Re: [PATCH] KEYS: trusted: tee: Refactor register SHM usage

linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Sumit Garg" <sumit.garg@linaro.org>,
	<linux-integrity@vger.kernel.org>, <keyrings@vger.kernel.org>
Cc: <jejb@linux.ibm.com>, <zohar@linux.ibm.com>,
	<jens.wiklander@linaro.org>, <sudeep.holla@arm.com>,
	<achin.gupta@arm.com>, <linux-security-module@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] KEYS: trusted: tee: Refactor register SHM usage
Date: Tue, 22 Aug 2023 16:52:36 +0300	[thread overview]
Message-ID: <CUZ4G9FRXIW1.23TJD5ASQBUNE@suppilovahvero> (raw)
In-Reply-To: <20230822112933.1550062-1-sumit.garg@linaro.org>

On Tue Aug 22, 2023 at 2:29 PM EEST, Sumit Garg wrote:
> The OP-TEE driver using the old SMC based ABI permits overlapping shared
> buffers, but with the new FF-A based ABI each physical page may only
> be registered once.
>
> As the key and blob buffer are allocated adjancently, there is no need
> for redundant register shared memory invocation. Also, it is incompatibile
> with FF-A based ABI limitation. So refactor register shared memory
> implementation to use only single invocation to register both key and blob
> buffers.
>
> Fixes: 4615e5a34b95 ("optee: add FF-A support")
> Reported-by: Jens Wiklander <jens.wiklander@linaro.org>
> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>

Does this retain backwards compatibility?

> ---
>  security/keys/trusted-keys/trusted_tee.c | 64 ++++++++----------------
>  1 file changed, 20 insertions(+), 44 deletions(-)
>
> diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
> index ac3e270ade69..aa3d477de6db 100644
> --- a/security/keys/trusted-keys/trusted_tee.c
> +++ b/security/keys/trusted-keys/trusted_tee.c
> @@ -65,24 +65,16 @@ static int trusted_tee_seal(struct trusted_key_payload *p, char *datablob)
>  	int ret;
>  	struct tee_ioctl_invoke_arg inv_arg;
>  	struct tee_param param[4];
> -	struct tee_shm *reg_shm_in = NULL, *reg_shm_out = NULL;
> +	struct tee_shm *reg_shm = NULL;
>  
>  	memset(&inv_arg, 0, sizeof(inv_arg));
>  	memset(&param, 0, sizeof(param));
>  
> -	reg_shm_in = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
> -						 p->key_len);
> -	if (IS_ERR(reg_shm_in)) {
> -		dev_err(pvt_data.dev, "key shm register failed\n");
> -		return PTR_ERR(reg_shm_in);
> -	}
> -
> -	reg_shm_out = tee_shm_register_kernel_buf(pvt_data.ctx, p->blob,
> -						  sizeof(p->blob));
> -	if (IS_ERR(reg_shm_out)) {
> -		dev_err(pvt_data.dev, "blob shm register failed\n");
> -		ret = PTR_ERR(reg_shm_out);
> -		goto out;
> +	reg_shm = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
> +					      sizeof(p->key) + sizeof(p->blob));
> +	if (IS_ERR(reg_shm)) {
> +		dev_err(pvt_data.dev, "shm register failed\n");
> +		return PTR_ERR(reg_shm);
>  	}
>  
>  	inv_arg.func = TA_CMD_SEAL;
> @@ -90,13 +82,13 @@ static int trusted_tee_seal(struct trusted_key_payload *p, char *datablob)
>  	inv_arg.num_params = 4;
>  
>  	param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT;
> -	param[0].u.memref.shm = reg_shm_in;
> +	param[0].u.memref.shm = reg_shm;
>  	param[0].u.memref.size = p->key_len;
>  	param[0].u.memref.shm_offs = 0;
>  	param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT;
> -	param[1].u.memref.shm = reg_shm_out;
> +	param[1].u.memref.shm = reg_shm;
>  	param[1].u.memref.size = sizeof(p->blob);
> -	param[1].u.memref.shm_offs = 0;
> +	param[1].u.memref.shm_offs = sizeof(p->key);
>  
>  	ret = tee_client_invoke_func(pvt_data.ctx, &inv_arg, param);
>  	if ((ret < 0) || (inv_arg.ret != 0)) {
> @@ -107,11 +99,7 @@ static int trusted_tee_seal(struct trusted_key_payload *p, char *datablob)
>  		p->blob_len = param[1].u.memref.size;
>  	}
>  
> -out:
> -	if (reg_shm_out)
> -		tee_shm_free(reg_shm_out);
> -	if (reg_shm_in)
> -		tee_shm_free(reg_shm_in);
> +	tee_shm_free(reg_shm);
>  
>  	return ret;
>  }
> @@ -124,24 +112,16 @@ static int trusted_tee_unseal(struct trusted_key_payload *p, char *datablob)
>  	int ret;
>  	struct tee_ioctl_invoke_arg inv_arg;
>  	struct tee_param param[4];
> -	struct tee_shm *reg_shm_in = NULL, *reg_shm_out = NULL;
> +	struct tee_shm *reg_shm = NULL;
>  
>  	memset(&inv_arg, 0, sizeof(inv_arg));
>  	memset(&param, 0, sizeof(param));
>  
> -	reg_shm_in = tee_shm_register_kernel_buf(pvt_data.ctx, p->blob,
> -						 p->blob_len);
> -	if (IS_ERR(reg_shm_in)) {
> -		dev_err(pvt_data.dev, "blob shm register failed\n");
> -		return PTR_ERR(reg_shm_in);
> -	}
> -
> -	reg_shm_out = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
> -						  sizeof(p->key));
> -	if (IS_ERR(reg_shm_out)) {
> -		dev_err(pvt_data.dev, "key shm register failed\n");
> -		ret = PTR_ERR(reg_shm_out);
> -		goto out;
> +	reg_shm = tee_shm_register_kernel_buf(pvt_data.ctx, p->key,
> +					      sizeof(p->key) + sizeof(p->blob));
> +	if (IS_ERR(reg_shm)) {
> +		dev_err(pvt_data.dev, "shm register failed\n");
> +		return PTR_ERR(reg_shm);
>  	}
>  
>  	inv_arg.func = TA_CMD_UNSEAL;
> @@ -149,11 +129,11 @@ static int trusted_tee_unseal(struct trusted_key_payload *p, char *datablob)
>  	inv_arg.num_params = 4;
>  
>  	param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT;
> -	param[0].u.memref.shm = reg_shm_in;
> +	param[0].u.memref.shm = reg_shm;
>  	param[0].u.memref.size = p->blob_len;
> -	param[0].u.memref.shm_offs = 0;
> +	param[0].u.memref.shm_offs = sizeof(p->key);
>  	param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT;
> -	param[1].u.memref.shm = reg_shm_out;
> +	param[1].u.memref.shm = reg_shm;
>  	param[1].u.memref.size = sizeof(p->key);
>  	param[1].u.memref.shm_offs = 0;
>  
> @@ -166,11 +146,7 @@ static int trusted_tee_unseal(struct trusted_key_payload *p, char *datablob)
>  		p->key_len = param[1].u.memref.size;
>  	}
>  
> -out:
> -	if (reg_shm_out)
> -		tee_shm_free(reg_shm_out);
> -	if (reg_shm_in)
> -		tee_shm_free(reg_shm_in);
> +	tee_shm_free(reg_shm);
>  
>  	return ret;
>  }
> -- 
> 2.34.1

BR, Jarkko

next prev parent reply	other threads:[~2023-08-22 13:52 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-22 11:29 [PATCH] KEYS: trusted: tee: Refactor register SHM usage Sumit Garg
2023-08-22 12:55 ` Jens Wiklander
2023-08-23  6:55   ` Sumit Garg
2023-08-23  8:01     ` Jens Wiklander
2023-08-23 13:04       ` Sumit Garg
2023-08-23 14:28         ` Jens Wiklander
2023-09-05 11:04           ` Sumit Garg
2023-09-11 10:32             ` Jarkko Sakkinen
2023-08-22 13:52 ` Jarkko Sakkinen [this message]
2023-08-23  6:57   ` Sumit Garg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CUZ4G9FRXIW1.23TJD5ASQBUNE@suppilovahvero \
    --to=jarkko@kernel.org \
    --cc=achin.gupta@arm.com \
    --cc=jejb@linux.ibm.com \
    --cc=jens.wiklander@linaro.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=sudeep.holla@arm.com \
    --cc=sumit.garg@linaro.org \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).