Commit Graph

13 Commits

Author SHA1 Message Date
Arnd Bergmann
47039b55f8 Merge tag 'tee-amdtee-fix2-for-5.6' of https://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes
tee: amdtee: out of bounds read in find_session()

* tag 'tee-amdtee-fix2-for-5.6' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: amdtee: out of bounds read in find_session()

Link: https://lore.kernel.org/r/20200320063446.GA9892@jade
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2020-03-25 14:27:27 +01:00
Dan Carpenter
36fa3e5008 tee: amdtee: out of bounds read in find_session()
The "index" is a user provided value from 0-USHRT_MAX.  If it's over
TEE_NUM_SESSIONS (31) then it results in an out of bounds read when we
call test_bit(index, sess->sess_mask).

Fixes: 757cc3e9ff ("tee: add AMD-TEE driver")
Acked-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2020-03-10 08:12:04 +01:00
Olof Johansson
820d15632e arm64: dts: agilex: fix gmac compatible
- The compatible for Agilex GMAC should be "altr,socfpga-stmmac-a10-s10"
 -----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCgAyFiEEoHhMeiyk5VmwVMwNGZQEC4GjKPQFAl5ed6QUHGRpbmd1eWVu
 QGtlcm5lbC5vcmcACgkQGZQEC4GjKPS0dA//Vctu2B9YYK+X8KtO3AFVCc2HA69A
 JIMnsYReTn1HBHsoZQCXVJajsWI+J4h+z2hxQpGQHXcVzfpg6gFb5HLGqvAG+fZO
 MORVlN4ne96cYcOjA/8eTQOIkFigPrQIK3lZGR6nEJ6PzCz3bOfKdbtOChvuH4ev
 g/2I8O9FIL2u+Xa1BdxHXvOU24FZttH2OrIVHgdsnbdV1mtY3yDTTlyiOVDvgTRu
 kkv9PM3GnnSfQyNQOLRkSwfF+fvWrEV1+XFRsbotliuVGPOgHQ0WbsqAW+6fhh9W
 r/JIDxlgy6ddG9MQGZdtZC48Lem9ITk1g710uiVDQx710amzJfY1an6vB8xqtqab
 6xNuxS6AqaEmzwQbzdT9AmFKa6EAKicOrYfN0XNBKvlqoF/IxR3EJYYJ0shxHgK/
 ACn1e53nNnPzi9dg4y0IezmxUNf4jl6T+Su/791ofc8Edx+iNRLOyshex4tFD4zf
 8mVgoBNp5yzkdAAyNjd1x9c7YPKxWUVLZkD4vNp5QObjdutjOsA1j6w9YTKZooBA
 BZZ5974rYZWvL7lHWoA0vaZDMF6cJ1osIP1d4cA49jXLHl33o5X22Lgy0lhBoL9F
 fTeWnmVgEdhlHXDWwjKh0vfDJ9EZnMlfTlWzTwnmRJEAswQBgk+wleDarSs0o8Ac
 pn6wton5J8JL/eQ=
 =VAHM
 -----END PGP SIGNATURE-----

Merge tag 'socfpga_dts_fix_for_v5.6_v2' of git://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux into arm/fixes

arm64: dts: agilex: fix gmac compatible
- The compatible for Agilex GMAC should be "altr,socfpga-stmmac-a10-s10"

* tag 'socfpga_dts_fix_for_v5.6_v2' of git://git.kernel.org/pub/scm/linux/kernel/git/dinguyen/linux: (578 commits)
  arm64: dts: socfpga: agilex: Fix gmac compatible
  Linux 5.6-rc4
  KVM: VMX: check descriptor table exits on instruction emulation
  ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
  macintosh: therm_windtunnel: fix regression when instantiating devices
  jbd2: fix data races at struct journal_head
  kvm: x86: Limit the number of "kvm: disabled by bios" messages
  KVM: x86: avoid useless copy of cpufreq policy
  KVM: allow disabling -Werror
  KVM: x86: allow compiling as non-module with W=1
  KVM: Pre-allocate 1 cpumask variable per cpu for both pv tlb and pv ipis
  KVM: Introduce pv check helpers
  KVM: let declaration of kvm_get_running_vcpus match implementation
  KVM: SVM: allocate AVIC data structures based on kvm_amd module parameter
  MAINTAINERS: Correct Cadence PCI driver path
  io_uring: fix 32-bit compatability with sendmsg/recvmsg
  net: dsa: mv88e6xxx: Fix masking of egress port
  mlxsw: pci: Wait longer before accessing the device after reset
  sfc: fix timestamp reconstruction at 16-bit rollover points
  vsock: fix potential deadlock in transport->release()
  ...

Link: https://lore.kernel.org/r/20200303153509.28248-1-dinguyen@kernel.org
Signed-off-by: Olof Johansson <olof@lixom.net>
2020-03-03 16:40:56 -08:00
Dan Carpenter
b83685bcee tee: amdtee: fix memory leak in amdtee_open_session()
On these error paths the "sess" variable isn't freed.  It's a refcounted
pointer so we need to call kref_put().  I re-arranged the code a bit so
the error case is always handled before the success case and the error
paths are indented two tabs.

Fixes: 757cc3e9ff ("tee: add AMD-TEE driver")
Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2020-02-27 16:22:05 +01:00
Hongbo Yao
872d92dec3 tee: amdtee: amdtee depends on CRYPTO_DEV_CCP_DD
If CRYPTO_DEV_CCP_DD=m and AMDTEE=y, the following error is seen
while building call.c or core.c

drivers/tee/amdtee/call.o: In function `handle_unload_ta':
call.c:(.text+0x35f): undefined reference to `psp_tee_process_cmd'
drivers/tee/amdtee/core.o: In function `amdtee_driver_init':
core.c:(.init.text+0xf): undefined reference to `psp_check_tee_status

Fix the config dependency for AMDTEE here.

Reported-by: Hulk Robot <hulkci@huawei.com>
Fixes: 757cc3e9ff ("tee: add AMD-TEE driver")
Signed-off-by: Hongbo Yao <yaohongbo@huawei.com>
Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-02-13 16:55:04 +08:00
Colin Ian King
48d625e4c4 tee: fix memory allocation failure checks on drv_data and amdtee
Currently the memory allocation failure checks on drv_data and
amdtee are using IS_ERR rather than checking for a null pointer.
Fix these checks to use the conventional null pointer check.

Addresses-Coverity: ("Dereference null return")
Fixes: 757cc3e9ff ("tee: add AMD-TEE driver")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-22 16:21:11 +08:00
Rijo Thomas
279c075dc1 tee: amdtee: remove redundant NULL check for pool
Remove NULL check for pool variable, since in the current
code path it is guaranteed to be non-NULL.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-16 15:18:14 +08:00
Rijo Thomas
f9568eae92 tee: amdtee: rename err label to err_device_unregister
Rename err label to err_device_unregister for better
readability.

Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-16 15:18:13 +08:00
Rijo Thomas
2929015535 tee: amdtee: skip tee_device_unregister if tee_device_alloc fails
Currently, if tee_device_alloc() fails, then tee_device_unregister()
is a no-op. Therefore, skip the function call to tee_device_unregister() by
introducing a new goto label 'err_free_pool'.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-16 15:18:13 +08:00
Rijo Thomas
f4c58c3758 tee: amdtee: print error message if tee not present
If there is no TEE with which the driver can communicate, then
print an error message and return.

Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-16 15:18:13 +08:00
Rijo Thomas
5ae63958a6 tee: amdtee: remove unused variable initialization
Remove unused variable initialization from driver code.

If enabled as a compiler option, compiler may throw warning for
unused assignments.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 757cc3e9ff ("tee: add AMD-TEE driver")
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-16 15:18:13 +08:00
Rijo Thomas
bade7e1fbd tee: amdtee: check TEE status during driver initialization
The AMD-TEE driver should check if TEE is available before
registering itself with TEE subsystem. This ensures that
there is a TEE which the driver can talk to before proceeding
with tee device node allocation.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Co-developed-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Reviewed-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-04 13:49:51 +08:00
Rijo Thomas
757cc3e9ff tee: add AMD-TEE driver
Adds AMD-TEE driver.
* targets AMD APUs which has AMD Secure Processor with software-based
  Trusted Execution Environment (TEE) support
* registers with TEE subsystem
* defines tee_driver_ops function callbacks
* kernel allocated memory is used as shared memory between normal
  world and secure world.
* acts as REE (Rich Execution Environment) communication agent, which
  uses the services of AMD Secure Processor driver to submit commands
  for processing in TEE environment

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Co-developed-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: Devaraj Rangasamy <Devaraj.Rangasamy@amd.com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Reviewed-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2020-01-04 13:49:51 +08:00