Message ID | 20240223163901.13504-2-W_Armin@gmx.de (mailing list archive) |
---|---|
State | Changes Requested, archived |
Headers | show |
Series | [v2,1/3] platform/x86/amd/pmf: Add missing __iomem attribute to policy_base | expand |
On Fri, 23 Feb 2024, Armin Wolf wrote: > The policy buffer is allocated using normal memory allocation > functions, so readl() should not be used on it. > > Use get_unaligned_le32() instead. > > Compile-tested only. > > Signed-off-by: Armin Wolf <W_Armin@gmx.de> > --- > drivers/platform/x86/amd/pmf/tee-if.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c > index 16973bebf55f..3220b6580270 100644 > --- a/drivers/platform/x86/amd/pmf/tee-if.c > +++ b/drivers/platform/x86/amd/pmf/tee-if.c > @@ -11,6 +11,7 @@ > #include <linux/debugfs.h> > #include <linux/tee_drv.h> > #include <linux/uuid.h> > +#include <asm/unaligned.h> > #include "pmf.h" > > #define MAX_TEE_PARAM 4 > @@ -249,8 +250,8 @@ static int amd_pmf_start_policy_engine(struct amd_pmf_dev *dev) > u32 cookie, length; > int res; > > - cookie = readl(dev->policy_buf + POLICY_COOKIE_OFFSET); > - length = readl(dev->policy_buf + POLICY_COOKIE_LEN); > + cookie = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_OFFSET); > + length = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_LEN); I don't understand you need _unaligned_ here, the offsets should be dword aligned, no? #define POLICY_COOKIE_OFFSET 0x10 #define POLICY_COOKIE_LEN 0x14
Am 27.02.24 um 13:59 schrieb Ilpo Järvinen: > On Fri, 23 Feb 2024, Armin Wolf wrote: > >> The policy buffer is allocated using normal memory allocation >> functions, so readl() should not be used on it. >> >> Use get_unaligned_le32() instead. >> >> Compile-tested only. >> >> Signed-off-by: Armin Wolf <W_Armin@gmx.de> >> --- >> drivers/platform/x86/amd/pmf/tee-if.c | 5 +++-- >> 1 file changed, 3 insertions(+), 2 deletions(-) >> >> diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c >> index 16973bebf55f..3220b6580270 100644 >> --- a/drivers/platform/x86/amd/pmf/tee-if.c >> +++ b/drivers/platform/x86/amd/pmf/tee-if.c >> @@ -11,6 +11,7 @@ >> #include <linux/debugfs.h> >> #include <linux/tee_drv.h> >> #include <linux/uuid.h> >> +#include <asm/unaligned.h> >> #include "pmf.h" >> >> #define MAX_TEE_PARAM 4 >> @@ -249,8 +250,8 @@ static int amd_pmf_start_policy_engine(struct amd_pmf_dev *dev) >> u32 cookie, length; >> int res; >> >> - cookie = readl(dev->policy_buf + POLICY_COOKIE_OFFSET); >> - length = readl(dev->policy_buf + POLICY_COOKIE_LEN); >> + cookie = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_OFFSET); >> + length = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_LEN); > I don't understand you need _unaligned_ here, the offsets should be dword > aligned, no? > > #define POLICY_COOKIE_OFFSET 0x10 > #define POLICY_COOKIE_LEN 0x14 > Hi, you are right about this. However i just noticed that the driver does not validate that the policy buffer is big enough before accessing the data. I will prepare a separate patch series to address this. Thanks, Armin Wolf
diff --git a/drivers/platform/x86/amd/pmf/tee-if.c b/drivers/platform/x86/amd/pmf/tee-if.c index 16973bebf55f..3220b6580270 100644 --- a/drivers/platform/x86/amd/pmf/tee-if.c +++ b/drivers/platform/x86/amd/pmf/tee-if.c @@ -11,6 +11,7 @@ #include <linux/debugfs.h> #include <linux/tee_drv.h> #include <linux/uuid.h> +#include <asm/unaligned.h> #include "pmf.h" #define MAX_TEE_PARAM 4 @@ -249,8 +250,8 @@ static int amd_pmf_start_policy_engine(struct amd_pmf_dev *dev) u32 cookie, length; int res; - cookie = readl(dev->policy_buf + POLICY_COOKIE_OFFSET); - length = readl(dev->policy_buf + POLICY_COOKIE_LEN); + cookie = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_OFFSET); + length = get_unaligned_le32(dev->policy_buf + POLICY_COOKIE_LEN); if (cookie != POLICY_SIGN_COOKIE || !length) return -EINVAL;
The policy buffer is allocated using normal memory allocation functions, so readl() should not be used on it. Use get_unaligned_le32() instead. Compile-tested only. Signed-off-by: Armin Wolf <W_Armin@gmx.de> --- drivers/platform/x86/amd/pmf/tee-if.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- 2.39.2