security: nv_tee_driver: handle "daemon not present" scenario
Varun Wadekar [Wed, 12 Jun 2013 05:53:54 +0000 (10:53 +0530)]
During each request from the daemon, set a bit in a global variable
indicating that the daemon is alive and kicking. For each request from
secure world, check this bit to see if the daemon is present, and send
error if not present.

Bug 1291402

Change-Id: Ie8c59a465451b1781b4f379c0b6f661b05a417da
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Reviewed-on: http://git-master/r/237850
(cherry picked from commit 205baa9bb3f4d2ba150253284ac7af9733938a01)
Reviewed-on: http://git-master/r/249869
Reviewed-by: Automatic_Commit_Validation_User
Tested-by: Aaron Gamble <jgamble@nvidia.com>

security/nv_tee_driver/tee_fs.c

index a52ea25..a5dbdfd 100644 (file)
@@ -22,6 +22,7 @@
 #include <linux/completion.h>
 #include <linux/workqueue.h>
 #include <linux/freezer.h>
+#include <linux/bitops.h>
 
 #include <asm/uaccess.h>
 
@@ -30,6 +31,8 @@
 #define TEE_SHMEM_FNAME_SZ     SZ_64
 #define TEE_SHMEM_DATA_SZ      SZ_128K
 
+#define TEE_FS_READY_BIT       1
+
 struct tee_shmem {
        char    file_name[TEE_SHMEM_FNAME_SZ];
        char    file_data[TEE_SHMEM_DATA_SZ];
@@ -39,6 +42,7 @@ struct list_head req_list;
 DECLARE_COMPLETION(req_ready);
 DECLARE_COMPLETION(req_complete);
 static unsigned long secure_error;
+static unsigned long fs_ready;
 
 static void indicate_complete(unsigned long ret)
 {
@@ -68,6 +72,8 @@ int tee_handle_fs_ioctl(struct file *file, unsigned int ioctl_num,
 
                set_freezable();
 
+               set_bit(TEE_FS_READY_BIT, &fs_ready);
+
                /* wait for a new request */
                while (wait_for_completion_interruptible(&req_ready))
                        try_to_freeze();
@@ -148,6 +154,12 @@ static void _tee_fs_file_operation(const char *name, void *buf, int len,
        TEEC_FileReq *new_req;
        struct tee_file_req_node *req_node;
 
+       if (!test_and_clear_bit(TEE_FS_READY_BIT, &fs_ready)) {
+               pr_err("%s: daemon not loaded yet\n", __func__);
+               secure_error = TEEC_ERROR_NO_DATA;
+               goto fail;
+       }
+
        BUG_ON(!name);
 
        if (type == TEEC_FILE_REQ_READ || type == TEEC_FILE_REQ_WRITE)
@@ -183,6 +195,7 @@ static void _tee_fs_file_operation(const char *name, void *buf, int len,
 
        kfree(new_req);
 
+fail:
        /* signal completion to the secure world */
        indicate_complete(secure_error);
 }