| Age | Commit message (Collapse) | Author |
|---|
|
update_write_helper() is clearing uninitialized parts of blk_buf.
There's an error in the logic calculating how much should be cleared
resulting in a negative size being supplied to memset(). Fix this by
always clearing blk_buf before usage.
Fixes: cd799689cd3d ("core: rpmb: fix initialization of new rpmb data")
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Prior to this patch was syscall_storage_next_enum() opening a file
handle with tee_svc_storage_read_head() but never freeing the handle.
Fix this by closing the file handle as part of cleaning up before
returning.
Fixes: 928efd065222 ("core: syscall_storage_next_enum() use live pobj")
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add memset() calls to ensure added object is extended with byte value 0
as specified in GPD TEE specification.
Fixes: 64c6d2917d12 ("core: rpmb fs uses mempool for temporary transfer buffers")
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
When decrypt_block fails (although unlikely) it shouldn't be silently
ignored. In such case the data in the buffer pointed to by *out is
unmodified or bogus while the return code is TEE_SUCCESS.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
|
RPMB FS driver may allocates a temporary buffer of size the one provided
by userland caller. These may be big buffer of dozens of kbytes and may
exhaust the heap capacities. Change the implementation to use a 4kByte
temporary buffer to update RPMB data instead of an allocated buffer of
the object target size. RPMB FAT entry data is updated by chunks of the
temporary buffer size, and RPMB FAT meta data is updated afterwards as
prior this change.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
So far the error TEE_ERROR_OUT_OF_MEMORY was returned if no
free memory could be allocated in the RPMB to store new data.
According to TEE Internal Core API Specification the error
TEE_ERROR_STORAGE_NO_SPACE shall be returned if insufficient
space is available to create the persistent object.
Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Copies the ctx_finalize() when a state is copied using
syscall_cryp_state_copy() in order to support proper cleanup of the
state once it's removed.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Suggested-by: Tony He <tony.he@armchina.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The cryptographic API provides an interface for the creation of
cryptographic keys.
These keys can be stored in secure elements and handlers to these keys
(since the keys themselves can not be read from the secure elements)
given back to the caller.
When the object holding a key is being deleted, the cryptographic API
must be informed in order to proceed with the deletion of the real
key from the secure element.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Normal world is used to pass the RPMB request to the eMMC. If normal
world saves a write request and returns an error instead it can be used
at a later stage where OP-TEE doesn't expect a certain block to be
updated. For more details on possible attacks and mitigations see [1]
and [2].
The mitigation consists of two parts, while initializing and later how
each write request is handled.
While initializing the RPMB file system we don't have a spare dummy
block so the alternative method of reading a block and writing it again
is used instead.
For normal write request all errors after the request message has been
created will be retried 10 times. If a write request fails after 10
retries RPMB is disabled entirely until next boot. An eventual
requesting TA is with an unexpected error code since we can't tell if
the request has been committed to storage or not.
Link: [1] https://www.westerndigital.com/support/productsecurity/wdc-20008-replay-attack-vulnerabilities-rpmb-protocol-applications
Link: [2] https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-replay-protected-memory-block-protocol-vulernabilities.pdf
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Remove the crypto_acipher_sm2_dsa_sign/crypto_acipher_sm2_dsa_verify
functions and call the crypto_acipher_ecc_sign/crypto_acipher_ecc_verify
functions that are calling the ecc key operations set.
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
In order to enable one ECC HW driver and one ECC SW library at build and
runtime, introduces struct crypto_ecc_public_ops and
struct crypto_ecc_keypair_ops respectively to the struct ecc_public_key
and struct ecc_keypair.
At key (public/keypair) allocation, the HW driver is first called and
if key type/size not supported, the SW library is then called.
When key is allocated with success, the key->ops is set with the
cryptographic functions pointer to call when using keys to:
- Generate keypair
- Sign with keypair
- Shared secret with keypair
- Verify with public key
- Free public key
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Replaces the tee_mmu prefix with vm. tee_mmu.h is renamed to vm.h and
core/arch/arm/mm/tee_mmu.c is moved to core/mm/vm.c. Public functions
belonging to these files are renamed with a vm prefix.
Introduces: vm_map_param(), vm_clean_param(),
vm_buf_is_inside_private(), vm_buf_intersects_private(),
vm_buf_to_mboj_offs(), vm_buf_is_inside_um_private(),
vm_buf_intersects_um_private(), vm_add_rwmem(), vm_rem_rwmem(),
vm_va2pa(), vm_pa2va(), vm_check_access_rights(), vm_set_ctx() replacing
their tee_mmu_*() counterpart.
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Removes struct tee_ta_ctx from struct user_mode_ctx allowing a user mode
entity to be independent of the TA concept, that is, making room for SPs
in user mode.
A pointer to a struct user_mode_ctx is passed to many memory management
functions where a pointer to a struct ts_ctx is needed too. Prior to
this patch it was possible to calculate that address of corresponding
struct ts_ctx with help of the container_of() macro, that is no longer
possible. Instead is a struct ts_ctx *ts_ctx field added to struct
user_mode_ctx in order to allow such lookups.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds the generic struct ts_ctx to be used instead of struct tee_ta_ctx
where generic context operations are performed.
struct tee_ta_ctx adds a field with struct ts_ctx for conversion to
struct ts_ctx where needed.
The struct ts_session is updated to keep a pointer to a struct ts_ctx
instead of the previous struct tee_ta_ctx.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
As a step in making room for Secure Partitions (SPs) running at S-EL0
add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS.
Adds the generic struct ts_session. All future sessions structs
(currently only struct tee_ta_session exists) should add this struct to
allow generic session operations.
With this struct comes new functions replacing previous struct
tee_ta_session oriented functions. The following functions are replaced
as:
tee_ta_get_current_session() -> ts_get_current_session()
tee_ta_push_current_session() -> ts_push_current_session()
tee_ta_pop_current_session() -> ts_pop_current_session()
tee_ta_get_calling_session() -> ts_get_calling_session()
ts_get_current_session() is changed compared to its predecessor to
panic() in case of failure to return a valid pointer.
A new function ts_get_current_session_may_fail() is added to handle an
eventual case where a return NULL session may be handled.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Added error handling if call of function encrypt_block() fails
in tee_rpmb_req_pack().
Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The max block index check in tee_rpmb_req_pack() is incorrect and would
fail when trying to access the last block of the partition.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Some function incorrectly use uint32_t for object identifiers:
tee_obj_get(), tee_svc_cryp_get_state() and tee_svc_storage_get_enum().
Those object IDs are actually virtual addresses so they need to be of
type vaddr_t.
Link: https://github.com/OP-TEE/optee_os/issues/4035#issuecomment-680037072
Signed-off-by: Jerome Forissier <jerome@forissier.org>
|
|
Ensure that fat_entry_dir_update can only update entries less than
the current cache size and not just the maximum size limit of the cache.
Signed-off-by: Neil Shipp <neilsh@microsoft.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Use fallthrough; in switch/case statements. Imported libraries
(libtomcrypt, libmbedtls) are not modified to minimize differences with
upstream.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Fix an assert in fat_entry_dir_update() that always fires when updating
fat entries other than the first element in the cache.
Signed-off-by: Neil Shipp <neilsh@microsoft.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
|
Update from GP 1.0 the parity bits are now included in the DES and DES3
key sizes. This is an incompatible change where 56, 112 and 168 key sizes
are replaced with 64, 128 and 192 respectively.
This changes the ABI in a way that it's not enough even to recompile the
TA. In order to maintain backwards compatibility the configuration flag
CFG_COMPAT_GP10_DES is introduced (default y). The presence of the
parity bits is autodetected and this update is transparent to a TA which
hasn't been updated.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
A comment in syscall_asymm_verify() reads:
"Depending on the DSA algorithm (NIST), the digital signature output
size may be truncated to the size of a key pair (Q prime size). Q prime
size must be less or equal than the hash output length of the hash
algorithm involved."
Instead of just assuming that Q size is small when data length is
smaller than the hash, check that it's the case also. Don't allow data
length smaller than both hash size and Q size.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Provides TEE_ATTR_FLAG_VALUE and TEE_ATTR_FLAG_PUBLIC which are defined
already in GP v1.0 [1] and also expected in GP v1.1 [2]. The old
TEE_ATTR_BIT_VALUE and TEE_ATTR_BIT_PROTECTED are kept for backwards
compatibility for now.
[1]: GlobalPlatform TEE Internal API Specification v1.0
[2]: GlobalPlatform TEE Internal Core API Specification v1.1
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When populating a crypto object check that certain attributes are
consistent with maximum key size. For example the attribute
TEE_ATTR_DSA_PRIME must not have more significant bits than max key
size. All these attributes are flagged with TEE_TYPE_ATTR_BIGNUM_MAXBITS
and tee_svc_cryp_obj_populate_type() is updated as needed.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When populating or generating a key the relevant attributes can differ.
Some attributes are parameters for the key generation.
Updates tee_svc_cryp_check_attr() and object type descriptions to be
accurate.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Checks that attributes are within the bounds defined by the max key size
which was supplied when the object was allocated.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Prior to this patch was the parity bits included when calculating the
key size for DES keys. Fix this by subtracting the parity bits.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Updates tee_obj_get() to return TEE_ERROR_BAD_STATE when an object
reference can't be found. This will allow the GP TA API to panic the
caller as required in the GP spec [1].
[1] GlobalPlatform TEE Internal Core API Specification v1.1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The v1.1 spec [1] requires that the NIST SP800-56B [2] rules to be
followed when generating an RSA key.
Adds a check when generating a RSA key that the supplied exponent confirms
with the requirements in NIST SP800-56B, thas is, the key must be odd and
in the range 65537 <= e < 2^256.
[1]: GlobalPlatform TEE Internal Core API Specification v1.1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Link [2]: https://csrc.nist.gov/publications/detail/sp/800-56b/rev-2/final
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
GP 1.1 spec [1] explicitly allows creation of TEE_TYPE_DATA object. So
update syscall_cryp_obj_alloc() accordingly.
[1]: GlobalPlatform TEE Internal Core API Specification v1.1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
GP 1.1 [1] and also earlier specifications has certain annotation in the
description of API functions to among other things describe which kind
of memory a buffer is required to reside in. It could be readable,
writeable, in shared memory in TA private memory.
The following syscalls are updated with slightly stricter checks with
regards to TA private memory where needed:
- syscall_open_ta_session()
- syscall_invoke_ta_command()
- syscall_get_time()
- syscall_set_ta_time()
- syscall_cryp_obj_get_info()
- syscall_cryp_random_number_generate()
- syscall_authenc_dec_final()
- syscall_storage_next_enum()
- syscall_storage_obj_read()
- syscall_storage_obj_write()
[1]: GlobalPlatform TEE Internal Core API Specification v1.1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Removes the tee_svc_ prefix and moves tee_svc_copy_from_user() and
friends into <kernel/user_access.h> and core/kernel/user/access.c
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds tee_pobj_create_final() which finalized a create operation. Until
tee_pobj_create_final() has been called the struct pobj cannot be shared
with any other object.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Instead of using a fake pobj in syscall_storage_next_enum() retrieve the
shared pobj instead in order to get the flags of an already opened
object.
TEE_POBJ_USAGE_ENUM is supplied to tee_pobj_get() to avoid checking for
conflicts with how the pobj is already used.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Changes tee_pobj_get() to take an enum tee_pobj_usage usage instead of a
bool temporary.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
struct tee_obj keeps a TEE_ObjectInfo which has a flags field with the
same meaning as the flags field in struct tee_obj. To avoid the two
fields getting out of sync remove struct tee_obj::flags and only use
TEE_ObjectInfo::handleFlags.
Additional checks are added in syscall_storage_obj_open() and
syscall_storage_obj_create() to make sure that no undefined flags are
added to TEE_ObjectInfo::handleFlags.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
initialized
Adds a check in syscall_storage_obj_create() to see that the attributes
object is initialized.
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds a user parameter to thread_rpc_shm_cache_alloc() to make sure that
different callers of thread_rpc_shm_cache_alloc() doesn't interfere with
each other. The FS allocation could perhaps be intertwined with I2C
allocations if crypto operations are done over I2C.
Fixes: 9bee8f2a5af7 ("core: add generic rpc shared memory buffer caching")
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When CFG_TEE_CORE_LOG_LEVEL=4 and CFG_RPMB_FS=y, the TEE core crashes
with a dead stack canary message:
E/TC:0 0 Dead canary at end of 'stack_abt[3]'
E/TC:0 0 Panic at core/arch/arm/kernel/thread.c:192 <thread_check_canaries>
E/TC:0 0 TEE load address @ 0x1bd0f000
E/TC:0 0 Call stack:
E/TC:0 0 0x1bd17b3d print_kernel_stack at optee_os/core/arch/arm/kernel/unwind_arm32.c:452
E/TC:0 0 0x1bd23a07 __do_panic at optee_os/core/kernel/panic.c:32 (discriminator 1)
E/TC:0 0 0x1bd120cb thread_check_canaries at optee_os/core/arch/arm/kernel/thread.c:188 (discriminator 2)
E/TC:0 0 0x1bd12c1f thread_state_suspend at optee_os/core/arch/arm/kernel/thread.c:754
E/TC:0 0 0x1bd14610 thread_rpc at optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S:227
The issue happens to be with the debug function dump_fat() which causes
infinite recursion. Fix it by doing nothing until after RPMB
initialization has completed.
Fixes: 5f68d7848fe8 ("core: RPMB FS: Caching for FAT FS entries")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When CFG_REE_FS and CFG_RPMB_FS are both 'y', the data stored by OP-TEE
in the REE filesystem (typically, under /data/tee) are protected by
hashes stored in the RPMB. Any modifications to the REE files via
external means are therefore detected and TEE_ERROR_SECURITY is
returned. However, no error or debug message is printed to the secure
console which makes troubleshooting more difficult than needed. This
commit adds a debug message.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
private RPC buffer when needed.
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't fail with TEE_ERROR_BAD_PARAMETERS.
Signed-off-by: Roland Nagy <rnagy@xmimx.tk>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Building with CFG_RPMB_FS=y and CFG_TEE_CORE_LOG_LEVEL=4 yields a
compile-time error due to a typo.
Replacing TEE_RESULT with TEE_Result fixes the issue.
Signed-off-by: Gianguido Sorà <me@gsora.xyz>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
|
|
Remove unnecessary check to fix compile warning reported
by clang as following:
core/tee/tee_rpmb_fs.c:2051:11: warning: address of array 'fh->filename'
will always evaluate to 'true' [-Wpointer-bool-conversion]
if (fh->filename && (!strcmp(fh->filename,
fe->filename)) &&
~~~~^~~~~~~~ ~~
core/tee/tee_rpmb_fs.c:2134:10: warning: address of array 'fh->filename'
will always evaluate to 'true' [-Wpointer-bool-conversion]
if (fh->filename && !fh->rpmb_fat_address)
~~~~^~~~~~~~ ~~
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Signed-off-by: Peikan Tsai <peikantsai@gmail.com>
Reviewed-by: YJ Chiang <yj.chiang@mediatek.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
|
This patch adds optional FAT FS entry caching functionality to the
RPMB FS. This functionality can be enabled by a non zero value for
CFG_RPMB_FS_CACHE_ENTRIES. The caching functionality can improve RPMB
I/O at the cost of additional heap memory. The cache size is most
likely platform-specific and should be chosen according to available
secure world memory and expected FAT FS entries in RPMB. The cache
holds the first X FAT FS entry in RAM. Whenever the FAT FS is
traversed, we read from the cache instead of invoking RPMB I/O. The
cache is updated when cached FAT FS entries are written.
Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP)
|
|
TEE_GenerateKey() takes a key_size argument and various attributes. If
the size derived from the attributes is not key_size, we should return
TEE_ERROR_BAD_PARAMETERS as per the GP TEE Internal Core API
specification v1.2.1: "If an incorrect or inconsistent attribute is
detected. The checks that are performed depend on the implementation.".
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
TEE_GenerateKey() takes a key_size argument and various attributes. For
Diffie-Hellman, if the size of the prime number (TEE_ATTR_DH_PRIME) is
not key_size, we should return TEE_ERROR_BAD_PARAMETERS as per the GP
TEE Internal Core API specification v1.2.1: "If an incorrect or
inconsistent attribute is detected. The checks that are performed
depend on the implementation.".
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When generating a DSA key, syscall_obj_generate_key() currently ignores
the supplied parameters: TEE_ATTR_DSA_PRIME, TEE_ATTR_DSA_SUBPRIME and
TEE_ATTR_DSA_BASE. Instead a new set of parameters is generated each
time based on the specified key size. This does not comply with the
GlobalPlatform TEE Internal Core API specification which lists these
atrributes as mandatory input to the generation function (see v1.2.1
table 5-12 TEE_GenerateKey parameters).
Fix this issue by providing the supplied parameters to LibTomCrypt's
dsa_generate_key() instead of calling dsa_make_key().
Fixes: https://github.com/OP-TEE/optee_os/issues/3746
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Set the tee_ta_param mobj to NULL if user parameter is a NULL memrefs
of size 0.
When mobj pointer is NULL, it also identify the last parameter of the list.
Fixes: 9d2e798360b5 ("core: TEE capability for null sized memrefs support")
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org>
|
