kybaaz/linux-xiaomi-chiron
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

TEE and OP-TEE fixes for v5.16

Browse source 
- Fixes a race when a tee_shm reaches reference count 0 and is about to
   be teared down
 - Fixes an incorrect page free bug in an error path of the OP-TEE shared
   memory pool handling
 - Suppresses a false positive kmemleak report when allocating driver
   private shared memory buffers for OP-TEE
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCgA4FiEEFV+gSSXZJY9ZyuB5LinzTIcAHJcFAmG7UnYaHGplbnMud2lr
 bGFuZGVyQGxpbmFyby5vcmcACgkQLinzTIcAHJdOaQ//Vge0EnUpHorM5vjZMbAB
 pvFVGKmAW/fcebMMkJ7D2UAh8PTz8FMKzrcqHb8AUU+3ns+xkd6RgmVV59XmhXkN
 Rucx64338SrFz4DlpZDs0HfqChanrXz8q1AbexQ8zmfRfi5OTOHs2pDTYBo+JVUk
 f35SwMxbSYSUPWSORI+YPBdaYadNTB83N1MZbfKMtvjyf0iweISSFVivivL0YrpY
 2Tj/waIzBOZ+203CQJzZz0UDNAxf/fo80bY3NuksUrdnHusWwiCq16RlfOaIwEub
 vNaAm08uoSY3LU6LfKlp51d+rykuXpdfqfWbg4paQYSx8Pmxd27MjQlohIeJGDwR
 ZXupAFsf+c7P3aYNrMNB18QGEBdWPi/SnM+HNCFkYa7+s3hapYl9sFa/MGjPjwS3
 OFGWgWYJJee9yBzKWiK90lka/66eSYSAhs1g9hpOsS36f6kpZL+UnlSm3fP5VxwZ
 zTHaJfTgCz6pVYBgC9x9ZYH2vZwKwPVxDFM+GfaKMyWkE0GWNSGGSCVyN7Wmztxj
 1k25mlViGaVJHR7U6+N3U+GBuWtccavQtkiZHhI+oOcsMNg77y1lwZrkbuRALnu5
 oG7OklB6s79nitDEM+ppS0DOnXHbMXusLMHSVSQGWgFYSRcntUUeuYFDdSNfA8hU
 EJIJG3ktSf9AdPC3yscUyA8=
 =3cqK
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmG8o+MACgkQmmx57+YA
 GNm3vxAAh3wnjLNzUcfjBE4uABUW81u6DEye2hKvh279IIPHfnF908cBhqtCY/md
 QbjLCzDuJnldrcFxaXE/mi+26Ej3cVnHUGxv6iFpwghpxguDk3fnW2tB3FjqWOxl
 iSwe2/OZXCZwnf9KT9umEIccTVntauNgjhqWTZiFO3X3FTZ/trJq3LKiWwachb/y
 9qpHcx2YwbORyM4d0cb98MFGoFn9DqGVeU4PjaBWQ/SFGurmfsRzJEiiJ0SmrQUA
 7OY3ZyBr0zqsHPV+PTCu8gRAlIGsrjI+dyVvlGuLZBCzlSHZ58yVrOCDVVVSiH52
 zTIhua+ZY3G8Eb9TlC+HVznRZoI9VmijU7ybXuMkwp0Bgz1edVREQULFD5U2k/qx
 EUzIsrkDNNa4Z6Q+zSeKbMCDYhrfqftFdv3diMoCs08JvtI2dJWznwNeSrGW7rDc
 UyooXvCHLLUOeiHeYF2AB4A8CjsvBE1vBbYTanDeHUjow0cFCRzKwHcOvuSndN3P
 1ChVYaF7gPvBJ4ZIunZylXzvUiRzbmuUr+bVkXnzJJout/nw5iKrskGkPuNJRDFW
 CGaWaXjeSgyXzQ85XzWX8s+3geAIraHUcGuG8agz8+3eOEtev/DOP6MdejemRAG6
 EgR3sk8sIZ2J/iq8KMikv2OENqZ9+wLWjx8LWtV+g/ZXfoQOnM4=
 =125d
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-v5.16' of https://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes

TEE and OP-TEE fixes for v5.16

- Fixes a race when a tee_shm reaches reference count 0 and is about to
  be teared down
- Fixes an incorrect page free bug in an error path of the OP-TEE shared
  memory pool handling
- Suppresses a false positive kmemleak report when allocating driver
  private shared memory buffers for OP-TEE

* tag 'fixes-for-v5.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  optee: Suppress false positive kmemleak report in optee_handle_rpc()
  tee: optee: Fix incorrect page free bug
  tee: handle lookup of shm with reference count 0

Link: https://lore.kernel.org/r/20211216150745.GA3347954@jade
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
This commit is contained in:
Arnd Bergmann 2021-12-17 15:51:15 +01:00
commit a6a476878e
4 changed files with 72 additions and 114 deletions
Download patch file Download diff file Expand all files Collapse all files

4
include/linux/tee_drv.h
View file

@ -195,7 +195,7 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method,
* @offset: offset of buffer in user space
* @pages: locked pages from userspace
* @num_pages: number of locked pages
* @dmabuf: dmabuf used to for exporting to user space
* @refcount: reference counter
* @flags: defined by TEE_SHM_* in tee_drv.h
* @id: unique id of a shared memory object on this device, shared
* with user space
@ -214,7 +214,7 @@ struct tee_shm {
unsigned int offset;
struct page **pages;
size_t num_pages;
struct dma_buf *dmabuf;
refcount_t refcount;
u32 flags;
int id;
u64 sec_world_id;