Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tee-supplicant: -d: return after TEE device is opened
This commit addresses a race condition when a kernel module using OP-TEE is loaded immediately after tee-supplicant is started. To understand the problem, consider that with a shell background task there is no guarantee that the service is available to the kernel when the command returns. So the following: tee-supplicant & modprobe <some_module> ...may fail when <some_module> invokes the kernel TEE client API (note that kernel users do NOT wait for the supplicant to be available [1], contrary to user space clients [1]). This scenario was addressed by commit 66cdd5d ("tee-supplicant: add daemon mode (-d)"), although the commit description did not explicitly mention it. With '-d ' the supplicant command would open the device before returning. Unfortunately, this was inadvertently broken by commit 523d50b ("tee-supplicant: daemonize before opening a supplicant device"). Restore the previous behavior while still keeping the open() call in the child process, by introducing some synchronization between the parent and the child. A pipe is created and the parent issues a blocking read. After successfully opening the device the child writes data to the pipe, thus releasing the parent. If the child crashes or exits before writing the parent is released with 0 bytes read and exits with an error status. The daemon() call is replaced by make_daemon() which is an open-coded version of the daemon() funcion as described in the Linux man page, modified to deal with the IPC. Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/tee/tee_core.c?h=v5.19#n1128 Link: [2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/tee/tee_core.c?h=v5.19#n117 Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
- Loading branch information