on OP-TEE notifications dt-bindings: arm: optee: add interrupt property tee: fix put order in teedev_close_context() tee: export teedev_open() and teedev_close_context() optee: separate notification functions optee: add asynchronous notifications .../arm/firmware/linaro,optee-tz.yaml | 8 + Documentation/staging/tee.rst | 30 +++ drivers/tee/optee/Makefile | 1 + drivers/tee/optee/core.c | 2 +- drivers/tee/optee/ffa_abi.c | 6 +- drivers/tee/optee/notif.c | 125 +++++++++ drivers/tee/optee/optee_msg.h | 9 + drivers/tee/optee/optee_private.h | 28 +- drivers/tee/optee/optee_rpc_cmd.h | 31 ++- drivers/tee/optee/optee_smc.h | 75 +++++- drivers/tee/optee/rpc.c | 71 +----- drivers/tee/optee/smc_abi.c | 241 +++++++++++++++--- drivers/tee/tee_core.c | 10 +- include/linux/tee_drv.h | 14 + 14 files changed, 525 insertions(+), 126 deletions(-) create mode 100644 drivers/tee/optee/notif.c -- 2.31.1

4 years, 1 month

1
6
0 0

2025

2024

2023

2022

2021

2020

OP-TEE