[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] optee: immediately free RPC buffers that are released by OP-TEE
- To: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
- From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
- Date: Wed, 4 May 2022 19:59:22 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YGtCWR5lByVj/N6VFEw2T6DzI7VtEWTpfk8cjDXtedo=; b=KyRZS616Lwc0Z5adJx8WSRLoSIUnQE8+fiVZ36gB37XuKpNSqj+Rxo6+j6tYvb7/ug0KoIH5aSu+AG8jVLja5ho/Wh3oUvNRZF5OedVsLxcmZ32qy1xzyE6y4hetSCAGx9o+oO2CSTbOFLSDLTq3dY1a5eCvQ5jeybMzg/uQzcT/gFSRL0k2LvVTHmuP3i6/7CfiqSWIjlBG13D4zC1juX2LA3ZW50gdn4zpLqQ00gedVt3+3X3FA6QLYJJzzQiuGjOGc2Z55iseRq/gSK8AwBk7cLCZpQvvmnsymKBIsKlBYM95gn85rvhnCjxdrhymyz9tzpXV0XlsY+xGIdQUhQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JAHXikLKCJY+8KhhwurLUSs/dKOnEpbM4dBGGMqa/hSs45g9gAnUtaUmwQufnFoNmF/Ue9TNTuybMNbNq+nFvK+wPub5aYrG5AAS/F9KlRMvbOtlyghKluAjldzongJYt5pE6cyTznfjXHkJtmArDR1y1/PLDnbSkRmo6P5Mo09ZC/SJMtw7nCGkjoZj4DaGDMnu5iSlsw83jvQHUjFhtR0K/yO49eLLRcZD6HjbJgyhU+s1GcztjqrNyU/lJUvHI4CfOw/+LKIofcTrbGBMjTJMO61rQ+Su9uNr0ucxc4pHh03IFpGiPvpPZI0wQWsDXfWaZ/IdWJKy6bjaU80OCQ==
- Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>
- Delivery-date: Wed, 04 May 2022 19:59:48 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHYX3q1+cwfT5uujESolgz3RZy+760PI7EA
- Thread-topic: [PATCH] optee: immediately free RPC buffers that are released by OP-TEE
Hello Jens,
Jens Wiklander <jens.wiklander@xxxxxxxxxx> writes:
> This commit fixes a case overlooked in [1].
>
> There are two kinds of shared memory buffers used by OP-TEE:
> 1. Normal payload buffer
> 2. Internal command structure buffers
>
> The internal command structure buffers are represented with a shadow
> copy internally in Xen since this buffer can contain physical addresses
> that may need to be translated between real physical address and guest
> physical address without leaking information to the guest.
>
> [1] fixes the problem when releasing the normal payload buffers. The
> internal command structure buffers must be released in the same way.
> Failure to follow this order opens a window where the guest has freed
> the shared memory but Xen is still tracking the buffer.
>
> During this window the guest may happen to recycle this particular
> shared memory in some other thread and try to use it. Xen will block
> this which will lead to spurious failures to register a new shared
> memory block.
>
> Fix this by freeing the internal command structure buffers first before
> informing the guest that the buffer can be freed.
>
> [1] 5b13eb1d978e ("optee: immediately free buffers that are released by
> OP-TEE")
>
> Signed-off-by: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
Thank you for the fix:
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
--
Volodymyr Babchuk at EPAM
|