From: Jens Wiklander <jens.wiklander@linaro.org>
To: Sumit Garg <sumit.garg@linaro.org>
Cc: keyrings@vger.kernel.org, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, corbet@lwn.net,
dhowells@redhat.com, jejb@linux.ibm.com,
jarkko.sakkinen@linux.intel.com, zohar@linux.ibm.com,
jmorris@namei.org, serge@hallyn.com, ard.biesheuvel@linaro.org,
daniel.thompson@linaro.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org, tee-dev@lists.linaro.org
Subject: Re: [RFC 3/7] tee: add private login method for kernel clients
Date: Mon, 8 Jul 2019 17:39:09 +0200 [thread overview]
Message-ID: <20190708153908.GA28253@jax> (raw)
In-Reply-To: <1560421833-27414-4-git-send-email-sumit.garg@linaro.org>
Hi Sumit,
On Thu, Jun 13, 2019 at 04:00:29PM +0530, Sumit Garg wrote:
> There are use-cases where user-space shouldn't be allowed to communicate
> directly with a TEE device which is dedicated to provide a specific
> service for a kernel client. So add a private login method for kernel
> clients and disallow user-space to open-session using this login method.
>
> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> ---
> drivers/tee/tee_core.c | 6 ++++++
> include/uapi/linux/tee.h | 2 ++
> 2 files changed, 8 insertions(+)
>
> diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c
> index 0f16d9f..4581bd1 100644
> --- a/drivers/tee/tee_core.c
> +++ b/drivers/tee/tee_core.c
> @@ -334,6 +334,12 @@ static int tee_ioctl_open_session(struct tee_context *ctx,
> goto out;
> }
>
> + if (arg.clnt_login == TEE_IOCTL_LOGIN_REE_KERNEL) {
TEE_IOCTL_LOGIN_REE_KERNEL is defined as 0x80000000 which is in the
range specified and implementation defined by the GP spec. I wonder if
we shouldn't filter the entire implementation defined range instead of
just this value.
> + pr_err("login method not allowed for user-space client\n");
pr_debug(), if it's needed at all.
> + rc = -EPERM;
> + goto out;
> + }
> +
> rc = ctx->teedev->desc->ops->open_session(ctx, &arg, params);
> if (rc)
> goto out;
> diff --git a/include/uapi/linux/tee.h b/include/uapi/linux/tee.h
> index 4b9eb06..f33c69c 100644
> --- a/include/uapi/linux/tee.h
> +++ b/include/uapi/linux/tee.h
> @@ -172,6 +172,8 @@ struct tee_ioctl_buf_data {
> #define TEE_IOCTL_LOGIN_APPLICATION 4
> #define TEE_IOCTL_LOGIN_USER_APPLICATION 5
> #define TEE_IOCTL_LOGIN_GROUP_APPLICATION 6
> +/* Private login method for REE kernel clients */
It's worth noting that this is filtered by the TEE framework, compared
to everything else which is treated opaquely.
> +#define TEE_IOCTL_LOGIN_REE_KERNEL 0x80000000
>
> /**
> * struct tee_ioctl_param - parameter
> --
> 2.7.4
>
Thanks,
Jens
next prev parent reply other threads:[~2019-07-08 15:39 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-13 10:30 [RFC 0/7] Introduce TEE based Trusted Keys support Sumit Garg
2019-06-13 10:30 ` [RFC 1/7] tee: optee: allow kernel pages to register as shm Sumit Garg
2019-06-13 15:12 ` Jarkko Sakkinen
2019-06-13 15:17 ` Jarkko Sakkinen
2019-06-13 15:17 ` Jarkko Sakkinen
2019-06-14 5:12 ` Sumit Garg
2019-06-14 8:15 ` Jens Wiklander
2019-06-13 10:30 ` [RFC 2/7] tee: enable support to register kernel memory Sumit Garg
2019-06-13 15:20 ` Jarkko Sakkinen
2019-06-14 5:13 ` Sumit Garg
2019-06-14 8:16 ` Jens Wiklander
2019-06-13 10:30 ` [RFC 3/7] tee: add private login method for kernel clients Sumit Garg
2019-07-08 15:39 ` Jens Wiklander [this message]
2019-07-09 5:56 ` Sumit Garg
2019-07-09 7:03 ` Jens Wiklander
2019-07-09 9:36 ` Sumit Garg
2019-07-29 7:08 ` Jens Wiklander
2019-07-29 13:13 ` Sumit Garg
2019-06-13 10:30 ` [RFC 4/7] KEYS: trusted: Introduce TEE based Trusted Keys Sumit Garg
2019-06-13 15:32 ` Jarkko Sakkinen
2019-06-14 5:43 ` Sumit Garg
2019-06-13 10:30 ` [RFC 5/7] KEYS: encrypted: Allow TEE based trusted master keys Sumit Garg
2019-06-13 10:30 ` [RFC 6/7] doc: keys: Document usage of TEE based Trusted Keys Sumit Garg
2019-06-13 15:34 ` Jarkko Sakkinen
2019-06-14 5:37 ` Sumit Garg
2019-06-14 15:36 ` Jarkko Sakkinen
2019-06-13 10:30 ` [RFC 7/7] MAINTAINERS: Add entry for " Sumit Garg
2019-06-13 16:40 ` [RFC 0/7] Introduce TEE based Trusted Keys support Casey Schaufler
2019-06-14 0:03 ` Mimi Zohar
2019-06-14 8:17 ` Sumit Garg
2019-06-14 5:58 ` Sumit Garg
2019-07-08 12:41 ` Sumit Garg
2019-07-08 16:31 ` Jens Wiklander
2019-07-09 5:58 ` Sumit Garg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190708153908.GA28253@jax \
--to=jens.wiklander@linaro.org \
--cc=ard.biesheuvel@linaro.org \
--cc=corbet@lwn.net \
--cc=daniel.thompson@linaro.org \
--cc=dhowells@redhat.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jejb@linux.ibm.com \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=sumit.garg@linaro.org \
--cc=tee-dev@lists.linaro.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).