* [PATCH v2 1/2] drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies
2025-04-23 13:18 [PATCH v2 0/2] Handle bad policies for AMD-PMF better Mario Limonciello
@ 2025-04-23 13:18 ` Mario Limonciello
2025-04-23 13:18 ` [PATCH v2 2/2] drivers/platform/x86/amd: pmf: Check for invalid " Mario Limonciello
2025-04-29 14:49 ` [PATCH v2 0/2] Handle bad policies for AMD-PMF better Ilpo Järvinen
2 siblings, 0 replies; 5+ messages in thread
From: Mario Limonciello @ 2025-04-23 13:18 UTC (permalink / raw)
To: mario.limonciello, Shyam-sundar.S-k, hdegoede, ilpo.jarvinen
Cc: platform-driver-x86
From: Mario Limonciello <mario.limonciello@amd.com>
If a policy is passed into amd_pmf_get_pb_data() that causes the engine
to fail to start there is a memory leak. Free the memory in this failure
path.
Fixes: 10817f28e5337 ("platform/x86/amd/pmf: Add capability to sideload of policy binary")
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
---
v2:
* Split to it's own patch
---
drivers/platform/x86/amd/pmf/tee-if.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c
index 4c49b510ad1a7..a8bf8c61669d3 100644
--- a/drivers/platform/x86/amd/pmf/tee-if.c
+++ b/drivers/platform/x86/amd/pmf/tee-if.c
@@ -380,9 +380,14 @@ static ssize_t amd_pmf_get_pb_data(struct file *filp, const char __user *buf,
amd_pmf_hex_dump_pb(dev);
ret = amd_pmf_start_policy_engine(dev);
if (ret < 0)
- return ret;
+ goto cleanup;
return length;
+
+cleanup:
+ kfree(dev->policy_buf);
+ dev->policy_buf = NULL;
+ return ret;
}
static const struct file_operations pb_fops = {
--
2.43.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* [PATCH v2 2/2] drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies
2025-04-23 13:18 [PATCH v2 0/2] Handle bad policies for AMD-PMF better Mario Limonciello
2025-04-23 13:18 ` [PATCH v2 1/2] drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies Mario Limonciello
@ 2025-04-23 13:18 ` Mario Limonciello
2025-04-23 14:13 ` Christian Heusel
2025-04-29 14:49 ` [PATCH v2 0/2] Handle bad policies for AMD-PMF better Ilpo Järvinen
2 siblings, 1 reply; 5+ messages in thread
From: Mario Limonciello @ 2025-04-23 13:18 UTC (permalink / raw)
To: mario.limonciello, Shyam-sundar.S-k, hdegoede, ilpo.jarvinen,
Patil.Reddy
Cc: Christian Heusel, platform-driver-x86
From: Mario Limonciello <mario.limonciello@amd.com>
commit 376a8c2a14439 ("platform/x86/amd/pmf: Update PMF Driver for
Compatibility with new PMF-TA") added support for platforms that support
an updated TA, however it also exposed a number of platforms that although
they have support for the updated TA don't actually populate a policy
binary.
Add an explicit check that the policy binary isn't empty before
initializing the TA.
Reported-by: Christian Heusel <christian@heusel.eu>
Closes: https://lore.kernel.org/platform-driver-x86/ae644428-5bf2-4b30-81ba-0b259ed3449b@heusel.eu/
Fixes: 376a8c2a14439 ("platform/x86/amd/pmf: Update PMF Driver for Compatibility with new PMF-TA")
Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
---
drivers/platform/x86/amd/pmf/tee-if.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c
index a8bf8c61669d3..7d6404ab9f041 100644
--- a/drivers/platform/x86/amd/pmf/tee-if.c
+++ b/drivers/platform/x86/amd/pmf/tee-if.c
@@ -350,6 +350,11 @@ static int amd_pmf_start_policy_engine(struct amd_pmf_dev *dev)
return 0;
}
+static inline bool amd_pmf_pb_valid(struct amd_pmf_dev *dev)
+{
+ return memchr_inv(dev->policy_buf, 0xff, dev->policy_sz);
+}
+
#ifdef CONFIG_AMD_PMF_DEBUG
static void amd_pmf_hex_dump_pb(struct amd_pmf_dev *dev)
{
@@ -377,6 +382,11 @@ static ssize_t amd_pmf_get_pb_data(struct file *filp, const char __user *buf,
dev->policy_buf = new_policy_buf;
dev->policy_sz = length;
+ if (!amd_pmf_pb_valid(dev)) {
+ ret = -EINVAL;
+ goto cleanup;
+ }
+
amd_pmf_hex_dump_pb(dev);
ret = amd_pmf_start_policy_engine(dev);
if (ret < 0)
@@ -549,6 +559,12 @@ int amd_pmf_init_smart_pc(struct amd_pmf_dev *dev)
memcpy_fromio(dev->policy_buf, dev->policy_base, dev->policy_sz);
+ if (!amd_pmf_pb_valid(dev)) {
+ dev_info(dev->dev, "No Smart PC policy present\n");
+ ret = -EINVAL;
+ goto err_free_policy;
+ }
+
amd_pmf_hex_dump_pb(dev);
dev->prev_data = kzalloc(sizeof(*dev->prev_data), GFP_KERNEL);
--
2.43.0
^ permalink raw reply related [flat|nested] 5+ messages in thread* Re: [PATCH v2 2/2] drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies
2025-04-23 13:18 ` [PATCH v2 2/2] drivers/platform/x86/amd: pmf: Check for invalid " Mario Limonciello
@ 2025-04-23 14:13 ` Christian Heusel
0 siblings, 0 replies; 5+ messages in thread
From: Christian Heusel @ 2025-04-23 14:13 UTC (permalink / raw)
To: Mario Limonciello
Cc: mario.limonciello, Shyam-sundar.S-k, hdegoede, ilpo.jarvinen,
Patil.Reddy, platform-driver-x86
[-- Attachment #1: Type: text/plain, Size: 919 bytes --]
On 25/04/23 08:18AM, Mario Limonciello wrote:
> From: Mario Limonciello <mario.limonciello@amd.com>
>
> commit 376a8c2a14439 ("platform/x86/amd/pmf: Update PMF Driver for
> Compatibility with new PMF-TA") added support for platforms that support
> an updated TA, however it also exposed a number of platforms that although
> they have support for the updated TA don't actually populate a policy
> binary.
>
> Add an explicit check that the policy binary isn't empty before
> initializing the TA.
>
> Reported-by: Christian Heusel <christian@heusel.eu>
> Closes: https://lore.kernel.org/platform-driver-x86/ae644428-5bf2-4b30-81ba-0b259ed3449b@heusel.eu/
> Fixes: 376a8c2a14439 ("platform/x86/amd/pmf: Update PMF Driver for Compatibility with new PMF-TA")
> Signed-off-by: Mario Limonciello <mario.limonciello@amd.com>
Tested-by: Christian Heusel <christian@heusel.eu>
Thanks for the quick fix!
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH v2 0/2] Handle bad policies for AMD-PMF better
2025-04-23 13:18 [PATCH v2 0/2] Handle bad policies for AMD-PMF better Mario Limonciello
2025-04-23 13:18 ` [PATCH v2 1/2] drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies Mario Limonciello
2025-04-23 13:18 ` [PATCH v2 2/2] drivers/platform/x86/amd: pmf: Check for invalid " Mario Limonciello
@ 2025-04-29 14:49 ` Ilpo Järvinen
2 siblings, 0 replies; 5+ messages in thread
From: Ilpo Järvinen @ 2025-04-29 14:49 UTC (permalink / raw)
To: mario.limonciello, hdegoede, Patil.Reddy, Shyam-sundar.S-k,
Mario Limonciello
Cc: platform-driver-x86
On Wed, 23 Apr 2025 08:18:43 -0500, Mario Limonciello wrote:
> There are assumptions in AMD-PMF code regarding policies being
> valid both from firmware and from sideloading. This series adds an
> extra test to ensure policies aren't empty and also handles a memory
> leak in the cleanup path for the sideloaded policies.
>
> v2:
> * call memchr_inv from helper
> * Split out cleanup error to it's own patch
> Mario Limonciello (2):
> drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC
> Policies
> drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies
>
> [...]
Thank you for your contribution, it has been applied to my local
review-ilpo-fixes branch. Note it will show up in the public
platform-drivers-x86/review-ilpo-fixes branch only once I've pushed my
local branch there, which might take a while.
The list of commits applied:
[1/2] drivers/platform/x86/amd: pmf: Check for invalid sideloaded Smart PC Policies
commit: 690d722e02819ef978f90cd7553973eba1007e6c
[2/2] drivers/platform/x86/amd: pmf: Check for invalid Smart PC Policies
commit: 8e81b9cd6e95188d12c9cc25d40b61dd5ea05ace
--
i.
^ permalink raw reply [flat|nested] 5+ messages in thread