korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2025-01-20 12:54:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

tee: Improve support for kexec and kdump

Browse Source 
This fixes several bugs uncovered while exercising the OP-TEE, ftpm
 (firmware TPM), and tee_bnxt_fw (Broadcom BNXT firmware manager) drivers
 with kexec and kdump (emergency kexec) based workflows.
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCgA4FiEEFV+gSSXZJY9ZyuB5LinzTIcAHJcFAmD+aZ8aHGplbnMud2lr
 bGFuZGVyQGxpbmFyby5vcmcACgkQLinzTIcAHJcqYg//XjY2nhyTAKg3CamBPSsQ
 oEct2aeYr5/ehb/a+CfhINDc4mppoCNCxTRSZQSTkbpbW0UyvHDbtXgFDwBDEMPf
 HRc35N6IAaWg5Zg47ZL+kCbTX+lNwVYpZjcKJQqaXzUMGqwCFVV0bg3OBNt9JKPI
 1rQL8T1BXF/cjrdmZHiPWn1TfVstIkHD6oLOsFAMN2+LFKesr0v0ZjH0d3v7j6oK
 /WBojPbTNVCtH4UAL8jHJCCRACwLGbZCk8TEda/bSo3IGIMrhqr446nT2GwmlebL
 x+4wHNb0q/Y6gZuOLy2JElR4Fl7GsPQLPiXfQVz/N+ZdGXvboD+Klr0mNvEodh0R
 5YYF9l5b8eUhoZKyM84ziSvp3t7XHfGsxrD884QrtTbIQSjZ8B5/246EBx8RrUsX
 nRT+uAjomFn8CSfDLeiVGP7nF6uXjDNx/IsQfNSa9crM4tLmu8AM81NjCRGAJOrX
 7VuGbfNwh0LNkZwW+UtihfmPGVOl72Dcgr6A+dj5tZNiaPrdakcmKVp3nnz0Fsfc
 /BaWirlXzYGm9wwDHqUdhKMv54wqO2mqv9WKtn69i5nnzS4wVtzC5vVG2b2+rclW
 az5igZNBozSNMW8Nwi2ipiJH2qixeQdaa8N1gI71nGc4FSO3TVz9XJwN1o8WucSy
 nz+W45KocsY1qLDZUY6Pzhs=
 =/bwq
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmEH5oYACgkQmmx57+YA
 GNncChAAo+9i91VcaIJKstUVMgxCHZgqkDYaoFTSzmzllGkR4cDOmkxYXvQQekML
 MOGVtK1xDHQjDZpPUsG4ms0SJHa4mdLwjSg2P6f+38SveHj5kZah4dxmoYponCg5
 LfBmlFFhXyx8/nWlfTggYsn5u2jBEN+OHsjeKJCwffQHtuIrrwWsY24fWoURjUy9
 P0BlcrmDe9UuKLZD6QNOYCx4WPH9wtFLuLEFx/Ixzx59G0e5sItj2WbhPA8GgTa3
 lPxhPruqWXTofn2ko2FXQrAufHgvJYaI9vwkOm7KO3fnCOSTaQkSMuudY9z1iAuM
 qz6dyU68DDsJ61ctGAw96PQ/V9xSc/2YqT+BpeHKN9Q1ilbxm23cFASdp+iJvHGE
 twdWc55G1D48EK7BK52ThluKwcOBUC7Pk14WPY22//PjuLiV91NP2JeY1Da1M7XL
 urfojZWVYaFrR011L7DsKt4asGMmIihU2Y3tf8IkDcwpO8/WT+HEjV7/dzHsazZS
 QMCxc5c13UdOWZXbLkaFZwcJXyidlLINsYgZMWuiJ/YIYomkc7MOk2Y5He17hrun
 t2ah12dZIEjOO1q/q7/GYjBoj6suCUN3qKzAGBrJiNVNkhy+cCcpQaS3S1tK9NMP
 ggPWdzCfogE1OiTTVFwSR0DvHtIJN99+J/4OsAfXxlSdtJEHsos=
 =1f/e
 -----END PGP SIGNATURE-----

Merge tag 'tee-kexec-fixes-for-v5.14' of git://git.linaro.org:/people/jens.wiklander/linux-tee into arm/fixes

tee: Improve support for kexec and kdump

This fixes several bugs uncovered while exercising the OP-TEE, ftpm
(firmware TPM), and tee_bnxt_fw (Broadcom BNXT firmware manager) drivers
with kexec and kdump (emergency kexec) based workflows.

* tag 'tee-kexec-fixes-for-v5.14' of git://git.linaro.org:/people/jens.wiklander/linux-tee:
  firmware: tee_bnxt: Release TEE shm, session, and context during kexec
  tpm_ftpm_tee: Free and unregister TEE shared memory during kexec
  tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
  tee: add tee_shm_alloc_kernel_buf()
  optee: Clear stale cache entries during initialization
  optee: fix tee out of memory failure seen during kexec reboot
  optee: Refuse to load the driver under the kdump kernel
  optee: Fix memory leak when failing to register shm pages

Link: https://lore.kernel.org/r/20210726081039.GA2482361@jade
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
This commit is contained in:
Arnd Bergmann 2021-08-02 14:35:17 +02:00
commit 64429b9e0e
9 changed files with 132 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
drivers/char/tpm/tpm_ftpm_tee.c
View File

@ -254,11 +254,11 @@ static int ftpm_tee_probe(struct device *dev)
pvt_data->session = sess_arg.session;
/* Allocate dynamic shared memory with fTPM TA */
pvt_data->shm = tee_shm_alloc(pvt_data->ctx,
MAX_COMMAND_SIZE + MAX_RESPONSE_SIZE,
TEE_SHM_MAPPED | TEE_SHM_DMA_BUF);
pvt_data->shm = tee_shm_alloc_kernel_buf(pvt_data->ctx,
MAX_COMMAND_SIZE +
MAX_RESPONSE_SIZE);
if (IS_ERR(pvt_data->shm)) {
dev_err(dev, "%s: tee_shm_alloc failed\n", __func__);
dev_err(dev, "%s: tee_shm_alloc_kernel_buf failed\n", __func__);
rc = -ENOMEM;
goto out_shm_alloc;
}

14
drivers/firmware/broadcom/tee_bnxt_fw.c
View File

@ -212,10 +212,9 @@ static int tee_bnxt_fw_probe(struct device *dev)
pvt_data.dev = dev;
fw_shm_pool = tee_shm_alloc(pvt_data.ctx, MAX_SHM_MEM_SZ,
TEE_SHM_MAPPED | TEE_SHM_DMA_BUF);
fw_shm_pool = tee_shm_alloc_kernel_buf(pvt_data.ctx, MAX_SHM_MEM_SZ);
if (IS_ERR(fw_shm_pool)) {
dev_err(pvt_data.dev, "tee_shm_alloc failed\n");
dev_err(pvt_data.dev, "tee_shm_alloc_kernel_buf failed\n");
err = PTR_ERR(fw_shm_pool);
goto out_sess;
}
@ -242,6 +241,14 @@ static int tee_bnxt_fw_remove(struct device *dev)
return 0;
}
static void tee_bnxt_fw_shutdown(struct device *dev)
{
tee_shm_free(pvt_data.fw_shm_pool);
tee_client_close_session(pvt_data.ctx, pvt_data.session_id);
tee_client_close_context(pvt_data.ctx);
pvt_data.ctx = NULL;
}
static const struct tee_client_device_id tee_bnxt_fw_id_table[] = {
{UUID_INIT(0x6272636D, 0x2019, 0x0716,
0x42, 0x43, 0x4D, 0x5F, 0x53, 0x43, 0x48, 0x49)},
@ -257,6 +264,7 @@ static struct tee_client_driver tee_bnxt_fw_driver = {
.bus = &tee_bus_type,
.probe = tee_bnxt_fw_probe,
.remove = tee_bnxt_fw_remove,
.shutdown = tee_bnxt_fw_shutdown,
},
};

38
drivers/tee/optee/call.c
View File

@ -184,7 +184,7 @@ static struct tee_shm *get_msg_arg(struct tee_context *ctx, size_t num_params,
struct optee_msg_arg *ma;
shm = tee_shm_alloc(ctx, OPTEE_MSG_GET_ARG_SIZE(num_params),
TEE_SHM_MAPPED);
TEE_SHM_MAPPED | TEE_SHM_PRIV);
if (IS_ERR(shm))
return shm;
@ -416,11 +416,13 @@ void optee_enable_shm_cache(struct optee *optee)
}
/**
* optee_disable_shm_cache() - Disables caching of some shared memory allocation
* in OP-TEE
* __optee_disable_shm_cache() - Disables caching of some shared memory
* allocation in OP-TEE
* @optee: main service struct
* @is_mapped: true if the cached shared memory addresses were mapped by this
* kernel, are safe to dereference, and should be freed
*/
void optee_disable_shm_cache(struct optee *optee)
static void __optee_disable_shm_cache(struct optee *optee, bool is_mapped)
{
struct optee_call_waiter w;
@ -439,6 +441,13 @@ void optee_disable_shm_cache(struct optee *optee)
if (res.result.status == OPTEE_SMC_RETURN_OK) {
struct tee_shm *shm;
/*
* Shared memory references that were not mapped by
* this kernel must be ignored to prevent a crash.
*/
if (!is_mapped)
continue;
shm = reg_pair_to_ptr(res.result.shm_upper32,
res.result.shm_lower32);
tee_shm_free(shm);
@ -449,6 +458,27 @@ void optee_disable_shm_cache(struct optee *optee)
optee_cq_wait_final(&optee->call_queue, &w);
}
/**
* optee_disable_shm_cache() - Disables caching of mapped shared memory
* allocations in OP-TEE
* @optee: main service struct
*/
void optee_disable_shm_cache(struct optee *optee)
{
return __optee_disable_shm_cache(optee, true);
}
/**
* optee_disable_unmapped_shm_cache() - Disables caching of shared memory
* allocations in OP-TEE which are not
* currently mapped
* @optee: main service struct
*/
void optee_disable_unmapped_shm_cache(struct optee *optee)
{
return __optee_disable_shm_cache(optee, false);
}
#define PAGELIST_ENTRIES_PER_PAGE \
((OPTEE_MSG_NONCONTIG_PAGE_SIZE / sizeof(u64)) - 1)

43
drivers/tee/optee/core.c
View File

@ -6,6 +6,7 @@
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/arm-smccc.h>
#include <linux/crash_dump.h>
#include <linux/errno.h>
#include <linux/io.h>
#include <linux/module.h>
@ -277,7 +278,8 @@ static void optee_release(struct tee_context *ctx)
if (!ctxdata)
return;
shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), TEE_SHM_MAPPED);
shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg),
TEE_SHM_MAPPED | TEE_SHM_PRIV);
if (!IS_ERR(shm)) {
arg = tee_shm_get_va(shm, 0);
/*
@ -572,6 +574,13 @@ static optee_invoke_fn *get_invoke_func(struct device *dev)
return ERR_PTR(-EINVAL);
}
/* optee_remove - Device Removal Routine
* @pdev: platform device information struct
*
* optee_remove is called by platform subsystem to alert the driver
* that it should release the device
*/
static int optee_remove(struct platform_device *pdev)
{
struct optee *optee = platform_get_drvdata(pdev);
@ -602,6 +611,18 @@ static int optee_remove(struct platform_device *pdev)
return 0;
}
/* optee_shutdown - Device Removal Routine
* @pdev: platform device information struct
*
* platform_shutdown is called by the platform subsystem to alert
* the driver that a shutdown, reboot, or kexec is happening and
* device must be disabled.
*/
static void optee_shutdown(struct platform_device *pdev)
{
optee_disable_shm_cache(platform_get_drvdata(pdev));
}
static int optee_probe(struct platform_device *pdev)
{
optee_invoke_fn *invoke_fn;
@ -612,6 +633,16 @@ static int optee_probe(struct platform_device *pdev)
u32 sec_caps;
int rc;
/*
* The kernel may have crashed at the same time that all available
* secure world threads were suspended and we cannot reschedule the
* suspended threads without access to the crashed kernel's wait_queue.
* Therefore, we cannot reliably initialize the OP-TEE driver in the
* kdump kernel.
*/
if (is_kdump_kernel())
return -ENODEV;
invoke_fn = get_invoke_func(&pdev->dev);
if (IS_ERR(invoke_fn))
return PTR_ERR(invoke_fn);
@ -686,6 +717,15 @@ static int optee_probe(struct platform_device *pdev)
optee->memremaped_shm = memremaped_shm;
optee->pool = pool;
/*
* Ensure that there are no pre-existing shm objects before enabling
* the shm cache so that there's no chance of receiving an invalid
* address during shutdown. This could occur, for example, if we're
* kexec booting from an older kernel that did not properly cleanup the
* shm cache.
*/
optee_disable_unmapped_shm_cache(optee);
optee_enable_shm_cache(optee);
if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM)
@ -728,6 +768,7 @@ MODULE_DEVICE_TABLE(of, optee_dt_match);
static struct platform_driver optee_driver = {
.probe = optee_probe,
.remove = optee_remove,
.shutdown = optee_shutdown,
.driver = {
.name = "optee",
.of_match_table = optee_dt_match,

1
drivers/tee/optee/optee_private.h
View File

@ -159,6 +159,7 @@ int optee_cancel_req(struct tee_context *ctx, u32 cancel_id, u32 session);
void optee_enable_shm_cache(struct optee *optee);
void optee_disable_shm_cache(struct optee *optee);
void optee_disable_unmapped_shm_cache(struct optee *optee);
int optee_shm_register(struct tee_context *ctx, struct tee_shm *shm,
struct page **pages, size_t num_pages,

5
drivers/tee/optee/rpc.c
View File

@ -314,7 +314,7 @@ static void handle_rpc_func_cmd_shm_alloc(struct tee_context *ctx,
shm = cmd_alloc_suppl(ctx, sz);
break;
case OPTEE_RPC_SHM_TYPE_KERNEL:
shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED);
shm = tee_shm_alloc(ctx, sz, TEE_SHM_MAPPED | TEE_SHM_PRIV);
break;
default:
arg->ret = TEEC_ERROR_BAD_PARAMETERS;
@ -502,7 +502,8 @@ void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param,
switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) {
case OPTEE_SMC_RPC_FUNC_ALLOC:
shm = tee_shm_alloc(ctx, param->a1, TEE_SHM_MAPPED);
shm = tee_shm_alloc(ctx, param->a1,
TEE_SHM_MAPPED | TEE_SHM_PRIV);
if (!IS_ERR(shm) && !tee_shm_get_pa(shm, 0, &pa)) {
reg_pair_from_64(&param->a1, &param->a2, pa);
reg_pair_from_64(&param->a4, &param->a5,

20
drivers/tee/optee/shm_pool.c
View File

@ -27,13 +27,19 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm,
shm->paddr = page_to_phys(page);
shm->size = PAGE_SIZE << order;
if (shm->flags & TEE_SHM_DMA_BUF) {
/*
* Shared memory private to the OP-TEE driver doesn't need
* to be registered with OP-TEE.
*/
if (!(shm->flags & TEE_SHM_PRIV)) {
unsigned int nr_pages = 1 << order, i;
struct page **pages;
pages = kcalloc(nr_pages, sizeof(pages), GFP_KERNEL);
if (!pages)
return -ENOMEM;
if (!pages) {
rc = -ENOMEM;
goto err;
}
for (i = 0; i < nr_pages; i++) {
pages[i] = page;
@ -44,15 +50,21 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm,
rc = optee_shm_register(shm->ctx, shm, pages, nr_pages,
(unsigned long)shm->kaddr);
kfree(pages);
if (rc)
goto err;
}
return 0;
err:
__free_pages(page, order);
return rc;
}
static void pool_op_free(struct tee_shm_pool_mgr *poolm,
struct tee_shm *shm)
{
if (shm->flags & TEE_SHM_DMA_BUF)
if (!(shm->flags & TEE_SHM_PRIV))
optee_shm_unregister(shm->ctx, shm);
free_pages((unsigned long)shm->kaddr, get_order(shm->size));

20
drivers/tee/tee_shm.c
View File

@ -117,7 +117,7 @@ struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags)
return ERR_PTR(-EINVAL);
}
if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF))) {
if ((flags & ~(TEE_SHM_MAPPED | TEE_SHM_DMA_BUF | TEE_SHM_PRIV))) {
dev_err(teedev->dev.parent, "invalid shm flags 0x%x", flags);
return ERR_PTR(-EINVAL);
}
@ -193,6 +193,24 @@ err_dev_put:
}
EXPORT_SYMBOL_GPL(tee_shm_alloc);
/**
* tee_shm_alloc_kernel_buf() - Allocate shared memory for kernel buffer
* @ctx: Context that allocates the shared memory
* @size: Requested size of shared memory
*
* The returned memory registered in secure world and is suitable to be
* passed as a memory buffer in parameter argument to
* tee_client_invoke_func(). The memory allocated is later freed with a
* call to tee_shm_free().
*
* @returns a pointer to 'struct tee_shm'
*/
struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size)
{
return tee_shm_alloc(ctx, size, TEE_SHM_MAPPED);
}
EXPORT_SYMBOL_GPL(tee_shm_alloc_kernel_buf);
struct tee_shm *tee_shm_register(struct tee_context *ctx, unsigned long addr,
size_t length, u32 flags)
{

2
include/linux/tee_drv.h
View File

@ -27,6 +27,7 @@
#define TEE_SHM_USER_MAPPED BIT(4) /* Memory mapped in user space */
#define TEE_SHM_POOL BIT(5) /* Memory allocated from pool */
#define TEE_SHM_KERNEL_MAPPED BIT(6) /* Memory mapped in kernel space */
#define TEE_SHM_PRIV BIT(7) /* Memory private to TEE driver */
struct device;
struct tee_device;
@ -332,6 +333,7 @@ void *tee_get_drvdata(struct tee_device *teedev);
* @returns a pointer to 'struct tee_shm'
*/
struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags);
struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size);
/**
* tee_shm_register() - Register shared memory buffer