[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] optee: immediately free RPC buffers that are released by OP-TEE


  • To: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
  • From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Date: Wed, 4 May 2022 19:59:22 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YGtCWR5lByVj/N6VFEw2T6DzI7VtEWTpfk8cjDXtedo=; b=KyRZS616Lwc0Z5adJx8WSRLoSIUnQE8+fiVZ36gB37XuKpNSqj+Rxo6+j6tYvb7/ug0KoIH5aSu+AG8jVLja5ho/Wh3oUvNRZF5OedVsLxcmZ32qy1xzyE6y4hetSCAGx9o+oO2CSTbOFLSDLTq3dY1a5eCvQ5jeybMzg/uQzcT/gFSRL0k2LvVTHmuP3i6/7CfiqSWIjlBG13D4zC1juX2LA3ZW50gdn4zpLqQ00gedVt3+3X3FA6QLYJJzzQiuGjOGc2Z55iseRq/gSK8AwBk7cLCZpQvvmnsymKBIsKlBYM95gn85rvhnCjxdrhymyz9tzpXV0XlsY+xGIdQUhQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JAHXikLKCJY+8KhhwurLUSs/dKOnEpbM4dBGGMqa/hSs45g9gAnUtaUmwQufnFoNmF/Ue9TNTuybMNbNq+nFvK+wPub5aYrG5AAS/F9KlRMvbOtlyghKluAjldzongJYt5pE6cyTznfjXHkJtmArDR1y1/PLDnbSkRmo6P5Mo09ZC/SJMtw7nCGkjoZj4DaGDMnu5iSlsw83jvQHUjFhtR0K/yO49eLLRcZD6HjbJgyhU+s1GcztjqrNyU/lJUvHI4CfOw/+LKIofcTrbGBMjTJMO61rQ+Su9uNr0ucxc4pHh03IFpGiPvpPZI0wQWsDXfWaZ/IdWJKy6bjaU80OCQ==
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>
  • Delivery-date: Wed, 04 May 2022 19:59:48 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYX3q1+cwfT5uujESolgz3RZy+760PI7EA
  • Thread-topic: [PATCH] optee: immediately free RPC buffers that are released by OP-TEE

Hello Jens,

Jens Wiklander <jens.wiklander@xxxxxxxxxx> writes:

> This commit fixes a case overlooked in [1].
>
> There are two kinds of shared memory buffers used by OP-TEE:
> 1. Normal payload buffer
> 2. Internal command structure buffers
>
> The internal command structure buffers are represented with a shadow
> copy internally in Xen since this buffer can contain physical addresses
> that may need to be translated between real physical address and guest
> physical address without leaking information to the guest.
>
> [1] fixes the problem when releasing the normal payload buffers. The
> internal command structure buffers must be released in the same way.
> Failure to follow this order opens a window where the guest has freed
> the shared memory but Xen is still tracking the buffer.
>
> During this window the guest may happen to recycle this particular
> shared memory in some other thread and try to use it. Xen will block
> this which will lead to spurious failures to register a new shared
> memory block.
>
> Fix this by freeing the internal command structure buffers first before
> informing the guest that the buffer can be freed.
>
> [1] 5b13eb1d978e ("optee: immediately free buffers that are released by 
> OP-TEE")
>
> Signed-off-by: Jens Wiklander <jens.wiklander@xxxxxxxxxx>

Thank you for the fix:

Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>


-- 
Volodymyr Babchuk at EPAM


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.