OpenCloudOS-Kernel/drivers/tee
Sumit Garg 520f79c110 tee: optee: Fix kernel panic caused by incorrect error handling
commit 95915ba4b987cf2b222b0f251280228a1ff977ac upstream.

The error path while failing to register devices on the TEE bus has a
bug leading to kernel panic as follows:

[   15.398930] Unable to handle kernel paging request at virtual address ffff07ed00626d7c
[   15.406913] Mem abort info:
[   15.409722]   ESR = 0x0000000096000005
[   15.413490]   EC = 0x25: DABT (current EL), IL = 32 bits
[   15.418814]   SET = 0, FnV = 0
[   15.421878]   EA = 0, S1PTW = 0
[   15.425031]   FSC = 0x05: level 1 translation fault
[   15.429922] Data abort info:
[   15.432813]   ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
[   15.438310]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[   15.443372]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[   15.448697] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000d9e3e000
[   15.455413] [ffff07ed00626d7c] pgd=1800000bffdf9003, p4d=1800000bffdf9003, pud=0000000000000000
[   15.464146] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP

Commit 7269cba53d90 ("tee: optee: Fix supplicant based device enumeration")
lead to the introduction of this bug. So fix it appropriately.

Reported-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218542
Fixes: 7269cba53d90 ("tee: optee: Fix supplicant based device enumeration")
Cc: stable@vger.kernel.org
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-04-03 15:28:44 +02:00
..
amdtee tee: amdtee: fix use-after-free vulnerability in amdtee_close_session 2023-10-03 19:13:53 +02:00
optee tee: optee: Fix kernel panic caused by incorrect error handling 2024-04-03 15:28:44 +02:00
Kconfig tee: combine "config" and "menu" for TEE's menuconfig 2022-04-05 07:32:23 +02:00
Makefile tee: add AMD-TEE driver 2020-01-04 13:49:51 +08:00
tee_core.c driver core: class: remove module * from class_create() 2023-03-17 15:16:33 +01:00
tee_private.h tee: Remove unused declarations 2023-09-13 08:16:24 +02:00
tee_shm.c tee: Pass a pointer to virt_to_page() 2023-03-30 08:34:52 +02:00
tee_shm_pool.c tee: refactor TEE_SHM_* flags 2022-02-16 07:49:41 +01:00