Re: [GIT PULL] OP-TEE fix for 7.0

Next message: Aneesh Kumar K.V (Arm): "[RFC PATCH v4 04/16] iommu/arm-smmu-v3: Track realm pSMMU users with refcount_t"
Previous message: Aneesh Kumar K.V (Arm): "[RFC PATCH v4 01/16] iommu/arm-smmu-v3: Discover RME support and realm IRQ topology"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jens Wiklander

Date: Mon Apr 27 2026 - 04:54:56 EST

Hi,

It appears that this pull request has been missed. Can you pull it as
it is, or do you need a new pull request?

Thanks,
Jens

On Mon, Mar 16, 2026 at 8:12 AM Jens Wiklander
<jens.wiklander@xxxxxxxxxx> wrote:
>
> Hello arm-soc maintainers,
>
> Please pull this patch fixing a use-after-free race in the OP-TEE driver
> where a client exiting prematurely could free a request still being
> processed by the supplicant.
>
> Thanks,
> Jens
>
> The following changes since commit 6de23f81a5e08be8fbf5e8d7e9febc72a5b5f27f:
>
> Linux 7.0-rc1 (2026-02-22 13:18:59 -0800)
>
> are available in the Git repository at:
>
> gitolite.kernel.org:pub/scm/linux/kernel/git/jenswi/linux-tee tags/optee-fix-for-v7.0
>
> for you to fetch changes up to 387a926ee166814611acecb960207fe2f3c4fd3e:
>
> tee: optee: prevent use-after-free when the client exits before the supplicant (2026-03-02 14:36:50 +0100)
>
> ----------------------------------------------------------------
> OP-TEE fix for v7.0
>
> Fix a use-after-free race between client and supplicant by serializing
> request access with the supplicant mutex.
>
> ----------------------------------------------------------------
> Amirreza Zarrabi (1):
> tee: optee: prevent use-after-free when the client exits before the supplicant
>
> drivers/tee/optee/supp.c | 107 ++++++++++++++++++++++++++++++++---------------
> 1 file changed, 74 insertions(+), 33 deletions(-)