Commit 70b0d6b0 authored by Sumit Garg's avatar Sumit Garg Committed by Arnd Bergmann
Browse files

tee: optee: Fix supplicant wait loop 



OP-TEE supplicant is a user-space daemon and it's possible for it
be hung or crashed or killed in the middle of processing an OP-TEE
RPC call. It becomes more complicated when there is incorrect shutdown
ordering of the supplicant process vs the OP-TEE client application which
can eventually lead to system hang-up waiting for the closure of the
client application.

Allow the client process waiting in kernel for supplicant response to
be killed rather than indefinitely waiting in an unkillable state. Also,
a normal uninterruptible wait should not have resulted in the hung-task
watchdog getting triggered, but the endless loop would.

This fixes issues observed during system reboot/shutdown when supplicant
got hung for some reason or gets crashed/killed which lead to client
getting hung in an unkillable state. It in turn lead to system being in
hung up state requiring hard power off/on to recover.

Fixes: 4fb0a5eb ("tee: add OP-TEE driver")
Suggested-by: default avatarArnd Bergmann <arnd@arndb.de>
Cc: stable@vger.kernel.org
Signed-off-by: default avatarSumit Garg <sumit.garg@linaro.org>
Reviewed-by: default avatarArnd Bergmann <arnd@arndb.de>
Reviewed-by: default avatarJens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
parent dd0f05b9

drivers/tee/optee/supp.c

+8 −27
Original line number Diff line number Diff line
@@ -80,7 +80,6 @@ u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params, 
	struct optee *optee = tee_get_drvdata(ctx->teedev);

	struct optee_supp *supp = &optee->supp;

	struct optee_supp_req *req;

	bool interruptable;

	u32 ret;



	/*
@@ -111,36 +110,18 @@ u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params, 
	/*

	 * Wait for supplicant to process and return result, once we've

	 * returned from wait_for_completion(&req->c) successfully we have

	 * exclusive access again.

	 * exclusive access again. Allow the wait to be killable such that

	 * the wait doesn't turn into an indefinite state if the supplicant

	 * gets hung for some reason.

	 */

	while (wait_for_completion_interruptible(&req->c)) {

	if (wait_for_completion_killable(&req->c)) {

		mutex_lock(&supp->mutex);

		interruptable = !supp->ctx;

		if (interruptable) {

			/*

			 * There's no supplicant available and since the

			 * supp->mutex currently is held none can

			 * become available until the mutex released

			 * again.

			 *

			 * Interrupting an RPC to supplicant is only

			 * allowed as a way of slightly improving the user

			 * experience in case the supplicant hasn't been

			 * started yet. During normal operation the supplicant

			 * will serve all requests in a timely manner and

			 * interrupting then wouldn't make sense.

			 */

		if (req->in_queue) {

			list_del(&req->link);

			req->in_queue = false;

		}

		}

		mutex_unlock(&supp->mutex);



		if (interruptable) {

		req->ret = TEEC_ERROR_COMMUNICATION;

			break;

		}

	}



	ret = req->ret;