From: Ang Tien Sung <[email protected]> commit dd05e5a30c70c34866da13536dde41e926e9c622 from https://github.com/altera-opensource/linux-socfpga.git
The current driver does not support concurrent clients sending IOCTL commands. The driver must implement a mutex lock at the start of an IOCTL command before allocating any memory from the stack and before initiating any SVC commands to the mailbox. Signed-off-by: Ang Tien Sung <[email protected]> Signed-off-by: Wenlin Kang <[email protected]> --- drivers/crypto/intel_fcs.c | 261 +++++++++++++++++++++++++++---------- 1 file changed, 190 insertions(+), 71 deletions(-) diff --git a/drivers/crypto/intel_fcs.c b/drivers/crypto/intel_fcs.c index ee61668c5094..99955499c3b8 100644 --- a/drivers/crypto/intel_fcs.c +++ b/drivers/crypto/intel_fcs.c @@ -214,7 +214,6 @@ static int fcs_request_service(struct intel_fcs_priv *priv, (struct stratix10_svc_client_msg *)msg; int ret; - mutex_lock(&priv->lock); reinit_completion(&priv->completion); ret = stratix10_svc_send(priv->chan, p_msg); @@ -232,20 +231,28 @@ static int fcs_request_service(struct intel_fcs_priv *priv, } else ret = 0; - mutex_unlock(&priv->lock); return ret; } -static void fcs_close_services(struct intel_fcs_priv *priv, - void *sbuf, void *dbuf) +static void fcs_free_memory(struct intel_fcs_priv *priv, + void *buf1, void *buf2, void *buf3) { - if (sbuf) - stratix10_svc_free_memory(priv->chan, sbuf); + if (buf1) + stratix10_svc_free_memory(priv->chan, buf1); - if (dbuf) - stratix10_svc_free_memory(priv->chan, dbuf); + if (buf2) + stratix10_svc_free_memory(priv->chan, buf2); + if (buf3) + stratix10_svc_free_memory(priv->chan, buf3); +} + +static void fcs_close_services(struct intel_fcs_priv *priv, + void *sbuf, void *dbuf) +{ + fcs_free_memory(priv, sbuf, dbuf, NULL); stratix10_svc_done(priv->chan); + mutex_unlock(&priv->lock); } static long fcs_ioctl(struct file *file, unsigned int cmd, @@ -272,19 +279,24 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, priv = container_of(file->private_data, struct intel_fcs_priv, miscdev); dev = priv->client.dev; - + mutex_lock(&priv->lock); data = devm_kzalloc(dev, sizeof(*data), GFP_KERNEL); - if (!data) + if (!data) { + mutex_unlock(&priv->lock); return -ENOMEM; + } msg = devm_kzalloc(dev, sizeof(*msg), GFP_KERNEL); - if (!msg) + if (!msg) { + mutex_unlock(&priv->lock); return -ENOMEM; + } switch (cmd) { case INTEL_FCS_DEV_VALIDATION_REQUEST: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -297,6 +309,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "error requesting firmware %s\n", (char *)data->com_paras.s_request.src); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -305,6 +318,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!s_buf) { dev_err(dev, "failed to allocate VAB buffer\n"); release_firmware(fw); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -346,12 +360,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_SEND_CERTIFICATE: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.c_request.size == 0 || data->com_paras.c_request.addr == NULL) { dev_err(dev, "Invalid VAB request param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -367,6 +383,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, s_buf = stratix10_svc_allocate_memory(priv->chan, datasz); if (!s_buf) { dev_err(dev, "failed to allocate VAB buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -374,6 +391,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!ps_buf) { dev_err(dev, "failed to allocate p-status buf\n"); stratix10_svc_free_memory(priv->chan, s_buf); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -386,7 +404,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.c_request.size); if (ret) { dev_err(dev, "failed copy buf ret=%d\n", ret); - fcs_close_services(priv, s_buf, ps_buf); + fcs_free_memory(priv, s_buf, ps_buf, NULL); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -432,6 +451,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_COUNTER_SET_PREAUTHORIZED: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -446,6 +466,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the request,ret=%d\n", ret); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -454,6 +475,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_RANDOM_NUMBER_GEN: @@ -465,6 +487,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -472,6 +495,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, RANDOM_NUMBER_SIZE); if (!s_buf) { dev_err(dev, "failed to allocate RNG buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -517,12 +541,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.gp_data.size == 0 || data->com_paras.gp_data.addr == NULL) { dev_err(dev, "Invalid provision request param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -530,6 +556,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.gp_data.size); if (!s_buf) { dev_err(dev, "failed allocate provision buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -599,6 +626,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_DATA_ENCRYPTION: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -606,6 +634,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_encryption.src_size > DEC_MAX_SZ) { dev_err(dev, "Invalid SDOS Buffer src size:%d\n", data->com_paras.d_encryption.src_size); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -613,12 +642,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_encryption.dst_size > ENC_MAX_SZ) { dev_err(dev, "Invalid SDOS Buffer dst size:%d\n", data->com_paras.d_encryption.dst_size); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.d_encryption.src == NULL || data->com_paras.d_encryption.dst == NULL) { dev_err(dev, "Invalid SDOS Buffer pointer\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -627,6 +658,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, DEC_MAX_SZ); if (!s_buf) { dev_err(dev, "failed allocate encrypt src buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } d_buf = stratix10_svc_allocate_memory(priv->chan, @@ -634,12 +666,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!d_buf) { dev_err(dev, "failed allocate encrypt dst buf\n"); stratix10_svc_free_memory(priv->chan, s_buf); + mutex_unlock(&priv->lock); return -ENOMEM; } ps_buf = stratix10_svc_allocate_memory(priv->chan, PS_BUF_SIZE); if (!ps_buf) { dev_err(dev, "failed allocate p-status buffer\n"); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, s_buf, d_buf, NULL); + mutex_unlock(&priv->lock); return -ENOMEM; } ret = copy_from_user(s_buf, @@ -647,8 +681,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_encryption.src_size); if (ret) { dev_err(dev, "failure on copy_from_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -676,8 +710,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!ret && !priv->status) { if (!priv->kbuf) { dev_err(dev, "failure on kbuf\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } buf_sz = *(unsigned int *)priv->kbuf; @@ -687,8 +721,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, d_buf, buf_sz); if (ret) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } } else { @@ -704,18 +738,19 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_to_user((void __user *)arg, data, sizeof(*data))) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); ret = -EFAULT; } - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_DATA_DECRYPTION: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -723,6 +758,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_encryption.src_size > ENC_MAX_SZ) { dev_err(dev, "Invalid SDOS Buffer src size:%d\n", data->com_paras.d_encryption.src_size); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -730,12 +766,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_encryption.dst_size > DEC_MAX_SZ) { dev_err(dev, "Invalid SDOS Buffer dst size:%d\n", data->com_paras.d_encryption.dst_size); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.d_encryption.src == NULL || data->com_paras.d_encryption.dst == NULL) { dev_err(dev, "Invalid SDOS Buffer pointer\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -744,6 +782,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, ENC_MAX_SZ); if (!s_buf) { dev_err(dev, "failed allocate decrypt src buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } d_buf = stratix10_svc_allocate_memory(priv->chan, @@ -751,6 +790,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!d_buf) { dev_err(dev, "failed allocate decrypt dst buf\n"); stratix10_svc_free_memory(priv->chan, s_buf); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -758,7 +798,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, PS_BUF_SIZE); if (!ps_buf) { dev_err(dev, "failed allocate p-status buffer\n"); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, s_buf, d_buf, NULL); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -767,8 +808,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.d_decryption.src_size); if (ret) { dev_err(dev, "failure on copy_from_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -794,8 +835,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!ret && !priv->status) { if (!priv->kbuf) { dev_err(dev, "failure on kbuf\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } buf_sz = *((unsigned int *)priv->kbuf); @@ -805,8 +846,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, d_buf, buf_sz); if (ret) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } } else { @@ -822,18 +863,19 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_to_user((void __user *)arg, data, sizeof(*data))) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); ret = -EFAULT; } - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_PSGSIGMA_TEARDOWN: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -841,6 +883,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if ((sid != SIGMA_SESSION_ID_ONE) && (sid != SIGMA_UNKNOWN_SESSION)) { dev_err(dev, "Invalid session ID:%d\n", sid); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -852,6 +895,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the request,ret=%d\n", ret); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -860,6 +904,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_CHIP_ID: @@ -870,6 +915,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the request,ret=%d\n", ret); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -880,29 +926,34 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_ATTESTATION_SUBKEY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.subkey.cmd_data_sz > SUBKEY_CMD_MAX_SZ) { dev_err(dev, "Invalid subkey CMD size %d\n", data->com_paras.subkey.cmd_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.subkey.rsp_data_sz > SUBKEY_RSP_MAX_SZ) { dev_err(dev, "Invalid subkey RSP size %d\n", data->com_paras.subkey.rsp_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.subkey.cmd_data == NULL || data->com_paras.subkey.rsp_data == NULL) { dev_err(dev, "Invalid subkey data pointer\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -915,6 +966,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, rsz); if (!s_buf) { dev_err(dev, "failed allocate subkey CMD buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -922,6 +974,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, SUBKEY_RSP_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate subkey RSP buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -934,7 +987,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.subkey.cmd_data_sz); if (ret) { dev_err(dev, "failure on copy_from_user\n"); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, s_buf, d_buf, NULL); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -968,6 +1022,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_to_user((void __user *)arg, data, sizeof(*data))) { dev_err(dev, "failure on copy_to_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -977,24 +1032,28 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_ATTESTATION_MEASUREMENT: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.measurement.cmd_data_sz > MEASUREMENT_CMD_MAX_SZ) { dev_err(dev, "Invalid measurement CMD size %d\n", data->com_paras.measurement.cmd_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.measurement.rsp_data_sz > MEASUREMENT_RSP_MAX_SZ) { dev_err(dev, "Invalid measurement RSP size %d\n", data->com_paras.measurement.rsp_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.measurement.cmd_data == NULL || data->com_paras.measurement.rsp_data == NULL) { dev_err(dev, "Invalid measurement data pointer\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1007,6 +1066,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, rsz); if (!s_buf) { dev_err(dev, "failed allocate measurement CMD buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1014,6 +1074,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, MEASUREMENT_RSP_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate measurement RSP buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1026,7 +1087,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.measurement.cmd_data_sz); if (ret) { dev_err(dev, "failure on copy_from_user\n"); - fcs_close_services(priv, s_buf, d_buf); + fcs_free_memory(priv, s_buf, d_buf, NULL); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1068,12 +1130,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_ATTESTATION_GET_CERTIFICATE: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.certificate.rsp_data_sz > CERTIFICATE_RSP_MAX_SZ) { dev_err(dev, "Invalid certificate RSP size %d\n", data->com_paras.certificate.rsp_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1081,6 +1145,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, CERTIFICATE_RSP_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate certificate RSP buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1135,6 +1200,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the request,ret=%d\n", ret); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -1143,12 +1209,13 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } - + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_GET_ROM_PATCH_SHA384: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1156,6 +1223,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, SHA384_SIZE); if (!s_buf) { dev_err(dev, "failed to allocate RNG buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1211,6 +1279,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the cmd=%d,ret=%d\n", COMMAND_FCS_CRYPTO_OPEN_SESSION, ret); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -1220,11 +1289,13 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_CRYPTO_CLOSE_SESSION: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1233,10 +1304,11 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, priv->client.receive_cb = fcs_vab_callback; ret = fcs_request_service(priv, (void *)msg, FCS_REQUEST_TIMEOUT); - if (ret) { - dev_err(dev, "failed to send the request,ret=%d\n", + if (ret) { + dev_err(dev, "failed to send the request,ret=%d\n", ret); - return -EFAULT; + fcs_close_services(priv, NULL, NULL); + return -EFAULT; } data->status = priv->status; @@ -1244,18 +1316,20 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } - + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_CRYPTO_IMPORT_KEY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.k_import.obj_data_sz == 0 || data->com_paras.k_import.obj_data == NULL) { dev_err(dev, "Invalid key import request param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1266,13 +1340,15 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, s_buf = stratix10_svc_allocate_memory(priv->chan, datasz); if (!s_buf) { dev_err(dev, "failed to allocate key import buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } ps_buf = stratix10_svc_allocate_memory(priv->chan, PS_BUF_SIZE); if (!ps_buf) { dev_err(dev, "failed allocate p-status buffer\n"); - fcs_close_services(priv, s_buf, NULL); + fcs_free_memory(priv, s_buf, NULL, NULL); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1283,8 +1359,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, data->com_paras.k_import.obj_data_sz); if (ret) { dev_err(dev, "failed copy buf ret=%d\n", ret); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, NULL); + fcs_free_memory(priv, ps_buf, s_buf, d_buf); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1320,18 +1396,19 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (copy_to_user((void __user *)arg, data, sizeof(*data))) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, NULL); + fcs_close_services(priv, NULL, NULL); + fcs_free_memory(priv, ps_buf, s_buf, NULL); return -EFAULT; } - fcs_close_services(priv, ps_buf, NULL); - fcs_close_services(priv, s_buf, NULL); + fcs_close_services(priv, NULL, NULL); + fcs_free_memory(priv, ps_buf, s_buf, NULL); break; case INTEL_FCS_DEV_CRYPTO_EXPORT_KEY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1339,6 +1416,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, CRYPTO_EXPORTED_KEY_OBJECT_MAX_SZ) { dev_err(dev, "Invalid key object size %d\n", data->com_paras.k_object.obj_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1346,6 +1424,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, CRYPTO_EXPORTED_KEY_OBJECT_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate key object buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1390,6 +1469,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_REMOVE_KEY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1402,6 +1482,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failed to send the request,ret=%d\n", ret); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1410,18 +1491,20 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } - + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_CRYPTO_GET_KEY_INFO: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.k_object.obj_data_sz > CRYPTO_GET_KEY_INFO_MAX_SZ) { dev_err(dev, "Invalid key object size %d\n", data->com_paras.k_object.obj_data_sz); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1429,6 +1512,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, CRYPTO_GET_KEY_INFO_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate key object buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1473,12 +1557,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_AES_CRYPT: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } iv_field_buf = stratix10_svc_allocate_memory(priv->chan, 28); if (!iv_field_buf) { dev_err(dev, "failed allocate iv_field buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -1511,12 +1597,13 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, return -EFAULT; } - fcs_close_services(priv, iv_field_buf, NULL); + fcs_free_memory(priv, iv_field_buf, NULL, NULL); s_buf = stratix10_svc_allocate_memory(priv->chan, data->com_paras.a_crypt.src_size); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -1569,8 +1656,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (!ret && !priv->status) { if (!priv->kbuf || priv->size != 16) { dev_err(dev, "unregconize response\n"); - fcs_close_services(priv, s_buf, d_buf); - fcs_close_services(priv, ps_buf, NULL); + fcs_free_memory(priv, s_buf, d_buf, ps_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -1583,8 +1670,8 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret) { dev_err(dev, "failure on copy_to_user\n"); - fcs_close_services(priv, s_buf, d_buf); - fcs_close_services(priv, ps_buf, NULL); + fcs_free_memory(priv, s_buf, d_buf, ps_buf); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } } @@ -1599,14 +1686,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failure on copy_to_user\n"); ret = -EFAULT; } - - fcs_close_services(priv, s_buf, d_buf); - fcs_close_services(priv, ps_buf, NULL); + fcs_free_memory(priv, s_buf, d_buf, ps_buf); + fcs_close_services(priv, NULL, NULL); break; case INTEL_FCS_DEV_CRYPTO_GET_DIGEST: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1629,6 +1716,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret || priv->status) { dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_GET_DIGEST_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -1636,6 +1724,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, AES_CRYPT_CMD_MAX_SZ); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -1691,6 +1780,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_MAC_VERIFY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1715,6 +1805,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, if (ret || priv->status) { dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_MAC_VERIFY_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } @@ -1722,6 +1813,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, AES_CRYPT_CMD_MAX_SZ); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -1777,6 +1869,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_ECDSA_HASH_SIGNING: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1800,12 +1893,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_ECDSA_HASH_SIGNING_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -1860,6 +1955,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_ECDSA_SHA2_DATA_SIGNING: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1883,12 +1979,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_ECDSA_HASH_SIGNING_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -1943,6 +2041,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_CRYPTO_ECDSA_HASH_VERIFY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -1966,12 +2065,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_ECDSA_HASH_VERIFY_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -2020,13 +2121,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, ret = -EFAULT; } - fcs_close_services(priv, s_buf, d_buf); + fcs_close_services(priv, s_buf, d_buf); - break; + break; case INTEL_FCS_DEV_CRYPTO_ECDSA_SHA2_DATA_VERIFY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -2051,12 +2153,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_ECDSA_SHA2_VERIFY_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -2106,12 +2210,13 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, ret = -EFAULT; } - fcs_close_services(priv, s_buf, d_buf); - break; + fcs_close_services(priv, s_buf, d_buf); + break; case INTEL_FCS_DEV_CRYPTO_ECDSA_GET_PUBLIC_KEY: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -2134,12 +2239,14 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, dev_err(dev, "failed to send the cmd=%d,ret=%d, status=%d\n", COMMAND_FCS_CRYPTO_ECDSA_GET_PUBLIC_KEY_INIT, ret, priv->status); + fcs_close_services(priv, NULL, NULL); return -EFAULT; } d_buf = stratix10_svc_allocate_memory(priv->chan, out_sz); if (!d_buf) { dev_err(dev, "failed allocate destation buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -2156,10 +2263,10 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, 10 * FCS_REQUEST_TIMEOUT); if (!ret && !priv->status) { if (priv->size > out_sz) { - dev_err(dev, "returned size %d is incorrect\n", + dev_err(dev, "returned size %d is incorrect\n", priv->size); - fcs_close_services(priv, NULL, d_buf); - return -EFAULT; + fcs_close_services(priv, NULL, d_buf); + return -EFAULT; } memcpy(data->com_paras.ecdsa_data.dst, @@ -2178,24 +2285,27 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, ret = -EFAULT; } - fcs_close_services(priv, NULL, d_buf); - break; + fcs_close_services(priv, NULL, d_buf); + break; case INTEL_FCS_DEV_CRYPTO_ECDH_REQUEST: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.ecdsa_data.src_size == 0 || data->com_paras.ecdsa_data.src == NULL) { dev_err(dev, "Invalid ECDH request src param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.ecdsa_data.dst_size == 0 || data->com_paras.ecdsa_data.dst == NULL) { dev_err(dev, "Invalid ECDH request dst param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -2224,6 +2334,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + fcs_close_services(priv, NULL, NULL); return -ENOMEM; } @@ -2285,6 +2396,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_RANDOM_NUMBER_GEN_EXT: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -2296,6 +2408,7 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, d_buf = stratix10_svc_allocate_memory(priv->chan, buf_sz); if (!d_buf) { dev_err(dev, "failed to allocate RNG_EXT output buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -2341,11 +2454,10 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, } } - if (priv->status == 0 && timeout == 0) { + if (priv->status == 0 && timeout == 0) data->status = -ETIMEDOUT; - } else { + else data->status = priv->status; - } if (copy_to_user((void __user *)arg, data, sizeof(*data))) { dev_err(dev, "failure on copy_to_user\n"); @@ -2359,18 +2471,21 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, case INTEL_FCS_DEV_SDOS_DATA_EXT: if (copy_from_user(data, (void __user *)arg, sizeof(*data))) { dev_err(dev, "failure on copy_from_user\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.data_sdos_ext.src_size == 0 || data->com_paras.data_sdos_ext.src == NULL) { dev_err(dev, "Invalid SDOS request src param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } if (data->com_paras.data_sdos_ext.dst_size == 0 || data->com_paras.data_sdos_ext.dst == NULL) { dev_err(dev, "Invalid SDOS request dst param\n"); + mutex_unlock(&priv->lock); return -EFAULT; } @@ -2381,13 +2496,15 @@ static long fcs_ioctl(struct file *file, unsigned int cmd, s_buf = stratix10_svc_allocate_memory(priv->chan, in_sz); if (!s_buf) { dev_err(dev, "failed allocate source buf\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } d_buf = stratix10_svc_allocate_memory(priv->chan, AES_CRYPT_CMD_MAX_SZ); if (!d_buf) { dev_err(dev, "failed allocate destation buf\n"); - fcs_close_services(priv, s_buf, NULL); + fcs_free_memory(priv, s_buf, NULL, NULL); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -2484,10 +2601,11 @@ static int fcs_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait) priv = (struct intel_fcs_priv *)rng->priv; dev = priv->client.dev; - + mutex_lock(&priv->lock); msg = devm_kzalloc(dev, sizeof(*msg), GFP_KERNEL); if (!msg) { dev_err(dev, "failed to allocate msg buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } @@ -2495,6 +2613,7 @@ static int fcs_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait) RANDOM_NUMBER_SIZE); if (!s_buf) { dev_err(dev, "failed to allocate random number buffer\n"); + mutex_unlock(&priv->lock); return -ENOMEM; } -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#12509): https://lists.yoctoproject.org/g/linux-yocto/message/12509 Mute This Topic: https://lists.yoctoproject.org/mt/98898743/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
