From nobody Thu Oct 2 23:47:50 2025 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9DFDE13777E for ; Wed, 10 Sep 2025 00:11:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1757463088; cv=none; b=N7jYH4r0FiDOMMNxIRhx8rUUx8taGsJaY7yBrY0u2wQSBHb5sUES5hWdtGl7HwHxqxxHKNJeV2LLqlP3VFrRZL3dYD/1HdS2SUgZDdLOXSOaVsCxicz4NA5lfAan8doHie80+z8TWYY6fa08O3OBwGzxqorpHfhsuu7I81BukLA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1757463088; c=relaxed/simple; bh=8TSbhEgUPN9kdxwy9KCMFyUVP58G/S0fhvuvLlT55sU=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=RWhKUgf8QZJk1lzGpliYr5lR03Y2ABNJNdsu1tCLUP0BCLGIbuEFOfcsxQarAW94wPhj+GUlfl9mxyi0HCeS6fBPJnOIsdqytPhchXoMhNeI7oum+ZQT9TZcZjZy8bPxua68HnbJeaRZ5EKtNHvMnUk55AS3qzWuLZAYU0TXvsA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=dyBBvqZO; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="dyBBvqZO" Received: from pps.filterd (m0279865.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 589HVptY032157 for ; Wed, 10 Sep 2025 00:11:24 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= kjXvseb+vxS0ErbDImEwiyaXgCwIyoxRM6Sfo6q8WkU=; b=dyBBvqZOdh5SxqjV jdbIKh8nc2E3KsLOv182eqV1uZYQ4phHBm2lD8iW85CbQyvPUzFYvLlHuLETaje6 PnzTR2Lu3m8eCMD3vLttCaZYTtxAg3BonTZzDCs9I4e0YOx76HHFzboUDI2wdeDW rwUfaxDa74+S+6UoXdfeQnCtfYk5q7ffsuhT0Uv/AaDtXiH4s02nONnSxgz3zco8 DnTyF2J3lwMxfVD4XJluEwvmnmiD0bfZddLQmWn3a8CajVqGaW+M/35HuB85QPef 4xKIgH6W2Ibt6rhgPo7CcoWjaRHlcN9IvHc4iMtCiVn0BB4X9wW2mY8TbKg0xLOW qvsNfg== Received: from mail-pg1-f198.google.com (mail-pg1-f198.google.com [209.85.215.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 490bwsa5f4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Wed, 10 Sep 2025 00:11:24 +0000 (GMT) Received: by mail-pg1-f198.google.com with SMTP id 41be03b00d2f7-b4e63a34f3fso4642196a12.1 for ; Tue, 09 Sep 2025 17:11:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1757463083; x=1758067883; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kjXvseb+vxS0ErbDImEwiyaXgCwIyoxRM6Sfo6q8WkU=; b=fYnA+zuhvC6x+wouDR5NNa5IhmW17HPpuVKkGI3cB+ydV8hUYgMeEUTPY4M4lrQYiJ 2N6pKxdI/Feq5tg8TmB0GgKlC64GI1L4Eidh8KrOzwty+MrF/1tdYZSugi8pCU9JKJbO MgLvXww1F8lT5EyJpDtiJ80scsMq115UWNY84QL4YwxDDzQyVbzEFkFfN28Jr2s7H9To E4rdRKWvF6W7kN3p9RZNVk5L1Fb8J42mIha2gsR6/c7EEhRiaDYkiPf20UKevgPF36E1 rlzBr6zBDNC4/cxvVld9digs6+26WOmABt1dh8ajZaMyUiyymMKpeA1+46k+SoW1cyOG 6aIQ== X-Forwarded-Encrypted: i=1; AJvYcCUMrU1OoZpD8QdcEhTqgAyUPChOJ7M1eVsYDQaLBGUQV6ZaMdhUR0dD20+2+OTm5NXCmKgLA9wrC/lixUQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yyk+dvhINdxjKCUChr/OKk67eezyQAeW109od7uN/IEdlk/G92I 1eChPXPo6+/2t+RtiJBbfkMRlr6xysznMBu1PSCl7aeeeG6aNI3KZqZjzqze7/bzrdb0oD0dsZD Y8JzuxthWwt4xJNi9BbzHo0AH8DF/tusvOm1u3rRyrpQ1JOiByBfnhmJetgixDs4Jl7onYT9LA7 Wb X-Gm-Gg: ASbGncupDjlgc7fEUAXQOOl4XdVDFfon5LvnOWbtj3oVTjkIM4REJczml6lfFiQ1iA1 RmeVpGX5fdg56QsgsAhY/mQ+kfurj9PpoolIZDDZwyoUB5293LS6HyruOP6KtjrPWdiq2TVFRxr ZnHGRljwvWCZYLZXKXRWmm/WX2WWYtV11ETF4/59QAKF3+lZ3PpnpLyWUycL78qxrd26XR5JrPK 0YJuPUgq0D91fOJInNJMMXM7lS6PP2z8ZkXgVdP+agooDyOGYNQf0JJD0NArztvVmxaR3/dWH+S L9cCeJNH1sqePIcFSlVvOtQvk/u3ePkdjx/5JmFik3NTDd968ntUV4uctIKSePlyRGmyntKJTJC 8wuTdJGz8pu8w+WdjQSKj0xU= X-Received: by 2002:a05:6a20:4320:b0:24c:cb06:f0db with SMTP id adf61e73a8af0-253430ae888mr19487908637.35.1757463083403; Tue, 09 Sep 2025 17:11:23 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH6YXV/yo/etuXH1mofBir8R0+46jHu2hZYYNv2+fbMH7+eQOvuVrW4JcNtH6BTxe1fJ2MX+Q== X-Received: by 2002:a05:6a20:4320:b0:24c:cb06:f0db with SMTP id adf61e73a8af0-253430ae888mr19487873637.35.1757463082883; Tue, 09 Sep 2025 17:11:22 -0700 (PDT) Received: from hu-azarrabi-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-32dab6bb655sm1285672a91.10.2025.09.09.17.11.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Sep 2025 17:11:22 -0700 (PDT) From: Amirreza Zarrabi Date: Tue, 09 Sep 2025 17:11:06 -0700 Subject: [PATCH v10 04/11] tee: add close_context to TEE driver operation Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250909-qcom-tee-using-tee-ss-without-mem-obj-v10-4-20b17855ef31@oss.qualcomm.com> References: <20250909-qcom-tee-using-tee-ss-without-mem-obj-v10-0-20b17855ef31@oss.qualcomm.com> In-Reply-To: <20250909-qcom-tee-using-tee-ss-without-mem-obj-v10-0-20b17855ef31@oss.qualcomm.com> To: Jens Wiklander , Sumit Garg , Bjorn Andersson , Konrad Dybcio , Bartosz Golaszewski , Apurupa Pattapu , Kees Cook , "Gustavo A. R. Silva" , Sumit Semwal , =?utf-8?q?Christian_K=C3=B6nig?= Cc: Harshal Dev , linux-arm-msm@vger.kernel.org, op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, linux-doc@vger.kernel.org, Amirreza Zarrabi , Sumit Garg , Neil Armstrong X-Mailer: b4 0.13.0 X-Proofpoint-ORIG-GUID: RvXSTx0TcId_MZXxYX6XRKXMxX-aZFCx X-Proofpoint-GUID: RvXSTx0TcId_MZXxYX6XRKXMxX-aZFCx X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwOTA2MDAxOCBTYWx0ZWRfX9WRYiZ10DMdt v9OebpMJdfVqIbIRfHJSI7buWDfMlgqcudSF9i1Y4bSpts4MXIxXIgCl1TFpeMl53QN98D3AcWr xxu54nUdHwKCdZv1jbF20oRkLkkrW2pdp/Li3ar/EHW+N2bZFwTq2B03W2v5K9mO+zqfjIsYMp1 uS3WPKbVM3KbAQ+XU6zcpkuujZYVwgKCDXEjTxuXC1UvE+4CBmFdzYNy7kTfT5H1C8ZdbSSriqx zAKHWHvPEevQj/zWbWaqBkcNZt31FEXJ4eV8Da3COLignf+pDBbvR2vRUexdNfQdVHQQGZI/edb ZIsPlxxveh8cokL9B0LxqqpDqx9vLnAJMw8UUZV4DYYiA2JhwpI9MTp/qinXeVh9ZxtFlF7vpsQ QK7q3SVn X-Authority-Analysis: v=2.4 cv=G4kcE8k5 c=1 sm=1 tr=0 ts=68c0c22c cx=c_pps a=Qgeoaf8Lrialg5Z894R3/Q==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=yJojWOMRYYMA:10 a=EUspDBNiAAAA:8 a=KKAkSRfTAAAA:8 a=COk6AnOGAAAA:8 a=0l_YNDiMcOfTHwIteTYA:9 a=QEXdDO2ut3YA:10 a=x9snwWr2DeNwDh03kgHS:22 a=cvBusfyB2V15izCimMoJ:22 a=TjNXssC_j7lpFel5tvFf:22 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1117,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-09-09_03,2025-09-08_02,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 phishscore=0 bulkscore=0 suspectscore=0 clxscore=1015 malwarescore=0 adultscore=0 impostorscore=0 spamscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2507300000 definitions=main-2509060018 The tee_context can be used to manage TEE user resources, including those allocated by the driver for the TEE on behalf of the user. The release() callback is invoked only when all resources, such as tee_shm, are released and there are no references to the tee_context. When a user closes the device file, the driver should notify the TEE to release any resources it may hold and drop the context references. To achieve this, a close_context() callback is introduced to initiate resource release in the TEE driver when the device file is closed. Relocate teedev_ctx_get, teedev_ctx_put, tee_device_get, and tee_device_get functions to tee_core.h to make them accessible outside the TEE subsystem. Reviewed-by: Sumit Garg Tested-by: Neil Armstrong Tested-by: Harshal Dev Signed-off-by: Amirreza Zarrabi --- drivers/tee/tee_core.c | 7 +++++++ drivers/tee/tee_private.h | 6 ------ include/linux/tee_core.h | 50 +++++++++++++++++++++++++++++++++++++++++++= ++-- 3 files changed, 55 insertions(+), 8 deletions(-) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 33091aa21be0..0b4c65dc14cc 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -79,6 +79,7 @@ void teedev_ctx_get(struct tee_context *ctx) =20 kref_get(&ctx->refcount); } +EXPORT_SYMBOL_GPL(teedev_ctx_get); =20 static void teedev_ctx_release(struct kref *ref) { @@ -96,11 +97,15 @@ void teedev_ctx_put(struct tee_context *ctx) =20 kref_put(&ctx->refcount, teedev_ctx_release); } +EXPORT_SYMBOL_GPL(teedev_ctx_put); =20 void teedev_close_context(struct tee_context *ctx) { struct tee_device *teedev =3D ctx->teedev; =20 + if (teedev->desc->ops->close_context) + teedev->desc->ops->close_context(ctx); + teedev_ctx_put(ctx); tee_device_put(teedev); } @@ -1001,6 +1006,7 @@ void tee_device_put(struct tee_device *teedev) } mutex_unlock(&teedev->mutex); } +EXPORT_SYMBOL_GPL(tee_device_put); =20 bool tee_device_get(struct tee_device *teedev) { @@ -1013,6 +1019,7 @@ bool tee_device_get(struct tee_device *teedev) mutex_unlock(&teedev->mutex); return true; } +EXPORT_SYMBOL_GPL(tee_device_get); =20 /** * tee_device_unregister() - Removes a TEE device diff --git a/drivers/tee/tee_private.h b/drivers/tee/tee_private.h index 9bc50605227c..d3f40a03de36 100644 --- a/drivers/tee/tee_private.h +++ b/drivers/tee/tee_private.h @@ -14,12 +14,6 @@ =20 int tee_shm_get_fd(struct tee_shm *shm); =20 -bool tee_device_get(struct tee_device *teedev); -void tee_device_put(struct tee_device *teedev); - -void teedev_ctx_get(struct tee_context *ctx); -void teedev_ctx_put(struct tee_context *ctx); - struct tee_shm *tee_shm_alloc_user_buf(struct tee_context *ctx, size_t siz= e); struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, unsigned long addr, size_t length); diff --git a/include/linux/tee_core.h b/include/linux/tee_core.h index a38494d6b5f4..284ca6b3e03a 100644 --- a/include/linux/tee_core.h +++ b/include/linux/tee_core.h @@ -65,8 +65,9 @@ struct tee_device { /** * struct tee_driver_ops - driver operations vtable * @get_version: returns version of driver - * @open: called when the device file is opened - * @release: release this open file + * @open: called for a context when the device file is opened + * @close_context: called when the device file is closed + * @release: called to release the context * @open_session: open a new session * @close_session: close a session * @system_session: declare session as a system session @@ -76,11 +77,17 @@ struct tee_device { * @supp_send: called for supplicant to send a response * @shm_register: register shared memory buffer in TEE * @shm_unregister: unregister shared memory buffer in TEE + * + * The context given to @open might last longer than the device file if it= is + * tied to other resources in the TEE driver. @close_context is called whe= n the + * client closes the device file, even if there are existing references to= the + * context. The TEE driver can use @close_context to start cleaning up. */ struct tee_driver_ops { void (*get_version)(struct tee_device *teedev, struct tee_ioctl_version_data *vers); int (*open)(struct tee_context *ctx); + void (*close_context)(struct tee_context *ctx); void (*release)(struct tee_context *ctx); int (*open_session)(struct tee_context *ctx, struct tee_ioctl_open_session_arg *arg, @@ -154,6 +161,24 @@ int tee_device_register(struct tee_device *teedev); */ void tee_device_unregister(struct tee_device *teedev); =20 +/** + * tee_device_get() - Increment the user count for a tee_device + * @teedev: Pointer to the tee_device + * + * If tee_device_unregister() has been called and the final user of @teedev + * has already released the device, this function will fail to prevent new= users + * from accessing the device during the unregistration process. + * + * Returns: true if @teedev remains valid, otherwise false + */ +bool tee_device_get(struct tee_device *teedev); + +/** + * tee_device_put() - Decrease the user count for a tee_device + * @teedev: pointer to the tee_device + */ +void tee_device_put(struct tee_device *teedev); + /** * tee_device_set_dev_groups() - Set device attribute groups * @teedev: Device to register @@ -315,4 +340,25 @@ struct tee_context *teedev_open(struct tee_device *tee= dev); */ void teedev_close_context(struct tee_context *ctx); =20 +/** + * teedev_ctx_get() - Increment the reference count of a context + * @ctx: Pointer to the context + * + * This function increases the refcount of the context, which is tied to + * resources shared by the same tee_device. During the unregistration proc= ess, + * the context may remain valid even after tee_device_unregister() has ret= urned. + * + * Users should ensure that the context's refcount is properly decreased b= efore + * calling tee_device_put(), typically within the context's release() func= tion. + * Alternatively, users can call tee_device_get() and teedev_ctx_get() tog= ether + * and release them simultaneously (see shm_alloc_helper()). + */ +void teedev_ctx_get(struct tee_context *ctx); + +/** + * teedev_ctx_put() - Decrease reference count on a context + * @ctx: pointer to the context + */ +void teedev_ctx_put(struct tee_context *ctx); + #endif /*__TEE_CORE_H*/ --=20 2.34.1