Message ID | 20221110111140.1999538-1-sumit.garg@linaro.org |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp80525wru; Thu, 10 Nov 2022 03:14:19 -0800 (PST) X-Google-Smtp-Source: AMsMyM4wor3yR6cI+COaSDGYcJhP6lLZgx8Zr3op64bVdvqfhUSdDyeFud8yVougOZmiQJYVRCnt X-Received: by 2002:a17:907:86a8:b0:7ad:988e:a93 with SMTP id qa40-20020a17090786a800b007ad988e0a93mr62587557ejc.704.1668078858964; Thu, 10 Nov 2022 03:14:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668078858; cv=none; d=google.com; s=arc-20160816; b=EnOOYECvIgNpNMKhpXbxZVMSVAoByxEt3rAJjQZm2cHZ7RrbSVT/wfZA9Q3uT4DQqN HeYdVx8RH7vcn1N6P9FEk9kVDKT606SgLL8hykhFWvsxry4ivDrQw32dZbtc0w+NVUfw 4py0GuMoxSsEFXOUgwWz7NErK63k4n9bT4je07GSiSF7q/chn2D8PL5UwXgpEt1T5+AR lxJ9z2s8SlV8BzXdsO96nygkkxIrXompZObuJ/9G8F7L+munNhZW7B7tgQ+4sqQjkplT 4k3X6OcninLk00A9W8scCC3/0rlcG9laHIXMo581u+kLhpnoG3kINxfcQ29ivULdFX3P argg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=Yaq+SFAP5kTf9oPrYPpMvzkjalgNUTHY8MYqzihNGbY=; b=d8AU3NeYtyNWjItOIBKYfPLisZUGrkcmhucDsT2UTucxL0idP5ZcymSv2gp/ZS+gdK 3IVZecreU+CwZioXJixnjJPCwVHaEsKNEyNphsk9ZZ5rswKfLKACdgNzuu+tuDG1Sz+u nJM1LykzOmcvdy0HmkBXNeKKEVZML5cf2ZHZ5mMoWzHo2+WGUL2IyTV7Ttc6Ft3HJVuQ RmD1mQCsD82jHDXIKcOr380rjMrOmdLVKTiIJkovGeMQA/xIbSCFD6iy+SzXxQu/geHS q4ob9afWTXFHOj29Xnv8QaZmbY58VQjL1zAsWfm/8PiuTJ9+myZ8Dp/1crY+xfkn62Se a/CQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="W1ZC/0/j"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c9-20020a05640227c900b0045cd7614e59si8168013ede.451.2022.11.10.03.13.52; Thu, 10 Nov 2022 03:14:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="W1ZC/0/j"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229976AbiKJLMJ (ORCPT <rfc822;winker.wchi@gmail.com> + 99 others); Thu, 10 Nov 2022 06:12:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230429AbiKJLMD (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Thu, 10 Nov 2022 06:12:03 -0500 Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 970E06DCD6 for <linux-kernel@vger.kernel.org>; Thu, 10 Nov 2022 03:12:02 -0800 (PST) Received: by mail-pl1-x62c.google.com with SMTP id p21so1145520plr.7 for <linux-kernel@vger.kernel.org>; Thu, 10 Nov 2022 03:12:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Yaq+SFAP5kTf9oPrYPpMvzkjalgNUTHY8MYqzihNGbY=; b=W1ZC/0/jOj62exU1NlwqP2F21YthQH/vEaLHLYXraLCvXwC+bo1E8ztCFTZSqVUMLi teaoHcLCkiHS1We6wJTp7SRCvPogWQwMqUIdF/ea6ipIvDfWSIxPr19PSuVpammjU9D4 VKI0tHLgSTEZSP5uWlz3VHI0wyzs3Ax0wz38L0nGoJt/Ar2V2RXtM62VhHepMJ6iHIo1 cwPW383kcyvjkZUZrJ6GAd+oihi1xiGQLrL8LrgTxU2nS7Ty80AN5mm1xPbqO+8wZfxD BW9v/m/wl5WwFeL4TAEiSuI9r3B37Sx9TR40gqlzSVIZfdAPdENEHC4IVmHdxPUD/YfM M4qA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Yaq+SFAP5kTf9oPrYPpMvzkjalgNUTHY8MYqzihNGbY=; b=dlvHUVKBTS3uW0pYywSaau5NpfIXMwxTB4LfrI9/EOU7ApMYm9K4iWdQQ4TIOi0As1 PKkSjj8fR8/GY8fjqjRX/aHgzUI/XvqdzpjXRfOoeTF2Vw7vk6MRgSFQ5xUVTcBOHApw wAZayId1wFZtxKt26K1wv0ZKd0u1fNNd3aeYhcUtSwEPdSIrkZ7/fg4uJq07C7XzE35F /AvU175u5FDXG8tAcyY4mAufTPSI1P2cReUBFiu6GORNtTEhso2ZjXvXOEa1ZCgSTcWV t/nzKpjpVVZguuOu70C6QfjdMyrRTybPKsVjst4mz6GN+wkhHOSNNPL//qGTfAfWb13k 28NA== X-Gm-Message-State: ACrzQf2rA17jIt9sVTMEYZkn2Dg4/Z/mDYckXQH3pgMzsJhVzWnw/zH4 rFbgq+Sndlh/7CL5m9cAwfAG+A== X-Received: by 2002:a17:90a:1097:b0:213:d7d3:ab8 with SMTP id c23-20020a17090a109700b00213d7d30ab8mr58405678pja.91.1668078722103; Thu, 10 Nov 2022 03:12:02 -0800 (PST) Received: from sumit-X1.. ([223.178.212.236]) by smtp.gmail.com with ESMTPSA id 68-20020a621647000000b0056bd1bf4243sm9903435pfw.53.2022.11.10.03.11.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 10 Nov 2022 03:12:01 -0800 (PST) From: Sumit Garg <sumit.garg@linaro.org> To: keyrings@vger.kernel.org Cc: jejb@linux.ibm.com, zohar@linux.ibm.com, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Sumit Garg <sumit.garg@linaro.org>, Jerome Forissier <jerome.forissier@linaro.org> Subject: [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit Date: Thu, 10 Nov 2022 16:41:40 +0530 Message-Id: <20221110111140.1999538-1-sumit.garg@linaro.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749107457535269217?= X-GMAIL-MSGID: =?utf-8?q?1749107457535269217?= |
Series |
KEYS: trusted: tee: Make registered shm dependency explicit
|
|
Commit Message
Sumit Garg
Nov. 10, 2022, 11:11 a.m. UTC
TEE trusted keys support depends on registered shared memory support since the key buffers are needed to be registered with OP-TEE. So make that dependency explicit to not register trusted keys support if underlying implementation doesn't support registered shared memory. Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> --- security/keys/trusted-keys/trusted_tee.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Comments
+ Jarkko (Apologies I accidently missed you while sending the original patch). On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote: > > TEE trusted keys support depends on registered shared memory support > since the key buffers are needed to be registered with OP-TEE. So make > that dependency explicit to not register trusted keys support if > underlying implementation doesn't support registered shared memory. > > Signed-off-by: Sumit Garg <sumit.garg@linaro.org> > Tested-by: Jerome Forissier <jerome.forissier@linaro.org> > --- > security/keys/trusted-keys/trusted_tee.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c > index c8626686ee1b..ac3e270ade69 100644 > --- a/security/keys/trusted-keys/trusted_tee.c > +++ b/security/keys/trusted-keys/trusted_tee.c > @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len) > > static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) > { > - if (ver->impl_id == TEE_IMPL_ID_OPTEE) > + if (ver->impl_id == TEE_IMPL_ID_OPTEE && > + ver->gen_caps & TEE_GEN_CAP_REG_MEM) > return 1; > else > return 0; > -- > 2.34.1 >
On Thu, Nov 10, 2022 at 04:44:20PM +0530, Sumit Garg wrote: > + Jarkko (Apologies I accidently missed you while sending the original patch). > > On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote: > > > > TEE trusted keys support depends on registered shared memory support > > since the key buffers are needed to be registered with OP-TEE. So make > > that dependency explicit to not register trusted keys support if > > underlying implementation doesn't support registered shared memory. > > > > Signed-off-by: Sumit Garg <sumit.garg@linaro.org> > > Tested-by: Jerome Forissier <jerome.forissier@linaro.org> > > --- > > security/keys/trusted-keys/trusted_tee.c | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c > > index c8626686ee1b..ac3e270ade69 100644 > > --- a/security/keys/trusted-keys/trusted_tee.c > > +++ b/security/keys/trusted-keys/trusted_tee.c > > @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len) > > > > static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) > > { > > - if (ver->impl_id == TEE_IMPL_ID_OPTEE) > > + if (ver->impl_id == TEE_IMPL_ID_OPTEE && > > + ver->gen_caps & TEE_GEN_CAP_REG_MEM) > > return 1; > > else > > return 0; > > -- > > 2.34.1 > > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> BR, Jarkko
On Wed, Nov 16, 2022 at 02:33:24AM +0200, Jarkko Sakkinen wrote: > On Thu, Nov 10, 2022 at 04:44:20PM +0530, Sumit Garg wrote: > > + Jarkko (Apologies I accidently missed you while sending the original patch). > > > > On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote: > > > > > > TEE trusted keys support depends on registered shared memory support > > > since the key buffers are needed to be registered with OP-TEE. So make > > > that dependency explicit to not register trusted keys support if > > > underlying implementation doesn't support registered shared memory. > > > > > > Signed-off-by: Sumit Garg <sumit.garg@linaro.org> > > > Tested-by: Jerome Forissier <jerome.forissier@linaro.org> > > > --- > > > security/keys/trusted-keys/trusted_tee.c | 3 ++- > > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > > > diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c > > > index c8626686ee1b..ac3e270ade69 100644 > > > --- a/security/keys/trusted-keys/trusted_tee.c > > > +++ b/security/keys/trusted-keys/trusted_tee.c > > > @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len) > > > > > > static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) > > > { > > > - if (ver->impl_id == TEE_IMPL_ID_OPTEE) > > > + if (ver->impl_id == TEE_IMPL_ID_OPTEE && > > > + ver->gen_caps & TEE_GEN_CAP_REG_MEM) > > > return 1; > > > else > > > return 0; > > > -- > > > 2.34.1 > > > > > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Applied. BR, Jarkko
diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c index c8626686ee1b..ac3e270ade69 100644 --- a/security/keys/trusted-keys/trusted_tee.c +++ b/security/keys/trusted-keys/trusted_tee.c @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len) static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) { - if (ver->impl_id == TEE_IMPL_ID_OPTEE) + if (ver->impl_id == TEE_IMPL_ID_OPTEE && + ver->gen_caps & TEE_GEN_CAP_REG_MEM) return 1; else return 0;