From 603eb8cffc6f43671adbb199ae0d3c3b7cac913a Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 06:23:08 +0000 Subject: [PATCH 01/33] update auth/auth_base_impl.c. --- auth/auth_base_impl.c | 211 ++++++------------------------------------ 1 file changed, 30 insertions(+), 181 deletions(-) diff --git a/auth/auth_base_impl.c b/auth/auth_base_impl.c index aded322..1e59eea 100644 --- a/auth/auth_base_impl.c +++ b/auth/auth_base_impl.c @@ -34,10 +34,6 @@ #include #endif -#ifdef CONFIG_SECURITY_SELINUX -#include -#endif - #include #include "tc_ns_log.h" #include "tc_ns_client.h" @@ -49,44 +45,6 @@ struct crypto_shash *g_shash_handle; bool g_shash_handle_state; struct mutex g_shash_handle_lock; -#ifdef CONFIG_SELINUX_ADAPT - -int security_context_to_sid(const char *scontext, u32 scontext_len, - u32 *out_sid, gfp_t gfp); - -int check_proc_selinux_access(struct task_struct *task, const char *context) -{ - u32 sid; - u32 tid; - int rc; - - if (!task || !context) - return -EACCES; - - security_task_getsecid(task, &sid); - rc = security_context_to_sid(context, strlen(context), &tid, GFP_KERNEL); - if (rc) { - tloge("convert context to sid failed\n"); - return rc; - } - - if (sid != tid) { - tloge("invalid access process judged by selinux side\n"); - return -EACCES; - } - - return EOK; -} - -#else - -int check_proc_selinux_access(struct task_struct *task, const char *context) -{ - return 0; -} - -#endif - void init_crypto_hash_lock(void) { mutex_init(&g_shash_handle_lock); @@ -146,130 +104,6 @@ int tee_init_shash_handle(char *hash_type) } /* end: prepare crypto context */ -/* begin: Calculate path hash */ -static long pack_path_cert(bool is_hidl_srvc, char *path_cert, - unsigned long cert_len) -{ - char *dpath = NULL; - char *path = NULL; - const struct cred *cred = NULL; - int message_size; - - path = kmalloc(MAX_PATH_SIZE, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)path)) { - tloge("path kmalloc fail\n"); - return -EFAULT; - } - - dpath = get_proc_dpath(path, MAX_PATH_SIZE); - if (IS_ERR_OR_NULL(dpath)) { - kfree(path); - return -EACCES; - } - - get_task_struct(current); - cred = koadpt_get_task_cred(current); - if (!cred) { - tloge("cred is NULL\n"); - kfree(path); - put_task_struct(current); - return -EACCES; - } - - if (is_hidl_srvc) { - message_size = snprintf_s(path_cert, BUF_MAX_SIZE, - BUF_MAX_SIZE - 1, "%s%u", dpath, cred->uid.val); - } else { - message_size = snprintf_s(path_cert, BUF_MAX_SIZE, - BUF_MAX_SIZE - 1, "%s%s%u", - current->comm, dpath, cred->uid.val); - } - - put_cred(cred); - put_task_struct(current); - kfree(path); - - return (long)message_size; -} - -static int proc_calc_path_hash(const unsigned char *data, unsigned long data_len, - unsigned char *digest, unsigned int dig_len) -{ - int rc; - size_t ctx_size; - size_t desc_size; - struct sdesc { - struct shash_desc shash; - char ctx[]; - }; - struct sdesc *desc = NULL; - bool check_value = false; - - check_value = (!data_len || dig_len != SHA256_DIGEST_LENTH); - if (check_value == true) { - tloge("bad parameter len\n"); - return -EFAULT; - } - - if (tee_init_shash_handle("sha256")) { - tloge("init tee crypto failed\n"); - return -EFAULT; - } - - ctx_size = crypto_shash_descsize(g_shash_handle); - desc_size = sizeof(desc->shash) + ctx_size; - if (desc_size < sizeof(desc->shash) || desc_size < ctx_size) { - tloge("desc_size flow\n"); - return -ENOMEM; - } - - desc = kzalloc(desc_size, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)desc)) { - tloge("alloc desc failed\n"); - return -ENOMEM; - } - - desc->shash.tfm = g_shash_handle; - rc = crypto_shash_digest(&desc->shash, data, data_len, digest); - - kfree(desc); - return rc; -} - -int calc_path_hash(bool is_hidl_srvc, unsigned char *digest, - unsigned int dig_len) -{ - char *path_cert = NULL; - int ret; - long packet_size; - - if (!digest || dig_len != SHA256_DIGEST_LENTH) - return -EFAULT; - - path_cert = kzalloc(BUF_MAX_SIZE, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)path_cert)) { - tloge("ca_cert kmalloc fail\n"); - return -EFAULT; - } - - packet_size = pack_path_cert(is_hidl_srvc, path_cert, BUF_MAX_SIZE); - if (packet_size <= 0) { - kfree(path_cert); - return -EFAULT; - } - - ret = proc_calc_path_hash(path_cert, (unsigned long)packet_size, - digest, dig_len); - if (ret) { - kfree(path_cert); - return -ret; - } - - kfree(path_cert); - return EOK; -} -/* end: Calculate path hash */ - /* begin: Calculate the SHA256 file digest */ static int prepare_desc(struct sdesc **desc) { @@ -293,6 +127,25 @@ static int prepare_desc(struct sdesc **desc) } #define PINED_PAGE_NUMBER 1 +static int get_proc_user_pages(struct mm_struct *mm, unsigned long start_code, + struct page **ptr_page, struct task_struct *cur_struct) +{ +#if (KERNEL_VERSION(5, 10, 0) <= LINUX_VERSION_CODE) + (void)cur_struct; + return get_user_pages_remote(mm, start_code, (unsigned long)PINED_PAGE_NUMBER, + FOLL_FORCE, ptr_page, NULL, NULL); +#elif (KERNEL_VERSION(4, 9, 0) <= LINUX_VERSION_CODE) + return get_user_pages_remote(cur_struct, mm, start_code, (unsigned long)PINED_PAGE_NUMBER, + FOLL_FORCE, ptr_page, NULL, NULL); +#elif (KERNEL_VERSION(4, 4, 197) <= LINUX_VERSION_CODE) + return get_user_pages_locked(cur_struct, mm, start_code, (unsigned long)PINED_PAGE_NUMBER, + FOLL_FORCE, ptr_page, NULL); +#else + return get_user_pages_locked(cur_struct, mm, start_code, (unsigned long)PINED_PAGE_NUMBER, + 0, 1, ptr_page, NULL); +#endif +} + static int update_task_hash(struct mm_struct *mm, struct task_struct *cur_struct, struct shash_desc *shash) { @@ -311,17 +164,7 @@ static int update_task_hash(struct mm_struct *mm, while (start_code < end_code) { /* Get a handle of the page we want to read */ -#if (KERNEL_VERSION(4, 9, 0) <= LINUX_VERSION_CODE) - rc = get_user_pages_remote(cur_struct, mm, start_code, - (unsigned long)PINED_PAGE_NUMBER, FOLL_FORCE, - &ptr_page, NULL, NULL); -#elif (KERNEL_VERSION(4, 4, 197) <= LINUX_VERSION_CODE) - rc = get_user_pages_locked(cur_struct, mm, start_code, - (unsigned long)PINED_PAGE_NUMBER, FOLL_FORCE, &ptr_page, NULL); -#else - rc = get_user_pages_locked(cur_struct, mm, start_code, - (unsigned long)PINED_PAGE_NUMBER, 0, 1, &ptr_page, NULL); -#endif + rc = get_proc_user_pages(mm, start_code, &ptr_page, cur_struct); if (rc != PINED_PAGE_NUMBER) { tloge("get user pages error[0x%x]\n", rc); rc = -EFAULT; @@ -352,7 +195,7 @@ static int update_task_hash(struct mm_struct *mm, } int calc_task_hash(unsigned char *digest, uint32_t dig_len, - struct task_struct *cur_struct) + struct task_struct *cur_struct, uint32_t pub_key_len) { struct mm_struct *mm = NULL; struct sdesc *desc = NULL; @@ -374,6 +217,12 @@ int calc_task_hash(unsigned char *digest, uint32_t dig_len, return EOK; } + if(pub_key_len != sizeof(uint32_t)){ + tloge("apk need not check!\n"); + mmput(mm); + return EOK; + } + if (prepare_desc(&desc) != EOK) { mmput(mm); return -ENOMEM; @@ -386,13 +235,13 @@ int calc_task_hash(unsigned char *digest, uint32_t dig_len, goto free_res; } - down_read(&mm->mmap_sem); + down_read(&mm_sem_lock(mm)); if (update_task_hash(mm, cur_struct, &desc->shash)) { - up_read(&mm->mmap_sem); + up_read(&mm_sem_lock(mm)); rc = -ENOMEM; goto free_res; } - up_read(&mm->mmap_sem); + up_read(&mm_sem_lock(mm)); rc = crypto_shash_final(&desc->shash, digest); free_res: -- Gitee From b93ca5d5f6080034f8f6377d16927c9855763192 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 06:25:41 +0000 Subject: [PATCH 02/33] update auth/auth_base_impl.h. --- auth/auth_base_impl.h | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/auth/auth_base_impl.h b/auth/auth_base_impl.h index a66800a..2806373 100644 --- a/auth/auth_base_impl.h +++ b/auth/auth_base_impl.h @@ -44,7 +44,7 @@ struct sdesc { int calc_path_hash(bool is_hidl_srvc, unsigned char *digest, unsigned int dig_len); int calc_task_hash(unsigned char *digest, uint32_t dig_len, - struct task_struct *cur_struct); + struct task_struct *cur_struct, uint32_t pub_key_len); int tee_init_shash_handle(char *hash_type); void tee_exit_shash_handle(void); @@ -53,8 +53,6 @@ struct crypto_shash *get_shash_handle(void); void init_crypto_hash_lock(void); void mutex_crypto_hash_lock(void); void mutex_crypto_hash_unlock(void); -int check_proc_selinux_access(struct task_struct *ca_task, - const char *context); #else -- Gitee From 8b14011c194bf6dc9678ae5ddd2a2dfeabf5b7e8 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 06:26:42 +0000 Subject: [PATCH 03/33] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20au?= =?UTF-8?q?th/security=5Fauth=5Fenhance.c?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth/security_auth_enhance.c | 1359 ---------------------------------- 1 file changed, 1359 deletions(-) delete mode 100644 auth/security_auth_enhance.c diff --git a/auth/security_auth_enhance.c b/auth/security_auth_enhance.c deleted file mode 100644 index 14cd08f..0000000 --- a/auth/security_auth_enhance.c +++ /dev/null @@ -1,1359 +0,0 @@ -/* - * security_auth_enhance.c - * - * function for token decry, update, verify and so on. - * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ -#include "security_auth_enhance.h" -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "teek_client_constants.h" -#include "tc_ns_log.h" -#include "securectype.h" -#include "tc_client_driver.h" -#include "mailbox_mempool.h" -#include "smc_smp.h" -#include "session_manager.h" - -#if !defined(UINT64_MAX) -#define UINT64_MAX ((uint64_t)0xFFFFFFFFFFFFFFFFULL) -#endif - -#define INVALID_TZMP_UID 0xffffffff -#define ALIGN_BIT 0x3 - -#define SCRAMBLING_KEY_LEN 4 -#define TIMESTAMP_BUFFER_INDEX 32 -#define KERNAL_API_INDEX 40 -#define SYNC_INDEX 41 -#define ENCRYPT 1 -#define DECRYPT 0 - -#define TIMESTAMP_LEN_DEFAULT \ - ((KERNAL_API_INDEX) - (TIMESTAMP_BUFFER_INDEX)) -#define KERNAL_API_LEN \ - ((TOKEN_BUFFER_LEN) - (KERNAL_API_INDEX)) -#define TIMESTAMP_SAVE_INDEX 16 - -static DEFINE_MUTEX(g_tzmp_lock); -static unsigned int g_tzmp_uid = INVALID_TZMP_UID; - -#define AES_LOGIN_MAXLEN ((MAX_PUBKEY_LEN) > (MAX_PACKAGE_NAME_LEN) ? \ - (MAX_PUBKEY_LEN) : (MAX_PACKAGE_NAME_LEN)) - -#define TEE_TZMP \ -{ \ - 0xf8028dca, \ - 0xaba0, \ - 0x11e6, \ - { \ - 0x80, 0xf5, 0x76, 0x30, 0x4d, 0xec, 0x7e, 0xb7 \ - } \ -} - -struct session_crypto_info *g_session_root_key; - -#define align_up(x, align) (((x) + ((align) - 1)) & ~((align) - 1)) - -enum SCRAMBLING_ID { - SCRAMBLING_TOKEN = 0, - SCRAMBLING_OPERATION = 1, - SCRAMBLING_MAX = SCRAMBLING_NUMBER -}; - -#define MAGIC_STRING "Trusted-magic" - -struct get_secure_info_params { - struct tc_ns_dev_file *dev_file; - struct tc_ns_client_context *context; - struct tc_ns_session *session; -}; - -static bool is_token_empty(const uint8_t *token, uint32_t token_len) -{ - uint32_t i; - - if (!token) { - tloge("bad parameters, token is null\n"); - return true; - } - for (i = 0; i < token_len; i++) { - if (*(token + i)) - return false; - } - return true; -} - -static int32_t scrambling_timestamp(const void *in, void *out, - uint32_t data_len, const void *key, uint32_t key_len) -{ - uint32_t i; - bool check_value = false; - - if (!in || !out || !key) { - tloge("bad parameters, input_data is null\n"); - return -EFAULT; - } - check_value = (!data_len || data_len > SECUREC_MEM_MAX_LEN || - key_len > SECUREC_MEM_MAX_LEN || !key_len); - if (check_value) { - tloge("bad parameters, data_len is %u, scrambling_len is %u\n", - data_len, key_len); - return -EFAULT; - } - for (i = 0; i < data_len; i++) - *((uint8_t *)out + i) = - *((uint8_t *)in + i) ^ *((uint8_t *)key + i % key_len); - - return EOK; -} - -static int32_t change_time_stamp(uint8_t flag, uint64_t *time_stamp) -{ - if (flag == INC) { - if (*time_stamp < UINT64_MAX) { - (*time_stamp)++; - } else { - tloge("val overflow\n"); - return -EFAULT; - } - } else if (flag == DEC) { - if (*time_stamp > 0) { - (*time_stamp)--; - } else { - tloge("val down overflow\n"); - return -EFAULT; - } - } else { - tloge("flag error, 0x%x\n", flag); - return -EFAULT; - } - return EOK; -} - -static int32_t descrambling_timestamp(uint8_t *in_token_buf, - const struct session_secure_info *secure_info, uint8_t flag) -{ - uint64_t time_stamp = 0; - int32_t ret; - - if (in_token_buf == NULL || secure_info == NULL) { - tloge("invalid params!\n"); - return -EINVAL; - } - if (scrambling_timestamp(&in_token_buf[TIMESTAMP_BUFFER_INDEX], - &time_stamp, TIMESTAMP_LEN_DEFAULT, - secure_info->scrambling, SCRAMBLING_KEY_LEN)) { - tloge("descrambling_timestamp failed\n"); - return -EFAULT; - } - ret = change_time_stamp(flag, &time_stamp); - if (ret) - return ret; - - tlogd("timestamp is %llu\n", time_stamp); - if (scrambling_timestamp(&time_stamp, - &in_token_buf[TIMESTAMP_BUFFER_INDEX], - TIMESTAMP_LEN_DEFAULT, - secure_info->scrambling, - SCRAMBLING_KEY_LEN)) { - tloge("descrambling_timestamp failed\n"); - return -EFAULT; - } - return EOK; -} - -int32_t update_timestamp(const struct tc_ns_smc_cmd *cmd) -{ - struct tc_ns_session *session = NULL; - struct session_secure_info *secure_info = NULL; - uint8_t *token_buffer = NULL; - - if (!cmd) { - tloge("cmd is NULL, error\n"); - return TEEC_ERROR_BAD_PARAMETERS; - } - - if (cmd->cmd_type == CMD_TYPE_TA) { - token_buffer = phys_to_virt((phys_addr_t)((uint64_t)(cmd->token_h_phys) << - ADDR_TRANS_NUM | (cmd->token_phys))); - if (!token_buffer || - is_token_empty(token_buffer, TOKEN_BUFFER_LEN)) { - tloge("token is NULL or token is empyt, error\n"); - return -EFAULT; - } - - session = tc_find_session_by_uuid(cmd->dev_file_id, cmd); - if (!session) { - tlogd("tc_find_session_key find session FAILURE\n"); - return -EFAULT; - } - secure_info = &session->secure_info; - if (descrambling_timestamp(token_buffer, - secure_info, INC)) { - put_session_struct(session); - tloge("update token_buffer error\n"); - return -EFAULT; - } - put_session_struct(session); - token_buffer[SYNC_INDEX] = UN_SYNCED; - } else { - tlogd("global cmd or agent, do not update timestamp\n"); - } - return EOK; -} - -int32_t sync_timestamp(const struct tc_ns_smc_cmd *cmd, uint8_t *token, - uint32_t token_len, bool is_global) -{ - struct tc_ns_session *session = NULL; - bool check_val = false; - - check_val = (!cmd || !token || token_len <= SYNC_INDEX); - if (check_val) { - tloge("parameters is NULL, error\n"); - return -EFAULT; - } - if (cmd->cmd_id == GLOBAL_CMD_ID_OPEN_SESSION && is_global) { - tlogd("OpenSession would not need sync timestamp\n"); - return EOK; - } - if (token[SYNC_INDEX] == UN_SYNCED) { - tlogd("flag is UN_SYNC, to sync timestamp!\n"); - - session = tc_find_session_by_uuid(cmd->dev_file_id, cmd); - if (!session) { - tloge("sync_timestamp find session FAILURE\n"); - return -EFAULT; - } - if (descrambling_timestamp(token, - &session->secure_info, DEC)) { - put_session_struct(session); - tloge("sync token_buffer error\n"); - return -EFAULT; - } - put_session_struct(session); - } else if (token[SYNC_INDEX] == IS_SYNCED) { - tlogd("token is synced\n"); - } else { - tloge("sync flag error! 0x%x\n", token[SYNC_INDEX]); - return -EFAULT; - } - return EOK; -} - -/* scrambling operation and pid */ -static void scrambling_operation(struct tc_ns_smc_cmd *cmd, uint32_t scrambler) -{ - if (cmd == NULL) - return; - if (cmd->operation_phys || cmd->operation_h_phys) { - cmd->operation_phys = cmd->operation_phys ^ scrambler; - cmd->operation_h_phys = cmd->operation_h_phys ^ scrambler; - } - cmd->pid = cmd->pid ^ scrambler; -} - -/* calculate cmd checksum and scrambling operation */ -int32_t update_chksum(struct tc_ns_smc_cmd *cmd) -{ - struct tc_ns_session *session = NULL; - struct session_secure_info *secure_info = NULL; - uint32_t scrambler_oper; - - if (!cmd) { - tloge("cmd is NULL, error\n"); - return -EFAULT; - } - - /* cmd is invoke command */ - if (cmd->cmd_type == CMD_TYPE_TA) { - session = tc_find_session_by_uuid(cmd->dev_file_id, cmd); - if (session) { - secure_info = &session->secure_info; - scrambler_oper = - secure_info->scrambling[SCRAMBLING_OPERATION]; - scrambling_operation(cmd, scrambler_oper); - put_session_struct(session); - } - } - return EOK; -} - -int32_t verify_chksum(const struct tc_ns_smc_cmd *cmd) -{ - struct tc_ns_session *session = NULL; - struct session_secure_info *secure_info = NULL; - - if (!cmd) { - tloge("cmd is NULL, error\n"); - return -EFAULT; - } - - /* cmd is invoke command */ - if (cmd->cmd_type == CMD_TYPE_TA) { - session = tc_find_session_by_uuid(cmd->dev_file_id, cmd); - if (session) { - secure_info = &session->secure_info; - put_session_struct(session); - } - } - return EOK; -} - -static int check_random_data(const uint8_t *data, uint32_t size) -{ - uint32_t i; - - for (i = 0; i < size; i++) { - if (data[i]) - break; - } - if (i >= size) - return -1; - return 0; -} - -static int generate_random_data(uint8_t *data, uint32_t size) -{ - if (!data || !size) { - tloge("Bad parameters!\n"); - return -EFAULT; - } - if (memset_s((void *)data, size, 0, size)) { - tloge("Clean the data buffer failed\n"); - return -EFAULT; - } - -#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)) - get_random_bytes_arch((void *)data, size); -#else - if (get_random_bytes_arch((void *)data, size)) - tloge("get random byte failed\n"); -#endif - if (check_random_data(data, size)) - tlogd("random arch generate failed\n"); - else - return 0; - - /* using soft random generator */ - get_random_bytes((void *)data, size); - if (check_random_data(data, size)) - return -EFAULT; - - return 0; -} - -static int generate_challenge_word(uint8_t *challenge_word, uint32_t size) -{ - if (!challenge_word) { - tloge("Parameter is null pointer\n"); - return -EINVAL; - } - return generate_random_data(challenge_word, size); -} - -bool is_opensession_by_index(uint8_t flags, uint32_t cmd_id, int index) -{ - /* params[2] for apk cert or native ca uid; - * params[3] for pkg name; therefore we set i>= 2 - */ - bool is_global = flags & TC_CALL_GLOBAL; - bool login_en = (is_global && (index >= 2) && - (cmd_id == GLOBAL_CMD_ID_OPEN_SESSION)); - return login_en; -} - -static bool is_valid_size(uint32_t buffer_size, uint32_t temp_size) -{ - bool over_flow = false; - - if (buffer_size > AES_LOGIN_MAXLEN) { - tloge("CONFIG_AUTH_ENHANCE: buffer_size is not right\n"); - return false; - } - over_flow = (temp_size > round_up(buffer_size, SZ_4K)) ? true : false; - if (over_flow) { - tloge("CONFIG_AUTH_ENHANCE: input data exceeds limit\n"); - return false; - } - return true; -} -static int check_param_for_encryption(uint8_t *buffer, - uint32_t buffer_size, uint8_t **plaintext, - uint32_t *plaintext_buffer_size, const uint8_t *key) -{ - if (!buffer || !buffer_size || !key) { - tloge("bad params before encryption\n"); - return -EINVAL; - } - - *plaintext_buffer_size = buffer_size; - *plaintext = kzalloc(*plaintext_buffer_size, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)(*plaintext))) { - tloge("malloc plaintext failed\n"); - return -ENOMEM; - } - if (memcpy_s(*plaintext, *plaintext_buffer_size, - buffer, buffer_size)) { - tloge("memcpy failed\n"); - kfree(*plaintext); - return -EINVAL; - } - return 0; -} - -static int handle_end(const uint8_t *plaintext, const uint8_t *cryptotext, int ret) -{ - kfree(plaintext); - if (cryptotext) - kfree(cryptotext); - return ret; -} - -static int calc_plaintext_size(uint32_t *plaintext_size, - uint32_t payload_size, uint32_t buffer_size, - uint32_t *plaintext_aligned_size, uint32_t *total_size) -{ - int ret = 0; - - /* Payload + Head + Padding */ - *plaintext_size = payload_size + sizeof(struct encryption_head); - *plaintext_aligned_size = - round_up(*plaintext_size, CIPHER_BLOCK_BYTESIZE); - /* Need 16 bytes to store AES-CBC iv */ - *total_size = *plaintext_aligned_size + IV_BYTESIZE; - if (*total_size > buffer_size) { - tloge("Do encryption buffer is not enough\n"); - ret = -ENOMEM; - } - return ret; -} - -static int set_encryption_head(struct encryption_head *head, - uint32_t len) -{ - if (!head || !len) { - tloge("In parameters check failed\n"); - return -EINVAL; - } - if (strncpy_s(head->magic, sizeof(head->magic), - MAGIC_STRING, strlen(MAGIC_STRING) + 1)) { - tloge("Copy magic string failed\n"); - return -EFAULT; - } - head->payload_len = len; - return 0; -} - -static int crypto_aescbc_cms_padding(uint8_t *plaintext, uint32_t plaintext_len, - uint32_t payload_len) -{ - uint32_t padding_len; - uint8_t padding; - bool check_value = false; - - if (!plaintext) { - tloge("Plaintext is NULL\n"); - return -EINVAL; - } - - check_value = (!plaintext_len) || - (plaintext_len % CIPHER_BLOCK_BYTESIZE) || - (plaintext_len < payload_len); - if (check_value) { - tloge("Plaintext length is invalid\n"); - return -EINVAL; - } - - padding_len = plaintext_len - payload_len; - if (padding_len >= CIPHER_BLOCK_BYTESIZE) { - tloge("Padding length is error\n"); - return -EINVAL; - } - - /* No need padding */ - if (!padding_len) - return 0; - - padding = (uint8_t)padding_len; - if (memset_s((void *)(plaintext + payload_len), - padding_len, padding, padding_len)) { - tloge("CMS-Padding is failed\n"); - return -EFAULT; - } - return 0; -} - -/* size of [iv] is 16 and [key] must be 32 bytes. - * [size] is the size of [output] and [input]. - * [size] must be multiple of 32. - */ -static int crypto_aescbc_key256(uint8_t *output, const uint8_t *input, - const uint8_t *iv, const uint8_t *key, int32_t size, uint32_t encrypto_type) -{ - struct scatterlist src = {0}; - struct scatterlist dst = {0}; - struct crypto_skcipher *skcipher = NULL; - struct skcipher_request *req = NULL; - int ret; - uint8_t temp_iv[IV_BYTESIZE] = {0}; - - skcipher = crypto_alloc_skcipher("cbc(aes)", 0, 0); - if (IS_ERR_OR_NULL(skcipher)) { - tloge("crypto_alloc_skcipher() failed\n"); - return -EFAULT; - } - req = skcipher_request_alloc(skcipher, GFP_KERNEL); - if (!req) { - tloge("skcipher_request_alloc() failed\n"); - crypto_free_skcipher(skcipher); - return -ENOMEM; - } - ret = crypto_skcipher_setkey(skcipher, key, CIPHER_KEY_BYTESIZE); - if (ret) { - tloge("crypto_skcipher_setkey failed, %d\n", ret); - skcipher_request_free(req); - crypto_free_skcipher(skcipher); - return -EFAULT; - } - if (memcpy_s(temp_iv, IV_BYTESIZE, iv, IV_BYTESIZE) != EOK) { - tloge("memcpy_s failed\n"); - skcipher_request_free(req); - crypto_free_skcipher(skcipher); - return -EFAULT; - } - sg_init_table(&dst, 1); /* init table to 1 */ - sg_init_table(&src, 1); /* init table to 1 */ - sg_set_buf(&dst, output, size); - sg_set_buf(&src, input, size); - skcipher_request_set_crypt(req, &src, &dst, size, temp_iv); - if (encrypto_type) - ret = crypto_skcipher_encrypt(req); - else - ret = crypto_skcipher_decrypt(req); - skcipher_request_free(req); - crypto_free_skcipher(skcipher); - return ret; -} - -static int check_params_for_crypto_session(const uint8_t *in, const uint8_t *out, - const uint8_t *key, uint32_t in_len, uint32_t out_len) -{ - if (!in || !out || !key) { - tloge("AES-CBC crypto parameters have null pointer\n"); - return -EINVAL; - } - if (in_len < IV_BYTESIZE || out_len < IV_BYTESIZE) { - tloge("AES-CBC crypto data length is invalid\n"); - return -EINVAL; - } - return 0; -} - -static int crypto_session_aescbc_key256(uint8_t *in, uint32_t in_len, uint8_t *out, - uint32_t out_len, const uint8_t *key, uint8_t *iv, uint32_t mode) -{ - int ret; - uint32_t src_len; - uint32_t dest_len; - uint8_t *aescbc_iv = NULL; - - ret = check_params_for_crypto_session(in, out, key, in_len, out_len); - if (ret) - return ret; - - /* - * For iv variable is null, iv is the first 16 bytes - * in cryptotext buffer. - */ - switch (mode) { - case ENCRYPT: - src_len = in_len; - dest_len = out_len - IV_BYTESIZE; - aescbc_iv = out + dest_len; - break; - case DECRYPT: - src_len = in_len - IV_BYTESIZE; - dest_len = out_len; - aescbc_iv = in + src_len; - break; - default: - tloge("AES-CBC crypto use error mode = %u\n", mode); - return -EINVAL; - } - - /* IV is configured by user */ - if (iv != NULL) { - src_len = in_len; - dest_len = out_len; - aescbc_iv = iv; - } - - if (src_len != dest_len || !src_len || - src_len % CIPHER_BLOCK_BYTESIZE) { - tloge("AES-CBC, plaintext-len must be equal to cryptotext's, src_len=%u, dest_len=%u\n", - src_len, dest_len); - return -EINVAL; - } - /* IV is configured here */ - if (!iv && mode == ENCRYPT) { - ret = generate_random_data(aescbc_iv, IV_BYTESIZE); - if (ret) { - tloge("Generate AES-CBC iv failed, ret = %d\n", ret); - return ret; - } - } - return crypto_aescbc_key256(out, in, aescbc_iv, key, src_len, mode); -} - -static int generate_encrypted_session_secure_params( - const struct session_secure_info *secure_info, - uint8_t *enc_secure_params, size_t enc_params_size) -{ - int ret; - struct session_secure_params *ree_secure_params = NULL; - uint32_t secure_aligned_size = - align_up(sizeof(*ree_secure_params), CIPHER_BLOCK_BYTESIZE); - uint32_t params_size = secure_aligned_size + IV_BYTESIZE; - - if (!secure_info || !enc_secure_params || - enc_params_size < params_size) { - tloge("invalid enc params\n"); - return -EINVAL; - } - ree_secure_params = kzalloc(secure_aligned_size, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)ree_secure_params)) { - tloge("Malloc REE session secure parameters buffer failed\n"); - return -ENOMEM; - } - /* Transfer chanllenge word to secure world */ - ree_secure_params->payload.ree2tee.challenge_word = secure_info->challenge_word; - /* Setting encryption head */ - ret = set_encryption_head(&ree_secure_params->head, - sizeof(ree_secure_params->payload)); - if (ret) { - tloge("Set encryption head failed, ret = %d\n", ret); - ree_secure_params->payload.ree2tee.challenge_word = 0; - kfree(ree_secure_params); - return -EINVAL; - } - /* Setting padding data */ - ret = crypto_aescbc_cms_padding((uint8_t *)ree_secure_params, - secure_aligned_size, - sizeof(struct session_secure_params)); - if (ret) { - tloge("Set encryption padding data failed, ret = %d\n", ret); - ree_secure_params->payload.ree2tee.challenge_word = 0; - kfree(ree_secure_params); - return -EINVAL; - } - /* Encrypt buffer with current session key */ - ret = crypto_session_aescbc_key256((uint8_t *)ree_secure_params, - secure_aligned_size, - enc_secure_params, params_size, secure_info->crypto_info.key, - NULL, ENCRYPT); - if (ret) { - tloge("Encrypted session secure parameters failed, ret = %d\n", - ret); - ree_secure_params->payload.ree2tee.challenge_word = 0; - kfree(ree_secure_params); - return -EINVAL; - } - ree_secure_params->payload.ree2tee.challenge_word = 0; - kfree(ree_secure_params); - return 0; -} - -struct get_plaintext_size { - uint32_t pt_size; - uint32_t pta_size; - uint32_t total_size; -}; - -int do_encryption(uint8_t *buffer, uint32_t buffer_size, - uint32_t payload_size, const uint8_t *key) -{ - struct get_plaintext_size local_text_size; - uint8_t *cryptotext = NULL; - uint8_t *plaintext = NULL; - uint32_t ptb_size; - struct encryption_head head; - int ret; - - if (check_param_for_encryption(buffer, buffer_size, - &plaintext, &ptb_size, key)) - return -EINVAL; - - ret = calc_plaintext_size(&local_text_size.pt_size, payload_size, buffer_size, - &local_text_size.pta_size, &local_text_size.total_size); - if (ret) - goto end; - cryptotext = kzalloc(local_text_size.total_size, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)cryptotext)) { - tloge("Malloc failed when doing encryption\n"); - ret = -ENOMEM; - goto end; - } - /* Setting encryption head */ - ret = set_encryption_head(&head, payload_size); - if (ret) { - tloge("Set encryption head failed, ret = %d\n", ret); - goto end; - } - ret = memcpy_s((void *)(plaintext + payload_size), - ptb_size - payload_size, &head, sizeof(head)); - if (ret) { - tloge("Copy encryption head failed, ret = %d\n", ret); - goto end; - } - /* Setting padding data */ - ret = crypto_aescbc_cms_padding(plaintext, local_text_size.pta_size, local_text_size.pt_size); - if (ret) { - tloge("Set encryption padding data failed, ret = %d\n", ret); - goto end; - } - ret = crypto_session_aescbc_key256(plaintext, local_text_size.pta_size, - cryptotext, local_text_size.total_size, key, NULL, ENCRYPT); - if (ret) { - tloge("Encrypt failed, ret = %d\n", ret); - goto end; - } - ret = memcpy_s((void *)buffer, buffer_size, (void *)cryptotext, - local_text_size.total_size); -end: - return handle_end(plaintext, cryptotext, ret); -} - -int encrypt_login_info(uint32_t login_info_size, - uint8_t *buffer, const uint8_t *key) -{ - uint32_t payload_size; - uint32_t plaintext_size; - uint32_t plaintext_aligned_size; - uint32_t total_size; - - if (!buffer || !key) { - tloge("Login information buffer is null\n"); - return -EINVAL; - } - /* Need adding the termination null byte ('\0') to the end. */ - payload_size = login_info_size + sizeof(char); - - /* Payload + Head + Padding */ - plaintext_size = payload_size + sizeof(struct encryption_head); - plaintext_aligned_size = round_up(plaintext_size, CIPHER_BLOCK_BYTESIZE); - /* Need 16 bytes to store AES-CBC iv */ - total_size = plaintext_aligned_size + IV_BYTESIZE; - if (!is_valid_size(login_info_size, total_size)) { - tloge("Login information encryption size is invalid\n"); - return -EFAULT; - } - return do_encryption(buffer, total_size, payload_size, key); -} - -static int32_t save_token_info(void *dst_teec, uint32_t dst_size, - uint8_t *src_buf, uint32_t src_size, uint8_t kernel_api) -{ - uint8_t temp_teec_token[TOKEN_SAVE_LEN] = {0}; - bool check_value = (!dst_teec || !src_buf || - dst_size != TOKEN_SAVE_LEN || !src_size); - - if (check_value) { - tloge("dst data or src data is invalid\n"); - return -EINVAL; - } - /* copy libteec_token && timestamp to libteec */ - if (memmove_s(temp_teec_token, sizeof(temp_teec_token), - src_buf, TIMESTAMP_SAVE_INDEX)) { - tloge("copy teec token failed\n"); - return -EFAULT; - } - if (memmove_s(&temp_teec_token[TIMESTAMP_SAVE_INDEX], - TIMESTAMP_LEN_DEFAULT, &src_buf[TIMESTAMP_BUFFER_INDEX], - TIMESTAMP_LEN_DEFAULT)) { - tloge("copy teec timestamp failed\n"); - return -EFAULT; - } - /* copy libteec_token to libteec */ - if (write_to_client(dst_teec, dst_size, - temp_teec_token, TOKEN_SAVE_LEN, - kernel_api)) { - tloge("copy teec token & timestamp failed\n"); - return -EFAULT; - } - /* clear libteec(16byte) */ - if (memset_s(src_buf, TIMESTAMP_SAVE_INDEX, 0, - TIMESTAMP_SAVE_INDEX)) { - tloge("clear libteec failed\n"); - return -EFAULT; - } - return 0; -} - -static int combine_temp_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params, struct tc_ns_token *tc_token) -{ - uint8_t temp_libteec_token[TOKEN_SAVE_LEN] = {0}; - - if (read_from_client(temp_libteec_token, TOKEN_SAVE_LEN, - call_params->context->token.teec_token, TOKEN_SAVE_LEN, - call_params->dev->kernel_api)) { - tloge("copy libteec token failed\n"); - return -EFAULT; - } - - if (memcmp(&temp_libteec_token[TIMESTAMP_SAVE_INDEX], - &tc_token->token_buffer[TIMESTAMP_BUFFER_INDEX], - TIMESTAMP_LEN_DEFAULT)) { - tloge("timestamp compare failed\n"); - return -EFAULT; - } - - /* combine token_buffer teec_token, 0-15byte */ - if (memmove_s(tc_token->token_buffer, TIMESTAMP_SAVE_INDEX, - temp_libteec_token, TIMESTAMP_SAVE_INDEX)) { - tloge("copy buffer failed\n"); - if (memset_s(tc_token->token_buffer, tc_token->token_len, - 0, TOKEN_BUFFER_LEN)) - tloge("memset buffer failed\n"); - return -EFAULT; - } - - /* kernal_api, 40byte */ - if (memmove_s((tc_token->token_buffer + KERNAL_API_INDEX), - KERNAL_API_LEN, &call_params->dev->kernel_api, - KERNAL_API_LEN)) { - tloge("copy KERNAL_API_LEN failed\n"); - if (memset_s(tc_token->token_buffer, - tc_token->token_len, 0, TOKEN_BUFFER_LEN)) - tloge("fill info memset failed\n"); - return -EFAULT; - } - - return 0; -} - -static int fill_token_info(const struct tc_call_params *call_params, - struct tc_op_params *op_params, bool is_global) -{ - struct tc_ns_token *tc_token = (call_params->sess) ? - &(call_params->sess->teec_token) : NULL; - - if (!call_params->context->token.teec_token || !tc_token || - !tc_token->token_buffer) { - tloge("token or token_buffer is NULL\n"); - return -EINVAL; - } - - if (call_params->context->cmd_id == GLOBAL_CMD_ID_CLOSE_SESSION || - !is_global) { - if (combine_temp_token(call_params, op_params, tc_token)) - return -EFAULT; - } else { /* open_session, set token_buffer 0 */ - if (memset_s(tc_token->token_buffer, tc_token->token_len, - 0, TOKEN_BUFFER_LEN)) { - tloge("memset token_buffer fail\n"); - return -EFAULT; - } - } - - if (memcpy_s(op_params->mb_pack->token, TOKEN_BUFFER_LEN, tc_token->token_buffer, - tc_token->token_len)) { - tloge("copy token failed\n"); - return -EFAULT; - } - - op_params->smc_cmd->pid = current->tgid; - op_params->smc_cmd->token_phys = - virt_to_phys(op_params->mb_pack->token); - op_params->smc_cmd->token_h_phys = - (uint64_t)virt_to_phys(op_params->mb_pack->token) >> ADDR_TRANS_NUM; - - return 0; -} - -static bool is_token_work(bool is_global, const struct tc_ns_smc_cmd *smc_cmd) -{ - /* invoke cmd(global is false) or open session */ - return (!is_global || smc_cmd->cmd_id == GLOBAL_CMD_ID_OPEN_SESSION); -} - -static bool is_load_info_params_valid(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - if (!call_params->dev || !call_params->context || - !op_params->mb_pack) { - tloge("parameter is invalid\n"); - return false; - } - - return true; -} - -int load_security_enhance_info(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - int ret; - struct tc_ns_session *session = NULL; - struct tc_ns_smc_cmd *smc_cmd = NULL; - struct mb_cmd_pack *mb_pack = NULL; - bool is_global = false; - - if (!call_params || !op_params || !op_params->smc_cmd) - return -EINVAL; - - is_global = call_params->flags & TC_CALL_GLOBAL; - if (!is_token_work(is_global, op_params->smc_cmd)) - return 0; - - if (!is_load_info_params_valid(call_params, op_params)) - return -EFAULT; - - session = call_params->sess; - smc_cmd = op_params->smc_cmd; - mb_pack = op_params->mb_pack; - - ret = fill_token_info(call_params, op_params, is_global); - if (ret) { - tloge("fill info failed. global=%d, cmd id=%u, session id=%u\n", - is_global, smc_cmd->cmd_id, smc_cmd->context_id); - return -EFAULT; - } - - if (!(is_global && smc_cmd->cmd_id == GLOBAL_CMD_ID_OPEN_SESSION)) - return 0; - - if (!session) { - tloge("invalid session when load secure info\n"); - return -EFAULT; - } - if (generate_encrypted_session_secure_params( - &session->secure_info, mb_pack->secure_params, - sizeof(mb_pack->secure_params))) { - tloge("Can't get encrypted session parameters buffer"); - return -EFAULT; - } - smc_cmd->params_phys = - virt_to_phys((void *)mb_pack->secure_params); - smc_cmd->params_h_phys = - (uint64_t)virt_to_phys((void *)mb_pack->secure_params) >> ADDR_TRANS_NUM; - - return 0; -} - -static bool is_token_params_valid(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - if (!op_params || !call_params->dev || - !call_params->context || !call_params->context->token.teec_token || - !op_params->mb_pack || !op_params->smc_cmd) { - tloge("parameter is invalid\n"); - return false; - } - - return true; -} - -int append_teec_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - uint8_t temp_libteec_token[TOKEN_SAVE_LEN] = {0}; - struct tc_ns_token *tc_token = NULL; - - if (!call_params) - return -EINVAL; - - /* only send cmd, we append token */ - if (call_params->flags & TC_CALL_GLOBAL) - return 0; - - if (!is_token_params_valid(call_params, op_params)) - return -EINVAL; - - tc_token = (call_params->sess) ? - &(call_params->sess->teec_token) : NULL; - if (!tc_token || !tc_token->token_buffer) { - tloge("token or token_buffer is null\n"); - return -EINVAL; - } - - if (read_from_client(temp_libteec_token, TOKEN_SAVE_LEN, - call_params->context->token.teec_token, TOKEN_SAVE_LEN, - call_params->dev->kernel_api)) { - tloge("copy libteec token failed\n"); - return -EFAULT; - } - - /* combine token_buffer ,teec_token, 0-15byte */ - if (memmove_s(tc_token->token_buffer, tc_token->token_len, - temp_libteec_token, TIMESTAMP_SAVE_INDEX)) { - tloge("copy temp_libteec_token failed\n"); - if (memset_s(tc_token->token_buffer, tc_token->token_len, - 0, TOKEN_BUFFER_LEN)) - tloge("memset failed\n"); - return -EFAULT; - } - - if (memcpy_s(op_params->mb_pack->token, TOKEN_BUFFER_LEN, - tc_token->token_buffer, tc_token->token_len)) { - tloge("copy token failed\n"); - return -EFAULT; - } - return 0; -} - -int post_process_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - int ret; - struct tc_ns_token *tc_token = NULL; - bool is_global = false; - - if (!call_params) { - tloge("invalid param\n"); - return -EINVAL; - } - - is_global = call_params->flags & TC_CALL_GLOBAL; - if (!is_token_work(is_global, op_params->smc_cmd)) - return 0; - - if (!is_token_params_valid(call_params, op_params)) - return -EINVAL; - - tc_token = (call_params->sess) ? - &(call_params->sess->teec_token) : NULL; - if (!tc_token || !tc_token->token_buffer) { - tloge("token_buffer is null\n"); - return -EINVAL; - } - - if (memcpy_s(tc_token->token_buffer, tc_token->token_len, - op_params->mb_pack->token, TOKEN_BUFFER_LEN)) { - tloge("copy token failed\n"); - return -EFAULT; - } - - if (memset_s(op_params->mb_pack->token, TOKEN_BUFFER_LEN, - 0, TOKEN_BUFFER_LEN)) { - tloge("memset mb_pack token error\n"); - return -EFAULT; - } - - if (sync_timestamp(op_params->smc_cmd, tc_token->token_buffer, - tc_token->token_len, is_global)) { - tloge("sync time stamp error\n"); - return -EFAULT; - } - - ret = save_token_info(call_params->context->token.teec_token, - call_params->context->token_len, tc_token->token_buffer, - tc_token->token_len, call_params->dev->kernel_api); - if (ret) { - tloge("save token info failed\n"); - return -EFAULT; - } - return 0; -} - -int tzmp2_uid(const struct tc_ns_client_context *client_context, - struct tc_ns_smc_cmd *smc_cmd, bool is_global) -{ - struct tc_uuid uuid_tzmp = TEE_TZMP; - bool check_value = false; - - if (!client_context || !smc_cmd) { - tloge("client_context or smc_cmd is null\n"); - return -EINVAL; - } - if (memcmp(client_context->uuid, (unsigned char *)&uuid_tzmp, - sizeof(client_context->uuid))) - return 0; - - check_value = smc_cmd->cmd_id == GLOBAL_CMD_ID_OPEN_SESSION && is_global; - if (check_value) { - /* save tzmp_uid */ - mutex_lock(&g_tzmp_lock); - g_tzmp_uid = 0; /* for multisesion, we use same uid */ - smc_cmd->uid = 0; - tlogv("openSession, tzmp_uid.uid is %u\n", g_tzmp_uid); - mutex_unlock(&g_tzmp_lock); - return EOK; - } - mutex_lock(&g_tzmp_lock); - if (g_tzmp_uid == INVALID_TZMP_UID) { - tloge("tzmp_uid.uid error\n"); - mutex_unlock(&g_tzmp_lock); - return -EFAULT; - } - smc_cmd->uid = g_tzmp_uid; - tlogv("invokeCommand or closeSession , tzmp_uid is %u, global is %d\n", - g_tzmp_uid, is_global); - mutex_unlock(&g_tzmp_lock); - - return 0; -} - -void clean_session_secure_information(struct tc_ns_session *session) -{ - if (session) { - if (memset_s((void *)&session->secure_info, - sizeof(session->secure_info), 0, sizeof(session->secure_info))) - tloge("Clean this session secure information failed\n"); - } -} - -static int alloc_secure_params(uint32_t secure_aligned_size, - uint32_t params_size, struct session_secure_params **ree_secure_params, - struct session_secure_params **tee_secure_params) -{ - if (!secure_aligned_size) { - tloge("secure_aligned_size is invalid\n"); - return -ENOMEM; - } - *ree_secure_params = mailbox_alloc(params_size, 0); - if (!*ree_secure_params) { - tloge("Malloc REE session secure parameters buffer failed\n"); - return -ENOMEM; - } - *tee_secure_params = kzalloc(secure_aligned_size, GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)(*tee_secure_params))) { - tloge("Malloc TEE session secure parameters buffer failed\n"); - mailbox_free(*ree_secure_params); - return -ENOMEM; - } - return 0; -} - -static int init_for_alloc_secure_params( - struct get_secure_info_params *params_in, - uint32_t *secure_aligned_size, uint32_t *params_size) -{ - int ret; - - ret = generate_challenge_word( - (uint8_t *)¶ms_in->session->secure_info.challenge_word, - sizeof(params_in->session->secure_info.challenge_word)); - if (ret) { - tloge("Generate challenge word failed, ret = %d\n", ret); - return ret; - } - *secure_aligned_size = - align_up(sizeof(struct session_secure_params), CIPHER_BLOCK_BYTESIZE); - *params_size = *secure_aligned_size + IV_BYTESIZE; - return 0; -} - -static int send_smc_cmd_for_secure_params( - const struct get_secure_info_params *params_in, - struct session_secure_params *ree_secure_params) -{ - struct tc_ns_smc_cmd smc_cmd = { {0}, 0 }; - kuid_t kuid; - uint32_t uid; - - kuid = current_uid(); - uid = kuid.val; - /* Transfer chanllenge word to secure world */ - ree_secure_params->payload.ree2tee.challenge_word = - params_in->session->secure_info.challenge_word; - smc_cmd.cmd_type = CMD_TYPE_GLOBAL; - if (memcpy_s(smc_cmd.uuid, sizeof(smc_cmd.uuid), - params_in->context->uuid, UUID_LEN)) { - tloge("memcpy_s uuid error\n"); - return -EFAULT; - } - smc_cmd.cmd_id = GLOBAL_CMD_ID_GET_SESSION_SECURE_PARAMS; - smc_cmd.dev_file_id = params_in->dev_file->dev_file_id; - smc_cmd.context_id = params_in->context->session_id; - smc_cmd.operation_phys = 0; - smc_cmd.operation_h_phys = 0; - smc_cmd.login_data_phy = 0; - smc_cmd.login_data_h_addr = 0; - smc_cmd.login_data_len = 0; - smc_cmd.err_origin = TEEC_ORIGIN_COMMS; - smc_cmd.uid = uid; - smc_cmd.started = params_in->context->started; - smc_cmd.params_phys = virt_to_phys((void *)ree_secure_params); - smc_cmd.params_h_phys = (uint64_t)virt_to_phys((void *)ree_secure_params) >> ADDR_TRANS_NUM; - - if (tc_ns_smc(&smc_cmd)) { - ree_secure_params->payload.ree2tee.challenge_word = 0; - tloge("tc ns smc returns error, ret = %d\n", smc_cmd.ret_val); - if (smc_cmd.err_origin != TEEC_ORIGIN_COMMS) { - params_in->context->returns.origin = smc_cmd.err_origin; - return EPERM; - } - return -EPERM; - } - return 0; -} - -static bool is_valid_encryption_head(const struct encryption_head *head, - const uint8_t *data, uint32_t len) -{ - if (!head || !data || !len) { - tloge("In parameters check failed\n"); - return false; - } - if (strncmp(head->magic, MAGIC_STRING, sizeof(MAGIC_STRING))) { - tloge("Magic string is invalid\n"); - return false; - } - if (head->payload_len != len) { - tloge("Payload length is invalid\n"); - return false; - } - return true; -} - -static int update_secure_params_from_tee( - struct get_secure_info_params *params_in, - struct session_secure_params *ree_secure_params, - struct session_secure_params *tee_secure_params, - uint32_t secure_aligned_size, - uint32_t params_size) -{ - int ret; - uint8_t *enc_secure_params = NULL; - /* Get encrypted session secure parameters from secure world */ - enc_secure_params = (uint8_t *)ree_secure_params; - ret = crypto_session_aescbc_key256(enc_secure_params, params_size, - (uint8_t *)tee_secure_params, secure_aligned_size, - g_session_root_key->key, NULL, DECRYPT); - if (ret) { - tloge("Decrypted session secure parameters failed, ret = %d\n", ret); - return ret; - } - /* Analyze encryption head */ - if (!is_valid_encryption_head(&tee_secure_params->head, - (uint8_t *)&tee_secure_params->payload, - sizeof(tee_secure_params->payload))) - return -EFAULT; - - /* Store session secure parameters */ - ret = memcpy_s((void *)params_in->session->secure_info.scrambling, - sizeof(params_in->session->secure_info.scrambling), - (void *)tee_secure_params->payload.tee2ree.scrambling, - sizeof(tee_secure_params->payload.tee2ree.scrambling)); - if (ret) { - tloge("Memcpy scrambling data failed, ret = %d\n", ret); - return ret; - } - ret = memcpy_s((void *)¶ms_in->session->secure_info.crypto_info, - sizeof(params_in->session->secure_info.crypto_info), - (void *)&tee_secure_params->payload.tee2ree.crypto_info, - sizeof(tee_secure_params->payload.tee2ree.crypto_info)); - if (ret) { - tloge("Memcpy session crypto information failed, ret = %d\n", ret); - return ret; - } - return 0; -} - -int get_session_secure_params(struct tc_ns_dev_file *dev_file, - struct tc_ns_client_context *context, struct tc_ns_session *session) -{ - int ret; - uint32_t params_size; - uint32_t secure_aligned_size; - struct session_secure_params *ree_secure_params = NULL; - struct session_secure_params *tee_secure_params = NULL; - bool check_value = false; - struct get_secure_info_params params_in = { dev_file, context, session }; - - check_value = (!dev_file || !context || !session); - if (check_value) { - tloge("Parameter is null pointer\n"); - return -EINVAL; - } - ret = init_for_alloc_secure_params(¶ms_in, - &secure_aligned_size, ¶ms_size); - if (ret) - return ret; - ret = alloc_secure_params(secure_aligned_size, - params_size, &ree_secure_params, &tee_secure_params); - if (ret) - return ret; - ret = send_smc_cmd_for_secure_params(¶ms_in, ree_secure_params); - if (ret) - goto free; - - ret = update_secure_params_from_tee(¶ms_in, ree_secure_params, - tee_secure_params, secure_aligned_size, params_size); - if (memset_s((void *)tee_secure_params, secure_aligned_size, - 0, secure_aligned_size)) - tloge("Clean the secure parameters buffer failed\n"); -free: - mailbox_free(ree_secure_params); - ree_secure_params = NULL; - kfree(tee_secure_params); - tee_secure_params = NULL; - if (ret) - clean_session_secure_information(session); - return ret; -} - -void free_root_key(void) -{ - if (IS_ERR_OR_NULL(g_session_root_key)) - return; - - if (memset_s((void *)g_session_root_key, sizeof(*g_session_root_key), - 0, sizeof(*g_session_root_key))) - tloge("memset mem failed\n"); - kfree(g_session_root_key); - g_session_root_key = NULL; -} - -int get_session_root_key(uint32_t *buffer, uint32_t size) -{ - int ret; - - if (!buffer || ((uintptr_t)buffer & ALIGN_BIT)) { - tloge("Session root key must be 4bytes aligned\n"); - return -EFAULT; - } - if (size != ROOT_KEY_BUF_LEN) { - tloge("root key buf size invalid\n"); - return -EFAULT; - } - - g_session_root_key = kzalloc(sizeof(*g_session_root_key), - GFP_KERNEL); - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)g_session_root_key)) { - tloge("No memory to store session root key\n"); - return -ENOMEM; - } - - if (memcpy_s(g_session_root_key, sizeof(*g_session_root_key), - (void *)(buffer + 1), sizeof(*g_session_root_key))) { - tloge("Copy session root key from TEE failed\n"); - ret = -EFAULT; - goto free_mem; - } - return 0; -free_mem: - free_root_key(); - return ret; -} -- Gitee From f6aa57e19bb26fc9fbeb0d51032d045970acfc4b Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 08:14:56 +0000 Subject: [PATCH 04/33] update client_auth --- auth/client_hash_auth.c | 0 auth/client_hash_auth.h | 0 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 auth/client_hash_auth.c create mode 100644 auth/client_hash_auth.h diff --git a/auth/client_hash_auth.c b/auth/client_hash_auth.c new file mode 100644 index 0000000..e69de29 diff --git a/auth/client_hash_auth.h b/auth/client_hash_auth.h new file mode 100644 index 0000000..e69de29 -- Gitee From ff22395698b8bef1aed56147517ee6ce4b11ae91 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 08:19:40 +0000 Subject: [PATCH 05/33] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20au?= =?UTF-8?q?th/security=5Fauth=5Fenhance.h?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth/security_auth_enhance.h | 146 ----------------------------------- 1 file changed, 146 deletions(-) delete mode 100644 auth/security_auth_enhance.h diff --git a/auth/security_auth_enhance.h b/auth/security_auth_enhance.h deleted file mode 100644 index 3c6e636..0000000 --- a/auth/security_auth_enhance.h +++ /dev/null @@ -1,146 +0,0 @@ -/* - * security_auth_enhance.h - * - * function declaration for token decry, update, verify and so on. - * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ -#ifndef SECURITY_AUTH_ENHANCE_H -#define SECURITY_AUTH_ENHANCE_H - -#include -#include "teek_ns_client.h" -#include "smc_smp.h" -#include "gp_ops.h" - -#define INC 0x01 -#define DEC 0x00 -#define UN_SYNCED 0x55 -#define IS_SYNCED 0xaa - -#define ROOT_KEY_BUF_LEN 100 - -#ifdef CONFIG_AUTH_ENHANCE - -int32_t update_timestamp(const struct tc_ns_smc_cmd *cmd); -int32_t update_chksum(struct tc_ns_smc_cmd *cmd); -int32_t verify_chksum(const struct tc_ns_smc_cmd *cmd); -int32_t sync_timestamp(const struct tc_ns_smc_cmd *cmd, uint8_t *token, - uint32_t token_len, bool is_global); -int do_encryption(uint8_t *buffer, uint32_t buffer_size, - uint32_t payload_size, const uint8_t *key); -bool is_opensession_by_index(uint8_t flags, uint32_t cmd_id, int index); -int load_security_enhance_info(const struct tc_call_params *call_params, - struct tc_op_params *op_params); -int encrypt_login_info(uint32_t login_info_size, uint8_t *buffer, - const uint8_t *key); -int post_process_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params); -int append_teec_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params); -int tzmp2_uid(const struct tc_ns_client_context *client_context, - struct tc_ns_smc_cmd *smc_cmd, bool is_global); -void clean_session_secure_information(struct tc_ns_session *session); -int get_session_secure_params(struct tc_ns_dev_file *dev_file, - struct tc_ns_client_context *context, struct tc_ns_session *session); -void free_root_key(void); -int get_session_root_key(uint32_t *buffer, uint32_t size); - -#else - -static inline int32_t update_timestamp(const struct tc_ns_smc_cmd *cmd) -{ - return 0; -} - -static inline int32_t update_chksum(struct tc_ns_smc_cmd *cmd) -{ - return 0; -} - -static inline int32_t verify_chksum(const struct tc_ns_smc_cmd *cmd) -{ - return 0; -} - -static inline int32_t sync_timestamp(const struct tc_ns_smc_cmd *cmd, uint8_t *token, - uint32_t token_len, bool is_global) -{ - return 0; -} - -static inline int do_encryption(uint8_t *buffer, uint32_t buffer_size, - uint32_t payload_size, const uint8_t *key) -{ - return 0; -} - -static inline bool is_opensession_by_index(uint8_t flags, uint32_t cmd_id, int index) -{ - return false; -} - -static inline int load_security_enhance_info(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - return 0; -} - -static inline int encrypt_login_info(uint32_t login_info_size, uint8_t *buffer, - const uint8_t *key) -{ - return 0; -} - -static inline int post_process_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - return 0; -} - -static inline int append_teec_token(const struct tc_call_params *call_params, - struct tc_op_params *op_params) -{ - return 0; -} - -static inline int tzmp2_uid(const struct tc_ns_client_context *client_context, - struct tc_ns_smc_cmd *smc_cmd, bool is_global) -{ - return 0; -} - -static inline void clean_session_secure_information(struct tc_ns_session *session) -{ - return; -} - -static inline int get_session_secure_params(struct tc_ns_dev_file *dev_file, - struct tc_ns_client_context *context, struct tc_ns_session *session) -{ - return 0; -} - -static inline void free_root_key(void) -{ - return; -} - -static inline int get_session_root_key(uint32_t *buffer, uint32_t size) -{ - return 0; -} - -#endif - -#endif -- Gitee From 0cf276696027a160b0fc83d9025e58f275144dc4 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 08:22:32 +0000 Subject: [PATCH 06/33] add client_auth --- auth/client_hash_auth.c | 245 ++++++++++++++++++++++++++++++++++++++++ auth/client_hash_auth.h | 40 +++++++ 2 files changed, 285 insertions(+) diff --git a/auth/client_hash_auth.c b/auth/client_hash_auth.c index e69de29..219cd39 100644 --- a/auth/client_hash_auth.c +++ b/auth/client_hash_auth.c @@ -0,0 +1,245 @@ +/* + * client_hash_auth.c + * + * function for CA code hash auth + * + * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include "client_hash_auth.h" +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "tc_ns_log.h" +#include "auth_base_impl.h" + +#define LIBTEEC_CODE_PAGE_SIZE 8 +#define DEFAULT_TEXT_OFF 0 +#define LIBTEEC_NAME_MAX_LEN 50 + +const char g_libso[KIND_OF_SO][LIBTEEC_NAME_MAX_LEN] = {"libteec_vendor.so"}; + +static int find_lib_code_area(struct mm_struct *mm, struct vm_area_struct **lib_code_area, int so_index) +{ + struct vm_area_struct *vma = NULL; + bool is_valid_vma = false; + bool is_so_exists = false; + bool param_check = (!mm || !mm->mmap || !lib_code_area || so_index >= KIND_OF_SO); + + if (param_check){ + tloge("illegal input params\n"); + return -EFAULT; + } + + for (vma = mm->mmap; vma ; vma = vma->vm->next) { + is_valid_vma = (vma->vm_file && vma->vm_file->f_path.dentry && + vma->vm_file->f_path.dentry->d_name.name); + if (is_valid_vma) { + is_so_exists = !strcmp(g_libso[so_index], vma->vm_file->f_path.dentry->d_name.name); + if (is_so_exists && (vma->vm_flags & VM_EXEC)) { + *lib_code_area = vma; + tlogd("so name is %s\n", + vma->vm_file->f_path.dentry->d_name.name); + } + } + } + return -EFAULT; +} + +struct get_code_info { + unsigned long code_start; + unsigned long code_end; + unsigned long code_size; +} + +static int update_so_hash(struct mm_struct *mm, + struct task_struct *cur_struct, struct shash_desc *shash, int so_index) +{ + struct vm_area_struct *vma = NULL; + int rc = -EFAULT; + struct get_code_info code_info; + unsigned long in_size; + struct page *ptr_page = NULL; + void *ptr_base = NULL; + + if (find_lib_code_area(mm, &vma, so_index)) { + tlogd("get lib code vma area failed\n"); + return -EFAULT; + } + + code_info.code_start = vma->vm_start; + code_info.code_end = vma->vm_end; + code_info.code_size = code_info.code_end - code_info.code_start; + + while (code_info.code_start < code_info.code_end) { + // get a handle of the page we want to read +#if (KERNEL_VERSION(5, 10, 0) <= LINUX_VERSION_CODE) + rc = get_user_pages_remote(mm, code_info.code_start, 1, FOLL_FORCE, &ptr_page, NULL, NULL); +#else + rc = get_user_pages_remote(cur_struct, mm, code_info.code_start, 1, + FOLL_FORCE, &ptr_page, NULL, NULL); +#endif + if (rc != 1) { + tloge("get user pages locked error[0x%x]\n", rc); + rc = -EFAULT; + break; + } + + ptr_base = kmap_atomic(ptr_page); + if (!ptr_page) { + rc = -EFAULT; + put_page(ptr_page); + break; + } + in_size = (code_info.code_size > PAGE_SIZE) ? PAGE_SIZE : code_info.code_size; + + rc = crypto_shash_update(shash, ptr_base, in_size); + if (rc) { + kunmap_atomic(ptr_base); + put_page(ptr_page); + break; + } + kunmap_atomic(ptr_base); + put_page(ptr_page); + code_info.code_start += in_size; + code_info.code_size = code_info.code_end - code_info.code_start; + } + return rc; +} + +/* Calculate the SHA256 library digest */ +static int calc_task_so_hash(unsigned char *digest, uint32_t dig_len, + struct task_struct *cur_struct, int so_index) +{ + struct mm_struct *mm = NULL; + int rc; + size_t size; + size_t shash_size; + struct sdesc *desc = NULL; + + if(!digest || dig_len != SHA256_DIGEST_LENTH) { + tloge("tee hash: digest is NULL\n"); + return -EFAULT; + } + + shash_size = crypto_shash_descsize(get_shash_handle()); + size = sizeof(desc->shash) + shash_size; + if (size < sizeof(desc->shash) || size < shash_size) { + tloge("size overflow\n"); + return -ENOMEM; + } + + desc = kzalloc(size, GFP_KERNEL); + if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)desc)) { + tloge("alloc desc failed\n"); + return -ENOMEM; + } + + desc->shash.tfm = get_shash_handle(); + if (crypto_shash_init(&desc->shash)) { + kfree(desc); + return -EFAULT; + } + + mm = get_task_mm(cur_struct); + if (!mm) { + tloge("so does not have mm struct\n"); + if (memset_s(digest, MAX_SHA_256_SZ, 0, dig_len)) + tloge("memset digest failed\n"); + kfree(desc); + return -EFAULT; + } + + down_read(&mem_sem_lock(mm)); + rc = update_so_hash(mm, cur_struct, &desc->shash, so_index); + up_read(&mem_sem_lock(mm)); + mmput(mm); + if (!rc) + rc = crypto_shash_final(&desc->shash, digest); + kfree(desc); + return rc; +} + +static int proc_calc_hash(uint8_t kernel_api, struct tc_ns_session *session, + struct task_struct cur_struct, uint32_t pub_key_len) +{ + int rc, i; + int so_found = 0; + + mutex_crypto_hash_lock(); + if (kernel_api == TEE_REQ_FROM_USER_MODE) { + for (i = 0; so_found < NUM_OF_SO && i < KIND_OF_SO; i++) { + rc = calc_task_so_hash(session->auth_hash_buf + MAX_SHA_256_SZ * so_found, + (uint32_t)SHA256_DIGEST_LENTH, cur_struct, i); + if (!rc) + so_found++; + } + if (so_found != NUM_OF_SO) + tlogd("so library found: %d\n", so_found); + }else { + tlogd("request from kernel\n"); + } + +#ifdef CONFIG_ASAN_DEBUG + tloge("so auth disabled for ASAN debug\n"); + uint32_t so_hash_len = MAX_SHA_256_SZ * NUM_OF_SO; + errno_t sret = memset_s(session->auth_hash_buf, so_hash_len, 0, so_hash_len); + if (sret) { + mutex_crypto_hash_unlock(); + tloge("memset so hash failed\n"); + return -EFAULT; + } +#endif + + rc = calc_task_so_hash(session->auth_hash_buf + MAX_SHA_256_SZ * so_found, + (uint32_t)SHA256_DIGEST_LENTH, cur_struct, pub_key_len); + if (rc) { + mutex_crypto_hash_unlock(); + tloge("tee calc ca hash failed\n"); + return -EFAULT; + } + mutex_crypto_hash_unlock(); + return EOK; +} + +int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, + struct tc_ns_client_context *context, struct tc_ns_session *session) +{ + int ret; + struct task_struct *cur_struct = NULL; + bool check = false; + check = (!dev_file || !context || !session); + if (check) { + tloge("bad parameters\n"); + return -EFAULT; + } + + if (tee_init_shash_handle("sha256")) { + tloge("init code hash error\n"); + return -EFAULT; + } + + cur_struct = current; + ret = proc_calc_hash(dev_file->kernel_api, session, cur_struct, dev_file->pub_key_len); + return ret; +} \ No newline at end of file diff --git a/auth/client_hash_auth.h b/auth/client_hash_auth.h index e69de29..92c6086 100644 --- a/auth/client_hash_auth.h +++ b/auth/client_hash_auth.h @@ -0,0 +1,40 @@ +/* + * client_hash_auth.h + * + * function definition for CA code hash auth + * + * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef CLIENT_HASH_CALC_H +#define CLIENT_HASH_CALC_H + +#include "tc_ns_client.h" +#include "teek_ns_client.h" + +#ifdef CONFIG_CLIENT_AUTH +#include "auth_base_impl.h" + +int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, + struct tc_ns_client_context *context, struct tc_ns_session *session); + +#else +int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, + struct tc_ns_client_context *context, struct tc_ns_session *session) +{ + return 0; +} + +#endif + +#endif \ No newline at end of file -- Gitee From c82fa66d57381105176727d9dad4fa0d8cf92dc6 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 22 Jun 2022 10:08:05 +0000 Subject: [PATCH 07/33] update cmdmonitor --- core/agent.c | 109 +++++++++++----------------------------- core/agent.h | 11 +++- core/agent_allowed_ca.c | 67 ++++++++++++++++++++++++ core/cmdmonitor.c | 103 ++++++++++++++++++++++++------------- core/cmdmonitor.h | 12 ++++- 5 files changed, 184 insertions(+), 118 deletions(-) create mode 100644 core/agent_allowed_ca.c diff --git a/core/agent.c b/core/agent.c index dd1b3cc..b957336 100644 --- a/core/agent.c +++ b/core/agent.c @@ -50,6 +50,7 @@ #include "tc_client_driver.h" #include "cmdmonitor.h" #include "ko_adapt.h" +#include "tz_kthread_affinity.h" #ifdef CONFIG_CMS_CAHASH_AUTH #define HASH_FILE_MAX_SIZE CONFIG_HASH_FILE_SIZE @@ -58,7 +59,6 @@ #endif #define AGENT_BUFF_SIZE (4 * 1024) #define AGENT_MAX 32 -#define MAX_PATH_SIZE 512 #define PAGE_ORDER_RATIO 2 static struct list_head g_tee_agent_list; @@ -70,44 +70,12 @@ struct agent_control { static struct agent_control g_agent_control; -struct ca_info { - char path[MAX_PATH_SIZE]; - uint32_t uid; - uint32_t agent_id; -}; - -static struct ca_info g_allowed_ext_agent_ca[] = { -}; - -static int is_allowed_agent_ca(const struct ca_info *ca, +int __attritube__((weak)) is_allowed_agent_ca(const struct ca_info *ca, bool check_agent_id) { - uint32_t i; - struct ca_info *tmp_ca = g_allowed_ext_agent_ca; - const uint32_t nr = ARRAY_SIZE(g_allowed_ext_agent_ca); - - if (!check_agent_id) { - for (i = 0; i < nr; i++) { - if (!strncmp(ca->path, tmp_ca->path, - strlen(tmp_ca->path) + 1) && - ca->uid == tmp_ca->uid) - return 0; - tmp_ca++; - } - } else { - for (i = 0; i < nr; i++) { - if (!strncmp(ca->path, tmp_ca->path, - strlen(tmp_ca->path) + 1) && - ca->uid == tmp_ca->uid && - ca->agent_id == tmp_ca->agent_id) - return 0; - tmp_ca++; - } - } - tlogd("ca-uid is %u, ca_path is %s, agent id is %x\n", ca->uid, - ca->path, ca->agent_id); - - return -EACCES; + (void)ca; + (void)check_agent_id; + return -EFAULT; } static int check_mm_struct(struct mm_struct *mm) @@ -618,10 +586,15 @@ int tc_ns_sync_sys_time(const struct tc_ns_client_time *tc_ns_time) return -ENOMEM; } + mb_pack->operation.paramtypes = TEE_PARAM_TYPE_VALUE_INPUT; + mb_pack->operation.params[0].value.a = tmp_tc_ns_time.seconds; + mb_pack->operation.params[0].value.b = tmp_tc_ns_time.millis; + smc_cmd.cmd_type = CMD_TYPE_GLOBAL; smc_cmd.cmd_id = GLOBAL_CMD_ID_ADJUST_TIME; - smc_cmd.err_origin = tmp_tc_ns_time.seconds; - smc_cmd.ret_val = (int)tmp_tc_ns_time.millis; + smc_cmd.operation_phys = virt_to_phys(&mb_pack->operation); + smc_cmd.operation_h_phys = + (uint64_t)virt_to_phys(&mb_pack->operation) >> ADDR_TRANS_NUM; if (tc_ns_smc(&smc_cmd)) { tloge("tee adjust time failed, return error\n"); @@ -702,7 +675,6 @@ static void init_restart_agent_node(struct tc_ns_dev_file *dev_file, tloge("agent: 0x%x restarting\n", event_data->agent_id); event_data->ret_flag = 0; event_data->owner = dev_file; - event_data->pid = current->tgid; atomic_set(&event_data->agent_ready, AGENT_REGISTERED); init_waitqueue_head(&(event_data->wait_event_wq)); init_waitqueue_head(&(event_data->send_response_wq)); @@ -732,7 +704,6 @@ static int create_new_agent_node(struct tc_ns_dev_file *dev_file, (*event_data)->agent_buff_kernel = *agent_buff; (*event_data)->agent_buff_size = agent_buff_size; (*event_data)->owner = dev_file; - (*event_data)->pid = current->tgid; atomic_set(&(*event_data)->agent_ready, AGENT_REGISTERED); init_waitqueue_head(&(*event_data)->wait_event_wq); init_waitqueue_head(&(*event_data)->send_response_wq); @@ -767,7 +738,7 @@ static unsigned long agent_buffer_map(unsigned long buffer, uint32_t size) return user_addr; } - down_read(¤t->mm->mmap_sem); + down_read(&mm_sem_lock(current->mm)); vma = find_vma(current->mm, user_addr); if (!vma) { tloge("user_addr is not valid in vma"); @@ -781,10 +752,10 @@ static unsigned long agent_buffer_map(unsigned long buffer, uint32_t size) goto err_out; } - up_read(¤t->mm->mmap_sem); + up_read(&mm_sem_lock(current->mm)); return user_addr; err_out: - up_read(¤t->mm->mmap_sem); + up_read(&mm_sem_lock(current->mm)); if (vm_munmap(user_addr, size)) tloge("munmap failed\n"); return -EFAULT; @@ -808,21 +779,8 @@ static bool is_valid_agent(unsigned int agent_id, return true; } -void clean_agent_pid_info(struct tc_ns_dev_file *dev_file) -{ - struct smc_event_data *agent_node = NULL; - unsigned long flags; - - spin_lock_irqsave(&g_agent_control.lock, flags); - list_for_each_entry(agent_node, &g_agent_control.agent_list, head) { - if (agent_node->owner == dev_file) - agent_node->pid = 0; - } - spin_unlock_irqrestore(&g_agent_control.lock, flags); -} - static int is_agent_already_exist(unsigned int agent_id, - struct smc_event_data **event_data, bool *find_flag) + struct smc_event_data **event_data, struct tc_ns_dev_file *dev_file bool *find_flag) { unsigned long flags; bool flag = false; @@ -831,13 +789,18 @@ static int is_agent_already_exist(unsigned int agent_id, spin_lock_irqsave(&g_agent_control.lock, flags); list_for_each_entry(agent_node, &g_agent_control.agent_list, head) { if (agent_node->agent_id == agent_id) { - if (agent_node->pid == current->tgid) { + if (atomic_read(&agent_node->agent_ready) != AGENT_CRASHED) { tloge("no allow agent proc to reg twice\n"); spin_unlock_irqrestore(&g_agent_control.lock, flags); return -EINVAL; } flag = true; get_agent_event(agent_node); + /* + * We find the agent event_data aready in agent_list, it indicate agent + * didn't unregister normally, so the event_data will be reused. + */ + init_restart_agent_node(dev_file, agent_node); break; } } @@ -934,15 +897,10 @@ int tc_ns_register_agent(struct tc_ns_dev_file *dev_file, size_align = ALIGN(buffer_size, SZ_4K); - if (is_agent_already_exist(agent_id, &event_data, &find_flag)) + if (is_agent_already_exist(agent_id, &event_data, dev_file, &find_flag)) return ret; - /* - * We find the agent event_data aready in agent_list, it indicate agent - * didn't unregister normally, so the event_data will be reused. - */ - if (find_flag) { - init_restart_agent_node(dev_file, event_data); - } else { + + if (!find_flag) { ret = create_new_agent_node(dev_file, &event_data, agent_id, &agent_buff, size_align); if (ret) @@ -998,18 +956,9 @@ static int check_for_unregister_agent(unsigned int agent_id) return 0; } -static bool is_third_party_agent(unsigned int agent_id) +bool __attritube__((weak)) is_third_party_agent(unsigned int agent_id) { - uint32_t i; - struct ca_info *tmp_ca = g_allowed_ext_agent_ca; - const uint32_t nr = ARRAY_SIZE(g_allowed_ext_agent_ca); - - for (i = 0; i < nr; i++) { - if (tmp_ca->agent_id == agent_id) - return true; - tmp_ca++; - } - + (void)agent_id; return false; } @@ -1186,7 +1135,7 @@ static int def_tee_agent_run(struct tee_agent_kernel_ops *agent_instance) /* 2. Creat thread to run agent */ agent_instance->agent_thread = - kthread_run(def_tee_agent_work, agent_instance, + kthread_create(def_tee_agent_work, agent_instance, "agent_%s", agent_instance->agent_name); if (IS_ERR_OR_NULL(agent_instance->agent_thread)) { tloge("kthread creat fail\n"); @@ -1194,6 +1143,8 @@ static int def_tee_agent_run(struct tee_agent_kernel_ops *agent_instance) agent_instance->agent_thread = NULL; goto out; } + tz_kthread_bind_mask(agent_instance->agent_thread); + wake_up_process(agent_instance->agent_thread); return 0; out: diff --git a/core/agent.h b/core/agent.h index 209016b..971aee3 100644 --- a/core/agent.h +++ b/core/agent.h @@ -20,6 +20,7 @@ #include #include "teek_ns_client.h" +#define MAX_PATH_SIZE 512 #define AGENT_FS_ID 0x46536673 /* FSfs */ #define AGENT_MISC_ID 0x4d495343 /* MISC */ @@ -52,7 +53,6 @@ struct smc_event_data { struct list_head head; struct tc_ns_smc_cmd cmd; struct tc_ns_dev_file *owner; - pid_t pid; void *agent_buff_kernel; void *agent_buff_user; /* used for unmap */ unsigned int agent_buff_size; @@ -81,6 +81,12 @@ struct tee_agent_kernel_ops { struct list_head list; }; +struct ca_info { + char path[MAX_PATH_SIZE]; + uint32_t uid; + uint32_t agent_id; +}; + static inline void get_agent_event(struct smc_event_data *event_data) { if (event_data) @@ -95,6 +101,8 @@ static inline void put_agent_event(struct smc_event_data *event_data) } } +int is_allowed_agent_ca(const struct ca_info *ca, bool check_agent_id); +bool is_third_party_agent(unsigned int agent_id); void agent_init(void); void agent_exit(void); struct smc_event_data *find_event_control(unsigned int agent_id); @@ -117,6 +125,5 @@ int tee_agent_kernel_register(struct tee_agent_kernel_ops *new_agent); bool is_system_agent(const struct tc_ns_dev_file *dev_file); void tee_agent_clear_dev_owner(const struct tc_ns_dev_file *dev_file); char *get_proc_dpath(char *path, int path_len); -void clean_agent_pid_info(struct tc_ns_dev_file *dev_file); #endif diff --git a/core/agent_allowed_ca.c b/core/agent_allowed_ca.c new file mode 100644 index 0000000..0a26052 --- /dev/null +++ b/core/agent_allowed_ca.c @@ -0,0 +1,67 @@ +/* + * agent_allowed_ca.c + * + * allowed_ext_agent_ca list and functions + * + * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include "agent.h" +#include +#include +#include + +static struct ca_info g_allowed_ext_agent_ca[] = {}; + +int is_allowed_agent_ca(const struct ca_info *ca, bool check_agent_id) +{ + uint32_t i; + struct ca_info *tmp_ca = g_allowed_ext_agent_ca; + const uint32_t nr = ARRAY_SIZE(g_allowed_ext_agent_ca); + + if (!ca) + return -EFAULT; + + if (!check_agent_id) { + for (i = 0; i < nr ; i++) { + if (!strncmp(ca->path, tmp_ca->path, strlen(tmp_ca->path) + 1) && + ca->uid == tmp_ca->uid) + return 0; + tmp_ca++; + } + } else { + for (i = 0; i < nr ; i++) { + if (!strncmp(ca->path, tmp_ca->path, strlen(tmp_ca->path) + 1) && + ca->uid == tmp_ca->uid && ca->agent_id ==tmp_ca->agent_id) + return 0; + tmp_ca++; + } + } + tlogd("ca-uid is %u, ca_path is %s, agent id is %x\n", ca->uid, ca->path, ca->agent_id); + return -EACCES; +} + +bool is_third_party_agent(unsigned int agent_id) +{ + uint32_t i; + struct ca_info *tmp_ca = g_allowed_ext_agent_ca; + const uint32_t nr = ARRAY_SIZE(g_allowed_ext_agent_ca); + + for (i = 0; i < nr; i++) { + if (tmp_ca->agent_id == agent_id) + return true; + tmp_ca++; + } + + return false; +} \ No newline at end of file diff --git a/core/cmdmonitor.c b/core/cmdmonitor.c index e1b0c7a..e69c55d 100644 --- a/core/cmdmonitor.c +++ b/core/cmdmonitor.c @@ -38,12 +38,6 @@ #include "log_cfg_api.h" #include "tz_kthread_affinity.h" -static const char g_cmd_monitor_white_table[][TASK_COMM_LEN] = { -}; - -static const uint32_t g_white_table_thread_num = - sizeof(g_cmd_monitor_white_table) / TASK_COMM_LEN; - static int g_cmd_need_archivelog; static LIST_HEAD(g_cmd_monitor_list); static int g_cmd_monitor_list_size; @@ -57,13 +51,9 @@ static DEFINE_MUTEX(g_cmd_monitor_lock); static struct workqueue_struct *g_cmd_monitor_wq; static struct delayed_work g_cmd_monitor_work; static struct delayed_work g_cmd_monitor_work_archive; +static struct delayed_work g_mem_stat; static int g_tee_detect_ta_crash; -enum { - TYPE_CRASH_TA = 1, - TYPE_CRASH_TEE = 2, -}; - static void get_time_spec(struct time_spec *time) { #if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)) @@ -73,6 +63,11 @@ static void get_time_spec(struct time_spec *time) #endif } +static void shedule_memstat_work(struct delayed_work *work, unsigned long delay) +{ + schedule_delayed_work(work, delay); +} + static void schedule_cmd_monitor_work(struct delayed_work *work, unsigned long delay) { @@ -82,6 +77,11 @@ static void schedule_cmd_monitor_work(struct delayed_work *work, schedule_delayed_work(work, delay); } +void tzdebug_memstat(void) +{ + shedule_memstat_work(&g_mem_stat, usecs_to_jiffies(S_TO_MS)); +} + void tzdebug_archivelog(void) { schedule_cmd_monitor_work(&g_cmd_monitor_work_archive, @@ -126,20 +126,6 @@ static int get_pid_name(pid_t pid, char *comm, size_t size) return sret; } -static bool is_thread_in_white_table(const char *tname) -{ - uint32_t i; - - if (!tname) - return false; - - for (i = 0; i < g_white_table_thread_num; i++) { - if (!strcmp(tname, g_cmd_monitor_white_table[i])) - return true; - } - return false; -} - bool is_thread_reported(unsigned int tid) { bool ret = false; @@ -158,6 +144,29 @@ bool is_thread_reported(unsigned int tid) return ret; } +void memstat_report(void) +{ + int ret; + struct tee_mem *meminfo = NULL; + + meminfo = mailbox_alloc(sizeof(*meminfo), MB_FLAG_ZERO); + if (!meminfo) { + tloge("mailbox alloc failed\n"); + return; + } + + ret = get_tee_meminfo(meminfo); + if (!ret) + tlogd("get meminfo failed\n"); + mailbox_free(meminfo); +} + +static void memstat_work(struct work_struct *work) +{ + (void)work; + memstat_report(); +} + void cmd_monitor_reset_context(void) { struct cmd_monitor *monitor = NULL; @@ -178,9 +187,16 @@ void cmd_monitor_reset_context(void) mutex_unlock(&g_cmd_monitor_lock); } +/* +* if one session timeout, monitor will print timedifs every step[N] in seconds, +* if lasted more than 360s, monitor will print timedifs every 360 seconds +*/ +const int32_t g_timer_step[] = {1, 1, 1, 2, 5, 10, 40, 120, 180, 360}; +const int32_t g_timer_nums = sizeof(g_timer_step) / sizeof(int32_t); + static void show_timeout_cmd_info(struct cmd_monitor *monitor) { - long long timedif; + long long timedif, timedif2; struct time_spec nowtime; get_time_spec(&nowtime); @@ -191,31 +207,40 @@ static void show_timeout_cmd_info(struct cmd_monitor *monitor) timedif = S_TO_MS * (nowtime.ts.tv_sec - monitor->sendtime.ts.tv_sec) + (nowtime.ts.tv_nsec - monitor->sendtime.ts.tv_nsec) / S_TO_US; - /* timeout to 25s, we log the teeos log, and report */ + /* timeout to 10s, we log the teeos log, and report */ if ((timedif > CMD_MAX_EXECUTE_TIME * S_TO_MS) && (!monitor->is_reported)) { monitor->is_reported = true; - tloge("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " + tlogw("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " "tname=%s, lastcmdid=%u, agent call count:%d, " - "timedif=%lld ms and report\n", + "running with timedif=%lld ms and report\n", monitor->pid, monitor->pname, monitor->tid, monitor->tname, monitor->lastcmdid, monitor->agent_call_count, timedif); /* threads out of white table need info dump */ - tloge("monitor: pid-%d", monitor->pid); - if (!is_thread_in_white_table(monitor->tname)) { + tlogw("monitor: pid-%d", monitor->pid); + if (!is_tui_in_use(monitor->tid)) { show_cmd_bitmap(); g_cmd_need_archivelog = 1; - wakeup_tc_siq(); + wakeup_tc_siq(SIQ_DUMP_TIMEOUT); } - return; } - if (timedif > 1 * S_TO_MS) - tloge("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " + timedif2 = S_TO_MS * (nowtime.ts.tv_sec - monitor->lasttime.ts.tv_sec) + + (nowtime.ts.tv_nsec - monitor->lasttime.ts.tv_nsec) / S_TO_US; + int32_t time_in_sec = monitor->timer_index >= g_timer_nums ? + g_timer_step[g_timer_nums - 1] : g_timer_step[monitor->timer_index]; + + if (timedif2 > time_in_sec * S_TO_MS) { + monitor->lasttime = nowtime; + monitor->timer_index = monitor->timer_index >= sizeof(g_timer_step) ? + sizeof(g_timer_step) : (monitor->timer_index + 1); + tlogw("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " "lastcmdid=%u,agent call count:%d,timedif=%lld ms\n", monitor->pid, monitor->pname, monitor->tid, monitor->lastcmdid, monitor->agent_call_count, timedif); + } + } static void cmd_monitor_tick(void) @@ -227,7 +252,7 @@ static void cmd_monitor_tick(void) list_for_each_entry_safe(monitor, tmp, &g_cmd_monitor_list, list) { if (monitor->returned) { g_cmd_monitor_list_size--; - tloge("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " + tlogi("[cmd_monitor_tick] pid=%d,pname=%s,tid=%d, " "tname=%s,lastcmdid=%u,count=%d,agent call count=%d, " "timetotal=%lld us returned, remained command(s)=%d\n", monitor->pid, monitor->pname, monitor->tid, monitor->tname, @@ -280,6 +305,8 @@ static struct cmd_monitor *init_monitor_locked(void) } get_time_spec(&newitem->sendtime); + newitem->lasttime = newitem->sendtime; + newitem->timer_index = 0; newitem->count = 1; newitem->agent_call_count = 0; newitem->returned = false; @@ -317,11 +344,14 @@ struct cmd_monitor *cmd_monitor_log(const struct tc_ns_smc_cmd *cmd) found_flag = true; /* restart */ get_time_spec(&monitor->sendtime); + monitor->lasttime = monitor->sendtime; + monitor->timer_index = 0; monitor->count++; monitor->returned = false; monitor->is_reported = false; monitor->lastcmdid = cmd->cmd_id; monitor->agent_call_count = 0; + monitor->timetotal = 0; break; } } @@ -395,5 +425,6 @@ void init_cmd_monitor(void) (uintptr_t)&g_cmd_monitor_work, cmd_monitor_tickfn); INIT_DEFERRABLE_WORK((struct delayed_work *) (uintptr_t)&g_cmd_monitor_work_archive, cmd_monitor_archivefn); + INIT_DEFERRABLE_WORK((struct delayed_work *)(uintptr_t)&g_mem_stat, memstat_work); } diff --git a/core/cmdmonitor.h b/core/cmdmonitor.h index 6354a25..aafbcbc 100644 --- a/core/cmdmonitor.h +++ b/core/cmdmonitor.h @@ -18,6 +18,7 @@ #ifndef CMD_MONITOR_H #define CMD_MONITOR_H +#include "tzdebug.h" #include "teek_ns_client.h" #include @@ -25,11 +26,16 @@ #define TASK_COMM_LEN 16 #endif +enum { + TYPE_CRASH_TA = 1, + TYPE_CRASH_TEE = 2, +} + /* * when cmd execute more than 25s in tee, * it will be terminated when CA is killed */ -#define CMD_MAX_EXECUTE_TIME 25U +#define CMD_MAX_EXECUTE_TIME 10U #define S_TO_MS 1000 #define S_TO_US 1000000 @@ -44,6 +50,8 @@ struct time_spec { struct cmd_monitor { struct list_head list; struct time_spec sendtime; + struct time_spec_lasttime; + int32_t timer_index; int count; bool returned; bool is_reported; @@ -64,5 +72,7 @@ void do_cmd_need_archivelog(void); bool is_thread_reported(unsigned int tid); void tzdebug_archivelog(void); void cmd_monitor_ta_crash(int32_t type); +void memstat_report(void); +void tzdebug_memstat(void); #endif -- Gitee From 7f9579df9158adab17d510456b055a21aa378aeb Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 06:42:36 +0000 Subject: [PATCH 08/33] update something --- core/gp_ops.c | 274 +++++++++++++++++++++++++++++++---------- core/gp_ops.h | 7 ++ core/mailbox_mempool.c | 16 ++- core/mem.c | 40 +++++- core/session_manager.c | 132 ++++++-------------- 5 files changed, 295 insertions(+), 174 deletions(-) diff --git a/core/gp_ops.c b/core/gp_ops.c index f73aca0..4dadd94 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -30,6 +30,9 @@ #include #include #include +#include +#include +#include #include #include #include "teek_client_constants.h" @@ -40,7 +43,7 @@ #include "mem.h" #include "mailbox_mempool.h" #include "tc_client_driver.h" -#include "security_auth_enhance.h" +#include "reserved_mempool.h" #include "tlogger.h" #define MAX_SHARED_SIZE 0x100000 /* 1 MiB */ @@ -345,23 +348,6 @@ static int update_input_data(const union tc_ns_client_param *client_param, return 0; } -static int do_opensess_auth_enhance(const struct tc_call_params *call_params, - void *temp_buf, uint32_t buffer_size, unsigned int index) -{ - if (!is_opensession_by_index(call_params->flags, - call_params->context->cmd_id, index)) - return 0; - -#ifdef CONFIG_AUTH_ENHANCE - if (encrypt_login_info(buffer_size, temp_buf, - call_params->sess->secure_info.crypto_info.key)) { - tloge("encrypt login info failed\n"); - return -EFAULT; - } -#endif - return 0; -} - /* * temp buffers we need to allocate/deallocate * for every operation @@ -404,10 +390,6 @@ static int alloc_for_tmp_mem(const struct tc_call_params *call_params, param_type, kernel_params)) return -EFAULT; - if (do_opensess_auth_enhance(call_params, temp_buf, - buffer_size, index)) - return -EFAULT; - op_params->mb_pack->operation.params[index].memref.buffer = virt_to_phys(temp_buf); op_params->mb_pack->operation.buffer_h_addr[index] = @@ -465,6 +447,30 @@ static bool is_phyaddr_valid(struct tc_ns_operation *operation, int index) return true; } +static int set_operation_buffer(struct tc_ns_shared_mem *shared_mem, void *buffer_addr, + uint32_t buffer_size, unsigned int index, struct tc_op_params *op_params) +{ + if (shared_mem->mem_type == RESERVED_TYPE) { + /* no copy to mailbox */ + op_params->mb_pack->operation.mb_buffer[index] = buffer_addr; + op_params->mb_pack->operation.params[index].memref.buffer = + res_mem_virt_to_phys((uintptr_t)buffer_addr); + op_params->mb_pack->operation.buffer_h_addr[index] = + res_mem_virt_to_phys((uintptr_t)buffer_addr) >> ADDR_TRANS_NUM; + } else { + buffer_addr = mailbox_copy_alloc(buffer_addr, buffer_size); + if (buffer_addr == NULL) + return -ENOMEM; + + op_params->mb_pack->operation.mb_buffer[index] = buffer_addr; + op_params->mb_pack->operation.params[index].memref.buffer = + virt_to_phys(buffer_addr); + op_params->mb_pack->operation.buffer_h_addr[index] = + (uint64_t)virt_to_phys(buffer_addr) >> ADDR_TRANS_NUM; + } + return 0; +} + /* * MEMREF_PARTIAL buffers are already allocated so we just * need to search for the shared_mem ref; @@ -503,16 +509,13 @@ static int alloc_for_ref_mem(const struct tc_call_params *call_params, buffer_addr = (void *)(uintptr_t)( (uintptr_t)shared_mem->kernel_addr + client_param->memref.offset); - buffer_addr = mailbox_copy_alloc(buffer_addr, buffer_size); - if (!buffer_addr) { - ret = -ENOMEM; + + ret = set_operation_buffer(shared_mem, buffer_addr, buffer_size, index, op_params); + if (ret) { + tloge("set operation buffer failed\n"); break; } - op_params->mb_pack->operation.mb_buffer[index] = buffer_addr; - op_params->mb_pack->operation.params[index].memref.buffer = - virt_to_phys(buffer_addr); - op_params->mb_pack->operation.buffer_h_addr[index] = - (uint64_t)virt_to_phys(buffer_addr) >> ADDR_TRANS_NUM; + op_params->mb_pack->operation.sharemem[index] = shared_mem; get_sharemem_struct(shared_mem); break; @@ -528,9 +531,128 @@ static int alloc_for_ref_mem(const struct tc_call_params *call_params, /* Change TEEC_MEMREF_PARTIAL_XXXXX to TEE_PARAM_TYPE_MEMREF_XXXXX */ op_params->trans_paramtype[index] = param_type - (TEEC_MEMREF_PARTIAL_INPUT - TEE_PARAM_TYPE_MEMREF_INPUT); + + if (shared_mem->mem_type == RESERVED_TYPE) + op_params->trans_paramtype[index] += + (TEE_PARAM_TYPE_RESMEM_INPUT - TEE_PARAM_TYPE_MEMREF_INPUT); return ret; } +#ifdef CONFIG_NOCOPY_SHAREDMEM +static int fill_shared_mem_info(void *start_vaddr, uint32_t pages_no, + uint32_t offset, uint32_t buffer_size, void *buff) +{ + struct pagelist_info *page_info = NULL; + struct page **pages = NULL; + uint64_t *phys_addr = NULL; + uint32_t page_num; + uint32_t i; + + if (pages_no == 0) + return -EFAULT; + + pages = (struct page **)vmalloc(pages_no * sizeof(uint64_t)); + if (pages == NULL) + return -EFAULT; + + down_read(&mem_sem_lock(current->mm)); + page_num = get_user_pages(start_vaddr, pages_no, 0, pages, NULL); + up_read(&mem_sem_lock(current->mm)); + if (page_num != pages_no) { + tloge("get page phy addr failed\n"); + if (page_num > 0) + release_pages(pages, page_num); + vfree(pages); + return -EFAULT; + } + + page_info = buffer; + page_info->page_num = pages_no; + page_info->page_size = PAGE_SIZE; + page_info->sharedmem_offset = offset; + page_info->sharedmem_size = buffer_size; + + phys_addr = (uint64_t*)buff + (sizeof(*page_info) / sizeof(uint64_t)); + for (i = 0; i < pages_no; i++) { + struct page *page = pages[i]; + if (page == NULL) { + release_pages(pages, page_num); + vfree(pages); + return -EFAULT; + } + phys_addr[i] = (uintptr_t)page_to_phys(page); + } + + vfree(pages); + return 0; +} + +static int check_buffer_for_sharedmem(uint32_t* buffer_size, + const union tc_ns_client_param *client_param, uint8_t kernel_params) +{ + if (read_from_client(buffer_size, sizeof(*buffer_size), + (uint32_t __user *)(uintptr_t)client_param->sharedmem.size_addr, + sizeof(uint32_t), kernel_params)) { + tloge("copy sharedmem.size_addr failed\n"); + return -EFAULT; + } + + return 0; +} + +static int transfer_shared_mem(const struct tc_call_params *call_params, + struct tc_op_params *op_params, uint8_t kernel_params, + uint32_t param_type, unsigned int index) +{ + void *buffer = NULL; + void *start_vaddr = NULL; + union tc_ns_client_param *client_param = NULL; + uint32_t buffer_size; + uint32_t pages_no; + uint32_t offset; + uint32_t buff_len; + + if (index >= TEE_PARAM_NUM) + return -EINVAL; + + client_param = &(call_params->context->params[index]); + if (check_buffer_for_sharedmem(&buffer_size, client_param, kernel_params)) + return -EINVAL; + + buff = (void *)(uint64_t)client_param->sharedmem.buffer; + start_vaddr = (void *)(((uint64_t)buff) & PAGE_MASK); + offset = ((uint32_t)(uintptr_t)buff) & (~PAGE_MASK); + pages_no = PAGE_ALIGN(offset + buffer_size) / PAGE_SIZE; + + buff_len = sizeof(struct pagelist_info) + (sizeof(uint64_t) * pages_no); + buff = mailbox_alloc(buff_len, MB_FLAG_ZERO); + if (buff == NULL) + return -EFAULT; + + if (fill_shared_mem_info(start_vaddr, pages_no, offset, buffer_size, buff)) { + mailbox_free(buff); + return -EFAULT; + } + + op_params->local_tmpbuf[index].temp_buffer = buff; + op_params->local_tmpbuf[index].size = buff_len; + + op_params->mb_pack->operation.params[index].sharedmem.buffer = virt_to_phys(buff); + op_params->mb_pack->operation.buffer_h_addr[index] = (uint64_t)virt_to_phys(buff) >> ADDR_TRANS_NUM; + op_params->mb_pack->operation.params[index].sharedmem.size = buff_len; + op_params->trans_paramtype[indx] = param_type; + return 0; +} +#else +static int transfer_shared_mem(const struct tc_call_params *call_params, + struct tc_op_params *op_params, uint8_t kernel_params, + uint32_t param_type, unsigned int index) +{ + tloge("invalid shared mem type\n"); + return -1; +} +#endif + static int transfer_client_value(const struct tc_call_params *call_params, struct tc_op_params *op_params, uint8_t kernel_params, uint32_t param_type, unsigned int index) @@ -619,6 +741,9 @@ static int alloc_operation(const struct tc_call_params *call_params, else if (param_type == TEEC_ION_SGLIST_INPUT) ret = alloc_for_ion_sglist(call_params, op_params, kernel_params, param_type, index); + else if (param_type == TEEC_MEMREF_SHARED_INOUT) + ret = transfer_shared_mem(call_params, op_params, + kernel_params, param_type, index); else tlogd("param type = TEEC_NONE\n"); @@ -717,6 +842,10 @@ static int update_for_ref_mem(const struct tc_call_params *call_params, return -EFAULT; } + /* reserved memory no need to copy */ + if (operation->sharedmem[index]->mem_type == RESERVED_TYPE) + return 0; + /* copy from mb_buffer to sharemem */ if (operation->mb_buffer[index] && orig_size >= buffer_size) { void *buffer_addr = @@ -797,6 +926,25 @@ static int update_client_operation(const struct tc_call_params *call_params, return ret; } +#ifdef CONFIG_NOCOPY_SHAREDMEM +static void release_page(void *buff) +{ + uint32_t i; + uint64_t *phys_addr = NULL; + struct pagelist_info *page_info = NULL; + struct page *page = NULL; + + page_info = buff; + phys_addr = (uint64_t *)buf + (sizeof(*page_info) / sizeof(uint64_t)); + for (i = 0; i < page_info->page_num; i++) { + page = (uintptr_t)phys_to_page(phys_addr[i]); + if (page == NULL) + continue; + put_page(page); + } +} +#endif + static void free_operation(const struct tc_call_params *call_params, struct tc_op_params *op_params) { @@ -821,6 +969,11 @@ static void free_operation(const struct tc_call_params *call_params, temp_buf = NULL; } } else if (is_ref_mem(param_type)) { + struct tc_ns_shared_mem *shm = operation->sharemem[index]; + if (shm != NULL && shm->mem_type == RESERVED_TYPE) { + put_sharemem_struct(operation->sharemem[index]); + continue; + } put_sharemem_struct(operation->sharemem[index]); if (operation->mb_buffer[index]) mailbox_free(operation->mb_buffer[index]); @@ -833,6 +986,14 @@ static void free_operation(const struct tc_call_params *call_params, mailbox_free(temp_buf); temp_buf = NULL; } + } else if (param_type == TEEC_MEMREF_SHARED_INOUT) { +#ifdef CONFIG_NOCOPY_SHAREDMEM + temp_buf = local_tmpbuf[index].temp_buffer; + if (temp_buf != NULL) { + release_page(temp_buf); + mailbox_free(temp_buf); + } +#endif } } } @@ -896,9 +1057,7 @@ static int init_smc_cmd(const struct tc_call_params *call_params, smc_cmd->err_origin = context->returns.origin; smc_cmd->started = context->started; smc_cmd->ca_pid = current->pid; - - if (tzmp2_uid(context, smc_cmd, global) != EOK) - tloge("caution! tzmp uid failed !\n\n"); + smc_cmd->pid = current->tgid; tlogv("current uid is %u\n", smc_cmd->uid); if (context->param_types) { @@ -912,6 +1071,10 @@ static int init_smc_cmd(const struct tc_call_params *call_params, } smc_cmd->login_method = context->login.method; + /* if smc from kernel CA, set login method to TEEK_LOGIN_IDENTIFY */ + if (call_params->dev->kernel_api == TEE_REQ_FROM_KERNEL_MODE) + smc_cmd->login_method = TEEK_LOGIN_IDENTIFY; + return 0; } @@ -934,16 +1097,6 @@ static int check_login_for_encrypt(const struct tc_call_params *call_params, struct mb_cmd_pack *mb_pack = op_params->mb_pack; if (need_check_login(call_params, op_params) && sess) { -#ifdef CONFIG_AUTH_ENHANCE - int ret = do_encryption(sess->auth_hash_buf, - sizeof(sess->auth_hash_buf), - MAX_SHA_256_SZ * (NUM_OF_SO + 1), - sess->secure_info.crypto_info.key); - if (ret) { - tloge("hash encryption failed ret=%d\n", ret); - return ret; - } -#endif if (memcpy_s(mb_pack->login_data, sizeof(mb_pack->login_data), sess->auth_hash_buf, sizeof(sess->auth_hash_buf))) { @@ -1017,6 +1170,14 @@ static void release_tc_call_resource(const struct tc_call_params *call_params, call_params->context->returns.code = tee_ret; call_params->context->returns.origin = op_params->smc_cmd->err_origin; + /* + * 1. when CA invoke command and crash, Gtask release service node + * then del ion won't be triggered, so here tzdriver need to kill ion; + *2. when ta crash, tzdriver also need to kill ion + */ + if (tee_ret == TEE_ERROR_TAGET_DEAD || tee_ret == TEEC_ERROR_GENERIC) + kill_ion_by_uuid((struct tc_uuid *)op_params->smc_cmd->uuid); + if (op_params->op_inited) free_operation(call_params, op_params); @@ -1037,38 +1198,21 @@ static int config_smc_cmd_context(const struct tc_call_params *call_params, if (ret) return ret; - ret = load_security_enhance_info(call_params, op_params); - if (ret) - tloge("load_security_enhance_info failed\n"); - return ret; } static int handle_ta_pending(const struct tc_call_params *call_params, struct tc_op_params *op_params, int *tee_ret) { - int ret; - if (*tee_ret != TEEC_PENDING) return 0; while (*tee_ret == TEEC_PENDING) { pend_ca_thread(call_params->sess, op_params->smc_cmd); - ret = append_teec_token(call_params, op_params); - if (ret) { - tloge("append teec's member failed\n"); - return ret; - } - *tee_ret = tc_ns_smc_with_no_nr(op_params->smc_cmd); - ret = post_process_token(call_params, op_params); - if (ret) { - tloge("no nr smc post proc token failed\n"); - return ret; - } } - return ret; + return 0; } static int post_proc_smc_return(const struct tc_call_params *call_params, @@ -1077,7 +1221,7 @@ static int post_proc_smc_return(const struct tc_call_params *call_params, int ret; if (tee_ret) { - tloge("smc call ret 0x%x, cmd ret val 0x%x, origin %d\n", tee_ret, + tloge("smc call ret 0x%x, cmd ret val 0x%x, origin %u\n", tee_ret, op_params->smc_cmd->ret_val, op_params->smc_cmd->err_origin); /* same as libteec_vendor, err from TEE, set ret positive */ ret = EFAULT; @@ -1122,12 +1266,6 @@ int tc_client_call(const struct tc_call_params *call_params) reset_session_id(call_params, &op_params, tee_ret); - ret = post_process_token(call_params, &op_params); - if (ret != EOK) { - tloge("post process token failed\n"); - goto free_src; - } - ret = handle_ta_pending(call_params, &op_params, &tee_ret); if (ret) goto free_src; diff --git a/core/gp_ops.h b/core/gp_ops.h index 9a19269..c730e7b 100644 --- a/core/gp_ops.h +++ b/core/gp_ops.h @@ -35,6 +35,13 @@ struct tc_op_params { bool op_inited; }; +struct pagelist_info { + uint64_t page_num; + uint64_t page_size; + uint64_t sharedmem_offset; + uint64_t sharedmem_size; +}; + int write_to_client(void __user *dest, size_t dest_size, const void *src, size_t size, uint8_t kernel_api); int read_from_client(void *dest, size_t dest_size, diff --git a/core/mailbox_mempool.c b/core/mailbox_mempool.c index 078206d..b5702d4 100644 --- a/core/mailbox_mempool.c +++ b/core/mailbox_mempool.c @@ -340,6 +340,7 @@ static struct dentry *g_mb_dbg_dentry; static unsigned int mb_dbg_add_entry(void *ptr) { struct mb_dbg_entry *new_entry = NULL; + unsigned int index = 0; new_entry = kmalloc(sizeof(*new_entry), GFP_KERNEL); if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)new_entry)) { @@ -355,9 +356,10 @@ static unsigned int mb_dbg_add_entry(void *ptr) if ((g_mb_dbg_entry_count++) == 0) g_mb_dbg_entry_count++; list_add_tail(&new_entry->node, &mb_dbg_list); + index = new_entry->idx; mutex_unlock(&mb_dbg_lock); - return new_entry->idx; + return index; } static void mb_dbg_remove_entry(unsigned int idx) @@ -556,6 +558,12 @@ free_smc_cmd: return ret; } +static void mailbox_debug_init(void) +{ + g_mb_dbg_dentry = debugfs_create_dir("tz_mailbox", NULL); + debugfs_create_file("state", STATE_MODE, g_mb_dbg_dentry, NULL, &g_mb_dbg_state_fops); +} + int mailbox_mempool_init(void) { int i; @@ -609,11 +617,7 @@ int mailbox_mempool_init(void) list_add_tail(&mb_page->node, &area->page_list); g_m_zone->all_pages = all_pages; mutex_init(&g_mb_lock); - g_mb_dbg_dentry = debugfs_create_dir("tz_mailbox", NULL); - debugfs_create_file("opt", OPT_MODE, g_mb_dbg_dentry, NULL, - &g_mb_dbg_opt_fops); - debugfs_create_file("state", STATE_MODE, g_mb_dbg_dentry, NULL, - &g_mb_dbg_state_fops); + mailbox_debug_init(); return 0; } diff --git a/core/mem.c b/core/mem.c index 45ee168..a75ed44 100644 --- a/core/mem.c +++ b/core/mem.c @@ -33,11 +33,18 @@ #include "agent.h" #include "tc_ns_log.h" #include "mailbox_mempool.h" +#include "reserved_mempool.h" void tc_mem_free(struct tc_ns_shared_mem *shared_mem) { if (!shared_mem) return; + + if (shared_mem->mem_type == RESERVED_TYPE) { + reserved_mem_free(shared_mem->kernel_addr); + kfree(shared_mem); + return; + } if (shared_mem->kernel_addr) { vfree(shared_mem->kernel_addr); @@ -46,6 +53,15 @@ void tc_mem_free(struct tc_ns_shared_mem *shared_mem) kfree(shared_mem); } +static void init_shared_mem(struct tc_ns_shared_mem *sh, void *addr, size_t len) +{ + sh->kernel_addr = addr; + sh->len = len; + sh->user_addr = INVALID_MAP_ADDR; + sh->user_addr_ca = INVALID_MAP_ADDR; + atomic_set(&sh->usage, 0); +} + struct tc_ns_shared_mem *tc_mem_allocate(size_t len) { struct tc_ns_shared_mem *shared_mem = NULL; @@ -56,8 +72,24 @@ struct tc_ns_shared_mem *tc_mem_allocate(size_t len) tloge("shared_mem kmalloc failed\n"); return ERR_PTR(-ENOMEM); } - + shared_mem->mem_type = VMALLOC_TYPE; len = ALIGN(len, SZ_4K); + if (exist_res_mem()) { + if (len > RESEVED_MAX_ALLOC_SIZE || len > RESEVED_MEM_POOL_SIZE) { + tloge("allocate reserved mem size too large\n"); + return ERR_PTR(-EINVAL); + } + addr = reserved_mem_alloc(len); + if (addr) { + shared_mem->mem_type = RESERVED_TYPE; + init_shared_mem(shared_mem, addr, len); + return shared_mem; + } else { + tlogw("no more reserved memory to alloc so we use system vmalloc.\n"); + } + } + + if (len > MAILBOX_POOL_SIZE) { tloge("alloc sharemem size %zu is too large\n", len); kfree(shared_mem); @@ -69,10 +101,6 @@ struct tc_ns_shared_mem *tc_mem_allocate(size_t len) kfree(shared_mem); return ERR_PTR(-ENOMEM); } - shared_mem->kernel_addr = addr; - shared_mem->len = len; - shared_mem->user_addr = NULL; - shared_mem->user_addr_ca = NULL; - atomic_set(&shared_mem->usage, 0); + init_shared_mem(shared_mem, addr, len); return shared_mem; } \ No newline at end of file diff --git a/core/session_manager.c b/core/session_manager.c index 0fae3e8..3460cef 100644 --- a/core/session_manager.c +++ b/core/session_manager.c @@ -47,10 +47,10 @@ #include "gp_ops.h" #include "tc_ns_log.h" #include "teek_client_constants.h" -#include "security_auth_enhance.h" +#include "client_hash_auth.h" #include "mailbox_mempool.h" #include "tc_client_driver.h" -#include "teec_daemon_auth.h" +#include "tee_trace_event.h" #include "tz_kthread_affinity.h" static DEFINE_MUTEX(g_load_app_lock); @@ -88,17 +88,6 @@ void put_session_struct(struct tc_ns_session *session) if (!session || !atomic_dec_and_test(&session->usage)) return; -#ifdef CONFIG_AUTH_ENHANCE - if (session->teec_token.token_buffer) { - if (memset_s( - session->teec_token.token_buffer, - session->teec_token.token_len, 0, - session->teec_token.token_len)) - tloge("Caution, memset failed!\n"); - kfree(session->teec_token.token_buffer); - session->teec_token.token_buffer = NULL; - } -#endif if (memset_s(session, sizeof(*session), 0, sizeof(*session))) tloge("Caution, memset failed!\n"); kfree(session); @@ -206,24 +195,6 @@ struct tc_ns_session *tc_find_session_withowner( return NULL; } -static struct tc_ns_session *tc_find_and_del_session( - struct tc_ns_service *service, struct tc_ns_dev_file *dev) -{ - struct tc_ns_session *session = NULL; - - mutex_lock(&service->session_lock); - list_for_each_entry(session, &service->session_list, head) { - if (session->owner == dev) { - get_session_struct(session); - list_del(&session->head); - mutex_unlock(&service->session_lock); - return session; - } - } - mutex_unlock(&service->session_lock); - return NULL; -} - struct tc_ns_service *tc_find_service_in_dev(const struct tc_ns_dev_file *dev, const unsigned char *uuid, int uuid_size) { @@ -361,9 +332,7 @@ int tc_ns_load_secfile(struct tc_ns_dev_file *dev_file, } else if (ioctl_arg.secfile_type == LOAD_LIB) { ret = tc_ns_load_image(dev_file, ioctl_arg.file_buffer, ioctl_arg.file_size, NULL, ioctl_arg.secfile_type); - } else if (ioctl_arg.secfile_type == LOAD_DYNAMIC_DRV) { - ret = check_teecd_access(); - if (ret == EOK) + } else if (ioctl_arg.secfile_type == LOAD_DYNAMIC_DRV || ioctl_arg.secfile_type == LOAD_SERVICE) { ret = tc_ns_load_image(dev_file, ioctl_arg.file_buffer, ioctl_arg.file_size, NULL, ioctl_arg.secfile_type); } else { @@ -859,31 +828,10 @@ static int proc_open_session(struct tc_ns_dev_file *dev_file, return ret; } - ret = get_session_secure_params(dev_file, context, session); - if (ret) { - tloge("Get session secure parameters failed, ret = %d\n", ret); - /* Clean this session secure information */ - clean_session_secure_information(session); - mutex_unlock(&service->operation_lock); - return ret; - } -#ifdef CONFIG_AUTH_ENHANCE - session->teec_token.token_buffer = - kzalloc(TOKEN_BUFFER_LEN, GFP_KERNEL); - session->teec_token.token_len = TOKEN_BUFFER_LEN; - if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t) - session->teec_token.token_buffer)) { - tloge("kzalloc %d bytes token failed\n", TOKEN_BUFFER_LEN); - /* Clean this session secure information */ - clean_session_secure_information(session); - mutex_unlock(&service->operation_lock); - return -ENOMEM; - } -#endif ret = tc_client_call(¶ms); if (ret) { /* Clean this session secure information */ - clean_session_secure_information(session); + kill_ion_by_uuid((struct tc_uuid *)context->uuid); mutex_unlock(&service->operation_lock); tloge("smc call returns error, ret=0x%x\n", ret); return ret; @@ -898,21 +846,12 @@ static int proc_open_session(struct tc_ns_dev_file *dev_file, return ret; } -void free_session_token_buf(struct tc_ns_session *session) +static void clear_context_param(struct tc_ns_client_context *context) { -#ifdef CONFIG_AUTH_ENHANCE - if (session && - session->teec_token.token_buffer) { - if (memset_s(session->teec_token.token_buffer, - session->teec_token.token_len, - 0, session->teec_token.token_len)) - tloge("Caution, memset failed!\n"); - kfree(session->teec_token.token_buffer); - session->teec_token.token_buffer = NULL; - } -#else - (void)session; -#endif + context->params[2].memref.size_addr = 0; + context->params[2].memref.buffer = 0; + context->params[3].memref.size_addr = 0; + context->params[3].memref.buffer = 0; } int tc_ns_open_session(struct tc_ns_dev_file *dev_file, @@ -930,14 +869,15 @@ int tc_ns_open_session(struct tc_ns_dev_file *dev_file, ret = check_login_method(dev_file, context, &flags); if (ret) - return ret; + goto err_clear_param; context->cmd_id = GLOBAL_CMD_ID_OPEN_SESSION; service = find_service(dev_file, context); if (!service) { tloge("find service failed\n"); - return -ENOMEM; + ret = -ENOMEM; + goto err_clear_param; } session = kzalloc(sizeof(*session), GFP_KERNEL); @@ -946,20 +886,29 @@ int tc_ns_open_session(struct tc_ns_dev_file *dev_file, mutex_lock(&dev_file->service_lock); del_service_from_dev(dev_file, service); mutex_unlock(&dev_file->service_lock); - return -ENOMEM; + ret = -ENOMEM; + goto err_clear_param; } mutex_init(&session->ta_session_lock); + ret = calc_client_auth_hash(dev_file, context, session); + if (ret) { + tloge("calc client auth hash failed\n"); + goto err_free_rsrc; + } + ret = proc_open_session(dev_file, context, service, session, flags); if (!ret) - return ret; - free_session_token_buf(session); + goto err_clear_param; +err_free_rsrc: mutex_lock(&dev_file->service_lock); del_service_from_dev(dev_file, service); mutex_unlock(&dev_file->service_lock); kfree(session); +err_clear_param: + clear_context_param(context); return ret; } @@ -1017,32 +966,31 @@ static int close_session(struct tc_ns_dev_file *dev, if (ret) tloge("close session failed, ret=0x%x\n", ret); + kill_ion_by_uuid((struct tc_uuid *)context.uuid); return ret; } static void close_session_in_service_list(struct tc_ns_dev_file *dev, struct tc_ns_service *service) { - int ret; + struct tc_ns_session *tmp_session = NULL; struct tc_ns_session *session = NULL; + int ret; - session = tc_find_and_del_session(service, dev); - while (session) { + list_for_each_entry_safe(session, tmp_session, + &service->session_list, head) { + if (session->owner != dev) + continue; ret = close_session(dev, session, service->uuid, (unsigned int)UUID_LEN, session->session_id); if (ret) tloge("close session smc failed when close fd!\n"); -#ifdef CONFIG_AUTH_ENHANCE - /* Clean session secure information */ - if (memset_s(&session->secure_info, - sizeof(session->secure_info), 0, - sizeof(session->secure_info))) - tloge("memset error\n"); -#endif + + mutex_lock(&service->session_lock); + list_del(&session->head); + mutex_unlock(&service->session_lock); put_session_struct(session); /* pair with find session */ - put_session_struct(session); /* pair with open session */ - session = tc_find_and_del_session(service, dev); } } @@ -1139,13 +1087,7 @@ int tc_ns_close_session(struct tc_ns_dev_file *dev_file, mutex_unlock(&session->ta_session_lock); if (ret2) tloge("close session smc failed!\n"); -#ifdef CONFIG_AUTH_ENHANCE - /* Clean this session secure information */ - if (memset_s(&session->secure_info, - sizeof(session->secure_info), - 0, sizeof(session->secure_info))) - tloge("close session memset error\n"); -#endif + mutex_lock(&service->session_lock); list_del(&session->head); mutex_unlock(&service->session_lock); @@ -1254,7 +1196,9 @@ int tc_client_session_ioctl(struct file *file, unsigned int cmd, ret = tc_ns_close_session(dev_file, &context); break; case TC_NS_CLIENT_IOCTL_SEND_CMD_REQ: + tee_trace_add_event(INVOKE_CMD_START, 0); ret = ioctl_session_send_cmd(dev_file, &context, argp); + tee_trace_add_event(INVOKE_CMD_END, 0); break; default: freezer_count(); -- Gitee From 3e2ae5e1fb972b150c5e085480373173ff57aeee Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 07:53:34 +0000 Subject: [PATCH 09/33] update smc_smp --- core/smc_smp.c | 151 +++++++++++++++++++--------------------- core/smc_smp.h | 9 ++- core/tc_client_driver.c | 80 ++++++++++++--------- core/tee_compat_check.c | 3 +- core/tee_compat_check.h | 4 +- 5 files changed, 127 insertions(+), 120 deletions(-) diff --git a/core/smc_smp.c b/core/smc_smp.c index ec4eda0..ed0469d 100644 --- a/core/smc_smp.c +++ b/core/smc_smp.c @@ -65,8 +65,8 @@ #include "log_cfg_api.h" #include "tz_kthread_affinity.h" #include "tee_compat_check.h" +#include "tee_trace_event.h" -#define SECS_SUSPEND_STATUS 0xA5A5 #define PREEMPT_COUNT 10000 #define HZ_COUNT 10 #define IDLED_COUNT 100 @@ -93,6 +93,8 @@ #define MAX_CHAR 0xff +#define MAX_SIQ_NUM 4 + /* Current state of the system */ static uint8_t g_sys_crash; @@ -153,11 +155,8 @@ static spinlock_t g_pend_lock; static DECLARE_WAIT_QUEUE_HEAD(siq_th_wait); static DECLARE_WAIT_QUEUE_HEAD(ipi_th_wait); static atomic_t g_siq_th_run; - -enum { - TYPE_CRASH_TA = 1, - TYPE_CRASH_TEE = 2, -}; +static uint32_t g_siq_queue[MAX_SIQ_NUM]; +DEFINE_MUTEX(g_siq_lock); enum smc_ops_exit { SMC_OPS_NORMAL = 0x0, @@ -202,7 +201,7 @@ union crash_inf { static const char *g_hungtask_monitor_list[] = { }; -#define compile_time_assert(cond, msg) typedef char ASSERT_##msg[(cond) ? 1 : -1] +#define compile_time_assert(cond, msg) typedef char g_assert_##msg[(cond) ? 1 : -1] #ifndef CONFIG_BIG_SESSION compile_time_assert(sizeof(struct tc_ns_smc_queue) <= PAGE_SIZE, @@ -235,14 +234,6 @@ static void occupy_setbit_smc_in_doing_entry(int32_t i, int32_t *idx) *idx = i; } -static void occupy_clean_in_doing_entry(int32_t i) -{ - acquire_smc_buf_lock(&g_cmd_data->smc_lock); - clear_bit(i, (unsigned long *)g_cmd_data->in_bitmap); - clear_bit(i, (unsigned long *)g_cmd_data->doing_bitmap); - release_smc_buf_lock(&g_cmd_data->smc_lock); -} - static int occupy_free_smc_in_entry(const struct tc_ns_smc_cmd *cmd) { int idx = -1; @@ -290,26 +281,12 @@ get_smc_retry: return -1; } - if (update_timestamp(&g_cmd_data->in[idx])) { - tloge("update timestamp failed!\n"); - goto clean; - } - if (update_chksum(&g_cmd_data->in[idx])) { - tloge("update chksum failed\n"); - goto clean; - } - acquire_smc_buf_lock(&g_cmd_data->smc_lock); isb(); wmb(); clear_bit(idx, (unsigned long *)g_cmd_data->doing_bitmap); release_smc_buf_lock(&g_cmd_data->smc_lock); return idx; - -clean: - occupy_clean_in_doing_entry(i); - - return -1; } static int reuse_smc_in_entry(uint32_t idx) @@ -330,14 +307,6 @@ static int reuse_smc_in_entry(uint32_t idx) goto out; } release_smc_buf_lock(&g_cmd_data->smc_lock); - if (update_timestamp(&g_cmd_data->in[idx])) { - tloge("update timestamp failed!\n"); - return -1; - } - if (update_chksum(&g_cmd_data->in[idx])) { - tloge("update chksum failed\n"); - return -1; - } acquire_smc_buf_lock(&g_cmd_data->smc_lock); isb(); @@ -804,7 +773,9 @@ retry: set_smc_send_arg(&in_param, secret, ops); isb(); wmb(); + tee_trace_add_event(SMC_SEND, 0); send_asm_smc_cmd(&in_param, &out_param); + tee_trace_add_event(SMC_DONE, 0); isb(); wmb(); tlogd("[cpu %d] return val %lx exit_reason %lx ta %lx targ %lx\n", @@ -827,7 +798,7 @@ retry: secret->exit = SMC_EXIT_ABORT; tloge("receive kill signal\n"); } else { -#ifndef CONFIG_PREEMPT +#if (!defined(CONFIG_PREEMPT)) || defined(CONFIG_RTOS_PREEMPT_OFF) /* yield cpu to avoid soft lockup */ cond_resched(); #endif @@ -919,21 +890,50 @@ unsigned long raw_smc_send(uint32_t cmd, phys_addr_t cmd_addr, return x0; } -void siq_dump(phys_addr_t mode) +static void siq_dump(phys_addr_t mode, uint32_t siq_mode) { (void)raw_smc_send(TSP_REE_SIQ, mode, 0, false); + if (siq_mode == SIQ_DUMP_TIMEOUT) { + tz_log_write(); + } else if (siq_mode == SIQ_DUMP_SHELL) { #ifdef CONFIG_TEE_LOG_DUMP_PATH (void)tlogger_store_msg(CONFIG_TEE_LOG_DUMP_PATH, sizeof(CONFIG_TEE_LOG_DUMP_PATH)); #else tz_log_write(); #endif + } do_cmd_need_archivelog(); } +static uint32_t get_free_siq_index(void) +{ + uint32_t i; + + for (i = 0; i < MAX_SIQ_NUM; i++) { + if (g_siq_queue[i] == 0) + return i; + } + + return MAX_SIQ_NUM; +} + +static uint32_t get_undo_siq_index(void) +{ + uint32_t i; + + for (i = 0; i < MAX_SIQ_NUM; i++) { + if (g_siq_queue[i] != 0) + return i; + } + + return MAX_SIQ_NUM; +} + static int siq_thread_fn(void *arg) { int ret; + uint32_t i; while (1) { ret = wait_event_interruptible(siq_th_wait, @@ -942,8 +942,17 @@ static int siq_thread_fn(void *arg) tloge("wait event interruptible failed!\n"); return -EINTR; } + + mutex_lock(&g_siq_lock); + do { + i = get_undo_siq_index(); + if (i >= MAX_SIQ_NUM) + break; + siq_dump((phys_addr_t)(1), g_siq_queue[i]); + g_siq_queue[i] = 0; + }while(1); atomic_set(&g_siq_th_run, 0); - siq_dump((phys_addr_t)(1)); + mutex_unlock(&g_siq_lock); } } @@ -988,11 +997,6 @@ static void upload_audit_event(unsigned int eventindex) static void cmd_result_check(struct tc_ns_smc_cmd *cmd) { - if (cmd->ret_val == TEEC_SUCCESS && verify_chksum(cmd)) { - cmd->ret_val = TEEC_ERROR_GENERIC; - tloge("verify chksum failed\n"); - } - if (cmd->ret_val == TEEC_PENDING || cmd->ret_val == TEEC_PENDING2) tlogd("wakeup command %u\n", cmd->event_nr); @@ -1117,16 +1121,6 @@ static void shadow_wo_pm(const void *arg, struct smc_out_params *out_params, } #endif -static int power_on_cc(void) -{ - return 0; -} - -static int power_down_cc(void) -{ - return 0; -} - static void set_preempted_counter(int *n_preempted, int *n_idled, struct pending_entry *pe) { @@ -1134,7 +1128,7 @@ static void set_preempted_counter(int *n_preempted, int *n_idled, (*n_preempted)++; if (*n_preempted > PREEMPT_COUNT) { - tlogi("%s: retry 10K times on CPU%d\n", __func__, smp_processor_id()); + tlogd("counter too large: retry 10K times on CPU%d\n", smp_processor_id()); *n_preempted = 0; } #ifndef CONFIG_PREEMPT @@ -1240,7 +1234,7 @@ retry_wo_pm: goto clean_wo_pm; } else if (ret == RETRY_WITH_PM) { if (match_ta_affinity(pe)) - tlogi("set shadow pid %d\n", pe->task->pid); + tlogd("set shadow pid %d\n", pe->task->pid); goto retry; } } else { @@ -1293,6 +1287,7 @@ static int proc_smc_wakeup_ca(pid_t ca, int which) struct pending_entry *pe = find_pending_entry(ca); if (!pe) { + (void)raw_smc_send(TSP_REE_SIQ, (phys_addr_t)ca, 0, false); tlogd("invalid ca pid=%d for pending entry\n", (int)ca); return -1; @@ -1322,6 +1317,7 @@ int smc_wakeup_broadcast(void) int smc_wakeup_ca(pid_t ca) { + tee_trace_add_event(SPI_WAKEUP, ca); return proc_smc_wakeup_ca(ca, 1); } @@ -1334,6 +1330,7 @@ void fiq_shadow_work_func(uint64_t target) { struct smc_cmd_ret secret = { SMC_EXIT_MAX, 0, target }; + secs_suspend__status(target); if (power_on_cc()) { tloge("power on cc failed\n"); return; @@ -1621,12 +1618,6 @@ static int set_abort_cmd(int index) g_cmd_data->in[index].operation_h_phys = 0; g_cmd_data->in[index].login_data_phy = 0; g_cmd_data->in[index].login_data_h_addr = 0; -#ifdef CONFIG_AUTH_ENHANCE - g_cmd_data->in[index].token_phys = 0; - g_cmd_data->in[index].token_h_phys = 0; - g_cmd_data->in[index].params_phys = 0; - g_cmd_data->in[index].params_h_phys = 0; -#endif clear_bit(index, (unsigned long *)g_cmd_data->doing_bitmap); release_smc_buf_lock(&g_cmd_data->smc_lock); @@ -1726,6 +1717,7 @@ static enum pending_t proc_ta_pending(struct pending_entry *pe, resleep: cur_timeout = jiffies_to_msecs(step->steps[step->cur]); + tee_trace_add_event(SMC_SLEEP, 0); if (!wait_event_timeout(pe->wq, atomic_read(&pe->run), step->steps[step->cur])) { if (step->cur < (step->size - 1)) { @@ -1900,9 +1892,23 @@ bool is_tee_hungtask(struct task_struct *task) return false; } -void wakeup_tc_siq(void) +void wakeup_tc_siq(uint32_t siq_mode) { + uint32_t i; + + if (siq_mode == 0) + return; + + mutex_lock(&g_siq_lock); + i = get_free_siq_index(); + if (i >= MAX_SIQ_NUM) { + tloge("dump is too frequent\n"); + mutex_unlock(&g_siq_lock); + return; + } + g_siq_queue[i] = siq_mode; atomic_set(&g_siq_th_run, 1); + mutex_unlock(&g_siq_lock) wake_up_interruptible(&siq_th_wait); } @@ -2024,27 +2030,19 @@ static int parse_params_from_tee(void) void *buffer = NULL; buffer = (void *)(g_cmd_data->in); - ret = get_session_root_key((uint32_t *)buffer, ROOT_KEY_BUF_LEN); - if (ret) { - tloge("get session root key failed\n"); - return ret; - } - ret = check_teeos_compat_level((uint32_t *)(buffer + ROOT_KEY_BUF_LEN), + ret = check_teeos_compat_level((uint32_t *)buffer, COMPAT_LEVEL_BUF_LEN); if (ret) { tloge("check teeos compatibility failed\n"); - goto free_mem; + return ret; } if (memset_s(buffer, sizeof(g_cmd_data->in), 0, sizeof(g_cmd_data->in))) { tloge("Clean the command buffer failed\n"); ret = -EFAULT; - goto free_mem; + return ret; } return 0; -free_mem: - free_root_key(); - return ret; } int smc_context_init(const struct device *class_dev) @@ -2087,7 +2085,6 @@ free_siq_worker: free_mem: free_page((unsigned long)(uintptr_t)g_cmd_data); g_cmd_data = NULL; - free_root_key(); return ret; } @@ -2120,6 +2117,4 @@ void smc_free_data(void) kthread_stop(g_smc_svc_thread); g_smc_svc_thread = NULL; } - - free_root_key(); } diff --git a/core/smc_smp.h b/core/smc_smp.h index 752ff51..f71a6b3 100644 --- a/core/smc_smp.h +++ b/core/smc_smp.h @@ -53,11 +53,7 @@ struct pending_entry { #ifdef CONFIG_BIG_SESSION #define MAX_SMC_CMD CONFIG_BIG_SESSION #else -#ifdef CONFIG_AUTH_ENHANCE #define MAX_SMC_CMD 18 -#else -#define MAX_SMC_CMD 23 -#endif #endif #ifdef DIV_ROUND_UP @@ -87,6 +83,9 @@ struct pending_entry { #endif #define DECLARE_BITMAP(name, bits) uint64_t name[BITS_TO_LONGS(bits)] +#define SIQ_DUMP_TIMEOUT 1U +#define SIQ_DUMP_SHELL 2U + typedef uint32_t smc_buf_lock_t; struct tc_ns_smc_queue { @@ -122,6 +121,6 @@ struct pending_entry *find_pending_entry(pid_t pid); void foreach_pending_entry(void (*func)(struct pending_entry *)); void put_pending_entry(struct pending_entry *pe); void show_cmd_bitmap(void); -void wakeup_tc_siq(void); +void wakeup_tc_siq(uint32_t siq_mode); #endif diff --git a/core/tc_client_driver.c b/core/tc_client_driver.c index a429855..e2f2ee7 100644 --- a/core/tc_client_driver.c +++ b/core/tc_client_driver.c @@ -68,14 +68,15 @@ #include "tc_ns_client.h" #include "mailbox_mempool.h" #include "tz_spi_notify.h" -#include "teec_daemon_auth.h" -#include "security_auth_enhance.h" +#include "client_hash_auth.h" #include "auth_base_impl.h" #include "tlogger.h" +#include "tzdebug.h" #include "session_manager.h" #include "ko_adapt.h" #include "tz_pm.h" #include "tz_kthread_affinity.h" +#include "reserved_mempool.h" static dev_t g_tc_ns_client_devt; static struct class *g_driver_class; @@ -155,16 +156,16 @@ static int tc_ns_get_tee_version(const struct tc_ns_dev_file *dev_file, static int get_pack_name_len(struct tc_ns_dev_file *dev_file, const uint8_t *cert_buffer) { - if (memcpy_s(&dev_file->pkg_name_len, sizeof(dev_file->pkg_name_len), - cert_buffer, sizeof(dev_file->pkg_name_len))) + uint32_t tmp_len = 0; + dev_file->pkg_name_len = 0; + if (memcpy_s(&tmp_len, sizeof(tmp_len), cert_buffer, sizeof(tmp_len))) return -EFAULT; - if (!dev_file->pkg_name_len || - dev_file->pkg_name_len >= MAX_PACKAGE_NAME_LEN) { - tloge("invalid pack name len: %u\n", dev_file->pkg_name_len); + if (tmp_len == 0 || tmp_len >= MAX_PACKAGE_NAME_LEN) { + tloge("invalid pack name len: %u\n", tmp_len); return -EINVAL; } - + dev_file->pkg_name_len = tmp_len; tlogd("package name len is %u\n", dev_file->pkg_name_len); return 0; @@ -173,15 +174,16 @@ static int get_pack_name_len(struct tc_ns_dev_file *dev_file, static int get_public_key_len(struct tc_ns_dev_file *dev_file, const uint8_t *cert_buffer) { - if (memcpy_s(&dev_file->pub_key_len, sizeof(dev_file->pub_key_len), - cert_buffer, sizeof(dev_file->pub_key_len))) + uint32_t tmp_len = 0; + dev_file->pub_key_len = 0; + if (memcpy_s(&tmp_len, sizeof(tmp_len), cert_buffer, sizeof(tmp_len))) return -EFAULT; - if (dev_file->pub_key_len > MAX_PUBKEY_LEN) { + if (tmp_len > MAX_PUBKEY_LEN) { tloge("invalid public key len: %u\n", dev_file->pub_key_len); return -EINVAL; } - + dev_file->pub_key_len = tmp_len; tlogd("publick key len is %u\n", dev_file->pub_key_len); return 0; @@ -227,11 +229,6 @@ static bool is_cert_buffer_size_valid(int cert_buffer_size) static int alloc_login_buf(struct tc_ns_dev_file *dev_file, uint8_t **cert_buffer, unsigned int *cert_buffer_size) { - if (check_teecd_access()) { - tloge("tc client login verification failed!\n"); - return -EACCES; - } - *cert_buffer_size = (unsigned int)(MAX_PACKAGE_NAME_LEN + MAX_PUBKEY_LEN + sizeof(dev_file->pkg_name_len) + sizeof(dev_file->pub_key_len)); @@ -389,6 +386,7 @@ int tc_ns_client_close(struct tc_ns_dev_file *dev) close_unclosed_session_in_kthread(dev); + kill_ion_by_cafd(dev->dev_file_id); /* for thirdparty agent, code runs here only when agent crashed */ send_crashed_event_response_all(dev); free_dev(dev); @@ -414,16 +412,16 @@ static void release_vma_shared_mem(struct tc_ns_dev_file *dev_file, if (shared_mem) { if (shared_mem->user_addr == (void *)(uintptr_t)vma->vm_start) { - shared_mem->user_addr = NULL; + shared_mem->user_addr = INVALID_MAP_ADDR; find = true; } else if (shared_mem->user_addr_ca == (void *)(uintptr_t)vma->vm_start) { - shared_mem->user_addr_ca = NULL; + shared_mem->user_addr_ca = INVALID_MAP_ADDR; find = true; } - if (!shared_mem->user_addr && - !shared_mem->user_addr_ca) + if ((shared_mem->user_addr == INVALID_MAP_ADDR) && + (shared_mem->user_addr_ca == INVALID_MAP_ADDR)) list_del(&shared_mem->head); /* pair with tc client mmap */ @@ -485,8 +483,8 @@ static struct tc_ns_shared_mem *find_sharedmem( * 1. this shared mem is already mapped * 2. remap a different size shared_mem */ - if (shm_tmp->user_addr_ca || - vma->vm_end - vma->vm_start != shm_tmp->len) { + if ((shm_tmp->user_addr_ca != INVALID_MAP_ADDR)|| + (vma->vm_end - vma->vm_start != shm_tmp->len)) { tloge("already remap once!\n"); return NULL; } @@ -505,6 +503,14 @@ static int remap_shared_mem(struct vm_area_struct *vma, const struct tc_ns_shared_mem *shared_mem) { int ret; + if (shared_mem->mem_type == RESERVED_TYPE) { + unsigned long pfn = res_mem_virt_to_phys((uintptr_t)(shared_mem->kernel_addr)) >> PAGE_SHIFT; + unsigned long size = vma->vm_end - vma->vm_start; + ret = remap_pfn_range(vma, vma->vm_start, pfn, size, vma->vm_page_prot); // PAGE_SHARED + if (ret) + tloge("remap pfn for user failed, ret %d", ret); + return ret; + } vma->vm_flags |= VM_USERMAP; ret = remap_vmalloc_range(vma, shared_mem->kernel_addr, 0); @@ -757,12 +763,6 @@ static int tc_client_open(struct inode *inode, struct file *file) int ret; struct tc_ns_dev_file *dev = NULL; - ret = check_teecd_access(); - if (ret) { - tloge(KERN_ERR "teecd service may be exploited 0x%x\n", ret); - return -EACCES; - } - g_teecd_task = current->group_leader; file->private_data = NULL; ret = tc_ns_client_open(&dev, TEE_REQ_FROM_USER_MODE); @@ -789,7 +789,6 @@ static int tc_client_close(struct inode *inode, struct file *file) int ret = 0; struct tc_ns_dev_file *dev = file->private_data; - clean_agent_pid_info(dev); if (g_teecd_task == current->group_leader && !tc_ns_get_uid()) { /* for teecd close fd */ if ((g_teecd_task->flags & PF_EXITING) || @@ -965,6 +964,10 @@ static int tc_ns_client_init(struct device **class_dev) ret = load_hw_info(); if (ret) return ret; + + ret = load_reserved_mem(); + if (ret) + return ret; if (alloc_chrdev_region(&g_tc_ns_client_devt, 0, 1, TC_NS_CLIENT_DEV)) { @@ -1016,6 +1019,12 @@ static int tc_teeos_init(struct device *class_dev) return ret; } + ret = reserved_mempool_init(); + if (ret) { + tloge("reserved memory init failed\n"); + goto smc_data_free; + } + ret = mailbox_mempool_init(); if (ret) { tloge("tz mailbox init failed\n"); @@ -1025,11 +1034,12 @@ static int tc_teeos_init(struct device *class_dev) ret = tz_spi_init(class_dev, g_dev_node); if (ret) { tloge("tz spi init failed\n"); - goto release_mailbox; + goto release_mempool; } return 0; -release_mailbox: +release_mempool: mailbox_mempool_destroy(); + free_reserved_mempool(); smc_data_free: smc_free_data(); return ret; @@ -1037,7 +1047,7 @@ smc_data_free: static void tc_re_init(const struct device *class_dev) { - int ret = 0; + int ret; agent_init(); @@ -1046,6 +1056,8 @@ static void tc_re_init(const struct device *class_dev) if (ret) tloge("tlogger init failed\n"); #endif + if (tzdebug_init()) + tloge("tzdebug init failed\n"); if (init_smc_svc_thread()) { tloge("init svc thread\n"); @@ -1094,9 +1106,11 @@ static void tc_exit(void) smc_free_data(); agent_exit(); #ifdef CONFIG_TZDRIVER_MODULE + tzdebug_exit(); exit_tlogger_service(); #endif mailbox_mempool_destroy(); + free_reserved_mempool(); tee_exit_shash_handle(); } diff --git a/core/tee_compat_check.c b/core/tee_compat_check.c index 0ee46e3..12342a9 100644 --- a/core/tee_compat_check.c +++ b/core/tee_compat_check.c @@ -42,9 +42,8 @@ int32_t check_teeos_compat_level(uint32_t *buffer, uint32_t size) return -EPERM; } /* just print warning */ - if (buffer[2] != minor) { + if (buffer[2] != minor) tlogw("check minor ver failed, minor tz=%u, minor tee=%u\n", minor, buffer[2]); - } return 0; } diff --git a/core/tee_compat_check.h b/core/tee_compat_check.h index f34a536..2eb28a0 100644 --- a/core/tee_compat_check.h +++ b/core/tee_compat_check.h @@ -25,8 +25,8 @@ * this version number MAJOR.MINOR is used * to identify the compatibility of tzdriver and teeos */ -#define TEEOS_COMPAT_LEVEL_MAJOR 0 -#define TEEOS_COMPAT_LEVEL_MINOR 1 +#define TEEOS_COMPAT_LEVEL_MAJOR 1 +#define TEEOS_COMPAT_LEVEL_MINOR 0 #define VER_CHECK_MAGIC_NUM 0x5A5A5A5A #define COMPAT_LEVEL_BUF_LEN 12 -- Gitee From ef79da164b713a4bd7128a31a12d08b3391c03c3 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 08:18:37 +0000 Subject: [PATCH 10/33] update core --- core/teek_app_load.c | 13 +++----- core/teek_client_api.c | 21 ++---------- core/tz_pm.c | 72 ++++++++++++++++++++++++------------------ core/tz_spi_notify.c | 12 ++++--- 4 files changed, 57 insertions(+), 61 deletions(-) diff --git a/core/teek_app_load.c b/core/teek_app_load.c index 0be72b2..0b74a03 100644 --- a/core/teek_app_load.c +++ b/core/teek_app_load.c @@ -26,7 +26,6 @@ static int32_t teek_open_app_file(struct file *fp, char **file_buf, uint32_t total_img_len) { loff_t pos = 0; - mm_segment_t old_fs; uint32_t read_size; char *file_buffer = NULL; @@ -41,12 +40,7 @@ static int32_t teek_open_app_file(struct file *fp, char **file_buf, uint32_t tot return TEEC_ERROR_GENERIC; } - old_fs = get_fs(); - set_fs(KERNEL_DS); - - read_size = (uint32_t)koadpt_vfs_read(fp, file_buffer, total_img_len, &pos); - - set_fs(old_fs); + read_size = (uint32_t)kernel_read(fp, file_buffer, total_img_len, &pos); if (read_size != total_img_len) { tloge("read ta file failed, read size/total size=%u/%u\n", read_size, total_img_len); @@ -76,7 +70,10 @@ static int32_t teek_read_app(const char *load_file, char **file_buf, uint32_t *f if (ret != TEEC_SUCCESS) tloge("do read app fail\n"); - filp_close(fp, 0); + if (fp != NULL) { + filp_close(fp, 0); + fp = NULL; + } return ret; } diff --git a/core/teek_client_api.c b/core/teek_client_api.c index 3148da4..b0bc834 100644 --- a/core/teek_client_api.c +++ b/core/teek_client_api.c @@ -450,7 +450,7 @@ static uint32_t open_session_and_switch_ret(struct teec_session *session, session->context = context; return TEEC_SUCCESS; } else if (ret < 0) { - tloge("open session failed, ioctl errno = %u\n", ret); + tloge("open session failed, ioctl errno = %d\n", ret); if (ret == -EFAULT) teec_ret = TEEC_ERROR_ACCESS_DENIED; else if (ret == -ENOMEM) @@ -521,10 +521,6 @@ static uint32_t proc_teek_open_session(struct teec_context *context, goto set_ori; load_app_flag = true; -#ifdef CONFIG_AUTH_ENHANCE - cli_context.token.teec_token = session->teec_token; - cli_context.token_len = sizeof(session->teec_token); -#endif teec_ret = open_session_and_switch_ret(session, context, destination, &cli_context, &origin); @@ -587,21 +583,14 @@ void teek_close_session(struct teec_session *session) tloge("init cli context failed just return\n"); return; } -#ifdef CONFIG_AUTH_ENHANCE - cli_context.token.teec_token = session->teec_token; - cli_context.token_len = sizeof(session->teec_token); -#endif + ret = tc_ns_close_session(session->context->dev, &cli_context); if (!ret) { session->session_id = 0; if (memset_s((uint8_t *)(&session->service_id), sizeof(session->service_id), 0x00, UUID_LEN)) tloge("memset error\n"); -#ifdef CONFIG_AUTH_ENHANCE - if (memset_s(session->teec_token, - TOKEN_SAVE_LEN, 0x00, TOKEN_SAVE_LEN)) - tloge("memset session's member error\n"); -#endif + session->ops_cnt = 0; session->context = NULL; } else { @@ -679,10 +668,6 @@ uint32_t teek_invoke_command(struct teec_session *session, uint32_t cmd_id, } } -#ifdef CONFIG_AUTH_ENHANCE - cli_context.token.teec_token = session->teec_token; - cli_context.token_len = sizeof(session->teec_token); -#endif teec_ret = proc_invoke_cmd(session, &cli_context, &origin); set_ori: diff --git a/core/tz_pm.c b/core/tz_pm.c index bc036c9..b7911a8 100644 --- a/core/tz_pm.c +++ b/core/tz_pm.c @@ -93,6 +93,16 @@ static int tc_s4_alloc_crypto_buffer(struct device *dev, return 0; } +static void free_resource(const char *kernel_mem_addr) +{ + vunmap(g_s4_buffer_vaddr); + vfree(kernel_mem_addr); + g_s4_kernel_mem_addr = NULL; + g_s4_buffer_paddr = 0; + g_s4_buffer_vaddr = NULL; + g_s4_buffer_size = 0; +} + #ifndef CONFIG_ARCH32 static uint64_t tc_s4_suspend_or_resume(uint32_t power_op) { @@ -250,63 +260,61 @@ static int tc_s4_transfer_data(char *kernel_mem_addr, uint32_t crypt_op) } static int tc_s4_pm_ops(struct device *dev, uint32_t power_op, - uint32_t crypt_op) + uint32_t crypt_op, char *kernel_mem_addr) { - char *kernel_mem_addr = NULL; int ret; - if (power_op == TSP_S4_SUSPEND) { - ret = tc_s4_alloc_crypto_buffer(dev, &kernel_mem_addr); - if (ret) { - tloge("alloc s4 encrypt mem failed with ret %d\n", ret); - return ret; - } + if (power_op == TSP_S4_SUSPEND) g_s4_kernel_mem_addr = kernel_mem_addr; - } else { + else kernel_mem_addr = g_s4_kernel_mem_addr; - } isb(); wmb(); /* notify TEEOS to suspend all pm driver */ if (power_op == TSP_S4_SUSPEND) { - if (tc_s4_suspend_or_resume(power_op) != 0) { - ret = -EFAULT; - goto free_resource; + ret = tc_s4_suspend_or_resume(power_op); + if (ret != 0) { + tloge("tc s4 suspend failed\n"); + return ret; } } ret = tc_s4_transfer_data(kernel_mem_addr, crypt_op); - if (ret) - goto free_resource; + if (ret != 0){ + tloge("transfer data failed, power_op=0x%x\n", power_op); + return ret; + } /* notify TEEOS to resume all pm driver */ if (power_op == TSP_S4_RESUME) { - if (tc_s4_suspend_or_resume(power_op) != 0) { - ret = -EFAULT; - goto free_resource; + ret = tc_s4_suspend_or_resume(power_op); + if (ret != 0) { + tloge("tc s4 resume failed\n"); + return ret; } - ret = 0; - goto free_resource; } return 0; -free_resource: - vunmap(g_s4_buffer_vaddr); - vfree(kernel_mem_addr); - g_s4_kernel_mem_addr = NULL; - g_s4_buffer_paddr = 0; - g_s4_buffer_vaddr = NULL; - g_s4_buffer_size = 0; - return ret; } int tc_s4_pm_suspend(struct device *dev) { int ret; + char *kernel_mem_addr = NULL; - ret = tc_s4_pm_ops(dev, TSP_S4_SUSPEND, TSP_S4_ENCRYPT_AND_COPY); + ret = tc_s4_alloc_crypto_buffer(dev, &kernel_mem_addr); + if (ret != 0) { + tloge("alloc buffer failed\n"); + return ret; + } + + ret = tc_s4_pm_ops(dev, TSP_S4_SUSPEND, TSP_S4_ENCRYPT_AND_COPY, kernel_mem_addr); + if (ret != 0) { + free_resource(kernel_mem_addr); + tloge("s4 suspend failed\n"); + } return ret; } @@ -314,6 +322,10 @@ int tc_s4_pm_resume(struct device *dev) { int ret; - ret = tc_s4_pm_ops(dev, TSP_S4_RESUME, TSP_S4_DECRYPT_AND_COPY); + ret = tc_s4_pm_ops(dev, TSP_S4_RESUME, TSP_S4_DECRYPT_AND_COPY, g_s4_kernel_mem_addr); + if (ret != 0) + tloge("s4 resume failed\n"); + + free_resource(g_s4_kernel_mem_addr); return ret; } diff --git a/core/tz_spi_notify.c b/core/tz_spi_notify.c index 4065cbe..847b7a5 100644 --- a/core/tz_spi_notify.c +++ b/core/tz_spi_notify.c @@ -45,6 +45,8 @@ #include "session_manager.h" #include "tz_kthread_affinity.h" +#define DEFAULT_SPI_NUM 111 + #define MAX_CALLBACK_COUNT 100 #define UUID_SIZE 16 struct teec_timer_property; @@ -410,7 +412,7 @@ static void tc_notify_set_affinity(struct notify_data_entry *entry) */ cpumask_copy(&pe->ta_mask, &mask); smc_wakeup_ca(af_data->ca_thread_id); - tlogi("set affinity for ca thread id %u\n", af_data->ca_thread_id); + tlogd("set affinity for ca thread id %u\n", af_data->ca_thread_id); put_pending_entry(pe); } else { tloge("invalid ca thread id %u for set affinity\n", @@ -615,7 +617,7 @@ static int send_notify_cmd(unsigned int cmd_id) static int config_spi_context(struct device *class_dev, struct device_node *np) { - unsigned int irq; + unsigned int irq = DEFAULT_SPI_NUM; int ret; #ifndef CONFIG_ACPI @@ -634,7 +636,7 @@ static int config_spi_context(struct device *class_dev, struct device_node *np) ret = devm_request_irq(class_dev, irq, tc_secure_notify, IRQF_NO_SUSPEND, TC_NS_CLIENT_DEV, NULL); if (ret < 0) { - tloge("device irq %u request failed %u", irq, ret); + tloge("device irq %u request failed %d", irq, ret); return ret; } @@ -652,6 +654,7 @@ int tz_spi_init(struct device *class_dev, struct device_node *np) if (!class_dev) /* here np can be NULL */ return -EINVAL; + spin_lock_init(&g_notify_lock); g_tz_spi_wq = alloc_workqueue("g_tz_spi_wq", WQ_UNBOUND | WQ_HIGHPRI, TZ_WQ_MAX_ACTIVE); if (!g_tz_spi_wq) { @@ -691,10 +694,9 @@ int tz_spi_init(struct device *class_dev, struct device_node *np) g_notify_data_entry_shadow = &g_notify_data->entry[NOTIFY_DATA_ENTRY_SHADOW - 1]; - tlogi("target is: %llx\n", + tlogd("target is: %llx\n", g_notify_data_entry_shadow->context.shadow.target_tcb); } - spin_lock_init(&g_notify_lock); return 0; clean: -- Gitee From a79b07e7bd213e342a51a2e9e4d9788c1227dc92 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 11:27:10 +0000 Subject: [PATCH 11/33] update something --- ko_adapt.c | 108 +++++-------- ko_adapt.h | 36 +---- tc_ns_client.h | 21 +-- tc_ns_log.h | 3 +- teek_client_constants.h | 8 + teek_client_type.h | 8 - teek_ns_client.h | 99 ++---------- tlogger/log_cfg_api.h | 16 +- tlogger/log_pages_cfg.c | 33 +--- tlogger/tlogger.c | 330 +++++++++++++++++++--------------------- tlogger/tlogger.h | 15 +- 11 files changed, 253 insertions(+), 424 deletions(-) diff --git a/ko_adapt.c b/ko_adapt.c index 658082b..2630900 100644 --- a/ko_adapt.c +++ b/ko_adapt.c @@ -31,12 +31,6 @@ typedef const struct cred *(get_task_cred_func)(struct task_struct *); typedef void (kthread_bind_mask_func)(struct task_struct *, const struct cpumask *); -typedef long (sys_chown_func)(const char __user *filename, - uid_t user, gid_t group); -typedef ssize_t (vfs_write_func)(struct file *file, const char __user *buf, - size_t count, loff_t *pos); -typedef ssize_t (vfs_read_func)(struct file *file, char __user *buf, - size_t count, loff_t *pos); typedef struct page *(alloc_pages_func)(gfp_t gfp_mask, unsigned int order); @@ -45,6 +39,9 @@ typedef void (free_workqueue_attrs_func)(struct workqueue_attrs *attrs); const struct cred *koadpt_get_task_cred(struct task_struct *task) { +#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) + return get_task_cred(task); +#else static get_task_cred_func *get_task_cred_pt = NULL; if (!task) @@ -59,11 +56,15 @@ const struct cred *koadpt_get_task_cred(struct task_struct *task) } } return get_task_cred_pt(task); +#endif } void koadpt_kthread_bind_mask(struct task_struct *task, const struct cpumask *mask) { +#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) + (void)set_cpus_allowed_ptr(task, mask); +#else static kthread_bind_mask_func *kthread_bind_mask_pt = NULL; if (!task || !mask) @@ -78,75 +79,15 @@ void koadpt_kthread_bind_mask(struct task_struct *task, } } kthread_bind_mask_pt(task, mask); -} - -long koadpt_sys_chown(const char __user *filename, uid_t user, gid_t group) -{ - static sys_chown_func *sys_chown_pt = NULL; - - if (!filename) - return -EINVAL; - - if (!sys_chown_pt) { - sys_chown_pt = (sys_chown_func *) - (uintptr_t)kallsyms_lookup_name("sys_chown"); - if (IS_ERR_OR_NULL(sys_chown_pt)) { - tloge("fail to find symbol kthread bind mask\n"); - return -EINVAL; - } - } - return sys_chown_pt(filename, user, group); -} - -ssize_t koadpt_vfs_write(struct file *file, const char __user *buf, - size_t count, loff_t *pos) -{ -#if (LINUX_VERSION_CODE <= KERNEL_VERSION(4, 19, 116)) - static vfs_write_func *vfs_write_pt = NULL; - - if (!file || !buf || !pos) - return -EINVAL; - - if (!vfs_write_pt) { - vfs_write_pt = (vfs_write_func *) - (uintptr_t)kallsyms_lookup_name("vfs_write"); - if (IS_ERR_OR_NULL(vfs_write_pt)) { - tloge("fail to find symbol vfs write\n"); - return -EINVAL; - } - } - return vfs_write_pt(file, buf, count, pos); -#else - return vfs_write(file, buf, count, pos); -#endif -} - -ssize_t koadpt_vfs_read(struct file *file, char __user *buf, - size_t count, loff_t *pos) -{ -#if (LINUX_VERSION_CODE <= KERNEL_VERSION(4, 19, 116)) - static vfs_read_func *vfs_read_pt = NULL; - - if (!file || !buf || !pos) - return -EINVAL; - - if (!vfs_read_pt) { - vfs_read_pt = (vfs_read_func *) - (uintptr_t)kallsyms_lookup_name("vfs_read"); - if (IS_ERR_OR_NULL(vfs_read_pt)) { - tloge("fail to find symbol vfs read\n"); - return -EINVAL; - } - } - return vfs_read_pt(file, buf, count, pos); -#else - return vfs_read(file, buf, count, pos); #endif } struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order) { #ifdef CONFIG_NUMA +#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) + return alloc_pages(gfp_mask, order); +#else static alloc_pages_func *alloc_pages_pt = NULL; if (!alloc_pages_pt) { @@ -158,6 +99,7 @@ struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order) } } return alloc_pages_pt(gfp_mask, order); +#endif #else return alloc_pages(gfp_mask, order); #endif @@ -165,6 +107,25 @@ struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order) struct workqueue_attrs *koadpt_alloc_workqueue_attrs(gfp_t gfp_mask) { +#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) + struct workqueue_attrs *attrs; + + attrs = kzalloc(sizeof(*attrs), GFP_KERNEL) + if (!attrs) { + tloge("alloc workqueue attrfail\n"); + return NULL; + } + + if (alloc_cpumask_var(&attrs->cpumask, GFP_KERNEL) != 0) { + tloge("alloc cpumask var fail\n"); + kfree(attrs); + return NULL; + } + + cpumask_copy(attrs->cpumask, cpu_possible_mask); + + return attrs; +#else static alloc_workqueue_attrs_func *alloc_workqueue_attrs_pt = NULL; if (!alloc_workqueue_attrs_pt) { @@ -176,10 +137,18 @@ struct workqueue_attrs *koadpt_alloc_workqueue_attrs(gfp_t gfp_mask) } } return alloc_workqueue_attrs_pt(gfp_mask); +#endif } void koadpt_free_workqueue_attrs(struct workqueue_attrs *attrs) { +#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) + if (!attrs) + return; + + free_cpumask_var(attrs->cpumask); + kfree(attrs); +#else static free_workqueue_attrs_func *free_workqueue_attrs_pt = NULL; if (!attrs) @@ -194,4 +163,5 @@ void koadpt_free_workqueue_attrs(struct workqueue_attrs *attrs) } } free_workqueue_attrs_pt(attrs); +#endif } diff --git a/ko_adapt.h b/ko_adapt.h index c6e783b..66a335c 100644 --- a/ko_adapt.h +++ b/ko_adapt.h @@ -36,11 +36,6 @@ const struct cred *koadpt_get_task_cred(struct task_struct *task); void koadpt_kthread_bind_mask(struct task_struct *task, const struct cpumask *mask); -long koadpt_sys_chown(const char __user *filename, uid_t user, gid_t group); -ssize_t koadpt_vfs_write(struct file *file, const char __user *buf, - size_t count, loff_t *pos); -ssize_t koadpt_vfs_read(struct file *file, char __user *buf, - size_t count, loff_t *pos); struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order); struct workqueue_attrs *koadpt_alloc_workqueue_attrs(gfp_t gfp_mask); void koadpt_free_workqueue_attrs(struct workqueue_attrs *attrs); @@ -58,32 +53,6 @@ static inline void koadpt_kthread_bind_mask(struct task_struct *task, kthread_bind_mask(task, mask); } -#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 19, 0)) -static inline long koadpt_sys_chown(const char __user *filename, - uid_t user, gid_t group) -{ - return sys_chown(filename, user, group); -} -#else -static inline long koadpt_sys_chown(const char __user *filename, - uid_t user, gid_t group) -{ - return ksys_chown(filename, user, group); -} -#endif - -static inline ssize_t koadpt_vfs_read(struct file *file, char __user *buf, - size_t count, loff_t *pos) -{ - return vfs_read(file, buf, count, pos); -} - -static inline ssize_t koadpt_vfs_write(struct file *file, const char __user *buf, - size_t count, loff_t *pos) -{ - return vfs_write(file, buf, count, pos); -} - static inline struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order) { return alloc_pages(gfp_mask, order); @@ -92,7 +61,12 @@ static inline struct page *koadpt_alloc_pages(gfp_t gfp_mask, unsigned int order static inline struct workqueue_attrs *koadpt_alloc_workqueue_attrs( gfp_t gfp_mask) { +#if (LINUX_VERSION_CODE <= KERNEL_VERSION(4, 19, 0)) return alloc_workqueue_attrs(gfp_mask); +#else + (void)gfp_mask; + return alloc_workqueue_attrs(); +#endif } static inline void koadpt_free_workqueue_attrs(struct workqueue_attrs *attrs) diff --git a/tc_ns_client.h b/tc_ns_client.h index 814a578..dc40d59 100644 --- a/tc_ns_client.h +++ b/tc_ns_client.h @@ -19,6 +19,7 @@ #define TC_NS_CLIENT_H #include +#include #define UUID_LEN 16 #define PARAM_NUM 4 @@ -36,6 +37,12 @@ #define ZERO_OR_NULL_PTR(x) ((unsigned long)(x) <= (unsigned long)ZERO_SIZE_PTR) #endif +#if (KERNEL_VERSION(5, 10, 0) <= LINUX_VERSION_CODE) +#define mm_sem_lock(mm) mm->mmap_lock +#else +#define mm_sem_lock(mm) mm->mmap_sem +#endif + struct tc_ns_client_login { __u32 method; __u32 mdata; @@ -51,6 +58,10 @@ union tc_ns_client_param { __u64 a_addr; __u64 b_addr; } value; + struct { + __u64 buffer; + __u64 size_addr; + }sharedmem; }; struct tc_ns_client_return { @@ -67,16 +78,6 @@ struct tc_ns_client_context { union tc_ns_client_param params[PARAM_NUM]; __u32 param_types; __u8 started; -#ifdef CONFIG_AUTH_ENHANCE - union { - struct { - unsigned int teec_token_addr; - unsigned int teec_token_h_addr; - } token_addr; - void *teec_token; - } token; - __u32 token_len; -#endif __u32 calling_pid; unsigned int file_size; union { diff --git a/tc_ns_log.h b/tc_ns_log.h index 1ae2aec..326363c 100644 --- a/tc_ns_log.h +++ b/tc_ns_log.h @@ -32,8 +32,7 @@ enum { }; #define MOD_TEE "tzdriver" -#define TEE_USR_LOG_MASK 3 -#define TEE_LOG_MASK TEE_USR_LOG_MASK +#define TEE_LOG_MASK TZ_DEBUG_INFO #define tlogv(fmt, args...) \ do { \ diff --git a/teek_client_constants.h b/teek_client_constants.h index 6e48e22..3865422 100644 --- a/teek_client_constants.h +++ b/teek_client_constants.h @@ -54,6 +54,9 @@ enum global_service_cmd_id { GLOBAL_CMD_ID_SET_SERVE_CMD = 0x1b, GLOBAL_CMD_ID_LATE_INIT = 0x20, GLOBAL_CMD_ID_GET_TEE_VERSION = 0x22, + GLOBAL_CMD_ID_REGISTER_RESMEM = 0x24, + GLOBAL_CMD_ID_DUMP_SRV_SESS = 0x25, + GLOBAL_CMD_ID_TRACE_ENABLE = 0x26, GLOBAL_CMD_ID_UNKNOWN = 0x7FFFFFFE, GLOBAL_CMD_ID_MAX = 0x7FFFFFFF }; @@ -147,6 +150,10 @@ enum TEE_ParamType { TEE_PARAM_TYPE_MEMREF_INOUT = 0x7, TEE_PARAM_TYPE_ION_INPUT = 0x8, TEE_PARAM_TYPE_ION_SGLIST_INPUT = 0x9, + TEE_PARAM_TYPE_MEMREF_SHARED_INOUT = 0xa, + TEE_PARAM_TYPE_RESMEM_INPUT = 0xc, + TEE_PARAM_TYPE_RESMEM_OUTPUT = 0xd, + TEE_PARAM_TYPE_RESMEM_INOUT = 0xe }; enum TEEC_LoginMethod { @@ -157,6 +164,7 @@ enum TEEC_LoginMethod { TEEC_LOGIN_USER_APPLICATION = 0x5, TEEC_LOGIN_GROUP_APPLICATION = 0x6, TEEC_LOGIN_IDENTIFY = 0x7, + TEEK_LOGIN_IDENTIFY = 0x80000001 }; #endif diff --git a/teek_client_type.h b/teek_client_type.h index e2851c9..315b126 100644 --- a/teek_client_type.h +++ b/teek_client_type.h @@ -43,10 +43,6 @@ struct teec_session { struct teec_uuid service_id; uint32_t ops_cnt; struct teec_context *context; -#ifdef CONFIG_AUTH_ENHANCE - /* token_save_len 24byte = token 16byte + timestamp 8byte */ - uint8_t teec_token[24]; -#endif }; struct teec_sharedmemory { @@ -118,10 +114,6 @@ typedef struct { uint32_t ops_cnt; struct list_head head; TEEC_Context *context; -#ifdef CONFIG_AUTH_ENHANCE - /* TOKEN_SAVE_LEN 24byte = token 16byte + timestamp 8byte */ - uint8_t teec_token[24]; -#endif } TEEC_Session; typedef struct { diff --git a/teek_ns_client.h b/teek_ns_client.h index b9271e8..df9f3d6 100644 --- a/teek_ns_client.h +++ b/teek_ns_client.h @@ -42,6 +42,8 @@ #define TEE_REQ_FROM_USER_MODE 0U #define TEE_REQ_FROM_KERNEL_MODE 1U #define TEE_PARAM_NUM 4 +#define VMALLOC_TYPE 0 +#define RESERVED_TYPE 1 /* Max sizes for login info buffer comming from teecd */ #define MAX_PACKAGE_NAME_LEN 255 @@ -63,11 +65,13 @@ struct tc_uuid { uint8_t clockseq_and_node[8]; /* clock len is 8 */ }; +#define INVALID_MAP_ADDR ((void*)-1) struct tc_ns_shared_mem { void *kernel_addr; void *user_addr; void *user_addr_ca; /* for ca alloc share mem */ unsigned int len; + int mem_type; struct list_head head; atomic_t usage; atomic_t offset; @@ -116,6 +120,10 @@ union tc_ns_parameter { unsigned int a; unsigned int b; } value; + struct { + unsigned int buffer; + unsigned int size; + } sharedmem; }; struct tc_ns_login { @@ -161,15 +169,9 @@ struct tc_ns_smc_cmd { int ret_val; unsigned int event_nr; unsigned int uid; - unsigned int ca_pid; -#ifdef CONFIG_AUTH_ENHANCE - unsigned int token_phys; - unsigned int token_h_phys; - unsigned int pid; - unsigned int params_phys; - unsigned int params_h_phys; + unsigned int ca_pid; /* pid */ + unsigned int pid; /* tgid */ unsigned int eventindex; /* tee audit event index for upload */ -#endif bool started; } __attribute__((__packed__)); @@ -181,64 +183,6 @@ struct tc_wait_data { int send_wait_flag; }; -#ifdef CONFIG_AUTH_ENHANCE - -#define TOKEN_SAVE_LEN 24 -/* token(32byte) + timestamp(8byte) + kernal_api(1byte) + sync(1byte) */ -#define TOKEN_BUFFER_LEN 42 - -/* Using AES-CBC algorithm to encrypt communication between secure world and - * normal world. - */ -#define CIPHER_KEY_BYTESIZE 32 /* AES-256 key size */ -#define IV_BYTESIZE 16 /* AES-CBC encryption initialization vector size */ -#define CIPHER_BLOCK_BYTESIZE 16 /* AES-CBC cipher block size */ -#define SCRAMBLING_NUMBER 3 -#define MAGIC_SIZE 16 - -/* One encrypted block, which is aligned with CIPHER_BLOCK_BYTESIZE bytes - * Head + Payload + Padding - */ -struct encryption_head { - int8_t magic[MAGIC_SIZE]; - uint32_t payload_len; -}; - -#define HASH_PLAINTEXT_SIZE (MAX_SHA_256_SZ + sizeof(struct encryption_head)) -#define HASH_PLAINTEXT_ALIGNED_SIZE \ - ALIGN(HASH_PLAINTEXT_SIZE, CIPHER_BLOCK_BYTESIZE) - -struct session_crypto_info { - uint8_t key[CIPHER_KEY_BYTESIZE]; /* AES-256 key */ - uint8_t iv[IV_BYTESIZE]; /* AES-CBC encryption initialization vector */ -}; - -struct session_secure_info { - uint32_t challenge_word; - uint32_t scrambling[SCRAMBLING_NUMBER]; - struct session_crypto_info crypto_info; -}; - -struct tc_ns_token { - /* 42byte, token_32byte + timestamp_8byte + kernal_api_1byte + sync_1byte */ - uint8_t *token_buffer; - uint32_t token_len; -}; - -struct session_secure_params { - struct encryption_head head; - union { - struct { - uint32_t challenge_word; - } ree2tee; - struct { - uint32_t scrambling[SCRAMBLING_NUMBER]; - struct session_crypto_info crypto_info; - } tee2ree; - } payload; -}; -#endif - #define NUM_OF_SO 1 #ifdef CONFIG_CMS_CAHASH_AUTH #define KIND_OF_SO 1 @@ -251,34 +195,13 @@ struct tc_ns_session { struct tc_wait_data wait_data; struct mutex ta_session_lock; /* for open/close/invoke on 1 session */ struct tc_ns_dev_file *owner; -#ifdef CONFIG_AUTH_ENHANCE - /* Session secure enhanced information */ - struct session_secure_info secure_info; - struct tc_ns_token teec_token; - /* when CONFIG_AUTH_ENHANCE enabled, hash of the same CA and - * SO library will be encrypted by different session key, - * so put auth_hash_buf in struct tc_ns_session. - * the first MAX_SHA_256_SZ size stores SO hash, - * the next HASH_PLAINTEXT_ALIGNED_SIZE stores CA hash and cryptohead, - * the last IV_BYTESIZE size stores aes iv - */ - uint8_t auth_hash_buf[MAX_SHA_256_SZ * NUM_OF_SO + HASH_PLAINTEXT_ALIGNED_SIZE + IV_BYTESIZE]; -#else uint8_t auth_hash_buf[MAX_SHA_256_SZ * NUM_OF_SO + MAX_SHA_256_SZ]; -#endif atomic_t usage; }; struct mb_cmd_pack { struct tc_ns_operation operation; -#ifdef CONFIG_AUTH_ENHANCE - unsigned char login_data[MAX_SHA_256_SZ * NUM_OF_SO + HASH_PLAINTEXT_ALIGNED_SIZE + IV_BYTESIZE]; - unsigned char token[TOKEN_BUFFER_LEN]; - unsigned char secure_params[ALIGN(sizeof(struct session_secure_params), - CIPHER_BLOCK_BYTESIZE) + IV_BYTESIZE]; -#else unsigned char login_data[MAX_SHA_256_SZ * NUM_OF_SO + MAX_SHA_256_SZ]; -#endif + }; -#endif diff --git a/tlogger/log_cfg_api.h b/tlogger/log_cfg_api.h index 95ae64a..c7c71a6 100644 --- a/tlogger/log_cfg_api.h +++ b/tlogger/log_cfg_api.h @@ -20,18 +20,19 @@ #include -#if defined(CONFIG_PAGES_MEM) -int register_log_mem(u64 *addr, u32 *len); +#if ((defined(CONFIG_BBOX_MEM) || defined(CONFIG_RDR_MEM) || \ + defined(CONFIG_PAGES_MEM) || defined(CONFIG_TEELOG))) +int register_log_mem(uint64_t *addr, uint32_t *len); int register_log_exception(void); void report_log_system_error(void); void report_log_system_panic(void); -int *map_log_mem(u64 mem_addr, u32 mem_len); +int *map_log_mem(uint64_t mem_addr, uint32_t mem_len); void unmap_log_mem(int *log_buffer); void get_log_chown(uid_t *user, gid_t *group); void unregister_log_exception(void); void ta_crash_report_log(void); #else -static inline int register_log_mem(const u64 *addr, const u32 *len) +static inline int register_log_mem(const uint64_t *addr, const uint32_t *len) { (void)addr; (void)len; @@ -51,7 +52,7 @@ static inline void report_log_system_panic(void) { } -static inline int *map_log_mem(u64 mem_addr, u32 mem_len) +static inline int *map_log_mem(uint64_t mem_addr, uint32_t mem_len) { (void)mem_addr; (void)mem_len; @@ -62,11 +63,6 @@ static inline void unmap_log_mem(const int *log_buffer) (void)log_buffer; } -static inline void get_log_chown(const uid_t *user, const gid_t *group) -{ - (void)user; - (void)group; -} static inline void unregister_log_exception(void) { } diff --git a/tlogger/log_pages_cfg.c b/tlogger/log_pages_cfg.c index 4257511..049bcb1 100644 --- a/tlogger/log_pages_cfg.c +++ b/tlogger/log_pages_cfg.c @@ -42,8 +42,8 @@ int register_log_exception(void) } struct pages_module_result { - u64 log_addr; - unsigned int log_len; + uint64_t log_addr; + uint32_t log_len; }; struct pages_module_result g_mem_info = {0}; @@ -68,14 +68,14 @@ static int tee_pages_register_core(void) } /* Register log memory */ -int register_log_mem(u64 *addr, u32 *len) +int register_log_mem(uint64_t *addr, uint32_t *len) { int ret; - u64 mem_addr; - u32 mem_len; + uint64_t mem_addr; + uint32_t mem_len; if (!addr || !len) { - tloge("check addr or len is failed\n"); + tloge("addr or len is invalid\n"); return -1; } @@ -111,7 +111,7 @@ void ta_crash_report_log(void) { } -int *map_log_mem(u64 mem_addr, u32 mem_len) +int *map_log_mem(uint64_t mem_addr, uint32_t mem_len) { (void)mem_len; return (int *)(uintptr_t)mem_addr; @@ -123,22 +123,3 @@ void unmap_log_mem(int *log_buffer) get_order(PAGES_LOG_MEM_LEN)); } -#define ROOT_UID 0 - -#ifdef LAST_TEE_MSG_ROOT_GID -#define FILE_CHOWN_GID 0 -#else -/* system gid for last_teemsg file sys chown */ -#define FILE_CHOWN_GID 1000 -#endif - -void get_log_chown(uid_t *user, gid_t *group) -{ - if (!user || !group) { - tloge("user or group buffer is null\n"); - return; - } - - *user = ROOT_UID; - *group = FILE_CHOWN_GID; -} diff --git a/tlogger/tlogger.c b/tlogger/tlogger.c index 436ad05..1908184 100644 --- a/tlogger/tlogger.c +++ b/tlogger/tlogger.c @@ -64,16 +64,6 @@ #define TEELOGGER_GET_TLOGCAT_STAT \ _IO(__TEELOGGERIO, GET_TLOGCAT_STAT_BASE) -#ifdef CONFIG_TEE_KTRACE -#define GET_EVENT_KTRACE_BASE 9 -#define TEELOGGER_GET_EVENT_KTRACE \ - _IOR(__TEELOGGERIO, GET_EVENT_KTRACE_BASE, char *) - -#define TEEOS_KEVENT_TRACE_SIZE (8 * SZ_2K) - -char *g_event_buffer_start = NULL; -#endif - int g_tlogcat_f = 0; #ifndef CONFIG_TEE_LOG_ACHIVE_PATH @@ -81,24 +71,24 @@ int g_tlogcat_f = 0; #endif #define TEE_LOG_FILE_NAME_MAX 256 -u32 g_last_read_offset = 0; +uint32_t g_last_read_offset = 0; #define NEVER_USED_LEN 32U -#define LOG_ITEM_RESERVED_LEN 2U +#define LOG_ITEM_RESERVED_LEN 1U /* 64 byte head + user log */ struct log_item { - u8 never_used[NEVER_USED_LEN]; - u16 magic; - u16 reserved0; - u32 serial_no; - s16 real_len; /* log real len */ - u16 buffer_len; /* log buffer's len, multiple of 32 bytes */ - u8 uuid[UUID_LEN]; - u8 log_source_type; - u8 reserved[LOG_ITEM_RESERVED_LEN]; - u8 new_line; /* '\n' char, easy viewing log in bbox.bin file */ - u8 log_buffer[0]; + unsigned char never_used[NEVER_USED_LEN]; + unsigned short magic; + unsigned short reserved0; + uint32_t serial_no; + unsigned short real_len; /* log real len */ + unsigned short buffer_len; /* log buffer's len, multiple of 32 bytes */ + unsigned char uuid[UUID_LEN]; + unsigned char log_source_type; + unsigned char reserved[LOG_ITEM_RESERVED_LEN]; + unsigned char new_line; /* '\n' char, easy viewing log in bbox.bin file */ + unsigned char log_buffer[0]; }; /* --- for log mem --------------------------------- */ @@ -115,18 +105,18 @@ struct log_item { * up, the value add 1. */ struct log_buffer_flag { - u32 reserved0; - u32 last_pos; - u32 write_loops; - u32 log_level; - u32 reserved[LOG_BUFFER_RESERVED_LEN]; - u32 max_len; - u8 version_info[VERSION_INFO_LEN]; + uint32_t reserved0; + uint32_t last_pos; + uint32_t write_loops; + uint32_t log_level; + uint32_t reserved[LOG_BUFFER_RESERVED_LEN]; + uint32_t max_len; + unsigned char version_info[VERSION_INFO_LEN]; }; struct log_buffer { struct log_buffer_flag flag; - u8 buffer_start[0]; + unsigned char buffer_start[0]; }; static struct log_buffer *g_log_buffer = NULL; @@ -146,18 +136,18 @@ struct tlogger_reader { struct tlogger_log *log; /* tlogger_log info data */ struct list_head list; /* log entry in tlogger_log's list */ /* Current reading position, start position of next read again */ - u32 r_off; - u32 r_loops; - u32 r_sn; - u32 r_failtimes; - u32 r_from_cur; - u32 r_is_tlogf; + uint32_t r_off; + uint32_t r_loops; + uint32_t r_sn; + uint32_t r_failtimes; + uint32_t r_from_cur; + uint32_t r_is_tlogf; bool r_all; /* whether this reader can read all entries */ - unsigned int r_ver; + uint32_t r_ver; }; -static u32 g_log_mem_len = 0; -static u32 g_tlogcat_count = 0; +static uint32_t g_log_mem_len = 0; +static uint32_t g_tlogcat_count = 0; static struct tlogger_log *g_log; static struct tlogger_log *get_reader_log(const struct file *file) @@ -172,7 +162,7 @@ static struct tlogger_log *get_reader_log(const struct file *file) } static bool check_log_item_validite(struct log_item *item, - u32 item_max_size) + uint32_t item_max_size) { bool con = (item && (item->magic == LOG_ITEM_MAGIC) && (item->buffer_len > 0) && @@ -185,12 +175,12 @@ static bool check_log_item_validite(struct log_item *item, return con; } -static struct log_item *get_next_log_item(const u8 *buffer_start, - u32 max_len, u32 read_pos, u32 scope_len, u32 *pos) +static struct log_item *get_next_log_item(const unsigned char *buffer_start, + uint32_t max_len, uint32_t read_pos, uint32_t scope_len, uint32_t *pos) { - u32 i = 0; + uint32_t i = 0; struct log_item *item = NULL; - u32 max_size; + uint32_t max_size; if ((read_pos + scope_len) > max_len) return NULL; @@ -211,22 +201,22 @@ static struct log_item *get_next_log_item(const u8 *buffer_start, } struct reader_position { - const u8 *buffer_start; - u32 max_len; - u32 start_pos; - u32 end_pos; + const unsigned char *buffer_start; + uint32_t max_len; + uint32_t start_pos; + uint32_t end_pos; }; -static u32 parse_log_item(char __user *buf, size_t count, - struct reader_position *position, u32 *read_off, +static uint32_t parse_log_item(char __user *buf, size_t count, + struct reader_position *position, uint32_t *read_off, bool *user_buffer_left) { struct log_item *next_item = NULL; - u32 buf_left; - u32 buf_written; - u32 item_len; + uint32_t buf_left; + uint32_t buf_written; + uint32_t item_len; bool con = false; - u32 start_pos = position->start_pos; + uint32_t start_pos = position->start_pos; buf_written = 0; buf_left = count; @@ -297,9 +287,9 @@ static ssize_t get_buffer_info(struct tlogger_reader *reader, #define LOG_BUFFER_MAX_LEN 0x100000 static ssize_t get_last_read_pos(struct log_buffer_flag *log_flag, - struct tlogger_reader *reader, u32 *log_last_pos, u32 *is_read) + struct tlogger_reader *reader, uint32_t *log_last_pos, uint32_t *is_read) { - u32 buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); + uint32_t buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); *is_read = 0; @@ -329,7 +319,7 @@ static ssize_t get_last_read_pos(struct log_buffer_flag *log_flag, } static void set_reader_position(struct reader_position *position, - const u8 *buffer_start, u32 max_len, u32 start_pos, u32 end_pos) + const unsigned char *buffer_start, uint32_t max_len, uint32_t start_pos, uint32_t end_pos) { position->buffer_start = buffer_start; position->max_len = max_len; @@ -337,7 +327,7 @@ static void set_reader_position(struct reader_position *position, position->end_pos = end_pos; } -static ssize_t proc_read_ret(u32 buf_written, +static ssize_t proc_read_ret(uint32_t buf_written, const struct tlogger_reader *reader) { ssize_t ret; @@ -371,11 +361,11 @@ static ssize_t check_read_params(struct file *file, * minimum number, or read data from last position. */ static ssize_t trigger_parse_log(char __user *buf, size_t count, - u32 log_last_pos, struct log_buffer *log_buffer, + uint32_t log_last_pos, struct log_buffer *log_buffer, struct tlogger_reader *reader) { bool user_buffer_left = false; - u32 buf_written; + uint32_t buf_written; struct reader_position position = {0}; struct log_buffer_flag *buffer_flag = &(log_buffer->flag); @@ -422,8 +412,8 @@ static ssize_t process_tlogger_read(struct file *file, struct tlogger_reader *reader = NULL; struct log_buffer *log_buffer = NULL; ssize_t ret; - u32 last_pos; - u32 is_read; + uint32_t last_pos; + uint32_t is_read; struct log_buffer_flag buffer_flag; (void)pos; @@ -660,7 +650,7 @@ static int check_user_arg(unsigned long arg, size_t arg_len) #endif } -static int get_teeos_version(unsigned int cmd, unsigned long arg) +static int get_teeos_version(uint32_t cmd, unsigned long arg) { int ret; @@ -686,31 +676,6 @@ static int get_teeos_version(unsigned int cmd, unsigned long arg) return 0; } -#ifdef CONFIG_TEE_KTRACE -static int get_event_trace(unsigned int cmd, unsigned long arg) -{ - int ret; - - if (!(_IOC_DIR(cmd) & _IOC_READ)) { - tloge("check get event trace cmd failed\n"); - return -1; - } - - ret = check_user_arg(arg, TEEOS_KEVENT_TRACE_SIZE); - if (!ret || !g_event_buffer_start) { - tloge("invalid event buffer or accesss failed\n"); - return -1; - } - - if (copy_to_user((void __user *)(uintptr_t)arg, - (void *)g_event_buffer_start, TEEOS_KEVENT_TRACE_SIZE)) { - tloge("kernel trace copy failed ret %d\n", ret); - return -1; - } - return 0; -} -#endif - static long process_tlogger_ioctl(struct file *file, unsigned int cmd, unsigned long arg) { @@ -745,12 +710,6 @@ static long process_tlogger_ioctl(struct file *file, case TEELOGGER_GET_TLOGCAT_STAT: ret = get_tlogcat_f_stat(); break; -#ifdef CONFIG_TEE_KTRACE - case TEELOGGER_GET_EVENT_KTRACE: - if (!get_event_trace(cmd, arg)) - ret = 0; - break; -#endif default: tloge("ioctl error default\n"); break; @@ -829,17 +788,17 @@ out_free_log: return ret; } -static struct log_item *msg_get_next(const u8 *buffer_start, - u32 read_pos, int scope_len, u32 max_len) +static struct log_item *msg_get_next(const unsigned char *buffer_start, + uint32_t read_pos, int scope_len, uint32_t max_len) { int i = 0; struct log_item *item = NULL; - u32 item_max_size; - u32 len; + uint32_t item_max_size; + uint32_t len; while (i <= scope_len && ((read_pos + i + sizeof(*item)) < max_len)) { - len = (u32)(scope_len - i); + len = (uint32_t)(scope_len - i); item_max_size = ((len > LOG_ITEM_MAX_LEN) ? LOG_ITEM_MAX_LEN : len); item = (struct log_item *)(buffer_start + read_pos + i); @@ -861,31 +820,7 @@ static struct log_item *msg_get_next(const u8 *buffer_start, return NULL; } -#define OPEN_FILE_MODE 0640U -#define ROOT_UID 0 -#define ROOT_GID 0 - -static int tlogger_chown(const char *file_path, u32 file_path_len) -{ - uid_t user = ROOT_UID; - gid_t group = ROOT_GID; - int ret; - - get_log_chown(&user, &group); - - /* not need modify chown attr */ - if (group == ROOT_GID && user == ROOT_UID) - return 0; - - ret = (int)koadpt_sys_chown( - (const char __user *)file_path, user, group); - if (ret) { - tloge("sys chown for last teemsg file error\n"); - return -1; - } - - return 0; -} +#define OPEN_FILE_MODE 0644U static int write_version_to_msg(struct file *filep, loff_t *pos) @@ -893,7 +828,7 @@ static int write_version_to_msg(struct file *filep, ssize_t write_len; /* first write tee versino info */ - write_len = koadpt_vfs_write(filep, g_log_buffer->flag.version_info, + write_len = kernel_write(filep, g_log_buffer->flag.version_info, strlen(g_log_buffer->flag.version_info), pos); if (write_len < 0) { tloge("Failed to write to last teemsg version\n"); @@ -905,12 +840,12 @@ static int write_version_to_msg(struct file *filep, } static int write_part_log_to_msg(struct file *filep, - const u8 *buffer, u32 buffer_max_len, loff_t *pos, - u32 read_off, u32 read_off_end) + const unsigned char *buffer, uint32_t buffer_max_len, loff_t *pos, + uint32_t read_off, uint32_t read_off_end) { struct log_item *next_item = NULL; - ssize_t item_len; - ssize_t total_len = 0; + uint32_t item_len; + uint32_t total_len = 0; ssize_t write_len; next_item = msg_get_next(buffer, read_off, @@ -918,7 +853,7 @@ static int write_part_log_to_msg(struct file *filep, while (next_item && read_off <= read_off_end) { item_len = next_item->buffer_len + sizeof(*next_item); - write_len = koadpt_vfs_write(filep, next_item->log_buffer, + write_len = kernel_write(filep, next_item->log_buffer, next_item->real_len, pos); if (write_len < 0) { tloge("Failed to write last teemsg %zd\n", write_len); @@ -927,7 +862,7 @@ static int write_part_log_to_msg(struct file *filep, tlogd("Succeed to Write last teemsg, len=%zd\n", write_len); total_len += item_len; - read_off = (u8 *)next_item - buffer + item_len; + read_off = (unsigned char *)next_item - buffer + item_len; if (total_len >= buffer_max_len) break; @@ -939,8 +874,8 @@ static int write_part_log_to_msg(struct file *filep, } static int write_log_to_msg(struct file *filep, - const u8 *buffer, u32 buffer_max_len, loff_t *pos, - u32 read_off, u32 read_off_end) + const unsigned char *buffer, uint32_t buffer_max_len, loff_t *pos, + uint32_t read_off, uint32_t read_off_end) { if (read_off < read_off_end) { return write_part_log_to_msg(filep, buffer, buffer_max_len, pos, @@ -954,13 +889,73 @@ static int write_log_to_msg(struct file *filep, } } -static int get_msg_buffer(u8 **buffer, u32 *buffer_max_len, - u32 *read_start, u32 *read_end, - const char *file_path, u32 file_path_len) +static void update_dumpmsg_offset(uint32_t *read_start, uint32_t *read_end, + uint32_t read_off, uint32_t read_off_end, uint32_t *dump_start_flag, uint32_t *dump_end_flag) +{ + struct log_item *next_item = NULL; + unsigned char *buffer = g_log_buffer->buffer_start; + uint32_t buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); + ssize_t item_len; + ssize_t total_len; + + next_item = msg_get_next(buffer, read_off, + LOG_ITEM_MAX_LEN, buffer_max_len); + + while (next_item && read_off <= read_off_end) { + item_len = next_item->buffer_len + sizeof(*next_item); + if (strstr(next_item->log_buffer, DUMP_START_MAGIC)) { + *read_start = read_off; + *dump_start_flag = 1; + } else if (strstr(next_item->log_buffer, DUMP_END_MAGIC)) { + *read_end = read_off; + *dump_end_flag = 1; + } + read_off = (unsigned char *)next_item -buffer + item_len; + total_len += item_len; + if (total_len >= buffer_max_len) + break; + + next_item = msg_get_next(buffer, read_off, + LOG_ITEM_MAX_LEN, buffer_max_len); + } +} + +#ifdef CONFIG_TEE_LOG_DUMP_PATH +static int get_dumpmsg_offset(uint32_t *read_start, uint32_t *read_end) { + uint32_t read_off = *read_start; + uint32_t read_off_end = *read_end; + uint32_t buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); + uint32_t dump_start_flag = 0; + uint32_t dump_end_flag = 0; + + if (read_off < read_off_end) { + update_dumpmsg_offset(read_start, read_end, read_off, read_off_end, + &dump_start_flag, &dump_end_flag); + } else { + update_dumpmsg_offset(read_start, read_end, read_off, buffer_max_len, + &dump_start_flag, &dump_end_flag); + update_dumpmsg_offset(read_start, read_end, 0, read_off_end, + &dump_start_flag, &dump_end_flag); + } + + if (dump_start_flag == 0 || dump_end_flag == 0) { + tloge("can't find dump start or end\n"); + return -1; + } else { + return 0; + } +} +#endif + +static int get_msg_buffer(unsigned char **buffer, uint32_t *buffer_max_len, + uint32_t *read_start, uint32_t *read_end, + const char *file_path, uint32_t file_path_len) +{ + (void)file_path_len; errno_t rc; int ret; - u8 *addr = NULL; + unsigned char *addr = NULL; if (!g_log_buffer) return -1; @@ -972,6 +967,16 @@ static int get_msg_buffer(u8 **buffer, u32 *buffer_max_len, *read_start = 0; *read_end = *buffer_max_len; +#ifdef CONFIG_TEE_LOG_DUMP_PATH + if (strcmp(file_path, CONFIG_TEE_LOG_DUMP_PATH) == 0) { + *read_start = g_last_read_offset; + *read_end = ((struct log_buffer*)g_log->buffer_info)->flag.last_pos; + if (get_dumpmsg_offset(read_start, read_end) != 0) { + tloge("get dump offset failed\n"); + return -1; + } + } +#endif addr = kmalloc(*buffer_max_len, GFP_KERNEL); if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)addr)) { @@ -998,8 +1003,9 @@ free_res: } static int open_msg_file(struct file **file, - const char *file_path, u32 file_path_len) + const char *file_path, uint32_t file_path_len) { + (void)file_path_len; struct file *filep = NULL; filep = filp_open(file_path, O_CREAT | O_RDWR | O_TRUNC, OPEN_FILE_MODE); @@ -1012,16 +1018,16 @@ static int open_msg_file(struct file **file, return 0; } -int tlogger_store_msg(const char *file_path, u32 file_path_len) +int tlogger_store_msg(const char *file_path, uint32_t file_path_len) { struct file *filep = NULL; mm_segment_t old_fs; loff_t pos = 0; int ret; - u32 buffer_max_len = 0; - u8 *buffer = NULL; - u32 read_start = 0; - u32 read_end = 0; + uint32_t buffer_max_len = 0; + unsigned char *buffer = NULL; + uint32_t read_start = 0; + uint32_t read_end = 0; if (!file_path || file_path_len > TEE_LOG_FILE_NAME_MAX) { tloge("file path is invalid\n"); @@ -1044,22 +1050,13 @@ int tlogger_store_msg(const char *file_path, u32 file_path_len) if (ret) goto free_res; - old_fs = get_fs(); - set_fs(KERNEL_DS); - - ret = tlogger_chown(file_path, file_path_len); - if (ret) - goto clear_fs; - ret = write_version_to_msg(filep, &pos); if (ret) - goto clear_fs; + goto free_res; ret = write_log_to_msg(filep, buffer, buffer_max_len, &pos, read_start, read_end); -clear_fs: - set_fs(old_fs); free_res: if (buffer) { kfree(buffer); @@ -1076,7 +1073,7 @@ free_res: return ret; } -int register_mem_to_teeos(uint64_t mem_addr, u32 mem_len, bool is_cache_mem) +int register_mem_to_teeos(uint64_t mem_addr, uint32_t mem_len, bool is_cache_mem) { struct tc_ns_smc_cmd smc_cmd = { {0}, 0 }; struct mb_cmd_pack *mb_pack = NULL; @@ -1115,7 +1112,7 @@ int register_mem_to_teeos(uint64_t mem_addr, u32 mem_len, bool is_cache_mem) return ret; } -static int register_mem_cfg(uint64_t *addr, u32 *len) +static int register_mem_cfg(uint64_t *addr, uint32_t *len) { int ret; ret = register_log_mem(addr, len); @@ -1129,20 +1126,12 @@ static int register_mem_cfg(uint64_t *addr, u32 *len) return ret; } -static int check_log_mem(uint64_t mem_addr, u32 mem_len) +static int check_log_mem(uint64_t mem_addr, uint32_t mem_len) { -#ifdef CONFIG_TEE_KTRACE - if (mem_len < TEMP_LOG_MEM_SIZE || - mem_len - TEMP_LOG_MEM_SIZE < TEEOS_KEVENT_TRACE_SIZE) { - tloge("log mem init error, too small len:0x%x\n", mem_len); - return -1; - } -#else if (mem_len < TEMP_LOG_MEM_SIZE) { tloge("log mem init error, too small len:0x%x\n", mem_len); return -1; } -#endif if (!mem_addr) { tloge("mem init failed!!! addr is 0\n"); @@ -1169,11 +1158,6 @@ static int register_tloger(void) if (!g_log_buffer) return -ENOMEM; -#ifdef CONFIG_TEE_KTRACE - g_log_mem_len = g_log_mem_len - TEEOS_KEVENT_TRACE_SIZE; - g_event_buffer_start = ((char *)g_log_buffer) + g_log_mem_len; -#endif - g_log_buffer->flag.max_len = g_log_mem_len - sizeof(*g_log_buffer); tloge("tlogcat verison 1.0.0\n"); @@ -1182,9 +1166,6 @@ static int register_tloger(void) if (ret) { unmap_log_mem((int *)g_log_buffer); g_log_buffer = NULL; -#ifdef CONFIG_TEE_KTRACE - g_event_buffer_start = NULL; -#endif g_log_mem_len = 0; } @@ -1215,9 +1196,6 @@ static void unregister_tlogger(void) unregister_mem_cfg(); g_log_buffer = NULL; g_log_mem_len = 0; -#ifdef CONFIG_TEE_KTRACE - g_event_buffer_start = NULL; -#endif } #ifdef CONFIG_TZDRIVER_MODULE diff --git a/tlogger/tlogger.h b/tlogger/tlogger.h index a545849..8806eed 100644 --- a/tlogger/tlogger.h +++ b/tlogger/tlogger.h @@ -22,8 +22,8 @@ #ifdef CONFIG_TEELOG void tz_log_write(void); -int tlogger_store_msg(const char *file_path, u32 file_path_len); -int register_mem_to_teeos(u64 mem_addr, u32 mem_len, bool is_cache_mem); +int tlogger_store_msg(const char *file_path, uint32_t file_path_len); +int register_mem_to_teeos(uint64_t mem_addr, uint32_t mem_len, bool is_cache_mem); #ifdef CONFIG_TZDRIVER_MODULE int init_tlogger_service(void); @@ -36,18 +36,25 @@ static inline void tz_log_write(void) return; } -static inline int tlogger_store_msg(const char *file_path, u32 file_path_len) +static inline int tlogger_store_msg(const char *file_path, uint32_t file_path_len) { (void)file_path; (void)file_path_len; return 0; } -static inline int register_mem_to_teeos(u64 mem_addr, u32 mem_len, +static inline int register_mem_to_teeos(uint64_t mem_addr, uint32_t mem_len, bool is_cache_mem) { (void)mem_addr; (void)mem_len; return 0; } +static inline int init_tlogger_service(void) +{ + return 0; +} +static inline int exit_tlogger_service(void) +{ +} #endif #endif -- Gitee From 1ba684a3a8db1342e9b6c5140e4e15c595b76350 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 11:29:13 +0000 Subject: [PATCH 12/33] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20co?= =?UTF-8?q?re/teec=5Fdaemon=5Fauth.c?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/teec_daemon_auth.c | 159 ---------------------------------------- 1 file changed, 159 deletions(-) delete mode 100644 core/teec_daemon_auth.c diff --git a/core/teec_daemon_auth.c b/core/teec_daemon_auth.c deleted file mode 100644 index bfa8ec4..0000000 --- a/core/teec_daemon_auth.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * teec_daemon_auth.c - * - * function for teecd or hidl process auth - * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ -#include "teec_daemon_auth.h" -#include -#include -#include -#include -#include - -#include "tc_ns_log.h" - -#ifdef CONFIG_CMS_CAHASH_AUTH -/* hash for: teecd/var/teecd0 */ -static unsigned char g_teecd_auth_hash[SHA256_DIGEST_LENTH] = { - 0x8a, 0xfa, 0xd0, 0xd3, - 0xaa, 0xa1, 0x21, 0xb2, - 0x69, 0x2c, 0xe4, 0x99, - 0x54, 0xac, 0x99, 0x99, - 0x13, 0xe1, 0x49, 0x83, - 0x48, 0x8c, 0x2f, 0x95, - 0x51, 0xc5, 0x3d, 0xd4, - 0x86, 0xc0, 0x40, 0x12, -}; -#elif defined (CONFIG_CLOUDSERVER_TEECD_AUTH) -/* hash for: teecd/usr/bin/teecd0 */ -static unsigned char g_teecd_auth_hash[SHA256_DIGEST_LENTH] = { - 0x62, 0xd9, 0x07, 0xe4, - 0xd4, 0xf8, 0x5e, 0x4e, - 0xe4, 0xe7, 0xa1, 0x46, - 0x6d, 0x80, 0x03, 0x60, - 0x28, 0x4a, 0xaa, 0xe6, - 0xf1, 0xf9, 0x8d, 0x6c, - 0x12, 0x2e, 0xee, 0x21, - 0x6b, 0x1f, 0xd4, 0xad, -}; -#else -/* hash for: teecd/vendor/bin/teecd0 */ -static unsigned char g_teecd_auth_hash[SHA256_DIGEST_LENTH] = { - 0xc5, 0x6e, 0x2b, 0x89, - 0xce, 0x9e, 0xeb, 0x63, - 0xe7, 0x42, 0xfb, 0x2b, - 0x9d, 0x48, 0xff, 0x52, - 0xb2, 0x2f, 0xa7, 0xd5, - 0x87, 0xc6, 0x1f, 0x95, - 0x84, 0x5c, 0x0e, 0x96, - 0x9e, 0x18, 0x81, 0x51, -}; -#endif - -static unsigned char g_teecd_calc_hash[SHA256_DIGEST_LENTH] = {0}; -static bool g_teecd_hash_calced = false; -DEFINE_MUTEX(g_hash_calc_lock); - -static int check_teecd_path_access(void) -{ - unsigned char digest[SHA256_DIGEST_LENTH] = {0}; - - if (calc_path_hash(false, digest, SHA256_DIGEST_LENTH)) { - tloge("calc path hash failed\n"); - return -EFAULT; - } - - if (memcmp(digest, g_teecd_auth_hash, SHA256_DIGEST_LENTH)) { - tloge("check teecd process path failed \n"); - return -EACCES; - } - - if (check_proc_selinux_access(current, "u:r:tee:s0")) { - tloge("check teecd seclabel failed\n"); - return -EACCES; - } - - return 0; -} - -static int calc_teecd_process_hash(void) -{ - mutex_lock(&g_hash_calc_lock); - - if (g_teecd_hash_calced) { - mutex_unlock(&g_hash_calc_lock); - return 0; - } - - if (memset_s(g_teecd_calc_hash, - sizeof(g_teecd_calc_hash), 0x00, - sizeof(g_teecd_calc_hash)) != EOK) { - tloge("memset failed!\n"); - mutex_unlock(&g_hash_calc_lock); - return -EFAULT; - } - - g_teecd_hash_calced = (current->mm != NULL && - calc_task_hash(g_teecd_calc_hash, - (uint32_t)SHA256_DIGEST_LENTH, current) == EOK); - if (!g_teecd_hash_calced) { - tloge("calc libteec hidl hash failed\n"); - mutex_unlock(&g_hash_calc_lock); - return -EFAULT; - } - - mutex_unlock(&g_hash_calc_lock); - - return 0; -} - -static int check_teecd_code_hash(void) -{ - unsigned char digest[SHA256_DIGEST_LENTH] = {0}; - - if (!g_teecd_hash_calced) - return 0; - - if (calc_task_hash(digest, (uint32_t)SHA256_DIGEST_LENTH, current)) { - tloge("calc task hash failed!\n"); - return -EACCES; - } - - if (memcmp(digest, g_teecd_calc_hash, SHA256_DIGEST_LENTH)) { - tloge("compare teecd hash error!\n"); - return -EACCES; - } - - return EOK; -} - -int check_teecd_access(void) -{ -#ifdef CONFIG_DISABLE_TEECD_CHECK - return EOK; -#endif - if (check_teecd_path_access()) - return -EACCES; - - if (calc_teecd_process_hash()) { - tloge("calc hidl process hash failed\n"); - return -EFAULT; - } - - if (check_teecd_code_hash()) - return -EACCES; - - return EOK; -} -- Gitee From 454b0c41d9fb810e5d892343a1c4af0e9e7d750d Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 11:29:43 +0000 Subject: [PATCH 13/33] =?UTF-8?q?=E5=88=A0=E9=99=A4=E6=96=87=E4=BB=B6=20co?= =?UTF-8?q?re/teec=5Fdaemon=5Fauth.h?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/teec_daemon_auth.h | 36 ------------------------------------ 1 file changed, 36 deletions(-) delete mode 100644 core/teec_daemon_auth.h diff --git a/core/teec_daemon_auth.h b/core/teec_daemon_auth.h deleted file mode 100644 index 6333745..0000000 --- a/core/teec_daemon_auth.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * teec_daemon_auth.h - * - * function definition for teecd or hidl process auth - * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - */ -#ifndef TEEC_DAEMON_AUTH_H -#define TEEC_DAEMON_AUTH_H - -#ifdef CONFIG_TEECD_AUTH -#include -#include "auth_base_impl.h" - -int check_teecd_access(void); - -#else - -static inline int check_teecd_access(void) -{ - return 0; -} - -#endif - -#endif -- Gitee From d21c6369228239d46d362b7340fae7156e7099c3 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 11:32:34 +0000 Subject: [PATCH 14/33] nothing -- Gitee From 88c4e171643b851c40b06e93126c16306dfe78cc Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Thu, 23 Jun 2022 13:39:02 +0000 Subject: [PATCH 15/33] update reserved_mempool.c --- core/reserved_mempool.c | 427 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 427 insertions(+) create mode 100644 core/reserved_mempool.c diff --git a/core/reserved_mempool.c b/core/reserved_mempool.c new file mode 100644 index 0000000..a3498c6 --- /dev/null +++ b/core/reserved_mempool.c @@ -0,0 +1,427 @@ +/* + * reserved_mempool.c + * + * memory managering for reserved memory with TEE + * + * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include "reserved_mempool.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include "teek_client_constants.h" +#include "tc_ns_log.h" +#include "smc_smp.h" + +#define RESMEM_PAGE_MAX (RESERVED_MEM_POOL_SIZE >> PAGE_SHIFT) +#define STATE_MODE 0440U + +struct virt_page { + unsigned long start; +}; + +struct reserved_page_t { + struct list_head node; + struct virt_page *page; + int order; + unsigned int count; +}; + +struct reserved_free_area_t { + struct list_head page_list; + int order; +}; + +struct reserved_zone_t { + struct virt_page *all_pages; + struct reserved_page_t pages[RESMEM_PAGE_MAX]; + struct reserved_free_area_t free_areas[0]; +}; + +static struct reserved_zone_t *g_res_zone; +static struct mutex g_res_lock; +static int g_res_max_order; +static unsigned long g_start_vaddr = 0; +static unsigned long g_virt_phy_offset; +static struct dentry *g_res_mem_dbg_dentry; + +bool exist_res_mem(void) +{ + return g_start_vaddr != 0; +} + +unsigned long res_mem_virt_to_phys(unsigned long vaddr) +{ + return vaddr - g_virt_phy_offset; +} + +int load_reserved_mem(void) +{ + struct device_node *np = NULL; + struct resource r; + int rc; + void *p = NULL; + + np = of_find_compatible_node(NULL, NULL, "tz_reserved"); + if (np == NULL) { + tlogd("can not find reserved memory.\n"); + return 0; + } + + rc = of_address_to_resource(np, 0, &r); + if (rc) { + tloge("of_address_to_resource error\n"); + return -ENODEV; + } + + p = ioremap(r.start, resource_size(&r)); + if (p == NULL) { + tloge("io remap for reserved memory failed\n"); + return -ENOMEM; + } + + g_start_vaddr = (unsigned long)(uintptr_t)p; + g_virt_phy_offset = g_start_vaddr - (unsigned long)r.start; + return 0; +} + +static int create_zone(void) +{ + size_t zone_len; + int order = get_order(RESERVED_MEM_POOL_SIZE); + g_res_max_order = (order > CONFIG_MAX_RES_MEM_ORDER) ? CONFIG_MAX_RES_MEM_ORDER : order; + zone_len = sizeof(struct reserved_free_area_t) * (g_res_max_order + 1) + sizeof(g_res_zone); + + g_res_zone = kzalloc(zone_len, GFP_KERNEL); + if (g_res_zone == NULL) { + tloge("fail to create zone\n"); + return -ENOMEM; + } + return 0; +} + +static struct virt_page *create_virt_pages(void) +{ + int i = 0; + struct virt_page *pages = NULL; + + pages = kzalloc(RESMEM_PAGE_MAX * sizeof(struct virt_page), GFP_KERNEL); + if (pages == NULL) { + tloge("alloc pages failed\n"); + return NULL; + } + for(i = 0; i < RESMEM_PAGE_MAX; i++) + pages[i].start = g_start_vaddr + i * PAGE_SIZE; + return pages; +} + +void free_reserved_mempool(void) +{ + if (!exist_res_mem()) + return; + kfree(g_res_zone->all_pages); + g_res_zone->all_pages = NULL; + kfree(g_res_zone); + g_res_zone = NULL; +} + +static void show_res_mem_info(void) +{ + unsigned int i; + struct reserved_page_t *pos = NULL; + struct list_head *head = NULL; + unsigned int used = 0; + + if (g_res_zone == NULL) { + tloge("res zone is NULL\n"); + return; + } + + tloge("############################# reserved memory info #############################\n"); + mutex_lock(&g_res_lock); + for (i = 0; i < RESMEM_PAGE_MAX; i++) { + if (g_res_zone->pages[i].count) { + tloge("page[%02d], order=%02d, count=%d\n", + i, g_res_zone->pages[i].order, + g_res_zone->pages[i].count); + used += (1 << (uint32_t)g_res_zone->pages[i].order); + } + } + tloge("reserved memory total usage:%u%u\n", used, RESMEM_PAGE_MAX); + tloge("------------------------------------------------------------\n"); + + for (i = 0; i < (unsigned int)g_res_max_order; i++) { + head = &g_res_zone->free_areas[i].page_list; + if (list_empty(head)) + tloge("order[%02d] is empty\n", i); + else { + list_for_each_entry(pos, head, node); + tloge("order[%02d]\n", i); + } + } + mutex_unlock(&g_res_lock); + tloge("############################################################################\n"); +} + +static ssize_t mb_res_mem_state_read(struct file *filp, char __user *ubuf, + size_t cnt, loff_t *ppos) +{ + (void)(filp); + (void)(ubuf); + (void)(ppos); + show_res_mem_info(); + return 0; +} + +static const struct file_operations g_res_mem_dbg_state_fops = { + .owner = THIS_MODULE, + .read = mb_res_mem_state_read, +}; + +static void init_res_mem_dentry(void) +{ + g_res_mem_dbg_dentry = debugfs_create_dir("tz_res_mem", NULL); + debugfs_create_file("state", STATE_MODE, g_res_mem_dbg_dentry, NULL, + &g_res_mem_dbg_state_fops); +} + +static int res_mem_register(unsigned long paddr, unsigned int size) +{ + struct tc_ns_operation *operation = NULL; + struct tc_ns_smc_cmd *smc_cmd = NULL; + int ret = 0; + + smc_cmd = kzalloc(sizeof(*smc_cmd), GFP_KERNEL); + if (ZERO_OR_NULL_PTR(unsigned long)(uintptr_t)smc_cmd) { + tloge("alloc smc_cmd failed\n"); + return -ENOMEM; + } + + operation = kzalloc(sizeof(*operation), GFP_KERNEL); + if (ZERO_OR_NULL_PTR(unsigned long)(uintptr_t)operation) { + tloge("alloc operation failed\n"); + ret = -ENOMEM; + goto free_smc_cmd; + } + + operation->paramtypes = TEE_PARAM_TYPE_VALUE_INPUT | + (TEE_PARAM_TYPE_VALUE_INPUT << TEE_PARAM_NUM); + operation->params[0].value.a = paddr; + operation->params[0].value.b = paddr >> ADDR_TRANS_NUM; + operation->params[1].value.a = size; + + smc_cmd->cmd_type = CMD_TYPE_GLOBAL; + smc_cmd->cmd_id = GLOBAL_CMD_ID_REGISTER_RESMEM; + smc_cmd->operation_phys = virt_to_phys(operation); + smc_cmd->operation_h_phys = virt_to_phys(operation) >> ADDR_TRANS_NUM; + + if (tc_ns_smc(smc_cmd)) { + tloge("register res mem failed\n"); + ret = -EIO; + } + + kfree(operation); + operation = NULL; +free_smc_cmd: + kfree(smc_cmd); + smc_cmd = NULL; + return ret; +} + +int reserved_mempool_init() +{ + struct virt_page *all_pages = NULL; + struct reserved_free_area_t *area = NULL; + struct reserved_page_t *res_page = NULL; + int res = 0; + int i; + int max_order_cnt; + unsigned long paddr; + + if (!exist_res_mem()) + return 0; + + ret = create_zone() + if (ret) + return ret; + + all_pages = create_virt_pages(); + if (all_pages == NULL) { + kfree(g_res_zone); + g_res_zone = NULL; + return -ENOMEM; + } + + paddr = res_mem_virt_to_phys(g_start_vaddr); + ret = res_mem_register(paddr, RESERVED_MEM_POOL_SIZE); + if (ret) { + kfree(all_pages); + kfree(g_res_zone); + g_res_zone = NULL; + return -EIO; + } + + for (i = 0; i < RESMEM_PAGE_MAX; i++) { + g_res_zone->pages[i].order = -1; + g_res_zone->pages[i].count = 0; + g_res_zone->pages[i].page = &all_pages[i]; + } + + for (i = 0; i < g_res_max_order; i++) { + area = &g_res_zone->free_areas[i]; + INIT_LIST_HEAD(&area->page_list); + area->order = i; + } + + max_order_cnt = RESMEM_PAGE_MAX / (1 << (unsigned int)g_res_max_order); + g_res_zone->all_pages = all_pages; + for (i = 0; i < max_order_cnt; i++) { + int idx = i * (1 << (unsigned int)g_res_max_order); + g_res_zone->pages[idx].order = g_res_max_order; + res_page = &g_res_zone->pages[idx]; + list_add_tail(&res_page->node, &area->page_list); + } + + mutex_init(&g_res_lock); + init_res_mem_dentry(); + return 0; +} + +void *reserved_mem_alloc(size_t size) +{ + int i, j; + struct reserved_page_t *pos = NULL; + struct list_head *head = NULL; + int order = get_order(ALIGN(size, SZ_4k)); + unsigned long addr = 0; + + bool valid_param = (size > 0 && order <= g_res_max_order && order >= 0); + if (!valid_param) { + tloge("invalid alloc param, size %d, order %d, max %d\n", (int)size, order, g_res_max_order); + return NULL; + } + mutex_lock(&g_res_lock); + for (i = 0; i <= g_res_max_order; i++) { + head = &g_res_zone->free_areas[i].page_list; + if (list_empty(head)) + continue; + + pos = list_first_entry(head, struct reserved_page_t, node); + pos->count = 1; + pos->order = order; + + for (j = order; j < i; j++) { + struct reserved_page_t *new_page = NULL; + new_page = pos + (1 << (unsigned int)j); + new_page->count = 0; + new_page->order = j; + list_add_tail(&new_page->node, &g_res_zone->free_areas[i].page_list); + } + list_del(&pos->node); + addr = pos->page->start; + break; + } + mutex_unlock(&g_res_lock); + return (void *)(uintptr_t)addr; +} + +static int get_virt_page_index(const void *ptr) +{ + unsigned long vaddr = (unsigned long)(uintptr_t)ptr; + unsigned long offset = vaddr - g_start_vaddr; + int pg_idx = offset / (1 << PAGE_SHIFT); + if (pg_idx >= RESMEM_PAGE_MAX || pg_idx < 0) + return -1; + return pg_idx; +} + +static int buddy_merge(struct virt_page *vpage, int order, unsigned int *page_index) +{ + int i; + unsigned int cur_idx; + unsigned int buddy_idx; + struct reserved_page_t *self = NULL; + struct reserved_page_t *buddy = NULL; + + for (i = 0; i < g_res_max_order; i++) { + cur_idx = vpage -g_res_zone->all_pages; + buddy_idx = cur_idx ^ (1 << (unsigned int)i); + self = &g_res_zone->pages[cur_idx]; + buddy = &g_res_zone->pages[buddy_idx]; + self->count = 0; + + if (buddy->order == i && buddy->count == 0) { + list_del(&buddy->node); + if (cur_idx > buddy_idx) { + vpage = buddy->page; + buddy->order = i + 1; + self->order = -1; + } else { + self->order = i + 1; + buddy->order = -1; + } + } else { + list_add_tail(&self->node, &g_res_zone->free_areas[i].page_list); + return -1; + } + } + + if (order == g_res_max_order) { + cur_idx = vpage - g_res_zone->all_pages; + tlogd("no need to find buddy, cur is %u\n", cur_idx); + *page_index = cur_idx; + return 0; + } + *page_index = (cur_idx > buddy_idx) ? buddy_idx : cur_idx; + return 0; +} + +void reserved_mem_free(const void *ptr) +{ + struct reserved_page_t *self = NULL; + int self_idx; + unsigned int page_index; + struct reserved_page_t *max_order_page = NULL; + + if (ptr == NULL) { + tloge("invalid ptr\n"); + return; + } + + mutex_lock(&g_res_lock); + self_idx = get_virt_page_index(ptr); + if (self_idx < 0) { + mutex_unlock(&g_res_lock); + tloge("invalid page\n"); + return; + } + + self = &g_res_zone->pages[self_idx]; +} \ No newline at end of file -- Gitee From 8a3d34101d4f81b0c679a59b83961ad270550eec Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Fri, 24 Jun 2022 01:33:04 +0000 Subject: [PATCH 16/33] update reserved mempool.c --- core/reserved_mempool.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/core/reserved_mempool.c b/core/reserved_mempool.c index a3498c6..90b52ed 100644 --- a/core/reserved_mempool.c +++ b/core/reserved_mempool.c @@ -424,4 +424,19 @@ void reserved_mem_free(const void *ptr) } self = &g_res_zone->pages[self_idx]; + if (!self->count) { + tloge("already free in reserved mempool\n"); + mutex_unlock(&g_res_lock); + return; + } + + if (buddy_merge(self->page, self->order, &page_index) < 0) { + mutex_unlock(&g_res_lock); + return; + } + + max_order_page = &g_res_zone->pages[page_index]; + list_add_tail(&max_order_page->node, + &g_res_zone->free_areas[g_res_max_order].page_list); + mutex_unlock(&g_res_lock); } \ No newline at end of file -- Gitee From 1096e61a4894428d9868e487ae186e7f516f9c9f Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Sat, 25 Jun 2022 11:35:59 +0000 Subject: [PATCH 17/33] update tee_trace_event.c --- core/reserved_mempool.c | 2 +- core/reserved_mempool.h | 40 +++++ core/tee_trace_event.c | 368 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 409 insertions(+), 1 deletion(-) create mode 100644 core/reserved_mempool.h create mode 100644 core/tee_trace_event.c diff --git a/core/reserved_mempool.c b/core/reserved_mempool.c index 90b52ed..2468b30 100644 --- a/core/reserved_mempool.c +++ b/core/reserved_mempool.c @@ -3,7 +3,7 @@ * * memory managering for reserved memory with TEE * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/reserved_mempool.h b/core/reserved_mempool.h new file mode 100644 index 0000000..17beaad --- /dev/null +++ b/core/reserved_mempool.h @@ -0,0 +1,40 @@ +/* + * reserved_mempool.h + * + * reserved memory managing for sharing memory with TEE + * + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef RESERVED_MEMPOOL_H +#define RESERVED_MEMPOOL_H + +#include +#include + +#ifndef CONFIG_MAX_RES_MEM_ORDER +#define CONFIG_MAX_RES_MEM_ORDER 15 +#endif + +#define RESERVED_MEM_POOL_SIZE 0x8000000 //128M +#define RESERVED_MAX_ALLOC_SIZE (1 << (CONFIG_MAX_RES_MEM_ORDER + PAGE_SHIFT)) //2^max_order * 4k +#define LIMIT_RES_MEM_ORDER 15 + +int load_reserved_mem(void); +void *reserved_mem_alloc(size_t size); +void free_reserved_mempool(void); +int reserved_mempool_init(void); +void reserved_mem_free(const void *ptr); +bool exist_res_mem(void); +unsigned long res_mem_virt_to_phys(unsigned long vaddr); +#endif \ No newline at end of file diff --git a/core/tee_trace_event.c b/core/tee_trace_event.c new file mode 100644 index 0000000..da5b105 --- /dev/null +++ b/core/tee_trace_event.c @@ -0,0 +1,368 @@ +/* + * tee_trace_event.c + * + * functions for TEE trace + * + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include "tee_trace_event.h" + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#define TEE_TASK_NAME_LEN 16 /* same as tcb_prop->tcb_name */ + +#define trace_event_name(event_id, enable) \ + [event_id] = { #event_id, enable} + +#define compile_time_assert(cond, msg) typedef char g_assert_##msg[(cond) ? 1 : -1] + +struct tee_view_state_t { + const char *name; + bool enable; +}; + +/* Make sure it has the same order as 'enum tee_event_id' */ +static struct tee_view_state_t view_state[TEE_EVENT_MAX] = { + trace_event_name(INVOKE_CMD_START, true), + trace_event_name(INVOKE_CMD_END, true), + trace_event_name(SMC_SEND, true), + trace_event_name(SMC_DONE, true), + trace_event_name(SMC_IN, true), + trace_event_name(SMC_OUT, true), + trace_event_name(SMC_SLEEP, true), + trace_event_name(SMC_PREEMPT, true), + trace_event_name(GTASK_GET_CMD, false), + trace_event_name(GTASK_PUT_CMD, false), + trace_event_name(GTASK_REQ_TA, false), + trace_event_name(GTASK_RESP_TA, false), + trace_event_name(SPI_WAKEUP, true), + trace_event_name(SCHED_IN, true), + trace_event_name(SCHED_OUT, true), +}; + +static const char* trace_task[] = { + /* add ta name like this "echo_task" */ +}; + +compile_time_assert(ARRAY_SIZE(trace_task) <= TEE_TRACE_TASK_MAX, + trace_task_too_large); + +struct tee_trace_event_t { + enum tee_event_id id; + uint32_t ca_pid; + uint64_t time; + uint64_t add_info; +}; + +struct tee_trace_stream_t { + uint32_t total; + uint32_t cur; + struct tee_trace_event_t events[TEE_TRACE_EVENT_NUM]; +}; + +struct tee_trace_mem_t { + bool start; + uint32_t freq; + bool enable[TEE_EVENT_MAX]; + uint32_t trace_task; + char trace_task_name[TEE_TRACE_TASK_MAX][TEE_TASK_NAME_LEN]; + struct tee_trace_stream_t *streams[NR_CPUS]; +}; + +#define TRACE_STREAM_SIZE_ALIGN(sizeof(struct tee_trace_stream_t), PAGE_SIZE) +#define TRACE_MEM_SIZE_ALIGN(sizeof(struct tee_trace_mem_t), PAGE_SIZE) + +/* pages associate with g_event_mem */ +static struct page *g_event_pages; +/* pages associate with g_event_mem->streams[NR_CPUS] */ +static struct page *g_stream_pages[NR_CPUS]; +static struct tee_trace_mem_t *g_event_mem; + +void tee_trace_add_event(enum tee_event_id id, uint64_t add_info) +{ + int32_t cpu_id = raw_smp_processor_id(); + struct tee_trace_stream_t *stream = NULL; + struct tee_trace_event_t *event = NULL; + + if (id < INVOKE_CMD_START || id >= TEE_EVENT_MAX) + return; + + if (g_event_mem == NULL || !g_event_mem->start || !g_event_mem->enable[id]) + return; + preempt_disable(); + stream = g_event_mem->streams[cpu_id]; + event = &stream->events[stream->cur]; + + if (unlikely((stream->cur + 1) >= stream->total)) { + tloge("events buffer too small\n"); + preempt_enable(); + return; + } + + event_id = id; + event->ca_pid = current->pid; + event->time = arch_counter_get_cntvct(); + event->add_info = (add_info == 0) ? current->pid : add_info; + stream->cur++; + preempt_enable(); +} + +struct trace_mem_cmd_t { + uint64_t trace_mem; + uint64_t trace_mem_size; + uint64_t trace_streams[NR_CPUS]; +}; + +static void *init_cmd_of_trace_mem(void) +{ + uint32_t i; + struct trace_mem_cmd_t *p = + mailbox_alloc(sizeof(struct trace_mem_cmd_t), MB_FLAG_ZERO); + + if (p == NULL) + return NULL; + + p->trace_mem = virt_to_phys(g_event_mem); + p->trace_mem_size = TRACE_MEM_SIZE; + for (i = 0; i < NR_CPUS; i++) + p->trace_streams[i] = virt_to_phys(g_event_mem->streams[i]); + + return p; +} + +static int tee_trace_event_send_cmd(uint32_t cmd) +{ + int ret = 0; + struct tc_ns_smc_cmd smc_cmd = { { 0 }, 0}; + struct mb_cmd_pack *mb_pack = NULL; + void *cmd_buffer = NULL; + + mb_pack = mailbox_alloc_cmd_pack(); + if (mb_pack == NULL) + return -ENOMEM; + + switch (cmd) { + case GLOBAL_CMD_ID_TRACE_ENABLE: + mb_pack->operation.paramtypes = TEE_PARAM_TYPE_MEMREF_INPUT; + cmd_buffer = init_cmd_of_trace_mem(); + if (cmd_buffer == NULL) { + mailbox_free(mb_pack); + return -ENOMEM; + } + mb_pack->operation.params[0].memref.buffer = virt_to_phys(cmd_buffer); + mb_pack->operation.buffer_h_addr[0] = + virt_to_phys(cmd_buffer) >> ADDR_TRANS_NUM; + mb_pack->operation.params[0].memref.size = + ALIGN(sizeof(struct trace_mem_cmd_t), PAGE_SIZE); + break; + default: + mailbox_free(mb_pack); + return -EINVAL; + } + smc_cmd.cmd_type = CMD_TYPE_GLOBAL; + smc_cmd.cmd_id = cmd; + smc_cmd.operation_phys = virt_to_phys(&mb_pack->operation); + smc_cmd.operation_h_phys = + (uint64_t)virt_to_phys(&mb_pack->operation) >> ADDR_TRANS_NUM; + + if (tc_ns_smc(&smc_cmd)) { + ret = -EIO; + tloge("trace cmd 0x%x failed\n", cmd); + } + if (cmd_buffer != NULL) + mailbox_free(cmd_buffer); + mailbox_free(mb_pack); + + return ret; +} + +static void free_event_mem(void) +{ + uint32_t i; + + (void)memset_s(g_event_mem, TRACE_MEM_SIZE, 0, TRACE_MEM_SIZE); + + for (i = 0; i < NR_CPUS; i++) { + if (g_stream_pages[i] != NULL) { + __free_pages(g_stream_pages[i], get_order(TRACE_STREAM_SIZE)); + g_stream_pages[i] = NULL; + } + } + + __free_pages(g_event_pages, get_order(TRACE_MEM_SIZE)); + g_event_mem = NULL; +} + +static int init_event_mem(void) +{ + uint32_t i; + int ret; + + g_event_pages = koadpt_alloc_pages(GFP_KERNEL, get_order(TRACE_MEM_SIZE)); + if (g_event_pages == NULL) { + tloge("alloc event mem (size 0x%lx) failed\n", TRACE_MEM_SIZE); + return -ENOMEM; + } + + g_event_mem = page_address(g_event_pages); + (void)memset_s(g_event_mem, TRACE_MEM_SIZE, 0, TRACE_MEM_SIZE); + + for (i = 0; i < NR_CPUS; i++) { + g_stream_pages[i] = + koadpt_alloc_pages(GFP_KERNEL, get_order(TRACE_STREAM_SIZE)); + if (!g_stream_pages[i]) { + tloge("alloc stream mem (size 0x%lx) failed\n", TRACE_STREAM_SIZE); + ret = -ENOMEM; + goto clean; + } + g_event_mem->streams[i] = page_address(g_stream_pages[i]); + } + + for (i = 0; i < TEE_EVENT_MAX; i++) + g_event_mem->enable[i] = view_state[i].enable; + + g_event_mem->trace_task = ARRAY_SIZE(trace_task); + for (i = 0; i < ARRAY_SIZE(trace_task); i++) + if (strcpy_s(g_event_mem->trace_task_name[i], TEE_TASK_NAME_LEN, + trace_task[i] != EOK)) { + tloge("task name %s too long\n", trace_task[i]); + return -EINVAL; + goto clean; + } + g_event_mem->freq = arch_timer_get_cntfrq(); + for (i = 0; i < NR_CPUS; i++) + g_event_mem->streams[i]->total = TEE_TRACE_EVENT_NUM; + + return 0; +clean: + free_event_mem(); + return ret; +} + +int tee_trace_event_enable(void) +{ + int ret; + + if (g_event_mem != NULL) + return 0; + + ret = init_event_mem(); + if (ret != 0) + return ret; + + ret = tee_trace_event_send_cmd(GLOBAL_CMD_ID_TRACE_ENABLE); + if (ret != 0) { + free_event_mem(); + tloge("register tee trace mem failed\n"); + return ret; + } + return 0; +} + +int tee_trace_event_start(void) +{ + uint32_t cpu; + + if (g_event_mem == NULL) + return 0; + + for (cpu = 0;cpu < NR_CPUS; cpu++) { + g_event_mem->streams[cpu]->cur = 0; + (void)memset_s(g_event_mem->streams[cpu]->events, + sizeof(struct tee_trace_event_t) * TEE_TRACE_EVENT_NUM, 0, + sizeof(struct tee_trace_event_t) * TEE_TRACE_EVENT_NUM); + } + g_event_mem->start = true; + smp_mb(); + + return 0; +} + +int tee_trace_event_stop(void) +{ + if (g_event_mem == NULL || !g_event_mem->start) + return 0; + g_event_mem->start = false; + smp_mb(); + return 0; +} + +void get_tee_trace_start(struct tee_trace_view_t *view) +{ + uint32_t i; + + if (g_event_mem == NULL || view =NULL) + return; + + for (i = 0; i < NR_CPUS; i++) { + uint64_t time = g_event_mem->streams[i]->events[0].time; + if (time != 0 && (view->start == 0 || view->start > time)) + view->start = time; + view->total += g_event_mem->streams[i]->cur; + view->end[i] += g_event_mem->streams[i]->cur; + view->at[i] = 0; + } +} + +int get_tee_trace_next(struct tee_trace_view_t *view, uint32_t *event_id, + const char **event_name, uint32_t *cpu, uint32_t *ca_pid, + uint64_t *time, uint64_t add_info) +{ + uint32_t i; + uint32_t index = -1; + uint64_t first = 0; + struct tee_trace_event_t *event = NULL; + + if (g_event_mem == NULL || !g_event_mem->start || view == NULL) + return -1; + + for (i = 0; i < NR_CPUS; i++) { + if (view->at[i] < view->end[i]) { + if (index == -1 || + first > g_event_mem->streams[i]->events[view->at[i]].time) { + first = g_event_mem->streams[i]->events[view->at[i]].time; + index = i; + } + } + } + if (index == -1) + return -1; + + event = &g_event_mem->streams[index]->events[view->at[index]]; + *event_id = event->id; + *event_name = view_state[event->id].name; + *cpu = (uint32_t)index; + *ca_pid = event->ca_pid; + *time = (event->time - view->start) * USEC_PER_SEC / g_event_mem->freq; + *add_info = event->add_info; + view->at[index]++; + + return 0; +} + +const char *hget_tee_trace_task_name(uint32_t task_idx) +{ + if (task_idx >= ARRAY_SIZE(trace_task)) + return NULL; + return trace_task[task_idx]; +} \ No newline at end of file -- Gitee From 34687341a69e11258b482b976e32556728d948b6 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Mon, 27 Jun 2022 08:40:53 +0000 Subject: [PATCH 18/33] update tee_trace_event.h --- core/tee_trace_event.h | 70 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 core/tee_trace_event.h diff --git a/core/tee_trace_event.h b/core/tee_trace_event.h new file mode 100644 index 0000000..1dfa681 --- /dev/null +++ b/core/tee_trace_event.h @@ -0,0 +1,70 @@ +/* + * tee_trace_event.h + * + * functions declarations for tee_trace_event + * + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef TEE_TRACE_EVENT_H +#define TEE_TRACE_EVENT_H + +#include +#include + +/* maxium trace event per cpu stream */ +#define TEE_TRACE_EVENT_NUM 20000 +/* maxium trace task of 'sched_in/out' event */ +#define TEE_TRACE_TASK_MAX 8 + +/* Add event id's name in 'view_state[]' in same order */ +enum tee_event_id { + INVOKE_CMD_START, + INVOKE_CMD_END, + SMC_SEND, + SMC_DONE, + SMC_IN, + SMC_OUT, + SMC_SLEEP, + SMC_PREEMPT, + GTASK_GET_CMD, + GTASK_PUT_CMD, + GTASK_REQ_TA, + GTASK_RESP_TA, + SPI_WAKEUP, + SCHED_IN, + SCHED_OUT, + TEE_EVENT_MAX +}; + +#ifdef CONFIG_TEE_TRACE +void tee_trace_add_event(enum tee_event_id id, uint64_t add_info); + +int tee_trace_event_enable(void); +int tee_trace_event_start(void); +int tee_trace_event_stop(void); + +void get_tee_trace_start(struct tee_trace_view_t *view); +int get_tee_trace_next(struct tee_trace_view_t *view, uint32_t *event_id, + const char **event_name, uint32_t *cpu, uint32_t *ca_pid, + uint64_t *time, uint64_t *add_info); +const char *get_tee_trace_task_name(uint32_t task_idx); +#else +static inline void tee_trace_add_event(enum tee_event_id id, uint64_t add_info) +{ + (void)id; + (void)add_info; +} +#endif + +#endif \ No newline at end of file -- Gitee From 448def9d9b0ca6a94c4369365ad1730755804d24 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Mon, 27 Jun 2022 09:26:02 +0000 Subject: [PATCH 19/33] update license date --- auth/auth_base_impl.c | 2 +- auth/auth_base_impl.h | 2 +- auth/client_hash_auth.c | 2 +- auth/client_hash_auth.h | 2 +- core/agent.c | 2 +- core/agent.h | 2 +- core/agent_allowed_ca.c | 2 +- core/cmdmonitor.c | 2 +- core/cmdmonitor.h | 2 +- core/gp_ops.c | 2 +- core/gp_ops.h | 2 +- core/mailbox_mempool.c | 2 +- core/mailbox_mempool.h | 2 +- core/mem.c | 2 +- core/mem.h | 2 +- core/session_manager.c | 2 +- core/session_manager.h | 2 +- core/smc_smp.c | 2 +- core/smc_smp.h | 2 +- core/tc_client_driver.c | 2 +- core/tc_client_driver.h | 2 +- core/tee_compat_check.c | 2 +- core/tee_compat_check.h | 2 +- core/teek_app_load.c | 2 +- core/teek_app_load.h | 2 +- core/teek_client_api.c | 2 +- core/tz_pm.c | 2 +- core/tz_pm.h | 2 +- core/tz_spi_notify.c | 2 +- core/tz_spi_notify.h | 2 +- ko_adapt.c | 2 +- ko_adapt.h | 2 +- kthread_affinity/tz_kthread_affinity.c | 2 +- kthread_affinity/tz_kthread_affinity.h | 2 +- kthread_affinity/tz_kthread_cpumask.h | 2 +- kthread_affinity/tz_kthread_cpumask_dts.c | 2 +- tc_ns_client.h | 2 +- tc_ns_log.h | 2 +- teek_client_api.h | 2 +- teek_client_constants.h | 2 +- teek_client_id.h | 2 +- teek_client_type.h | 2 +- teek_ns_client.h | 2 +- tlogger/log_cfg_api.h | 2 +- tlogger/log_pages_cfg.c | 2 +- tlogger/tlogger.c | 2 +- tlogger/tlogger.h | 2 +- 47 files changed, 47 insertions(+), 47 deletions(-) diff --git a/auth/auth_base_impl.c b/auth/auth_base_impl.c index 1e59eea..9890be0 100644 --- a/auth/auth_base_impl.c +++ b/auth/auth_base_impl.c @@ -3,7 +3,7 @@ * * function for base hash operation * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/auth/auth_base_impl.h b/auth/auth_base_impl.h index 2806373..40390c6 100644 --- a/auth/auth_base_impl.h +++ b/auth/auth_base_impl.h @@ -3,7 +3,7 @@ * * function definition for base hash operation * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/auth/client_hash_auth.c b/auth/client_hash_auth.c index 219cd39..8417ddb 100644 --- a/auth/client_hash_auth.c +++ b/auth/client_hash_auth.c @@ -3,7 +3,7 @@ * * function for CA code hash auth * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/auth/client_hash_auth.h b/auth/client_hash_auth.h index 92c6086..d32a38e 100644 --- a/auth/client_hash_auth.h +++ b/auth/client_hash_auth.h @@ -3,7 +3,7 @@ * * function definition for CA code hash auth * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/agent.c b/core/agent.c index b957336..3635b11 100644 --- a/core/agent.c +++ b/core/agent.c @@ -3,7 +3,7 @@ * * agent manager function, such as register and send cmd * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/agent.h b/core/agent.h index 971aee3..7e2a793 100644 --- a/core/agent.h +++ b/core/agent.h @@ -3,7 +3,7 @@ * * agent manager function definition, such as register and send cmd * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/agent_allowed_ca.c b/core/agent_allowed_ca.c index 0a26052..56a9be0 100644 --- a/core/agent_allowed_ca.c +++ b/core/agent_allowed_ca.c @@ -3,7 +3,7 @@ * * allowed_ext_agent_ca list and functions * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/cmdmonitor.c b/core/cmdmonitor.c index e69c55d..f286310 100644 --- a/core/cmdmonitor.c +++ b/core/cmdmonitor.c @@ -3,7 +3,7 @@ * * cmdmonitor function, monitor every cmd which is sent to TEE. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/cmdmonitor.h b/core/cmdmonitor.h index aafbcbc..5bba335 100644 --- a/core/cmdmonitor.h +++ b/core/cmdmonitor.h @@ -3,7 +3,7 @@ * * cmdmonitor function declaration * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/gp_ops.c b/core/gp_ops.c index 4dadd94..9276798 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -3,7 +3,7 @@ * * alloc global operation and pass params to TEE. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/gp_ops.h b/core/gp_ops.h index c730e7b..4f00a8a 100644 --- a/core/gp_ops.h +++ b/core/gp_ops.h @@ -3,7 +3,7 @@ * * function declaration for alloc global operation and pass params to TEE. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/mailbox_mempool.c b/core/mailbox_mempool.c index b5702d4..afe8117 100644 --- a/core/mailbox_mempool.c +++ b/core/mailbox_mempool.c @@ -3,7 +3,7 @@ * * mailbox memory managing for sharing memory with TEE. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/mailbox_mempool.h b/core/mailbox_mempool.h index 472b7fd..8025fae 100644 --- a/core/mailbox_mempool.h +++ b/core/mailbox_mempool.h @@ -3,7 +3,7 @@ * * mailbox memory managing for sharing memory with TEE. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/mem.c b/core/mem.c index a75ed44..7020b60 100644 --- a/core/mem.c +++ b/core/mem.c @@ -3,7 +3,7 @@ * * memory operation for gp sharedmem. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/mem.h b/core/mem.h index f02f2ea..31870d6 100644 --- a/core/mem.h +++ b/core/mem.h @@ -3,7 +3,7 @@ * * memory operation for gp sharedmem. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/session_manager.c b/core/session_manager.c index 3460cef..c9ebe2d 100644 --- a/core/session_manager.c +++ b/core/session_manager.c @@ -3,7 +3,7 @@ * * function for session management * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/session_manager.h b/core/session_manager.h index 27b3515..ff94d1d 100644 --- a/core/session_manager.h +++ b/core/session_manager.h @@ -3,7 +3,7 @@ * * function declaration for session management * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/smc_smp.c b/core/smc_smp.c index ed0469d..da42e83 100644 --- a/core/smc_smp.c +++ b/core/smc_smp.c @@ -3,7 +3,7 @@ * * function for sending smc cmd * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/smc_smp.h b/core/smc_smp.h index f71a6b3..11673ea 100644 --- a/core/smc_smp.h +++ b/core/smc_smp.h @@ -3,7 +3,7 @@ * * function declaration for sending smc cmd * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tc_client_driver.c b/core/tc_client_driver.c index e2f2ee7..db5fef2 100644 --- a/core/tc_client_driver.c +++ b/core/tc_client_driver.c @@ -3,7 +3,7 @@ * * function for proc open,close session and invoke * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tc_client_driver.h b/core/tc_client_driver.h index 927a326..b7a2bd2 100644 --- a/core/tc_client_driver.h +++ b/core/tc_client_driver.h @@ -3,7 +3,7 @@ * * function declaration for proc open,close session and invoke * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tee_compat_check.c b/core/tee_compat_check.c index 12342a9..fa690d0 100644 --- a/core/tee_compat_check.c +++ b/core/tee_compat_check.c @@ -3,7 +3,7 @@ * * check compatibility between tzdriver and tee. * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tee_compat_check.h b/core/tee_compat_check.h index 2eb28a0..976ec18 100644 --- a/core/tee_compat_check.h +++ b/core/tee_compat_check.h @@ -3,7 +3,7 @@ * * check compatibility between tzdriver and teeos. * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/teek_app_load.c b/core/teek_app_load.c index 0b74a03..68723ea 100644 --- a/core/teek_app_load.c +++ b/core/teek_app_load.c @@ -3,7 +3,7 @@ * * function declaration for load app operations for kernel CA. * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/teek_app_load.h b/core/teek_app_load.h index 532b33a..51d830c 100644 --- a/core/teek_app_load.h +++ b/core/teek_app_load.h @@ -3,7 +3,7 @@ * * function declaration for load app operations for kernel CA. * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/teek_client_api.c b/core/teek_client_api.c index b0bc834..d641e9b 100644 --- a/core/teek_client_api.c +++ b/core/teek_client_api.c @@ -3,7 +3,7 @@ * * function definition for libteec interface for kernel CA. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tz_pm.c b/core/tz_pm.c index b7911a8..654fc7e 100644 --- a/core/tz_pm.c +++ b/core/tz_pm.c @@ -3,7 +3,7 @@ * * function for proc open,close session and invoke * - * Copyright (c) 2020-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2020-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tz_pm.h b/core/tz_pm.h index 977a1ea..f4791bc 100644 --- a/core/tz_pm.h +++ b/core/tz_pm.h @@ -3,7 +3,7 @@ * * suspend or freeze func declaration for tzdriver * - * Copyright (c) 2020-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2020-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tz_spi_notify.c b/core/tz_spi_notify.c index 847b7a5..edf4cc7 100644 --- a/core/tz_spi_notify.c +++ b/core/tz_spi_notify.c @@ -3,7 +3,7 @@ * * exported funcs for spi interrupt actions * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/core/tz_spi_notify.h b/core/tz_spi_notify.h index cbfbd00..712e280 100644 --- a/core/tz_spi_notify.h +++ b/core/tz_spi_notify.h @@ -3,7 +3,7 @@ * * exported funcs for spi interrupt actions * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/ko_adapt.c b/ko_adapt.c index 2630900..0920b05 100644 --- a/ko_adapt.c +++ b/ko_adapt.c @@ -3,7 +3,7 @@ * * function for find symbols not exported * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/ko_adapt.h b/ko_adapt.h index 66a335c..5148ec3 100644 --- a/ko_adapt.h +++ b/ko_adapt.h @@ -3,7 +3,7 @@ * * function for find symbols not exported * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/kthread_affinity/tz_kthread_affinity.c b/kthread_affinity/tz_kthread_affinity.c index 81ef972..c1fc542 100644 --- a/kthread_affinity/tz_kthread_affinity.c +++ b/kthread_affinity/tz_kthread_affinity.c @@ -3,7 +3,7 @@ * * function for set kthread affinity * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/kthread_affinity/tz_kthread_affinity.h b/kthread_affinity/tz_kthread_affinity.h index 7619779..25953e9 100644 --- a/kthread_affinity/tz_kthread_affinity.h +++ b/kthread_affinity/tz_kthread_affinity.h @@ -3,7 +3,7 @@ * * exported funcs for kthread affinity * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/kthread_affinity/tz_kthread_cpumask.h b/kthread_affinity/tz_kthread_cpumask.h index 1a51eea..7f2f922 100644 --- a/kthread_affinity/tz_kthread_cpumask.h +++ b/kthread_affinity/tz_kthread_cpumask.h @@ -3,7 +3,7 @@ * * exported funcs for get kthread cpumask * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/kthread_affinity/tz_kthread_cpumask_dts.c b/kthread_affinity/tz_kthread_cpumask_dts.c index 47a84a2..348eec7 100644 --- a/kthread_affinity/tz_kthread_cpumask_dts.c +++ b/kthread_affinity/tz_kthread_cpumask_dts.c @@ -3,7 +3,7 @@ * * function for get kthread cpumask * - * Copyright (c) 2021-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2021-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tc_ns_client.h b/tc_ns_client.h index dc40d59..163ed74 100644 --- a/tc_ns_client.h +++ b/tc_ns_client.h @@ -3,7 +3,7 @@ * * data structure declaration for nonsecure world * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tc_ns_log.h b/tc_ns_log.h index 326363c..4d43d38 100644 --- a/tc_ns_log.h +++ b/tc_ns_log.h @@ -3,7 +3,7 @@ * * log func declaration * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/teek_client_api.h b/teek_client_api.h index 9aa806f..75c6e17 100644 --- a/teek_client_api.h +++ b/teek_client_api.h @@ -3,7 +3,7 @@ * * function declaration for libteec interface for kernel CA. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/teek_client_constants.h b/teek_client_constants.h index 3865422..bc2b28f 100644 --- a/teek_client_constants.h +++ b/teek_client_constants.h @@ -3,7 +3,7 @@ * * macro declaration for libteec interface for kernel CA. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/teek_client_id.h b/teek_client_id.h index cc813f2..94e22d9 100644 --- a/teek_client_id.h +++ b/teek_client_id.h @@ -3,7 +3,7 @@ * * define exported data for secboot CA * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/teek_client_type.h b/teek_client_type.h index 315b126..1588e1a 100644 --- a/teek_client_type.h +++ b/teek_client_type.h @@ -3,7 +3,7 @@ * * define exported structures * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/teek_ns_client.h b/teek_ns_client.h index df9f3d6..6d32c25 100644 --- a/teek_ns_client.h +++ b/teek_ns_client.h @@ -3,7 +3,7 @@ * * define structures and IOCTLs. * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tlogger/log_cfg_api.h b/tlogger/log_cfg_api.h index c7c71a6..b2d0bee 100644 --- a/tlogger/log_cfg_api.h +++ b/tlogger/log_cfg_api.h @@ -3,7 +3,7 @@ * * for log cfg api define * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tlogger/log_pages_cfg.c b/tlogger/log_pages_cfg.c index 049bcb1..3e5270d 100644 --- a/tlogger/log_pages_cfg.c +++ b/tlogger/log_pages_cfg.c @@ -3,7 +3,7 @@ * * for pages log cfg api define * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tlogger/tlogger.c b/tlogger/tlogger.c index 1908184..7380214 100644 --- a/tlogger/tlogger.c +++ b/tlogger/tlogger.c @@ -3,7 +3,7 @@ * * TEE Logging Subsystem, read the tee os log from log memory * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License diff --git a/tlogger/tlogger.h b/tlogger/tlogger.h index 8806eed..53b6b19 100644 --- a/tlogger/tlogger.h +++ b/tlogger/tlogger.h @@ -3,7 +3,7 @@ * * TEE Logging Subsystem, read the tee os log from rdr memory * - * Copyright (c) 2012-2021 Huawei Technologies Co., Ltd. + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License -- Gitee From 5447a4e756cdfab7b01cf04185cf47ab72150fd9 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Mon, 27 Jun 2022 12:56:11 +0000 Subject: [PATCH 20/33] update something --- auth/client_hash_auth.c | 15 ++++++++------- auth/client_hash_auth.h | 2 +- core/agent.c | 6 +++--- core/cmdmonitor.c | 4 ++-- core/cmdmonitor.h | 4 ++-- core/gp_ops.c | 21 +++++++++++++-------- core/mem.c | 2 +- core/reserved_mempool.c | 20 ++++++++++---------- core/reserved_mempool.h | 2 +- core/smc_smp.c | 4 ++-- core/tc_client_driver.c | 2 +- core/tee_trace_event.c | 18 +++++++++--------- core/tee_trace_event.h | 7 +++++++ 13 files changed, 60 insertions(+), 47 deletions(-) diff --git a/auth/client_hash_auth.c b/auth/client_hash_auth.c index 8417ddb..85f521b 100644 --- a/auth/client_hash_auth.c +++ b/auth/client_hash_auth.c @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include "tc_ns_log.h" #include "auth_base_impl.h" @@ -60,6 +60,7 @@ static int find_lib_code_area(struct mm_struct *mm, struct vm_area_struct **lib_ *lib_code_area = vma; tlogd("so name is %s\n", vma->vm_file->f_path.dentry->d_name.name); + return EOK; } } } @@ -70,7 +71,7 @@ struct get_code_info { unsigned long code_start; unsigned long code_end; unsigned long code_size; -} +}; static int update_so_hash(struct mm_struct *mm, struct task_struct *cur_struct, struct shash_desc *shash, int so_index) @@ -105,7 +106,7 @@ static int update_so_hash(struct mm_struct *mm, break; } - ptr_base = kmap_atomic(ptr_page); + ptr_base = kmap_atomic(ptr_base); if (!ptr_page) { rc = -EFAULT; put_page(ptr_page); @@ -170,9 +171,9 @@ static int calc_task_so_hash(unsigned char *digest, uint32_t dig_len, return -EFAULT; } - down_read(&mem_sem_lock(mm)); + down_read(&mm_sem_lock(mm)); rc = update_so_hash(mm, cur_struct, &desc->shash, so_index); - up_read(&mem_sem_lock(mm)); + up_read(&mm_sem_lock(mm)); mmput(mm); if (!rc) rc = crypto_shash_final(&desc->shash, digest); @@ -181,7 +182,7 @@ static int calc_task_so_hash(unsigned char *digest, uint32_t dig_len, } static int proc_calc_hash(uint8_t kernel_api, struct tc_ns_session *session, - struct task_struct cur_struct, uint32_t pub_key_len) + struct task_struct *cur_struct, uint32_t pub_key_len) { int rc, i; int so_found = 0; @@ -211,7 +212,7 @@ static int proc_calc_hash(uint8_t kernel_api, struct tc_ns_session *session, } #endif - rc = calc_task_so_hash(session->auth_hash_buf + MAX_SHA_256_SZ * so_found, + rc = calc_task_hash(session->auth_hash_buf + MAX_SHA_256_SZ * NUM_OF_SO, (uint32_t)SHA256_DIGEST_LENTH, cur_struct, pub_key_len); if (rc) { mutex_crypto_hash_unlock(); diff --git a/auth/client_hash_auth.h b/auth/client_hash_auth.h index d32a38e..e7785f6 100644 --- a/auth/client_hash_auth.h +++ b/auth/client_hash_auth.h @@ -29,7 +29,7 @@ int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, struct tc_ns_client_context *context, struct tc_ns_session *session); #else -int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, +static inline int calc_client_auth_hash(struct tc_ns_dev_file *dev_file, struct tc_ns_client_context *context, struct tc_ns_session *session) { return 0; diff --git a/core/agent.c b/core/agent.c index 3635b11..ec749e6 100644 --- a/core/agent.c +++ b/core/agent.c @@ -70,7 +70,7 @@ struct agent_control { static struct agent_control g_agent_control; -int __attritube__((weak)) is_allowed_agent_ca(const struct ca_info *ca, +int __attribute__((weak)) is_allowed_agent_ca(const struct ca_info *ca, bool check_agent_id) { (void)ca; @@ -780,7 +780,7 @@ static bool is_valid_agent(unsigned int agent_id, } static int is_agent_already_exist(unsigned int agent_id, - struct smc_event_data **event_data, struct tc_ns_dev_file *dev_file bool *find_flag) + struct smc_event_data **event_data, struct tc_ns_dev_file *dev_file, bool *find_flag) { unsigned long flags; bool flag = false; @@ -956,7 +956,7 @@ static int check_for_unregister_agent(unsigned int agent_id) return 0; } -bool __attritube__((weak)) is_third_party_agent(unsigned int agent_id) +bool __attribute__((weak)) is_third_party_agent(unsigned int agent_id) { (void)agent_id; return false; diff --git a/core/cmdmonitor.c b/core/cmdmonitor.c index f286310..d404f68 100644 --- a/core/cmdmonitor.c +++ b/core/cmdmonitor.c @@ -63,7 +63,7 @@ static void get_time_spec(struct time_spec *time) #endif } -static void shedule_memstat_work(struct delayed_work *work, unsigned long delay) +static void schedule_memstat_work(struct delayed_work *work, unsigned long delay) { schedule_delayed_work(work, delay); } @@ -79,7 +79,7 @@ static void schedule_cmd_monitor_work(struct delayed_work *work, void tzdebug_memstat(void) { - shedule_memstat_work(&g_mem_stat, usecs_to_jiffies(S_TO_MS)); + schedule_memstat_work(&g_mem_stat, usecs_to_jiffies(S_TO_MS)); } void tzdebug_archivelog(void) diff --git a/core/cmdmonitor.h b/core/cmdmonitor.h index 5bba335..afdabd2 100644 --- a/core/cmdmonitor.h +++ b/core/cmdmonitor.h @@ -29,7 +29,7 @@ enum { TYPE_CRASH_TA = 1, TYPE_CRASH_TEE = 2, -} +}; /* * when cmd execute more than 25s in tee, @@ -50,7 +50,7 @@ struct time_spec { struct cmd_monitor { struct list_head list; struct time_spec sendtime; - struct time_spec_lasttime; + struct time_spec lasttime; int32_t timer_index; int count; bool returned; diff --git a/core/gp_ops.c b/core/gp_ops.c index 9276798..54d5d65 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -555,9 +555,9 @@ static int fill_shared_mem_info(void *start_vaddr, uint32_t pages_no, if (pages == NULL) return -EFAULT; - down_read(&mem_sem_lock(current->mm)); + down_read(&mm_sem_lock(current->mm)); page_num = get_user_pages(start_vaddr, pages_no, 0, pages, NULL); - up_read(&mem_sem_lock(current->mm)); + up_read(&mm_sem_lock(current->mm)); if (page_num != pages_no) { tloge("get page phy addr failed\n"); if (page_num > 0) @@ -566,7 +566,7 @@ static int fill_shared_mem_info(void *start_vaddr, uint32_t pages_no, return -EFAULT; } - page_info = buffer; + page_info = buff; page_info->page_num = pages_no; page_info->page_size = PAGE_SIZE; page_info->sharedmem_offset = offset; @@ -596,6 +596,11 @@ static int check_buffer_for_sharedmem(uint32_t* buffer_size, tloge("copy sharedmem.size_addr failed\n"); return -EFAULT; } + + if (*buffer_size == 0 || *buffer_size > SZ_256M) { + tloge("invalid buffer size\n"); + return -ENOMEM; + } return 0; } @@ -604,7 +609,7 @@ static int transfer_shared_mem(const struct tc_call_params *call_params, struct tc_op_params *op_params, uint8_t kernel_params, uint32_t param_type, unsigned int index) { - void *buffer = NULL; + void *buff = NULL; void *start_vaddr = NULL; union tc_ns_client_param *client_param = NULL; uint32_t buffer_size; @@ -640,7 +645,7 @@ static int transfer_shared_mem(const struct tc_call_params *call_params, op_params->mb_pack->operation.params[index].sharedmem.buffer = virt_to_phys(buff); op_params->mb_pack->operation.buffer_h_addr[index] = (uint64_t)virt_to_phys(buff) >> ADDR_TRANS_NUM; op_params->mb_pack->operation.params[index].sharedmem.size = buff_len; - op_params->trans_paramtype[indx] = param_type; + op_params->trans_paramtype[index] = param_type; return 0; } #else @@ -843,7 +848,7 @@ static int update_for_ref_mem(const struct tc_call_params *call_params, } /* reserved memory no need to copy */ - if (operation->sharedmem[index]->mem_type == RESERVED_TYPE) + if (operation->sharemem[index]->mem_type == RESERVED_TYPE) return 0; /* copy from mb_buffer to sharemem */ @@ -927,14 +932,14 @@ static int update_client_operation(const struct tc_call_params *call_params, } #ifdef CONFIG_NOCOPY_SHAREDMEM -static void release_page(void *buff) +static void release_page(void *buf) { uint32_t i; uint64_t *phys_addr = NULL; struct pagelist_info *page_info = NULL; struct page *page = NULL; - page_info = buff; + page_info = buf; phys_addr = (uint64_t *)buf + (sizeof(*page_info) / sizeof(uint64_t)); for (i = 0; i < page_info->page_num; i++) { page = (uintptr_t)phys_to_page(phys_addr[i]); diff --git a/core/mem.c b/core/mem.c index 7020b60..72d68e2 100644 --- a/core/mem.c +++ b/core/mem.c @@ -75,7 +75,7 @@ struct tc_ns_shared_mem *tc_mem_allocate(size_t len) shared_mem->mem_type = VMALLOC_TYPE; len = ALIGN(len, SZ_4K); if (exist_res_mem()) { - if (len > RESEVED_MAX_ALLOC_SIZE || len > RESEVED_MEM_POOL_SIZE) { + if (len > RESEVED_MAX_ALLOC_SIZE || len > RESERVED_MEM_POOL_SIZE) { tloge("allocate reserved mem size too large\n"); return ERR_PTR(-EINVAL); } diff --git a/core/reserved_mempool.c b/core/reserved_mempool.c index 2468b30..c3ddf5c 100644 --- a/core/reserved_mempool.c +++ b/core/reserved_mempool.c @@ -117,7 +117,7 @@ static int create_zone(void) size_t zone_len; int order = get_order(RESERVED_MEM_POOL_SIZE); g_res_max_order = (order > CONFIG_MAX_RES_MEM_ORDER) ? CONFIG_MAX_RES_MEM_ORDER : order; - zone_len = sizeof(struct reserved_free_area_t) * (g_res_max_order + 1) + sizeof(g_res_zone); + zone_len = sizeof(struct reserved_free_area_t) * (g_res_max_order + 1) + sizeof(*g_res_zone); g_res_zone = kzalloc(zone_len, GFP_KERNEL); if (g_res_zone == NULL) { @@ -219,13 +219,13 @@ static int res_mem_register(unsigned long paddr, unsigned int size) int ret = 0; smc_cmd = kzalloc(sizeof(*smc_cmd), GFP_KERNEL); - if (ZERO_OR_NULL_PTR(unsigned long)(uintptr_t)smc_cmd) { + if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)smc_cmd)) { tloge("alloc smc_cmd failed\n"); return -ENOMEM; } operation = kzalloc(sizeof(*operation), GFP_KERNEL); - if (ZERO_OR_NULL_PTR(unsigned long)(uintptr_t)operation) { + if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)operation)) { tloge("alloc operation failed\n"); ret = -ENOMEM; goto free_smc_cmd; @@ -260,7 +260,7 @@ int reserved_mempool_init() struct virt_page *all_pages = NULL; struct reserved_free_area_t *area = NULL; struct reserved_page_t *res_page = NULL; - int res = 0; + int ret = 0; int i; int max_order_cnt; unsigned long paddr; @@ -268,7 +268,7 @@ int reserved_mempool_init() if (!exist_res_mem()) return 0; - ret = create_zone() + ret = create_zone(); if (ret) return ret; @@ -294,7 +294,7 @@ int reserved_mempool_init() g_res_zone->pages[i].page = &all_pages[i]; } - for (i = 0; i < g_res_max_order; i++) { + for (i = 0; i <= g_res_max_order; i++) { area = &g_res_zone->free_areas[i]; INIT_LIST_HEAD(&area->page_list); area->order = i; @@ -319,7 +319,7 @@ void *reserved_mem_alloc(size_t size) int i, j; struct reserved_page_t *pos = NULL; struct list_head *head = NULL; - int order = get_order(ALIGN(size, SZ_4k)); + int order = get_order(ALIGN(size, SZ_4K)); unsigned long addr = 0; bool valid_param = (size > 0 && order <= g_res_max_order && order >= 0); @@ -328,7 +328,7 @@ void *reserved_mem_alloc(size_t size) return NULL; } mutex_lock(&g_res_lock); - for (i = 0; i <= g_res_max_order; i++) { + for (i = order; i <= g_res_max_order; i++) { head = &g_res_zone->free_areas[i].page_list; if (list_empty(head)) continue; @@ -342,7 +342,7 @@ void *reserved_mem_alloc(size_t size) new_page = pos + (1 << (unsigned int)j); new_page->count = 0; new_page->order = j; - list_add_tail(&new_page->node, &g_res_zone->free_areas[i].page_list); + list_add_tail(&new_page->node, &g_res_zone->free_areas[j].page_list); } list_del(&pos->node); addr = pos->page->start; @@ -370,7 +370,7 @@ static int buddy_merge(struct virt_page *vpage, int order, unsigned int *page_in struct reserved_page_t *self = NULL; struct reserved_page_t *buddy = NULL; - for (i = 0; i < g_res_max_order; i++) { + for (i = order; i < g_res_max_order; i++) { cur_idx = vpage -g_res_zone->all_pages; buddy_idx = cur_idx ^ (1 << (unsigned int)i); self = &g_res_zone->pages[cur_idx]; diff --git a/core/reserved_mempool.h b/core/reserved_mempool.h index 17beaad..e4bd265 100644 --- a/core/reserved_mempool.h +++ b/core/reserved_mempool.h @@ -27,7 +27,7 @@ #endif #define RESERVED_MEM_POOL_SIZE 0x8000000 //128M -#define RESERVED_MAX_ALLOC_SIZE (1 << (CONFIG_MAX_RES_MEM_ORDER + PAGE_SHIFT)) //2^max_order * 4k +#define RESEVED_MAX_ALLOC_SIZE (1 << (CONFIG_MAX_RES_MEM_ORDER + PAGE_SHIFT)) //2^max_order * 4k #define LIMIT_RES_MEM_ORDER 15 int load_reserved_mem(void); diff --git a/core/smc_smp.c b/core/smc_smp.c index da42e83..261866e 100644 --- a/core/smc_smp.c +++ b/core/smc_smp.c @@ -1330,7 +1330,7 @@ void fiq_shadow_work_func(uint64_t target) { struct smc_cmd_ret secret = { SMC_EXIT_MAX, 0, target }; - secs_suspend__status(target); + secs_suspend_status(target); if (power_on_cc()) { tloge("power on cc failed\n"); return; @@ -1908,7 +1908,7 @@ void wakeup_tc_siq(uint32_t siq_mode) } g_siq_queue[i] = siq_mode; atomic_set(&g_siq_th_run, 1); - mutex_unlock(&g_siq_lock) + mutex_unlock(&g_siq_lock); wake_up_interruptible(&siq_th_wait); } diff --git a/core/tc_client_driver.c b/core/tc_client_driver.c index db5fef2..e55d758 100644 --- a/core/tc_client_driver.c +++ b/core/tc_client_driver.c @@ -180,7 +180,7 @@ static int get_public_key_len(struct tc_ns_dev_file *dev_file, return -EFAULT; if (tmp_len > MAX_PUBKEY_LEN) { - tloge("invalid public key len: %u\n", dev_file->pub_key_len); + tloge("invalid public key len: %u\n", tmp_len); return -EINVAL; } dev_file->pub_key_len = tmp_len; diff --git a/core/tee_trace_event.c b/core/tee_trace_event.c index da5b105..706b9dc 100644 --- a/core/tee_trace_event.c +++ b/core/tee_trace_event.c @@ -89,8 +89,8 @@ struct tee_trace_mem_t { struct tee_trace_stream_t *streams[NR_CPUS]; }; -#define TRACE_STREAM_SIZE_ALIGN(sizeof(struct tee_trace_stream_t), PAGE_SIZE) -#define TRACE_MEM_SIZE_ALIGN(sizeof(struct tee_trace_mem_t), PAGE_SIZE) +#define TRACE_STREAM_SIZE ALIGN(sizeof(struct tee_trace_stream_t), PAGE_SIZE) +#define TRACE_MEM_SIZE ALIGN(sizeof(struct tee_trace_mem_t), PAGE_SIZE) /* pages associate with g_event_mem */ static struct page *g_event_pages; @@ -119,7 +119,7 @@ void tee_trace_add_event(enum tee_event_id id, uint64_t add_info) return; } - event_id = id; + event->id = id; event->ca_pid = current->pid; event->time = arch_counter_get_cntvct(); event->add_info = (add_info == 0) ? current->pid : add_info; @@ -246,7 +246,7 @@ static int init_event_mem(void) if (strcpy_s(g_event_mem->trace_task_name[i], TEE_TASK_NAME_LEN, trace_task[i] != EOK)) { tloge("task name %s too long\n", trace_task[i]); - return -EINVAL; + ret = -EINVAL; goto clean; } g_event_mem->freq = arch_timer_get_cntfrq(); @@ -311,7 +311,7 @@ void get_tee_trace_start(struct tee_trace_view_t *view) { uint32_t i; - if (g_event_mem == NULL || view =NULL) + if (g_event_mem == NULL || view == NULL) return; for (i = 0; i < NR_CPUS; i++) { @@ -319,17 +319,17 @@ void get_tee_trace_start(struct tee_trace_view_t *view) if (time != 0 && (view->start == 0 || view->start > time)) view->start = time; view->total += g_event_mem->streams[i]->cur; - view->end[i] += g_event_mem->streams[i]->cur; + view->end[i] = g_event_mem->streams[i]->cur; view->at[i] = 0; } } int get_tee_trace_next(struct tee_trace_view_t *view, uint32_t *event_id, const char **event_name, uint32_t *cpu, uint32_t *ca_pid, - uint64_t *time, uint64_t add_info) + uint64_t *time, uint64_t *add_info) { uint32_t i; - uint32_t index = -1; + int32_t index = -1; uint64_t first = 0; struct tee_trace_event_t *event = NULL; @@ -360,7 +360,7 @@ int get_tee_trace_next(struct tee_trace_view_t *view, uint32_t *event_id, return 0; } -const char *hget_tee_trace_task_name(uint32_t task_idx) +const char *get_tee_trace_task_name(uint32_t task_idx) { if (task_idx >= ARRAY_SIZE(trace_task)) return NULL; diff --git a/core/tee_trace_event.h b/core/tee_trace_event.h index 1dfa681..3a089a1 100644 --- a/core/tee_trace_event.h +++ b/core/tee_trace_event.h @@ -54,6 +54,13 @@ int tee_trace_event_enable(void); int tee_trace_event_start(void); int tee_trace_event_stop(void); +struct tee_trace_view_t { + uint64_t start; + uint32_t total; + uint32_t end[NR_CPUS]; + uint32_t at[NR_CPUS]; +}; + void get_tee_trace_start(struct tee_trace_view_t *view); int get_tee_trace_next(struct tee_trace_view_t *view, uint32_t *event_id, const char **event_name, uint32_t *cpu, uint32_t *ca_pid, -- Gitee From c17b905060933e695d3f26d36ed0251c2dea4b75 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Mon, 27 Jun 2022 13:04:01 +0000 Subject: [PATCH 21/33] update --- ko_adapt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ko_adapt.c b/ko_adapt.c index 0920b05..d4c9519 100644 --- a/ko_adapt.c +++ b/ko_adapt.c @@ -110,9 +110,9 @@ struct workqueue_attrs *koadpt_alloc_workqueue_attrs(gfp_t gfp_mask) #if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)) struct workqueue_attrs *attrs; - attrs = kzalloc(sizeof(*attrs), GFP_KERNEL) + attrs = kzalloc(sizeof(*attrs), GFP_KERNEL); if (!attrs) { - tloge("alloc workqueue attrfail\n"); + tloge("alloc workqueue attr fail\n"); return NULL; } -- Gitee From 6132d83ac2b819dc528869135b37a9f98024935b Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Mon, 27 Jun 2022 14:00:06 +0000 Subject: [PATCH 22/33] fix error --- core/cmdmonitor.h | 1 - core/secs_power_ctrl.h | 40 ++++++++++++++++++++++++++++++++++++++++ core/smc_smp.c | 1 - teek_ns_client.h | 1 + 4 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 core/secs_power_ctrl.h diff --git a/core/cmdmonitor.h b/core/cmdmonitor.h index afdabd2..d43eeae 100644 --- a/core/cmdmonitor.h +++ b/core/cmdmonitor.h @@ -18,7 +18,6 @@ #ifndef CMD_MONITOR_H #define CMD_MONITOR_H -#include "tzdebug.h" #include "teek_ns_client.h" #include diff --git a/core/secs_power_ctrl.h b/core/secs_power_ctrl.h new file mode 100644 index 0000000..eb7b572 --- /dev/null +++ b/core/secs_power_ctrl.h @@ -0,0 +1,40 @@ +/* + * secs_power_ctrl.h + * + * function declaration for secs power ctrl + * + * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef SECS_POWER_CTRL_H +#define SECS_POWER_CTRL_H + +#include + +static int power_on_cc(void) +{ + return 0; +} + +static int power_down_cc(void) +{ + return 0; +} + +static void secs_suspend_status(uint64_t target) +{ + (void)target; + return; +} + +#endif \ No newline at end of file diff --git a/core/smc_smp.c b/core/smc_smp.c index 261866e..d0def04 100644 --- a/core/smc_smp.c +++ b/core/smc_smp.c @@ -59,7 +59,6 @@ #include "teek_ns_client.h" #include "mailbox_mempool.h" #include "cmdmonitor.h" -#include "security_auth_enhance.h" #include "tlogger.h" #include "ko_adapt.h" #include "log_cfg_api.h" diff --git a/teek_ns_client.h b/teek_ns_client.h index 6d32c25..52a0d2e 100644 --- a/teek_ns_client.h +++ b/teek_ns_client.h @@ -205,3 +205,4 @@ struct mb_cmd_pack { }; +#endif \ No newline at end of file -- Gitee From 7a2c523ec6610bc62c244d8c7f87d9898c91bb6d Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Tue, 28 Jun 2022 03:30:08 +0000 Subject: [PATCH 23/33] update --- core/cmdmonitor.c | 35 ++--------------------------------- core/gp_ops.c | 4 +--- core/session_manager.c | 2 -- core/smc_smp.c | 1 + core/tc_client_driver.c | 5 ----- teek_client_constants.h | 1 + tlogger/tlogger.c | 5 ++--- 7 files changed, 7 insertions(+), 46 deletions(-) diff --git a/core/cmdmonitor.c b/core/cmdmonitor.c index d404f68..7b36c37 100644 --- a/core/cmdmonitor.c +++ b/core/cmdmonitor.c @@ -144,29 +144,6 @@ bool is_thread_reported(unsigned int tid) return ret; } -void memstat_report(void) -{ - int ret; - struct tee_mem *meminfo = NULL; - - meminfo = mailbox_alloc(sizeof(*meminfo), MB_FLAG_ZERO); - if (!meminfo) { - tloge("mailbox alloc failed\n"); - return; - } - - ret = get_tee_meminfo(meminfo); - if (!ret) - tlogd("get meminfo failed\n"); - mailbox_free(meminfo); -} - -static void memstat_work(struct work_struct *work) -{ - (void)work; - memstat_report(); -} - void cmd_monitor_reset_context(void) { struct cmd_monitor *monitor = NULL; @@ -198,6 +175,7 @@ static void show_timeout_cmd_info(struct cmd_monitor *monitor) { long long timedif, timedif2; struct time_spec nowtime; + int32_t time_in_sec; get_time_spec(&nowtime); /* @@ -216,18 +194,11 @@ static void show_timeout_cmd_info(struct cmd_monitor *monitor) monitor->pid, monitor->pname, monitor->tid, monitor->tname, monitor->lastcmdid, monitor->agent_call_count, timedif); - /* threads out of white table need info dump */ - tlogw("monitor: pid-%d", monitor->pid); - if (!is_tui_in_use(monitor->tid)) { - show_cmd_bitmap(); - g_cmd_need_archivelog = 1; - wakeup_tc_siq(SIQ_DUMP_TIMEOUT); - } } timedif2 = S_TO_MS * (nowtime.ts.tv_sec - monitor->lasttime.ts.tv_sec) + (nowtime.ts.tv_nsec - monitor->lasttime.ts.tv_nsec) / S_TO_US; - int32_t time_in_sec = monitor->timer_index >= g_timer_nums ? + time_in_sec = monitor->timer_index >= g_timer_nums ? g_timer_step[g_timer_nums - 1] : g_timer_step[monitor->timer_index]; if (timedif2 > time_in_sec * S_TO_MS) { @@ -425,6 +396,4 @@ void init_cmd_monitor(void) (uintptr_t)&g_cmd_monitor_work, cmd_monitor_tickfn); INIT_DEFERRABLE_WORK((struct delayed_work *) (uintptr_t)&g_cmd_monitor_work_archive, cmd_monitor_archivefn); - INIT_DEFERRABLE_WORK((struct delayed_work *)(uintptr_t)&g_mem_stat, memstat_work); - } diff --git a/core/gp_ops.c b/core/gp_ops.c index 54d5d65..858a413 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -1,5 +1,5 @@ /* - * gp_op.c + * gp_ops.c * * alloc global operation and pass params to TEE. * @@ -1180,8 +1180,6 @@ static void release_tc_call_resource(const struct tc_call_params *call_params, * then del ion won't be triggered, so here tzdriver need to kill ion; *2. when ta crash, tzdriver also need to kill ion */ - if (tee_ret == TEE_ERROR_TAGET_DEAD || tee_ret == TEEC_ERROR_GENERIC) - kill_ion_by_uuid((struct tc_uuid *)op_params->smc_cmd->uuid); if (op_params->op_inited) free_operation(call_params, op_params); diff --git a/core/session_manager.c b/core/session_manager.c index c9ebe2d..3cf6532 100644 --- a/core/session_manager.c +++ b/core/session_manager.c @@ -831,7 +831,6 @@ static int proc_open_session(struct tc_ns_dev_file *dev_file, ret = tc_client_call(¶ms); if (ret) { /* Clean this session secure information */ - kill_ion_by_uuid((struct tc_uuid *)context->uuid); mutex_unlock(&service->operation_lock); tloge("smc call returns error, ret=0x%x\n", ret); return ret; @@ -966,7 +965,6 @@ static int close_session(struct tc_ns_dev_file *dev, if (ret) tloge("close session failed, ret=0x%x\n", ret); - kill_ion_by_uuid((struct tc_uuid *)context.uuid); return ret; } diff --git a/core/smc_smp.c b/core/smc_smp.c index d0def04..1ed3760 100644 --- a/core/smc_smp.c +++ b/core/smc_smp.c @@ -65,6 +65,7 @@ #include "tz_kthread_affinity.h" #include "tee_compat_check.h" #include "tee_trace_event.h" +#include "secs_power_ctrl.h" #define PREEMPT_COUNT 10000 #define HZ_COUNT 10 diff --git a/core/tc_client_driver.c b/core/tc_client_driver.c index e55d758..a993d2e 100644 --- a/core/tc_client_driver.c +++ b/core/tc_client_driver.c @@ -71,7 +71,6 @@ #include "client_hash_auth.h" #include "auth_base_impl.h" #include "tlogger.h" -#include "tzdebug.h" #include "session_manager.h" #include "ko_adapt.h" #include "tz_pm.h" @@ -386,7 +385,6 @@ int tc_ns_client_close(struct tc_ns_dev_file *dev) close_unclosed_session_in_kthread(dev); - kill_ion_by_cafd(dev->dev_file_id); /* for thirdparty agent, code runs here only when agent crashed */ send_crashed_event_response_all(dev); free_dev(dev); @@ -1056,8 +1054,6 @@ static void tc_re_init(const struct device *class_dev) if (ret) tloge("tlogger init failed\n"); #endif - if (tzdebug_init()) - tloge("tzdebug init failed\n"); if (init_smc_svc_thread()) { tloge("init svc thread\n"); @@ -1106,7 +1102,6 @@ static void tc_exit(void) smc_free_data(); agent_exit(); #ifdef CONFIG_TZDRIVER_MODULE - tzdebug_exit(); exit_tlogger_service(); #endif mailbox_mempool_destroy(); diff --git a/teek_client_constants.h b/teek_client_constants.h index bc2b28f..1b508cc 100644 --- a/teek_client_constants.h +++ b/teek_client_constants.h @@ -134,6 +134,7 @@ enum TEEC_ParamType { TEEC_MEMREF_TEMP_INOUT = 0x07, TEEC_ION_INPUT = 0x08, TEEC_ION_SGLIST_INPUT = 0x09, + TEEC_MEMREF_SHARED_INOUT = 0xa, TEEC_MEMREF_WHOLE = 0xc, TEEC_MEMREF_PARTIAL_INPUT = 0xd, TEEC_MEMREF_PARTIAL_OUTPUT = 0xe, diff --git a/tlogger/tlogger.c b/tlogger/tlogger.c index 7380214..c0a6286 100644 --- a/tlogger/tlogger.c +++ b/tlogger/tlogger.c @@ -952,10 +952,10 @@ static int get_msg_buffer(unsigned char **buffer, uint32_t *buffer_max_len, uint32_t *read_start, uint32_t *read_end, const char *file_path, uint32_t file_path_len) { - (void)file_path_len; errno_t rc; int ret; unsigned char *addr = NULL; + (void)file_path_len; if (!g_log_buffer) return -1; @@ -1005,8 +1005,8 @@ free_res: static int open_msg_file(struct file **file, const char *file_path, uint32_t file_path_len) { + struct file *filep; (void)file_path_len; - struct file *filep = NULL; filep = filp_open(file_path, O_CREAT | O_RDWR | O_TRUNC, OPEN_FILE_MODE); if (!filep || IS_ERR(filep)) { @@ -1021,7 +1021,6 @@ static int open_msg_file(struct file **file, int tlogger_store_msg(const char *file_path, uint32_t file_path_len) { struct file *filep = NULL; - mm_segment_t old_fs; loff_t pos = 0; int ret; uint32_t buffer_max_len = 0; -- Gitee From ff0db11a03e080c996ac47badfe054f6a3c0e3d7 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Tue, 28 Jun 2022 03:51:22 +0000 Subject: [PATCH 24/33] update --- Makefile | 5 ++-- tlogger/tlogger.c | 69 ----------------------------------------------- 2 files changed, 2 insertions(+), 72 deletions(-) diff --git a/Makefile b/Makefile index 253938d..9fdab9f 100644 --- a/Makefile +++ b/Makefile @@ -3,8 +3,7 @@ obj-m := tzdriver.o tzdriver-objs := core/smc_smp.o core/tc_client_driver.o core/session_manager.o core/mailbox_mempool.o core/teek_app_load.o tzdriver-objs += core/agent.o core/gp_ops.o core/mem.o core/cmdmonitor.o core/tz_spi_notify.o core/tz_pm.o core/tee_compat_check.o -tzdriver-objs += auth/auth_base_impl.o core/teec_daemon_auth.o tlogger/tlogger.o tlogger/log_pages_cfg.o ko_adapt.o -tzdriver-objs += auth/security_auth_enhance.o +tzdriver-objs += auth/auth_base_impl.o tlogger/tlogger.o tlogger/log_pages_cfg.o ko_adapt.o RESULT := $(shell cat /proc/kallsyms | grep vsnprintf_s) @@ -20,7 +19,7 @@ endif KPATH := /usr/src/kernels KDIR := $(KPATH)/$(shell ls $(KPATH)) -EXTRA_CFLAGS += -fstack-protector-strong -DCONFIG_TEELOG -DCONFIG_TZDRIVER_MODULE -DCONFIG_TEECD_AUTH -DCONFIG_PAGES_MEM=y -DCONFIG_AUTH_ENHANCE -DCONFIG_CLOUDSERVER_TEECD_AUTH +EXTRA_CFLAGS += -fstack-protector-strong -DCONFIG_TEELOG -DCONFIG_TZDRIVER_MODULE -DCONFIG_TEECD_AUTH -DCONFIG_PAGES_MEM=y -DCONFIG_CLOUDSERVER_TEECD_AUTH EXTRA_CFLAGS += -I$(PWD)/libboundscheck/include/ -I$(PWD) -I$(PWD)/auth -I$(PWD)/core EXTRA_CFLAGS += -I$(PWD)/tlogger -I$(PWD)/kthread_affinity EXTRA_CFLAGS += -DCONFIG_CPU_AFF_NR=0 -DCONFIG_BIG_SESSION=1000 -DCONFIG_NOTIFY_PAGE_ORDER=4 -DCONFIG_512K_LOG_PAGES_MEM diff --git a/tlogger/tlogger.c b/tlogger/tlogger.c index c0a6286..c85dd81 100644 --- a/tlogger/tlogger.c +++ b/tlogger/tlogger.c @@ -889,65 +889,6 @@ static int write_log_to_msg(struct file *filep, } } -static void update_dumpmsg_offset(uint32_t *read_start, uint32_t *read_end, - uint32_t read_off, uint32_t read_off_end, uint32_t *dump_start_flag, uint32_t *dump_end_flag) -{ - struct log_item *next_item = NULL; - unsigned char *buffer = g_log_buffer->buffer_start; - uint32_t buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); - ssize_t item_len; - ssize_t total_len; - - next_item = msg_get_next(buffer, read_off, - LOG_ITEM_MAX_LEN, buffer_max_len); - - while (next_item && read_off <= read_off_end) { - item_len = next_item->buffer_len + sizeof(*next_item); - if (strstr(next_item->log_buffer, DUMP_START_MAGIC)) { - *read_start = read_off; - *dump_start_flag = 1; - } else if (strstr(next_item->log_buffer, DUMP_END_MAGIC)) { - *read_end = read_off; - *dump_end_flag = 1; - } - read_off = (unsigned char *)next_item -buffer + item_len; - total_len += item_len; - if (total_len >= buffer_max_len) - break; - - next_item = msg_get_next(buffer, read_off, - LOG_ITEM_MAX_LEN, buffer_max_len); - } -} - -#ifdef CONFIG_TEE_LOG_DUMP_PATH -static int get_dumpmsg_offset(uint32_t *read_start, uint32_t *read_end) -{ - uint32_t read_off = *read_start; - uint32_t read_off_end = *read_end; - uint32_t buffer_max_len = g_log_mem_len - sizeof(*g_log_buffer); - uint32_t dump_start_flag = 0; - uint32_t dump_end_flag = 0; - - if (read_off < read_off_end) { - update_dumpmsg_offset(read_start, read_end, read_off, read_off_end, - &dump_start_flag, &dump_end_flag); - } else { - update_dumpmsg_offset(read_start, read_end, read_off, buffer_max_len, - &dump_start_flag, &dump_end_flag); - update_dumpmsg_offset(read_start, read_end, 0, read_off_end, - &dump_start_flag, &dump_end_flag); - } - - if (dump_start_flag == 0 || dump_end_flag == 0) { - tloge("can't find dump start or end\n"); - return -1; - } else { - return 0; - } -} -#endif - static int get_msg_buffer(unsigned char **buffer, uint32_t *buffer_max_len, uint32_t *read_start, uint32_t *read_end, const char *file_path, uint32_t file_path_len) @@ -967,16 +908,6 @@ static int get_msg_buffer(unsigned char **buffer, uint32_t *buffer_max_len, *read_start = 0; *read_end = *buffer_max_len; -#ifdef CONFIG_TEE_LOG_DUMP_PATH - if (strcmp(file_path, CONFIG_TEE_LOG_DUMP_PATH) == 0) { - *read_start = g_last_read_offset; - *read_end = ((struct log_buffer*)g_log->buffer_info)->flag.last_pos; - if (get_dumpmsg_offset(read_start, read_end) != 0) { - tloge("get dump offset failed\n"); - return -1; - } - } -#endif addr = kmalloc(*buffer_max_len, GFP_KERNEL); if (ZERO_OR_NULL_PTR((unsigned long)(uintptr_t)addr)) { -- Gitee From a3b9b8c27bc5901726e2755a014532ef5938114c Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Tue, 28 Jun 2022 06:37:21 +0000 Subject: [PATCH 25/33] update --- core/reserved_mempool.c | 4 ++-- core/tee_trace_event.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/core/reserved_mempool.c b/core/reserved_mempool.c index c3ddf5c..b132d58 100644 --- a/core/reserved_mempool.c +++ b/core/reserved_mempool.c @@ -365,8 +365,8 @@ static int get_virt_page_index(const void *ptr) static int buddy_merge(struct virt_page *vpage, int order, unsigned int *page_index) { int i; - unsigned int cur_idx; - unsigned int buddy_idx; + unsigned int cur_idx = 0; + unsigned int buddy_idx = 0; struct reserved_page_t *self = NULL; struct reserved_page_t *buddy = NULL; diff --git a/core/tee_trace_event.c b/core/tee_trace_event.c index 706b9dc..708a207 100644 --- a/core/tee_trace_event.c +++ b/core/tee_trace_event.c @@ -244,7 +244,7 @@ static int init_event_mem(void) g_event_mem->trace_task = ARRAY_SIZE(trace_task); for (i = 0; i < ARRAY_SIZE(trace_task); i++) if (strcpy_s(g_event_mem->trace_task_name[i], TEE_TASK_NAME_LEN, - trace_task[i] != EOK)) { + trace_task[i]) != EOK) { tloge("task name %s too long\n", trace_task[i]); ret = -EINVAL; goto clean; -- Gitee From 13c495b07060f6f3474e25c79b6e5425432f1342 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Tue, 28 Jun 2022 06:43:17 +0000 Subject: [PATCH 26/33] update makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 9fdab9f..fcd44eb 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,7 @@ KDIR := $(KPATH)/$(shell ls $(KPATH)) EXTRA_CFLAGS += -fstack-protector-strong -DCONFIG_TEELOG -DCONFIG_TZDRIVER_MODULE -DCONFIG_TEECD_AUTH -DCONFIG_PAGES_MEM=y -DCONFIG_CLOUDSERVER_TEECD_AUTH EXTRA_CFLAGS += -I$(PWD)/libboundscheck/include/ -I$(PWD) -I$(PWD)/auth -I$(PWD)/core EXTRA_CFLAGS += -I$(PWD)/tlogger -I$(PWD)/kthread_affinity -EXTRA_CFLAGS += -DCONFIG_CPU_AFF_NR=0 -DCONFIG_BIG_SESSION=1000 -DCONFIG_NOTIFY_PAGE_ORDER=4 -DCONFIG_512K_LOG_PAGES_MEM +EXTRA_CFLAGS += -DCONFIG_CPU_AFF_NR=0 -DCONFIG_BIG_SESSION=1000 -DCONFIG_NOTIFY_PAGE_ORDER=4 -DCONFIG_512K_LOG_PAGES_MEM -DCONFIG_TEE_TRACE EXTRA_CFLAGS += -DCONFIG_TEE_LOG_ACHIVE_PATH=\"/var/log/tee/last_teemsg\" EXTRA_CFLAGS += -DNOT_TRIGGER_AP_RESET -DLAST_TEE_MSG_ROOT_GID all: -- Gitee From ba4615570f06ff04efd49bfb71797a32c7742c79 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Tue, 28 Jun 2022 12:48:49 +0000 Subject: [PATCH 27/33] update makefile --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index fcd44eb..8bbe286 100644 --- a/Makefile +++ b/Makefile @@ -3,6 +3,7 @@ obj-m := tzdriver.o tzdriver-objs := core/smc_smp.o core/tc_client_driver.o core/session_manager.o core/mailbox_mempool.o core/teek_app_load.o tzdriver-objs += core/agent.o core/gp_ops.o core/mem.o core/cmdmonitor.o core/tz_spi_notify.o core/tz_pm.o core/tee_compat_check.o +tzdriver-objs += core/reserved_mempool.o core/tee_trace_event.o tzdriver-objs += auth/auth_base_impl.o tlogger/tlogger.o tlogger/log_pages_cfg.o ko_adapt.o RESULT := $(shell cat /proc/kallsyms | grep vsnprintf_s) -- Gitee From 4d32983517d491a539850c508514f23b8cdfdd09 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 06:49:23 +0000 Subject: [PATCH 28/33] update core/tee_trace_event.c. --- core/tee_trace_event.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/tee_trace_event.c b/core/tee_trace_event.c index 708a207..38d651a 100644 --- a/core/tee_trace_event.c +++ b/core/tee_trace_event.c @@ -121,7 +121,7 @@ void tee_trace_add_event(enum tee_event_id id, uint64_t add_info) event->id = id; event->ca_pid = current->pid; - event->time = arch_counter_get_cntvct(); + event->time = arch_timer_get_cntkctl(); event->add_info = (add_info == 0) ? current->pid : add_info; stream->cur++; preempt_enable(); -- Gitee From d94748bc345c7cb5bbac79a4c522ff4356410e34 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 07:09:15 +0000 Subject: [PATCH 29/33] update auth/client_hash_auth.c. --- auth/client_hash_auth.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth/client_hash_auth.c b/auth/client_hash_auth.c index 85f521b..85ed1b6 100644 --- a/auth/client_hash_auth.c +++ b/auth/client_hash_auth.c @@ -106,8 +106,8 @@ static int update_so_hash(struct mm_struct *mm, break; } - ptr_base = kmap_atomic(ptr_base); - if (!ptr_page) { + ptr_base = kmap_atomic(ptr_page); + if (!ptr_base) { rc = -EFAULT; put_page(ptr_page); break; -- Gitee From d5b44d97ca26bf431e5fec8fda9de49e49469f3c Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 07:27:33 +0000 Subject: [PATCH 30/33] update core/gp_ops.c. --- core/gp_ops.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/core/gp_ops.c b/core/gp_ops.c index 858a413..8190f65 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -556,7 +556,7 @@ static int fill_shared_mem_info(void *start_vaddr, uint32_t pages_no, return -EFAULT; down_read(&mm_sem_lock(current->mm)); - page_num = get_user_pages(start_vaddr, pages_no, 0, pages, NULL); + page_num = get_user_pages((uintptr_t)start_vaddr, pages_no, FOLL_WRITE, pages, NULL); up_read(&mm_sem_lock(current->mm)); if (page_num != pages_no) { tloge("get page phy addr failed\n"); @@ -591,9 +591,9 @@ static int check_buffer_for_sharedmem(uint32_t* buffer_size, const union tc_ns_client_param *client_param, uint8_t kernel_params) { if (read_from_client(buffer_size, sizeof(*buffer_size), - (uint32_t __user *)(uintptr_t)client_param->sharedmem.size_addr, + (uint32_t __user *)(uintptr_t)client_param->memref.size_addr, sizeof(uint32_t), kernel_params)) { - tloge("copy sharedmem.size_addr failed\n"); + tloge("copy size_addr failed\n"); return -EFAULT; } @@ -601,6 +601,12 @@ static int check_buffer_for_sharedmem(uint32_t* buffer_size, tloge("invalid buffer size\n"); return -ENOMEM; } + + if ((client_param->memref.offset >= SZ_256M) || + (UINT64_MAX - client_param->memref.buffer <= client_param->memref.offset)) { + tloge("invalid buff or offset\n"); + return -EFAULT; + } return 0; } -- Gitee From 92cda4fa67bd59345e7b0e5f814258b72d386b8f Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 07:32:38 +0000 Subject: [PATCH 31/33] update core/gp_ops.c. --- core/gp_ops.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/core/gp_ops.c b/core/gp_ops.c index 8190f65..80cd767 100644 --- a/core/gp_ops.c +++ b/core/gp_ops.c @@ -630,7 +630,7 @@ static int transfer_shared_mem(const struct tc_call_params *call_params, if (check_buffer_for_sharedmem(&buffer_size, client_param, kernel_params)) return -EINVAL; - buff = (void *)(uint64_t)client_param->sharedmem.buffer; + buff = (void *)(uint64_t)(client_param->memref.buffer + client_param->memref.offset); start_vaddr = (void *)(((uint64_t)buff) & PAGE_MASK); offset = ((uint32_t)(uintptr_t)buff) & (~PAGE_MASK); pages_no = PAGE_ALIGN(offset + buffer_size) / PAGE_SIZE; @@ -648,9 +648,9 @@ static int transfer_shared_mem(const struct tc_call_params *call_params, op_params->local_tmpbuf[index].temp_buffer = buff; op_params->local_tmpbuf[index].size = buff_len; - op_params->mb_pack->operation.params[index].sharedmem.buffer = virt_to_phys(buff); + op_params->mb_pack->operation.params[index].memref.buffer = virt_to_phys(buff); op_params->mb_pack->operation.buffer_h_addr[index] = (uint64_t)virt_to_phys(buff) >> ADDR_TRANS_NUM; - op_params->mb_pack->operation.params[index].sharedmem.size = buff_len; + op_params->mb_pack->operation.params[index].memref.size = buff_len; op_params->trans_paramtype[index] = param_type; return 0; } @@ -948,9 +948,10 @@ static void release_page(void *buf) page_info = buf; phys_addr = (uint64_t *)buf + (sizeof(*page_info) / sizeof(uint64_t)); for (i = 0; i < page_info->page_num; i++) { - page = (uintptr_t)phys_to_page(phys_addr[i]); + page = (struct page *)(uintptr_t)phys_to_page(phys_addr[i]); if (page == NULL) continue; + set_bit(PG_dirty, &page->flags); put_page(page); } } -- Gitee From 442a6acc21dd9438b6b5139f3ff89f505a0b2a26 Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 07:40:27 +0000 Subject: [PATCH 32/33] update tlogger/tlogger.h. --- tlogger/tlogger.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tlogger/tlogger.h b/tlogger/tlogger.h index 53b6b19..cd96048 100644 --- a/tlogger/tlogger.h +++ b/tlogger/tlogger.h @@ -20,6 +20,8 @@ #include +#define UINT64_MAX (uint64_t)(~((uint64_t)0)) + #ifdef CONFIG_TEELOG void tz_log_write(void); int tlogger_store_msg(const char *file_path, uint32_t file_path_len); -- Gitee From f15aa5c8c50ee8281d4845780100e4dbe0e82aad Mon Sep 17 00:00:00 2001 From: lijiawei3539 Date: Wed, 29 Jun 2022 07:57:58 +0000 Subject: [PATCH 33/33] update tlogger/tlogger.c. --- tlogger/tlogger.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tlogger/tlogger.c b/tlogger/tlogger.c index c85dd81..3853c81 100644 --- a/tlogger/tlogger.c +++ b/tlogger/tlogger.c @@ -1070,7 +1070,7 @@ static int check_log_mem(uint64_t mem_addr, uint32_t mem_len) return 0; } -static int register_tloger(void) +static __init int register_tloger(void) { int ret; uint64_t mem_addr = 0; @@ -1129,7 +1129,7 @@ static void unregister_tlogger(void) } #ifdef CONFIG_TZDRIVER_MODULE -int init_tlogger_service(void) +__init int init_tlogger_service(void) { return register_tloger(); } -- Gitee