From nobody Thu Oct 2 20:42:13 2025 Received: from mx0b-0031df01.pphosted.com (mx0b-0031df01.pphosted.com [205.220.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD487274B42 for ; Fri, 12 Sep 2025 04:07:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.180.131 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1757650077; cv=none; b=E2EKoDSvPviO5waoQC8OtLQWwd1Un6qXWsNvxiNCPt73BBXXAYwOtzhomYjKfbwxK1uxG/xzDQOH8fMSU+OAxxNH3fXQ9xlJJdpDXk9OUqvv4HDxP7Qr68COFJymWyrbZJNA7+SFVIQFTFVKZuHFh01XVkIYL3qTVmT0izmFJhg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1757650077; c=relaxed/simple; bh=/X/slCEZNUYsN1/1Kb6qKCBb1SuAXT+Ssp2opHduLeg=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=P/RSZW7l9oreJbq12SGPeeUOHT5DBT4a77PcSZ28Xb90i9F/RqZl20BHKAr199iMJ8Kso7Csk1DVizB4rIcWQWFz3hPRdysOD5/lc67JZQFKyw1Kt8GbLb05WwD1F0EO4x31f+qSMVMxonJERYcb3As0oYXnUPVFaPe83iLqHhE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=FYuVIyN9; arc=none smtp.client-ip=205.220.180.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="FYuVIyN9" Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 58BN7dgV001974 for ; Fri, 12 Sep 2025 04:07:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= lfnro9xo+EarbMqRFrPWzRQwLLoVHW/MmAqB1i9xt2Q=; b=FYuVIyN9LxO0HPVr FF/PVjLSBPx/xLkNVpjnuaPe07t9YWPJlgurg3dhB/PWDSvUeHrRQ08tGgvFheEc 2Mw8M59tmY5Wrt22BQz145yyzvonXtZ9IThrV1Wp84MyPx+Hhks35GUj18p5hKE6 ESDW3XASUzOw+c3R+YISHxne4afM/O/BFZxh5lPfroGBysqkBDWH0bxObBcqxjXb TCPH+M0OCblPNgRL0cQjdPfghhZLbHGGRQIyQ8rWTU0DSx+jTYbSlPivL3YAcFP9 r5vbTqRkOFahLlU9Aas53rdCq3U/b/49nBJ2yspMqsSEwtYbVfbHnxP/jkwI0WJX vZzmOw== Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 493ydv2ayn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Fri, 12 Sep 2025 04:07:54 +0000 (GMT) Received: by mail-pl1-f199.google.com with SMTP id d9443c01a7336-25c1dba8d26so20500755ad.1 for ; Thu, 11 Sep 2025 21:07:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1757650073; x=1758254873; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lfnro9xo+EarbMqRFrPWzRQwLLoVHW/MmAqB1i9xt2Q=; b=IPzVj2+7q88NesUD5V8kIR4wAeubRTPys/Te094XVv1ZjrmglGCbvl5VzJHLNkMi2H OXh8WjAd4IeD63GCAJsJZFB7L+DfQV2SN2/xAkSSljui9VNG8yED5NYtpjIN6EPWtJFQ 7CdWJED24mgnr5Efo1VzVB0sNZDIq9SU8Q2HMc4BlNhAcb1LA+lfL+fdj7wR4JZWJ8Dy EJsFBFWbAgzBtFn5vuKK8ZoTCvviI27tullZV+372JjuLN0Z9vVz+NquqcXtj+t6Pnrj CNuRAYhrMfzwOpNLu2GvD3zPKEEAl86b0uhVkVG6M0Yqdw3Syw2dvxdjnhGAwBb9SUyu EE4A== X-Forwarded-Encrypted: i=1; AJvYcCUymtBisYttR4eD7N5ThlILaDJQZZ+u2Hq2v/y8UcPokslFjc63hHHlivprO2UGcnv1rwrCeGB9wrgQPoM=@vger.kernel.org X-Gm-Message-State: AOJu0YwY2FGVEbLP4iomjsfPaVKPFmiGg4BnltReAIMlcfyzGDWExay9 909ZB+bQoq8Wvzgf9M3YnrxDilKxxBXyTv1naDc+JgXqKuPpL32pEICxKcxP12zKnc7yDF9HbNM ekptim2naf2eo/iad0/bHQivWPFBLEHFZawuLo2T7vWyQtf0gKNkBw98/nc2GD5JPKA== X-Gm-Gg: ASbGnctZvTIm20Y68nFeHGRC3M7XUpUUy6W0/g7Ctw9rCDZPR7bl3y38iDwIsD5p8M8 z17pE+1UHqH6Sr9l0PvcDMPUCumCuqjAl9j2o/HweGrWSG/Wzar9LeYlzw10g0kdmqQUGl61SnD q5X/pBVBAsb5eGmlvjdKsJGHlqyxxQd43QG+JTYLBgmKeUAdEBfI0XptWNA/QcJfDjavVzXuoR9 uYXL6OO+4QIS6P4Rje/JjZ9cBEP8/5XvLXL1//8DsihQpfcgqmM+2Pl+6ghwSdrKE7SQbjzY3Rd WgJeQSgqls/0IsMG2MX00KoYyIq1aKQULYs0yoOJaVF5y8pVnLOVXK4uMpxqVTZW2DkiXqjs5BG XugiS8URD94FZyo3iBMbO9Zo= X-Received: by 2002:a17:902:c40e:b0:24c:6125:390a with SMTP id d9443c01a7336-25d24cabfd1mr17981755ad.10.1757650073165; Thu, 11 Sep 2025 21:07:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFl/+2oD/khgoZCP95v8DA4L2JWQuWzLUvjXrGV4KLAA76uANju1HQAGD2sJ7tUbjdjPVS3fA== X-Received: by 2002:a17:902:c40e:b0:24c:6125:390a with SMTP id d9443c01a7336-25d24cabfd1mr17981335ad.10.1757650072600; Thu, 11 Sep 2025 21:07:52 -0700 (PDT) Received: from hu-azarrabi-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b54ad5e168fsm690960a12.13.2025.09.11.21.07.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Sep 2025 21:07:51 -0700 (PDT) From: Amirreza Zarrabi Date: Thu, 11 Sep 2025 21:07:43 -0700 Subject: [PATCH v12 04/11] tee: add close_context to TEE driver operation Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20250911-qcom-tee-using-tee-ss-without-mem-obj-v12-4-17f07a942b8d@oss.qualcomm.com> References: <20250911-qcom-tee-using-tee-ss-without-mem-obj-v12-0-17f07a942b8d@oss.qualcomm.com> In-Reply-To: <20250911-qcom-tee-using-tee-ss-without-mem-obj-v12-0-17f07a942b8d@oss.qualcomm.com> To: Jens Wiklander , Sumit Garg , Bjorn Andersson , Konrad Dybcio , Bartosz Golaszewski , Apurupa Pattapu , Kees Cook , "Gustavo A. R. Silva" , Sumit Semwal , =?utf-8?q?Christian_K=C3=B6nig?= Cc: Harshal Dev , linux-arm-msm@vger.kernel.org, op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, linux-doc@vger.kernel.org, Amirreza Zarrabi , Sumit Garg , Neil Armstrong X-Mailer: b4 0.13.0 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwOTExMDEyMCBTYWx0ZWRfX0AO7h+/qiD+W J/ua5qLTHMapxWdlbR0FQQKjgP/aCAMDxlYdraCNANxsaezP+DhiuE/j5uqeoP0tOY/tGCf8Xkp Jg9wXl+b/p/kCoq0/QwNTvU8Vjkk196gi8/mb6pjeoPQpRKPYrOdNqhW6lzsiHqK7uEfLFeytYt fc9XIGD/Ec4x8KMesS5sk0IXJsvvY00rZGzix2gOhnTtlUBN91KbS6CmyvInEEeBsHupXGah3Su vAB8t+LQKR5vMOYd/4GKSosjgecNhnlmDrrBjaMCo1+YhMxaNqsEmm+5ej1OFLCiGZE9ZY7CkDl IHJmM8lLgX0Cdw8xSU39npBaUo7R516lkDt6H8AEcnKTFcrjxZSp6pFV/odd+oAjyhWzYbEv3Ul vScedaNR X-Proofpoint-GUID: B4aVJX6FDwlQ8vJ8xW2CdSSXq5_AHxVR X-Proofpoint-ORIG-GUID: B4aVJX6FDwlQ8vJ8xW2CdSSXq5_AHxVR X-Authority-Analysis: v=2.4 cv=LoaSymdc c=1 sm=1 tr=0 ts=68c39c9a cx=c_pps a=JL+w9abYAAE89/QcEU+0QA==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=yJojWOMRYYMA:10 a=EUspDBNiAAAA:8 a=KKAkSRfTAAAA:8 a=COk6AnOGAAAA:8 a=0l_YNDiMcOfTHwIteTYA:9 a=QEXdDO2ut3YA:10 a=324X-CrmTo6CU4MGRt3R:22 a=cvBusfyB2V15izCimMoJ:22 a=TjNXssC_j7lpFel5tvFf:22 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1117,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-09-12_01,2025-09-11_02,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 spamscore=0 impostorscore=0 suspectscore=0 clxscore=1015 malwarescore=0 phishscore=0 priorityscore=1501 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2507300000 definitions=main-2509110120 The tee_context can be used to manage TEE user resources, including those allocated by the driver for the TEE on behalf of the user. The release() callback is invoked only when all resources, such as tee_shm, are released and there are no references to the tee_context. When a user closes the device file, the driver should notify the TEE to release any resources it may hold and drop the context references. To achieve this, a close_context() callback is introduced to initiate resource release in the TEE driver when the device file is closed. Relocate teedev_ctx_get, teedev_ctx_put, tee_device_get, and tee_device_get functions to tee_core.h to make them accessible outside the TEE subsystem. Reviewed-by: Sumit Garg Tested-by: Neil Armstrong Tested-by: Harshal Dev Signed-off-by: Amirreza Zarrabi --- drivers/tee/tee_core.c | 7 +++++++ drivers/tee/tee_private.h | 6 ------ include/linux/tee_core.h | 50 +++++++++++++++++++++++++++++++++++++++++++= ++-- 3 files changed, 55 insertions(+), 8 deletions(-) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 9fa042d80622..f8534a00c56c 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -79,6 +79,7 @@ void teedev_ctx_get(struct tee_context *ctx) =20 kref_get(&ctx->refcount); } +EXPORT_SYMBOL_GPL(teedev_ctx_get); =20 static void teedev_ctx_release(struct kref *ref) { @@ -96,11 +97,15 @@ void teedev_ctx_put(struct tee_context *ctx) =20 kref_put(&ctx->refcount, teedev_ctx_release); } +EXPORT_SYMBOL_GPL(teedev_ctx_put); =20 void teedev_close_context(struct tee_context *ctx) { struct tee_device *teedev =3D ctx->teedev; =20 + if (teedev->desc->ops->close_context) + teedev->desc->ops->close_context(ctx); + teedev_ctx_put(ctx); tee_device_put(teedev); } @@ -1075,6 +1080,7 @@ void tee_device_put(struct tee_device *teedev) } mutex_unlock(&teedev->mutex); } +EXPORT_SYMBOL_GPL(tee_device_put); =20 bool tee_device_get(struct tee_device *teedev) { @@ -1087,6 +1093,7 @@ bool tee_device_get(struct tee_device *teedev) mutex_unlock(&teedev->mutex); return true; } +EXPORT_SYMBOL_GPL(tee_device_get); =20 /** * tee_device_unregister() - Removes a TEE device diff --git a/drivers/tee/tee_private.h b/drivers/tee/tee_private.h index a9b5e4a6a8f7..6bde688bfcb1 100644 --- a/drivers/tee/tee_private.h +++ b/drivers/tee/tee_private.h @@ -23,12 +23,6 @@ struct tee_shm_dmabuf_ref { =20 int tee_shm_get_fd(struct tee_shm *shm); =20 -bool tee_device_get(struct tee_device *teedev); -void tee_device_put(struct tee_device *teedev); - -void teedev_ctx_get(struct tee_context *ctx); -void teedev_ctx_put(struct tee_context *ctx); - struct tee_shm *tee_shm_alloc_user_buf(struct tee_context *ctx, size_t siz= e); struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, unsigned long addr, size_t length); diff --git a/include/linux/tee_core.h b/include/linux/tee_core.h index 7b0c1da2ca6c..456a940d4710 100644 --- a/include/linux/tee_core.h +++ b/include/linux/tee_core.h @@ -76,8 +76,9 @@ struct tee_device { /** * struct tee_driver_ops - driver operations vtable * @get_version: returns version of driver - * @open: called when the device file is opened - * @release: release this open file + * @open: called for a context when the device file is opened + * @close_context: called when the device file is closed + * @release: called to release the context * @open_session: open a new session * @close_session: close a session * @system_session: declare session as a system session @@ -87,11 +88,17 @@ struct tee_device { * @supp_send: called for supplicant to send a response * @shm_register: register shared memory buffer in TEE * @shm_unregister: unregister shared memory buffer in TEE + * + * The context given to @open might last longer than the device file if it= is + * tied to other resources in the TEE driver. @close_context is called whe= n the + * client closes the device file, even if there are existing references to= the + * context. The TEE driver can use @close_context to start cleaning up. */ struct tee_driver_ops { void (*get_version)(struct tee_device *teedev, struct tee_ioctl_version_data *vers); int (*open)(struct tee_context *ctx); + void (*close_context)(struct tee_context *ctx); void (*release)(struct tee_context *ctx); int (*open_session)(struct tee_context *ctx, struct tee_ioctl_open_session_arg *arg, @@ -200,6 +207,24 @@ int tee_device_register_dma_heap(struct tee_device *te= edev, struct tee_protmem_pool *pool); void tee_device_put_all_dma_heaps(struct tee_device *teedev); =20 +/** + * tee_device_get() - Increment the user count for a tee_device + * @teedev: Pointer to the tee_device + * + * If tee_device_unregister() has been called and the final user of @teedev + * has already released the device, this function will fail to prevent new= users + * from accessing the device during the unregistration process. + * + * Returns: true if @teedev remains valid, otherwise false + */ +bool tee_device_get(struct tee_device *teedev); + +/** + * tee_device_put() - Decrease the user count for a tee_device + * @teedev: pointer to the tee_device + */ +void tee_device_put(struct tee_device *teedev); + /** * tee_device_set_dev_groups() - Set device attribute groups * @teedev: Device to register @@ -374,4 +399,25 @@ struct tee_context *teedev_open(struct tee_device *tee= dev); */ void teedev_close_context(struct tee_context *ctx); =20 +/** + * teedev_ctx_get() - Increment the reference count of a context + * @ctx: Pointer to the context + * + * This function increases the refcount of the context, which is tied to + * resources shared by the same tee_device. During the unregistration proc= ess, + * the context may remain valid even after tee_device_unregister() has ret= urned. + * + * Users should ensure that the context's refcount is properly decreased b= efore + * calling tee_device_put(), typically within the context's release() func= tion. + * Alternatively, users can call tee_device_get() and teedev_ctx_get() tog= ether + * and release them simultaneously (see shm_alloc_helper()). + */ +void teedev_ctx_get(struct tee_context *ctx); + +/** + * teedev_ctx_put() - Decrease reference count on a context + * @ctx: pointer to the context + */ +void teedev_ctx_put(struct tee_context *ctx); + #endif /*__TEE_CORE_H*/ --=20 2.34.1