[PATCH v2,03/21] v4l2: verify secure dmabufs are used in secure queue
From: Yunfei Dong
Date: Mon Nov 06 2023 - 07:04:50 EST
From: Jeffrey Kardatzke <jkardatzke@xxxxxxxxxx>
Verfies in the dmabuf implementations that if the secure memory flag is
set for a queue that the dmabuf submitted to the queue is unmappable.
Signed-off-by: Jeffrey Kardatzke <jkardatzke@xxxxxxxxxx>
Signed-off-by: Yunfei Dong <yunfei.dong@xxxxxxxxxxxx>
---
drivers/media/common/videobuf2/videobuf2-dma-contig.c | 6 ++++++
drivers/media/common/videobuf2/videobuf2-dma-sg.c | 6 ++++++
2 files changed, 12 insertions(+)
diff --git a/drivers/media/common/videobuf2/videobuf2-dma-contig.c b/drivers/media/common/videobuf2/videobuf2-dma-contig.c
index 3d4fd4ef5310..ad58ef8dc231 100644
--- a/drivers/media/common/videobuf2/videobuf2-dma-contig.c
+++ b/drivers/media/common/videobuf2/videobuf2-dma-contig.c
@@ -710,6 +710,12 @@ static int vb2_dc_map_dmabuf(void *mem_priv)
return -EINVAL;
}
+ /* verify the dmabuf is secure if we are in secure mode */
+ if (buf->vb->vb2_queue->secure_mem && sg_page(sgt->sgl)) {
+ pr_err("secure queue requires secure dma_buf");
+ return -EINVAL;
+ }
+
/* checking if dmabuf is big enough to store contiguous chunk */
contig_size = vb2_dc_get_contiguous_size(sgt);
if (contig_size < buf->size) {
diff --git a/drivers/media/common/videobuf2/videobuf2-dma-sg.c b/drivers/media/common/videobuf2/videobuf2-dma-sg.c
index 28f3fdfe23a2..55428c73c380 100644
--- a/drivers/media/common/videobuf2/videobuf2-dma-sg.c
+++ b/drivers/media/common/videobuf2/videobuf2-dma-sg.c
@@ -564,6 +564,12 @@ static int vb2_dma_sg_map_dmabuf(void *mem_priv)
return -EINVAL;
}
+ /* verify the dmabuf is secure if we are in secure mode */
+ if (buf->vb->vb2_queue->secure_mem && !sg_dma_secure(sgt->sgl)) {
+ pr_err("secure queue requires secure dma_buf");
+ return -EINVAL;
+ }
+
buf->dma_sgt = sgt;
buf->vaddr = NULL;
--
2.18.0