From: Sumit Garg <sumit.garg@linaro.org>
To: keyrings@vger.kernel.org
Cc: jejb@linux.ibm.com, zohar@linux.ibm.com,
linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, Sumit Garg <sumit.garg@linaro.org>,
Jerome Forissier <jerome.forissier@linaro.org>
Subject: [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit
Date: Thu, 10 Nov 2022 16:41:40 +0530 [thread overview]
Message-ID: <20221110111140.1999538-1-sumit.garg@linaro.org> (raw)
TEE trusted keys support depends on registered shared memory support
since the key buffers are needed to be registered with OP-TEE. So make
that dependency explicit to not register trusted keys support if
underlying implementation doesn't support registered shared memory.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
---
security/keys/trusted-keys/trusted_tee.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
index c8626686ee1b..ac3e270ade69 100644
--- a/security/keys/trusted-keys/trusted_tee.c
+++ b/security/keys/trusted-keys/trusted_tee.c
@@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len)
static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data)
{
- if (ver->impl_id == TEE_IMPL_ID_OPTEE)
+ if (ver->impl_id == TEE_IMPL_ID_OPTEE &&
+ ver->gen_caps & TEE_GEN_CAP_REG_MEM)
return 1;
else
return 0;
--
2.34.1
next reply other threads:[~2022-11-10 11:12 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-10 11:11 Sumit Garg [this message]
2022-11-10 11:14 ` [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit Sumit Garg
2022-11-16 0:33 ` Jarkko Sakkinen
2022-11-16 0:39 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221110111140.1999538-1-sumit.garg@linaro.org \
--to=sumit.garg@linaro.org \
--cc=jejb@linux.ibm.com \
--cc=jerome.forissier@linaro.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.