[PATCH AUTOSEL 6.17-5.4] tee: allow a driver to allocate a tee_device without a pool

[Sasha Levin via OP-TEE <op-tee@lists.trustedfirmware.org>]

From: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>

[ Upstream commit 6dbcd5a9ab6cb6644e7d728521da1c9035ec7235 ]

A TEE driver doesn't always need to provide a pool if it doesn't
support memory sharing ioctls and can allocate memory for TEE
messages in another way. Although this is mentioned in the
documentation for tee_device_alloc(), it is not handled correctly.

Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

LLM Generated explanations, may be completely bogus:

YES
- The change simply drops the `|| !pool` guard in `tee_device_alloc()`
  (`drivers/tee/tee_core.c:892`), which currently rejects drivers that
  intentionally omit a shared-memory pool even though the API contract
  and docs (`include/linux/tee_core.h:123`) have long advertised `pool`
  as optional. Today that mismatch means such drivers cannot register at
  all, so user-visible functionality is blocked.
- Other subsystem code already treats a missing pool as a valid state
  and bails out safely: shared-memory allocators check `if
  (!teedev->pool)` before dereferencing it and return an error to user
  space (`drivers/tee/tee_shm.c:78`), so allowing allocation without a
  pool doesn’t create new NULL dereferences or change behaviour for
  drivers that do use shared memory.
- Existing in-tree TEE implementations still guard their pool setup with
  `IS_ERR()` checks (e.g. OP-TEE in `drivers/tee/optee/smc_abi.c:1651`),
  so a genuine failure still propagates an error instead of slipping
  through; we only unblock the documented “no pool” case.
- The patch is tiny, self-contained, and doesn’t alter ioctls or data
  structures, making the regression risk very low while fixing a long-
  standing real bug that prevents compliant drivers from loading.
  Backporting keeps the stable tree consistent with the exported TEE API
  and supports downstream drivers that rely on the documented behaviour.

 drivers/tee/tee_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c
index acc7998758ad8..133447f250657 100644
--- a/drivers/tee/tee_core.c
+++ b/drivers/tee/tee_core.c
@@ -889,7 +889,7 @@ struct tee_device *tee_device_alloc(const struct tee_desc *teedesc,
 
 	if (!teedesc || !teedesc->name || !teedesc->ops ||
 	    !teedesc->ops->get_version || !teedesc->ops->open ||
-	    !teedesc->ops->release || !pool)
+	    !teedesc->ops->release)
 		return ERR_PTR(-EINVAL);
 
 	teedev = kzalloc(sizeof(*teedev), GFP_KERNEL);
-- 
2.51.0