Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=linux-5.9.y 2020-12-02T07:51:58+00:00 2020-12-02T07:51:58+00:00 Rui Miguel Silva rui.silva@linaro.org 2020-11-13T15:06:04+00:00 urn:sha1:68a9159c832b34f55c9612d492028a589d8e5985 [ Upstream commit 853735e404244f5496cdb6188c5ed9a0f9627ee6 ] Only in smp systems the cache policy is setup as write alloc, in single cpu systems the cache policy is set as writeback and it is normal memory, so, it should pass the is_normal_memory check in the share memory registration. Add the right condition to make it work in no smp systems. Fixes: cdbcf83d29c1 ("tee: optee: check type of registered shared memory") Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-11-24T12:38:57+00:00 Rijo Thomas Rijo-john.Thomas@amd.com 2020-11-04T06:26:10+00:00 urn:sha1:cb03bd50f557a46f2f68af75d5614e76ab9f2cc8 [ Upstream commit be353be27874f40837327d9a39e3ad2149ab66d3 ] Synchronize access to shm or shared memory buffer list to prevent race conditions due to concurrent updates to shared shm list by multiple threads. Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver") Reviewed-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com> Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-11-24T12:38:57+00:00 Rijo Thomas Rijo-john.Thomas@amd.com 2020-11-04T06:26:09+00:00 urn:sha1:5d53c196c84c2f83a04f712b71eda8a994c98ad3 [ Upstream commit ff1f855804cdbbb6db7b9b6df6cab783d1a40d66 ] The driver maintains a list of shared memory buffers along with their mapped buffer id's in a global linked list. These buffers need to be unmapped after use by the user-space client. The global shared memory list is initialized to zero entries in the function amdtee_open(). This clearing of list entries can be a source for memory leak on secure side if the global linked list previously held some mapped buffer entries allocated from another TEE context. Fix potential memory leak issue by moving global shared memory list to AMD-TEE driver context data structure. Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver") Reviewed-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com> Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-11-05T10:51:08+00:00 Sumit Garg sumit.garg@linaro.org 2020-09-17T13:40:22+00:00 urn:sha1:137064b3eb740898c9cb515b1bf25073739a10d2 [ Upstream commit 722939528a37aa0cb22d441e2045c0cf53e78fb0 ] Since the addition of session's client UUID generation via commit [1], login via REE kernel method was disallowed. So fix that via passing nill UUID in case of TEE_IOCTL_LOGIN_REE_KERNEL method as well. Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") [1] Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-07-13T13:11:44+00:00 Arnd Bergmann arnd@arndb.de 2020-07-13T13:11:42+00:00 urn:sha1:38d9dff186f1c88ce8ca92700d6cedc374ff9900 Enable multi-stage OP-TEE bus enumeration Probes drivers on the OP-TEE bus in two steps. First for drivers which do not depend on tee-supplicant. After tee-supplicant has been started probe the devices which do depend on tee-supplicant. Also introduces driver which uses an OP-TEE based fTPM Trusted Application depends on tee-supplicant NV RAM implementation based on RPMB secure storage. * tag 'optee-bus-for-v5.9' of git://git.linaro.org/people/jens.wiklander/linux-tee: tpm_ftpm_tee: register driver on TEE bus optee: enable support for multi-stage bus enumeration optee: use uuid for sysfs driver entry Link: https://lore.kernel.org/r/20200710085230.GA1312913@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de> 2020-07-10T07:41:53+00:00 Maxim Uvarov maxim.uvarov@linaro.org 2020-06-18T13:52:50+00:00 urn:sha1:5f178bb71e3aff2abab01b1ff6837c3a054b25e1 Some drivers (like ftpm) can operate only after tee-supplicant runs because of tee-supplicant provides things like storage services (rpmb, shm).  This patch splits probe of non tee-supplicant dependable drivers to the early stage, and after tee-supplicant run probe other drivers. Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org> Suggested-by: Sumit Garg <sumit.garg@linaro.org> Suggested-by: Arnd Bergmann <arnd@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> 2020-07-10T07:41:48+00:00 Maxim Uvarov maxim.uvarov@linaro.org 2020-06-18T13:52:49+00:00 urn:sha1:58df195cd47d9b06c7160253d35881c1de90aa9e With the evolving use-cases for TEE bus, now it's required to support multi-stage enumeration process. But using a simple index doesn't suffice this requirement and instead leads to duplicate sysfs entries. So instead switch to use more informative device UUID for sysfs entry like: /sys/bus/tee/devices/optee-ta-<uuid> Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> 2020-06-09T16:39:14+00:00 Michel Lespinasse walken@google.com 2020-06-09T04:33:25+00:00 urn:sha1:d8ed45c5dcd455fc5848d47f86883a1b872ac0d0 This change converts the existing mmap_sem rwsem calls to use the new mmap locking API instead. The change is generated using coccinelle with the following rule: // spatch --sp-file mmap_lock_api.cocci --in-place --include-headers --dir . @@ expression mm; @@ ( -init_rwsem +mmap_init_lock | -down_write +mmap_write_lock | -down_write_killable +mmap_write_lock_killable | -down_write_trylock +mmap_write_trylock | -up_write +mmap_write_unlock | -downgrade_write +mmap_write_downgrade | -down_read +mmap_read_lock | -down_read_killable +mmap_read_lock_killable | -down_read_trylock +mmap_read_trylock | -up_read +mmap_read_unlock ) -(&mm->mmap_sem) +(mm) Signed-off-by: Michel Lespinasse <walken@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com> Reviewed-by: Laurent Dufour <ldufour@linux.ibm.com> Reviewed-by: Vlastimil Babka <vbabka@suse.cz> Cc: Davidlohr Bueso <dbueso@suse.de> Cc: David Rientjes <rientjes@google.com> Cc: Hugh Dickins <hughd@google.com> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Jerome Glisse <jglisse@redhat.com> Cc: John Hubbard <jhubbard@nvidia.com> Cc: Liam Howlett <Liam.Howlett@oracle.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ying Han <yinghan@google.com> Link: http://lkml.kernel.org/r/20200520052908.204642-5-walken@google.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2020-05-28T10:38:00+00:00 Arnd Bergmann arnd@arndb.de 2020-05-27T13:39:16+00:00 urn:sha1:60b4000f54649546b4780ac61b67e5601382225d When selecting a crypto cipher, we also need to select the subsystem itself: WARNING: unmet direct dependencies detected for CRYPTO_SHA1 Depends on [m]: CRYPTO [=m] Selected by [y]: - TEE [=y] && (HAVE_ARM_SMCCC [=n] || COMPILE_TEST [=y] || CPU_SUP_AMD [=y]) Selected by [m]: - CRYPTO_DEV_QAT [=m] && CRYPTO [=m] && CRYPTO_HW [=y] - CRYPTO_DEV_MEDIATEK [=m] && CRYPTO [=m] && CRYPTO_HW [=y] && (ARM && ARCH_MEDIATEK || COMPILE_TEST [=y]) - CRYPTO_DEV_SAFEXCEL [=m] && CRYPTO [=m] && CRYPTO_HW [=y] && (OF [=y] || PCI [=y] || COMPILE_TEST [=y]) && HAS_IOMEM [=y] - CRYPTO_DEV_CCREE [=m] && CRYPTO [=m] && CRYPTO_HW [=y] && OF [=y] && HAS_DMA [=y] - CRYPTO_DEV_SP_CCP [=y] && CRYPTO [=m] && CRYPTO_HW [=y] && CRYPTO_DEV_CCP [=y] && CRYPTO_DEV_CCP_DD [=m] && DMADEVICES [=y] Link: https://lore.kernel.org/r/20200527133924.724819-1-arnd@arndb.de Fixes: e33bcbab16d1 ("tee: add support for session's client UUID generation") Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Signed-off-by: Arnd Bergmann <arnd@arndb.de> 2020-05-25T21:15:03+00:00 Arnd Bergmann arnd@arndb.de 2020-05-25T21:15:02+00:00 urn:sha1:be4ad166b4e229ba7f129c5e3bd5ff0347652422 Adds utility function in TEE subsystem for client UUID generation. This function is also used in the optee driver. * tag 'tee-login-for-5.8' of git://git.linaro.org/people/jens.wiklander/linux-tee: tee: optee: Add support for session login client UUID generation tee: add support for session's client UUID generation Link: https://lore.kernel.org/r/20200512131243.GA10028@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>