ANDROID: trusty-ipc: correct data_source flag of struct iov_iter in filp_send_ioctl()
Upstream commit a41dad905e5a3 ("iov_iter: saner checks for attempt
to copy to/from iterator") introduced a strict check of data_source
flag when copy to/from iterator is done.
This led to the following one-time warning in kernel logs:
WARNING: CPU: 6 PID: 749 at lib/iov_iter.c:623 _copy_from_iter+0xe4/0x4f0
...
pc : _copy_from_iter+0xe4/0x4f0
lr : tipc_ioctl+0x6f8/0xb04 [trusty_ipc]
sp : ffffffc012433b10
...
Call trace:
_copy_from_iter+0xe4/0x4f0
tipc_ioctl+0x6f8/0xb04 [trusty_ipc]
__arm64_sys_ioctl+0xb0/0xf0
invoke_syscall+0x60/0x130
el0_svc_common+0xbc/0x100
do_el0_svc+0x38/0xb0
el0_svc+0x34/0xc4
el0t_64_sync_handler+0x8c/0xfc
el0t_64_sync+0x1a8/0x1ac
---[ end trace 0000000000000000 ]---
and not working communication with trusted application(s) in TEE.
Drivers that rely on this also stopped working i.e. fingerprint.
When copying from iterator we should use WRITE flag for data_source
in filp_send_ioctl() which eventually calls txbuf_write_iter().
Bug: 267276067
Test: manually
Change-Id: If3dc73737a03eb76b6e696dd976f58e73fe8de02
Signed-off-by: Alexey Klimov <klimova@google.com>
(cherry picked from commit b05efd30832632617922ec172da4b4fb418b48be)
diff --git a/drivers/trusty/trusty-ipc.c b/drivers/trusty/trusty-ipc.c
index 2f84a74..aee0d66 100644
--- a/drivers/trusty/trusty-ipc.c
+++ b/drivers/trusty/trusty-ipc.c
@@ -1360,7 +1360,7 @@
goto load_shm_args_failed;
}
- ret = import_iovec(READ, u64_to_user_ptr(req.iov), req.iov_cnt,
+ ret = import_iovec(WRITE, u64_to_user_ptr(req.iov), req.iov_cnt,
ARRAY_SIZE(fast_iovs), &iov, &iter);
if (ret < 0) {
dev_dbg(dev, "Failed to import iovec\n");
