lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <2558a14bc5e8761631f504cff06dbe07c1a1b0cd.1575608819.git.Rijo-john.Thomas@amd.com>
Date:   Fri,  6 Dec 2019 10:48:43 +0530
From:   Rijo Thomas <Rijo-john.Thomas@....com>
To:     Jens Wiklander <jens.wiklander@...aro.org>,
        tee-dev@...ts.linaro.org, linux-kernel@...r.kernel.org
Cc:     Rijo Thomas <Rijo-john.Thomas@....com>,
        Nimesh Easow <Nimesh.Easow@....com>,
        Devaraj Rangasamy <Devaraj.Rangasamy@....com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Tom Lendacky <thomas.lendacky@....com>,
        Gary Hook <gary.hook@....com>
Subject: [RFC PATCH v3 3/4] tee: amdtee: check TEE status during driver initialization

The AMD-TEE driver should check if TEE is available before
registering itself with TEE subsystem. This ensures that
there is an TEE which the driver can talk to before proceeding
with tee device node allocation.

Cc: Jens Wiklander <jens.wiklander@...aro.org>
Cc: Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc: Tom Lendacky <thomas.lendacky@....com>
Co-developed-by: Devaraj Rangasamy <Devaraj.Rangasamy@....com>
Signed-off-by: Devaraj Rangasamy <Devaraj.Rangasamy@....com>
Signed-off-by: Rijo Thomas <Rijo-john.Thomas@....com>
---
 drivers/crypto/ccp/tee-dev.c | 11 +++++++++++
 drivers/tee/amdtee/core.c    |  6 ++++++
 include/linux/psp-tee.h      | 18 ++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/drivers/crypto/ccp/tee-dev.c b/drivers/crypto/ccp/tee-dev.c
index 555c8a7..5e697a9 100644
--- a/drivers/crypto/ccp/tee-dev.c
+++ b/drivers/crypto/ccp/tee-dev.c
@@ -362,3 +362,14 @@ int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len,
 	return 0;
 }
 EXPORT_SYMBOL(psp_tee_process_cmd);
+
+int psp_check_tee_status(void)
+{
+	struct psp_device *psp = psp_get_master_device();
+
+	if (!psp || !psp->tee_data)
+		return -ENODEV;
+
+	return 0;
+}
+EXPORT_SYMBOL(psp_check_tee_status);
diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c
index dd360f3..9d0cee1 100644
--- a/drivers/tee/amdtee/core.c
+++ b/drivers/tee/amdtee/core.c
@@ -16,6 +16,7 @@
 #include <linux/firmware.h>
 #include "amdtee_private.h"
 #include "../tee_private.h"
+#include <linux/psp-tee.h>
 
 static struct amdtee_driver_data *drv_data;
 static DEFINE_MUTEX(session_list_mutex);
@@ -438,6 +439,10 @@ static int __init amdtee_driver_init(void)
 	struct tee_shm_pool *pool = ERR_PTR(-EINVAL);
 	int rc;
 
+	rc = psp_check_tee_status();
+	if (rc)
+		goto err_fail;
+
 	drv_data = kzalloc(sizeof(*drv_data), GFP_KERNEL);
 	if (IS_ERR(drv_data))
 		return -ENOMEM;
@@ -485,6 +490,7 @@ static int __init amdtee_driver_init(void)
 	kfree(drv_data);
 	drv_data = NULL;
 
+err_fail:
 	pr_err("amd-tee driver initialization failed\n");
 	return rc;
 }
diff --git a/include/linux/psp-tee.h b/include/linux/psp-tee.h
index 63bb221..cb0c95d 100644
--- a/include/linux/psp-tee.h
+++ b/include/linux/psp-tee.h
@@ -62,6 +62,19 @@ enum tee_cmd_id {
 int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf, size_t len,
 			u32 *status);
 
+/**
+ * psp_check_tee_status() - Checks whether there is a TEE which a driver can
+ * talk to.
+ *
+ * This function can be used by AMD-TEE driver to query if there is TEE with
+ * which it can communicate.
+ *
+ * Returns:
+ * 0          if the device has TEE
+ * -%ENODEV   if there is no TEE available
+ */
+int psp_check_tee_status(void);
+
 #else /* !CONFIG_CRYPTO_DEV_SP_PSP */
 
 static inline int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf,
@@ -69,5 +82,10 @@ static inline int psp_tee_process_cmd(enum tee_cmd_id cmd_id, void *buf,
 {
 	return -ENODEV;
 }
+
+static inline int psp_check_tee_status(void)
+{
+	return -ENODEV;
+}
 #endif /* CONFIG_CRYPTO_DEV_SP_PSP */
 #endif /* __PSP_TEE_H_ */
-- 
1.9.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ