commit | 34a08bec755670ea0490cb53bbc68058cafc69b6 | [log] [tgz] |
---|---|---|
author | Joakim Bech <joakim.bech@linaro.org> | Tue Jun 25 11:47:09 2019 +0200 |
committer | Jérôme Forissier <jerome@forissier.org> | Tue Oct 08 17:05:54 2019 +0200 |
tree | c4d2d92464d73c329412233f86aa780b4e504a11 | |
parent | 28aa35f5d9df4a9df841ca89fe1b0b21d595b4d7 [diff] |
cryp: prevent direct calls to update and final functions With inconsistent or malformed data it has been possible to call "update" and "final" crypto functions directly. Using a fuzzer tool [1] we have seen that this results in asserts, i.e., a crash that potentially could leak sensitive information. By setting the state (initialized) in the crypto context (i.e., the tee_cryp_state) at the end of all syscall_*_init functions and then add a check of the state at the beginning of all update and final functions, we prevent direct entrance to the "update" and "final" functions. [1] https://github.com/MartijnB/optee_fuzzer Fixes: OP-TEE-2019-0021 Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Martijn Bogaard <bogaard@riscure.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
This git contains source code for the secure side implementation of OP-TEE project.
All official OP-TEE documentation has moved to http://optee.readthedocs.io.
// OP-TEE core maintainers