* [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit
@ 2022-11-10 11:11 Sumit Garg
2022-11-10 11:14 ` Sumit Garg
0 siblings, 1 reply; 4+ messages in thread
From: Sumit Garg @ 2022-11-10 11:11 UTC (permalink / raw)
To: keyrings
Cc: jejb, zohar, linux-integrity, linux-security-module,
linux-kernel, Sumit Garg, Jerome Forissier
TEE trusted keys support depends on registered shared memory support
since the key buffers are needed to be registered with OP-TEE. So make
that dependency explicit to not register trusted keys support if
underlying implementation doesn't support registered shared memory.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
---
security/keys/trusted-keys/trusted_tee.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
index c8626686ee1b..ac3e270ade69 100644
--- a/security/keys/trusted-keys/trusted_tee.c
+++ b/security/keys/trusted-keys/trusted_tee.c
@@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len)
static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data)
{
- if (ver->impl_id == TEE_IMPL_ID_OPTEE)
+ if (ver->impl_id == TEE_IMPL_ID_OPTEE &&
+ ver->gen_caps & TEE_GEN_CAP_REG_MEM)
return 1;
else
return 0;
--
2.34.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit
2022-11-10 11:11 [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit Sumit Garg
@ 2022-11-10 11:14 ` Sumit Garg
2022-11-16 0:33 ` Jarkko Sakkinen
0 siblings, 1 reply; 4+ messages in thread
From: Sumit Garg @ 2022-11-10 11:14 UTC (permalink / raw)
To: keyrings, Jarkko Sakkinen
Cc: jejb, zohar, linux-integrity, linux-security-module,
linux-kernel, Jerome Forissier
+ Jarkko (Apologies I accidently missed you while sending the original patch).
On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote:
>
> TEE trusted keys support depends on registered shared memory support
> since the key buffers are needed to be registered with OP-TEE. So make
> that dependency explicit to not register trusted keys support if
> underlying implementation doesn't support registered shared memory.
>
> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
> ---
> security/keys/trusted-keys/trusted_tee.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
> index c8626686ee1b..ac3e270ade69 100644
> --- a/security/keys/trusted-keys/trusted_tee.c
> +++ b/security/keys/trusted-keys/trusted_tee.c
> @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len)
>
> static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data)
> {
> - if (ver->impl_id == TEE_IMPL_ID_OPTEE)
> + if (ver->impl_id == TEE_IMPL_ID_OPTEE &&
> + ver->gen_caps & TEE_GEN_CAP_REG_MEM)
> return 1;
> else
> return 0;
> --
> 2.34.1
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit
2022-11-10 11:14 ` Sumit Garg
@ 2022-11-16 0:33 ` Jarkko Sakkinen
2022-11-16 0:39 ` Jarkko Sakkinen
0 siblings, 1 reply; 4+ messages in thread
From: Jarkko Sakkinen @ 2022-11-16 0:33 UTC (permalink / raw)
To: Sumit Garg
Cc: keyrings, jejb, zohar, linux-integrity, linux-security-module,
linux-kernel, Jerome Forissier
On Thu, Nov 10, 2022 at 04:44:20PM +0530, Sumit Garg wrote:
> + Jarkko (Apologies I accidently missed you while sending the original patch).
>
> On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote:
> >
> > TEE trusted keys support depends on registered shared memory support
> > since the key buffers are needed to be registered with OP-TEE. So make
> > that dependency explicit to not register trusted keys support if
> > underlying implementation doesn't support registered shared memory.
> >
> > Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> > Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
> > ---
> > security/keys/trusted-keys/trusted_tee.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
> > index c8626686ee1b..ac3e270ade69 100644
> > --- a/security/keys/trusted-keys/trusted_tee.c
> > +++ b/security/keys/trusted-keys/trusted_tee.c
> > @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len)
> >
> > static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data)
> > {
> > - if (ver->impl_id == TEE_IMPL_ID_OPTEE)
> > + if (ver->impl_id == TEE_IMPL_ID_OPTEE &&
> > + ver->gen_caps & TEE_GEN_CAP_REG_MEM)
> > return 1;
> > else
> > return 0;
> > --
> > 2.34.1
> >
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
BR, Jarkko
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit
2022-11-16 0:33 ` Jarkko Sakkinen
@ 2022-11-16 0:39 ` Jarkko Sakkinen
0 siblings, 0 replies; 4+ messages in thread
From: Jarkko Sakkinen @ 2022-11-16 0:39 UTC (permalink / raw)
To: Sumit Garg
Cc: keyrings, jejb, zohar, linux-integrity, linux-security-module,
linux-kernel, Jerome Forissier
On Wed, Nov 16, 2022 at 02:33:24AM +0200, Jarkko Sakkinen wrote:
> On Thu, Nov 10, 2022 at 04:44:20PM +0530, Sumit Garg wrote:
> > + Jarkko (Apologies I accidently missed you while sending the original patch).
> >
> > On Thu, 10 Nov 2022 at 16:42, Sumit Garg <sumit.garg@linaro.org> wrote:
> > >
> > > TEE trusted keys support depends on registered shared memory support
> > > since the key buffers are needed to be registered with OP-TEE. So make
> > > that dependency explicit to not register trusted keys support if
> > > underlying implementation doesn't support registered shared memory.
> > >
> > > Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> > > Tested-by: Jerome Forissier <jerome.forissier@linaro.org>
> > > ---
> > > security/keys/trusted-keys/trusted_tee.c | 3 ++-
> > > 1 file changed, 2 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/security/keys/trusted-keys/trusted_tee.c b/security/keys/trusted-keys/trusted_tee.c
> > > index c8626686ee1b..ac3e270ade69 100644
> > > --- a/security/keys/trusted-keys/trusted_tee.c
> > > +++ b/security/keys/trusted-keys/trusted_tee.c
> > > @@ -219,7 +219,8 @@ static int trusted_tee_get_random(unsigned char *key, size_t key_len)
> > >
> > > static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data)
> > > {
> > > - if (ver->impl_id == TEE_IMPL_ID_OPTEE)
> > > + if (ver->impl_id == TEE_IMPL_ID_OPTEE &&
> > > + ver->gen_caps & TEE_GEN_CAP_REG_MEM)
> > > return 1;
> > > else
> > > return 0;
> > > --
> > > 2.34.1
> > >
>
> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Applied.
BR, Jarkko
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-11-16 0:39 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-10 11:11 [PATCH] KEYS: trusted: tee: Make registered shm dependency explicit Sumit Garg
2022-11-10 11:14 ` Sumit Garg
2022-11-16 0:33 ` Jarkko Sakkinen
2022-11-16 0:39 ` Jarkko Sakkinen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.