On Thu, Jul 09, 2015 at 02:49:08PM +0200, Jens Wiklander wrote:
> > Generally in a scheme like this we'd see open and release get/put the
> > underlying module handle to prevent driver removal while the char dev
> > is open. Otherwise module removal will hang here.
>
> I'm perhaps misunderstanding
On Wed, Jul 08, 2015 at 11:10:26AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 12:16:30PM +0200, Jens Wiklander wrote:
>
> > +static void tee_device_complete_unused(struct kref *kref)
> > +{
> > + struct tee_device *teedev;
> > +
> > + teedev = container_of(kref, struct tee_device,
On Wed, Jul 08, 2015 at 04:52:03PM -0700, Greg Kroah-Hartman wrote:
> On Wed, Jul 08, 2015 at 04:28:26PM -0700, Dmitry Torokhov wrote:
> > On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> > > On Wed, Jul 08, 2015 at 04:26:49PM -0600, Jason Gunthorpe wrote:
> > > > On Wed, Jul 0
On Wed, Jul 08, 2015 at 04:53:21PM -0700, Greg Kroah-Hartman wrote:
> On Wed, Jul 08, 2015 at 05:16:12PM -0600, Jason Gunthorpe wrote:
> > On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> > > > The basic issue is that cdev_del doesn't seem to be synchronizing.
> > > >
> > > >
On Wed, Jul 08, 2015 at 05:16:12PM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> > > The basic issue is that cdev_del doesn't seem to be synchronizing.
> > >
> > > The use after free race is then something like:
> > >
> > >struct tpm_chi
On Wed, Jul 08, 2015 at 04:28:26PM -0700, Dmitry Torokhov wrote:
> On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> > On Wed, Jul 08, 2015 at 04:26:49PM -0600, Jason Gunthorpe wrote:
> > > On Wed, Jul 08, 2015 at 02:11:29PM -0700, Greg Kroah-Hartman wrote:
> > > > > > + c
On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> On Wed, Jul 08, 2015 at 04:26:49PM -0600, Jason Gunthorpe wrote:
> > On Wed, Jul 08, 2015 at 02:11:29PM -0700, Greg Kroah-Hartman wrote:
> > > > > + cdev_init(&teedev->cdev, &tee_fops);
> > > > > + teedev->cdev.owner
On Wed, Jul 08, 2015 at 03:33:25PM -0700, Greg Kroah-Hartman wrote:
> > The basic issue is that cdev_del doesn't seem to be synchronizing.
> >
> > The use after free race is then something like:
> >
> >struct tpm_chip {
> > struct device dev;
> > struct cdev cdev;
>
> Oops, right the
On Wed, Jul 08, 2015 at 04:26:49PM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 02:11:29PM -0700, Greg Kroah-Hartman wrote:
> > > > + cdev_init(&teedev->cdev, &tee_fops);
> > > > + teedev->cdev.owner = teedesc->owner;
> > >
> > > This also needs to set teedev->cdev.kobj.pare
On Wed, Jul 08, 2015 at 02:11:29PM -0700, Greg Kroah-Hartman wrote:
> > > + cdev_init(&teedev->cdev, &tee_fops);
> > > + teedev->cdev.owner = teedesc->owner;
> >
> > This also needs to set teedev->cdev.kobj.parent.
> > I'm guessing:
> >
> > teedev->cdev.kobj.parent = &teedev->dev.kob
On Wed, Jul 08, 2015 at 11:10:26AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 08, 2015 at 12:16:30PM +0200, Jens Wiklander wrote:
>
> > +static void tee_device_complete_unused(struct kref *kref)
> > +{
> > + struct tee_device *teedev;
> > +
> > + teedev = container_of(kref, struct tee_device,
On Wed, Jul 08, 2015 at 12:16:30PM +0200, Jens Wiklander wrote:
> +static void tee_device_complete_unused(struct kref *kref)
> +{
> + struct tee_device *teedev;
> +
> + teedev = container_of(kref, struct tee_device, users);
> + /* When the mutex is released, no other tee_device_get() w
Initial patch for generic TEE subsystem.
This subsystem provides:
* Registration/un-registration of TEE drivers.
* Shared memory between normal world and secure world.
* Ioctl interface for interaction with user space.
A TEE (Trusted Execution Environment) driver is a driver that interfaces
with a
13 matches
Mail list logo
