From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 986F820E700 for ; Fri, 28 Mar 2025 02:48:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743130107; cv=none; b=k6KowI/kZv7ZQpE5eDeDnnMWRVUs/gdwqlFhRRnQgzhmhuZ5aFUwDkmC3uy9hA1VMpSjrR10+whC8q5OM9jmoQBapsoyXxe9IgkMsZl8aJ0/1oV4QM9l+dylen8GEztRv2stgSX4Nn4TuVzbXWQc/1YmQWcYjtD61INY4gwmPno= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1743130107; c=relaxed/simple; bh=LzVtnGgyPnlPDvjJg3jowQoQ5TJ34BYyk4JKQqlUgVE=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=GNkRAhjva34xMZQR8Gw1bfpRkyfmlNfSrZv0n/PeelYz0TblLmYVOWFMAE7KmB2Lv79LZ/PQjyXjwZiDnuzTDf073KupICCgXOaT2nt1Lvg0taMfTLUo/vOInkPR9dRVTvX70nhgGYQubXVOzopUXl9R8jWeEPtLWnQHXiO8Pac= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=P44kuPEg; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="P44kuPEg" Received: from pps.filterd (m0279873.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 52REQB2K003117 for ; Fri, 28 Mar 2025 02:48:24 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= trKK2m78JzvLO6nqfaUxmrBsvPpEOHdXYJeoKZHWxvo=; b=P44kuPEgsyvxxnTW bc98CDp+5V85r8rvdIHdUXkPvUDQl7NjmLOVGYop9gG6Vd0MMj+2QODaiLULueTG M/wiO0MLJCfbFyScx9f6vDNVagQwgZzMAqYQ1WxIWzHEENSj4to6axHJ5cBkp2DW YCfMWOcQ0j2ZcClitf8PcIDHbgnV/leJZfPhFowu0o9bBy3ZDg8mo05dgIGniPcd wpjnpbgePiJN58ZFQOacIpNC7HRsRW5yPOxvSEYtan1gW9bylGG9ttrHKle9HGrk Yz2ePzFQ3jSYSoXXfBH20TC8KamqDrZUOJrmtnrfn84wHAaZpV/lp0IHbbAni64O VPSI4Q== Received: from mail-pl1-f197.google.com (mail-pl1-f197.google.com [209.85.214.197]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 45m0xe03vn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Fri, 28 Mar 2025 02:48:24 +0000 (GMT) Received: by mail-pl1-f197.google.com with SMTP id d9443c01a7336-227a8cdd272so28144365ad.2 for ; Thu, 27 Mar 2025 19:48:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743130103; x=1743734903; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=trKK2m78JzvLO6nqfaUxmrBsvPpEOHdXYJeoKZHWxvo=; b=PhP/ysBuI93SkyqMa5odvO6QCqKKxBMwIlHqxzQBsxOs4BAYHRAS0V23OblU5kBP4J D+HJFEARuXRuLTsW5FwJGw6JwIDxdHHm/xcs+VCb0Pvzm+OVxMc+rMHA9BOVkaM9Aaf9 dlLWYAbQ6uSQO/9EoSmeC1qA6T2bZIJPqpeSVwSxwoC1XLwIORMjtOrGOol2khuxxfag 11q7Z5/L81SzCPxbeHsvnNaHkKWGrTFNYGz84YArGFLPAH0VIgDLe2Ryk2jpB6qdYJqJ re7JEtDjXachDTN5zvD994RldzeCG/ux5Y1ujhvGhUVlnIL0OHSCYbhcw4s+bCpHBmg8 ni3g== X-Forwarded-Encrypted: i=1; AJvYcCVYYRMuCntq8GmfA/9vMsKTYMa9rcsS2lk6HwfBX4tAybJcSp9JmtW6kaJgJXlRiX7vzDD0IVb2bik=@vger.kernel.org X-Gm-Message-State: AOJu0YxX1jjLsaHpgUVMLYUWOyyzpXjRoqCU1EUeKzFLR62eEU926r1H 4ShlRz2KZ5dP5twRLG2RPoFDNLVK+4rlZ+ACiP9NMDIOc1eQhd3I+zPsVW1rkAn4JwzW5sa4ztj 84n5UljZ0YhwQ1HpTH5G9SVEdPGN3MZJdVvBlpQG1tv6LpsOX55VaqPVhmQ== X-Gm-Gg: ASbGncsvBaBCaHXF4DN3o7XzRNAmeOGyzMyJ9lUBORYwq2usrPi6AqHYzotAFgjl7WI D1KQS+yPT7ET4gX6GA6AGza0yaFQqc1ObOPT8QeWwT0Q3nxHMSeFGcVmYM5qxym3hMF6sT5Grsw daepucAZosMoASv6NffYqDPbJBx7l5JY2Z++Gny5lLfspicjOScE3WEYRXIUvHjm8s9CuMV/9UX Sy79gwHK3mv1K5Hnj8JMJkUq8ee88tihBSDGMj9eZQ3m7UPcOu1i/QljMkAqVPB24YHrJoWOl+J SYqDA5QpiAbOnpRFvy0oB6u2KgnQLZZwgN1AWWr2JyIM+u6H2a2XOxLsB5Qr7DJ8XlVEoZSVjDA = X-Received: by 2002:a17:903:22cf:b0:21f:68ae:56e3 with SMTP id d9443c01a7336-22804913b7bmr83993845ad.39.1743130102601; Thu, 27 Mar 2025 19:48:22 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG7+ElBhiGbOyQrc0oht55G7S+WnkDU1W9p2p0aUzNmyvIvkEqpNdJbhyrq+E2XKQGbTqpmKg== X-Received: by 2002:a17:903:22cf:b0:21f:68ae:56e3 with SMTP id d9443c01a7336-22804913b7bmr83993515ad.39.1743130102069; Thu, 27 Mar 2025 19:48:22 -0700 (PDT) Received: from hu-azarrabi-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2291eeca203sm7317565ad.30.2025.03.27.19.48.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Mar 2025 19:48:21 -0700 (PDT) From: Amirreza Zarrabi Date: Thu, 27 Mar 2025 19:47:25 -0700 Subject: [PATCH v3 03/11] tee: add TEE_IOCTL_PARAM_ATTR_TYPE_UBUF Precedence: bulk X-Mailing-List: linux-doc@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20250327-qcom-tee-using-tee-ss-without-mem-obj-v3-3-7f457073282d@oss.qualcomm.com> References: <20250327-qcom-tee-using-tee-ss-without-mem-obj-v3-0-7f457073282d@oss.qualcomm.com> In-Reply-To: <20250327-qcom-tee-using-tee-ss-without-mem-obj-v3-0-7f457073282d@oss.qualcomm.com> To: Jens Wiklander , Sumit Garg , Bjorn Andersson , Konrad Dybcio , Bartosz Golaszewski , Apurupa Pattapu , Kees Cook , "Gustavo A. R. Silva" , Sumit Semwal , =?utf-8?q?Christian_K=C3=B6nig?= Cc: linux-arm-msm@vger.kernel.org, op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, linux-doc@vger.kernel.org, Amirreza Zarrabi X-Mailer: b4 0.13.0 X-Proofpoint-ORIG-GUID: K9anoEkqYyBJXdL7C-EWD_QvLobucg7p X-Proofpoint-GUID: K9anoEkqYyBJXdL7C-EWD_QvLobucg7p X-Authority-Analysis: v=2.4 cv=Q43S452a c=1 sm=1 tr=0 ts=67e60df8 cx=c_pps a=cmESyDAEBpBGqyK7t0alAg==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=Vs1iUdzkB0EA:10 a=EUspDBNiAAAA:8 a=nExbU_x0mLWtth5-Sj8A:9 a=QEXdDO2ut3YA:10 a=1OuFwYUASf3TG4hYMiVC:22 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1095,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2025-03-28_01,2025-03-27_02,2024-11-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 impostorscore=0 lowpriorityscore=0 bulkscore=0 spamscore=0 suspectscore=0 adultscore=0 mlxlogscore=999 malwarescore=0 mlxscore=0 priorityscore=1501 clxscore=1015 classifier=spam authscore=0 authtc=n/a authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2502280000 definitions=main-2503280017 For drivers that can transfer data to the TEE without using shared memory from client, it is necessary to receive the user address directly, bypassing any processing by the TEE subsystem. Introduce TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INPUT/OUTPUT/INOUT to represent userspace buffers. Signed-off-by: Amirreza Zarrabi --- drivers/tee/tee_core.c | 33 +++++++++++++++++++++++++++++++++ include/linux/tee_drv.h | 6 ++++++ include/uapi/linux/tee.h | 22 ++++++++++++++++------ 3 files changed, 55 insertions(+), 6 deletions(-) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 22cc7d624b0c..bc862a11d437 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -404,6 +404,17 @@ static int params_from_user(struct tee_context *ctx, struct tee_param *params, params[n].u.value.b = ip.b; params[n].u.value.c = ip.c; break; + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_OUTPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INOUT: + params[n].u.ubuf.uaddr = u64_to_user_ptr(ip.a); + params[n].u.ubuf.size = ip.b; + + if (!access_ok(params[n].u.ubuf.uaddr, + params[n].u.ubuf.size)) + return -EFAULT; + + break; case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: @@ -472,6 +483,11 @@ static int params_to_user(struct tee_ioctl_param __user *uparams, put_user(p->u.value.c, &up->c)) return -EFAULT; break; + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_OUTPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INOUT: + if (put_user((u64)p->u.ubuf.size, &up->b)) + return -EFAULT; + break; case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: if (put_user((u64)p->u.memref.size, &up->b)) @@ -672,6 +688,13 @@ static int params_to_supp(struct tee_context *ctx, ip.b = p->u.value.b; ip.c = p->u.value.c; break; + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_OUTPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INOUT: + ip.a = (u64)p->u.ubuf.uaddr; + ip.b = p->u.ubuf.size; + ip.c = 0; + break; case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: @@ -774,6 +797,16 @@ static int params_from_supp(struct tee_param *params, size_t num_params, p->u.value.b = ip.b; p->u.value.c = ip.c; break; + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_OUTPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INOUT: + p->u.ubuf.uaddr = u64_to_user_ptr(ip.a); + p->u.ubuf.size = ip.b; + + if (!access_ok(params[n].u.ubuf.uaddr, + params[n].u.ubuf.size)) + return -EFAULT; + + break; case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: /* diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index ce23fd42c5d4..d773f91c6bdd 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -82,6 +82,11 @@ struct tee_param_memref { struct tee_shm *shm; }; +struct tee_param_ubuf { + void * __user uaddr; + size_t size; +}; + struct tee_param_value { u64 a; u64 b; @@ -92,6 +97,7 @@ struct tee_param { u64 attr; union { struct tee_param_memref memref; + struct tee_param_ubuf ubuf; struct tee_param_value value; } u; }; diff --git a/include/uapi/linux/tee.h b/include/uapi/linux/tee.h index d0430bee8292..3e9b1ec5dfde 100644 --- a/include/uapi/linux/tee.h +++ b/include/uapi/linux/tee.h @@ -151,6 +151,13 @@ struct tee_ioctl_buf_data { #define TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT 6 #define TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT 7 /* input and output */ +/* + * These defines userspace buffer parameters. + */ +#define TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INPUT 8 +#define TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_OUTPUT 9 +#define TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INOUT 10 /* input and output */ + /* * Mask for the type part of the attribute, leaves room for more types */ @@ -186,14 +193,17 @@ struct tee_ioctl_buf_data { /** * struct tee_ioctl_param - parameter * @attr: attributes - * @a: if a memref, offset into the shared memory object, else a value parameter - * @b: if a memref, size of the buffer, else a value parameter + * @a: if a memref, offset into the shared memory object, + * else if a ubuf, address of the user buffer, + * else a value parameter + * @b: if a memref or ubuf, size of the buffer, else a value parameter * @c: if a memref, shared memory identifier, else a value parameter * - * @attr & TEE_PARAM_ATTR_TYPE_MASK indicates if memref or value is used in - * the union. TEE_PARAM_ATTR_TYPE_VALUE_* indicates value and - * TEE_PARAM_ATTR_TYPE_MEMREF_* indicates memref. TEE_PARAM_ATTR_TYPE_NONE - * indicates that none of the members are used. + * @attr & TEE_PARAM_ATTR_TYPE_MASK indicates if memref, ubuf, or value is + * used in the union. TEE_PARAM_ATTR_TYPE_VALUE_* indicates value, + * TEE_PARAM_ATTR_TYPE_MEMREF_* indicates memref, and TEE_PARAM_ATTR_TYPE_UBUF_* + * indicates ubuf. TEE_PARAM_ATTR_TYPE_NONE indicates that none of the members + * are used. * * Shared memory is allocated with TEE_IOC_SHM_ALLOC which returns an * identifier representing the shared memory object. A memref can reference -- 2.34.1