Google Git
Sign in
coral / optee-os-mtk / 34a08bec755670ea0490cb53bbc68058cafc69b6
commit34a08bec755670ea0490cb53bbc68058cafc69b6[log] [tgz]
authorJoakim Bech <joakim.bech@linaro.org>Tue Jun 25 11:47:09 2019 +0200
committerJérôme Forissier <jerome@forissier.org>Tue Oct 08 17:05:54 2019 +0200
treec4d2d92464d73c329412233f86aa780b4e504a11
parent28aa35f5d9df4a9df841ca89fe1b0b21d595b4d7 [diff]
cryp: prevent direct calls to update and final functions

With inconsistent or malformed data it has been possible to call
"update" and "final" crypto functions directly. Using a fuzzer tool [1]
we have seen that this results in asserts, i.e., a crash that
potentially could leak sensitive information.

By setting the state (initialized) in the crypto context (i.e., the
tee_cryp_state) at the end of all syscall_*_init functions and then add
a check of the state at the beginning of all update and final functions,
  we prevent direct entrance to the "update" and "final" functions.

[1] https://github.com/MartijnB/optee_fuzzer

Fixes: OP-TEE-2019-0021

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reported-by: Martijn Bogaard <bogaard@riscure.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
1 file changed
tree: c4d2d92464d73c329412233f86aa780b4e504a11
  1. .github/
  2. core/
  3. keys/
  4. ldelf/
  5. lib/
  6. mk/
  7. scripts/
  8. ta/
  9. .gitignore
  10. .shippable.yml
  11. .travis.yml
  12. CHANGELOG.md
  13. LICENSE
  14. MAINTAINERS
  15. Makefile
  16. README.md
  17. typedefs.checkpatch
README.md

OP-TEE Trusted OS

This git contains source code for the secure side implementation of OP-TEE project.

All official OP-TEE documentation has moved to http://optee.readthedocs.io.

// OP-TEE core maintainers