| #
ce0d3a46 |
| 08-Nov-2023 |
Etienne Carriere <etienne.carriere@foss.st.com> |
core: pta: attestation: fix calls to tee_pobj_get()
Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.
Between OP-TEE release
core: pta: attestation: fix calls to tee_pobj_get()
Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.
Between OP-TEE release tags 2.4.0 and 3.11.0, tee_pobj_get() used to
take a boolean @temporary argument. The function prototype changed in
commit 6885abf2f7ef ("core: tee_pobj_get() takes an enum tee_pobj_usage")
and was merged in release tag 3.11.0 but attestation PTA initial
implementation of StMM sadly used the old prototype, using false (0)
instead of TEE_POBJ_USAGE_OPEN (0).
Fixes: 7e05ec25bd68 ("core: pta: add remote attestation PTA")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| #
8e81e607 |
| 24-Jul-2023 |
Clement Faure <clement.faure@nxp.com> |
core: pta: attestation: check return value of crypto_bignum_bin2bn()
Check the return value of crypto_bignum_bin2bn().
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Foris
core: pta: attestation: check return value of crypto_bignum_bin2bn()
Check the return value of crypto_bignum_bin2bn().
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| #
ac498786 |
| 01-Aug-2023 |
Jerome Forissier <jerome.forissier@linaro.org> |
core: pta: attestation: fixes for CFG_PAN=y
- Add missing enter_user_access()/exit_user_access() to
cmd_hash_ta_memory() so that the PTA is allowed to access the TA
directly.
- Use to_bounce_par
core: pta: attestation: fixes for CFG_PAN=y
- Add missing enter_user_access()/exit_user_access() to
cmd_hash_ta_memory() so that the PTA is allowed to access the TA
directly.
- Use to_bounce_params() and from_bounce_params() in the invoke entry
point in order to use bounce buffers for memref parameters when the
caller is a user space TA and PAN is enabled.
Fixes xtest 1037 with CFG_ATTESTATION_PTA=y CFG_PAN=y.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
e41da76b |
| 26-Jul-2023 |
Jerome Forissier <jerome.forissier@linaro.org> |
pta: attestation: exclude memory regions without VM_FLAG_READONLY
When selecting which memory region of a TA should be hashed, exclude
those without VM_FLAG_READONLY in their flag field instead of r
pta: attestation: exclude memory regions without VM_FLAG_READONLY
When selecting which memory region of a TA should be hashed, exclude
those without VM_FLAG_READONLY in their flag field instead of requiring
the absence of TEE_MATTR_UW in attr. This makes the code more
consistent and fixes an issue triggered by commit 52e7b1a67f8f ("core:
use user-access functions in ldelf interaction"). With that commit, an
additional region is mapped read-only (i.e., no TEE_MATTR_UW) but does
not have a fixed content for the TA. It can be excluded easily since it
does not have the VM_FLAG_READONLY flag.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
b2284b11 |
| 17-Jul-2023 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: update FS storage API with user space buffer
Updates the create(), read(), and write() function pointers in struct
ts_store_ops to take a user space buffer in addition to the previous
core buf
core: update FS storage API with user space buffer
Updates the create(), read(), and write() function pointers in struct
ts_store_ops to take a user space buffer in addition to the previous
core buffer. Core buffers are normal secure memory while user space
buffers should only be accessed using the user_access.h functions.
The different FS storage implementations are updated accordingly.
Note that the RPMB FS storage implementation resorts to using
enter_user_access() and exit_user_access() due to internal complexities.
Fixes: 4e154320e47c ("core: Apply finer-grained PAN")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| #
eb238769 |
| 27-Mar-2023 |
Clement Faure <clement.faure@nxp.com> |
pta: attestation: fix compilation incompatible pointer warning
To reproduce (any 64bits platform will do):
$ make PLATFORM=imx-mx8mmevk CFG_ATTESTATION_PTA=y CFG_WERROR=y
core/pta/attestation.c: In
pta: attestation: fix compilation incompatible pointer warning
To reproduce (any 64bits platform will do):
$ make PLATFORM=imx-mx8mmevk CFG_ATTESTATION_PTA=y CFG_WERROR=y
core/pta/attestation.c: In function ‘cmd_get_pubkey’:
core/pta/attestation.c:358:30: warning: initialization of ‘uint32_t *’ {aka ‘unsigned int *’} from incompatible pointer type ‘size_t *’ {aka ‘long unsigned int *’} [-Wincompatible-pointer-types]
358 | uint32_t *e_out_sz = ¶ms[0].memref.size;
| ^
core/pta/attestation.c:360:30: warning: initialization of ‘uint32_t *’ {aka ‘unsigned int *’} from incompatible pointer type ‘size_t *’ {aka ‘long unsigned int *’} [-Wincompatible-pointer-types]
360 | uint32_t *n_out_sz = ¶ms[1].memref.size;
| ^
Fixes: 7509620b8b95 ("GP131: Update TEE_Param")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| #
e2cac47b |
| 16-Jun-2022 |
Clement Faure <clement.faure@nxp.com> |
core: pta: return error code when failing to deserialize saved key
When deserializing the key, TEE_SUCCESS code is returned even the bignum
deserialization of one of the key component fails.
Make s
core: pta: return error code when failing to deserialize saved key
When deserializing the key, TEE_SUCCESS code is returned even the bignum
deserialization of one of the key component fails.
Make sure to free the allocated key in case of an error in the
deserialization of one of the key component.
Fixes: 7e05ec25b ("core: pta: add remote attestation PTA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
62e37796 |
| 03-Jun-2022 |
Clement Faure <clement.faure@nxp.com> |
core: pta: attestation: fix buffer size for generated key
There is assertion error in the attestation PTA when it comes to
deserialize the key. Here are the logs:
* regression_1037 Remote attestati
core: pta: attestation: fix buffer size for generated key
There is assertion error in the attestation PTA when it comes to
deserialize the key. Here are the logs:
* regression_1037 Remote attestation
o regression_1037.1 Get public key
E/TC:? 0 assertion '!buf_sz' failed at core/pta/attestation.c:199 <deserialize_key>
E/TC:3 0 Panic at core/kernel/assert.c:28 <_assert_break>
E/TC:3 0 TEE load address @ 0xbe000000
E/TC:3 0 Call stack:
E/TC:3 0 0xbe0091b4
E/TC:3 0 0xbe024b5c
E/TC:3 0 0xbe02292c
E/TC:3 0 0xbe02fde4
E/TC:3 0 0xbe0300c4
E/TC:3 0 0xbe029a3c
E/TC:3 0 0xbe025e70
E/TC:3 0 0xbe0336e0
E/TC:3 0 0xbe007070
E/TC:3 0 0xbe0071ec
To reproduce the issue, you need a persistent storage and follow these
steps:
$ xtest 1037
*reboot the platform*
$ xtest 1037
When allocating the key buffer, the maximum buffer size is allocated
(1033 bytes) whatever the size specified by CFG_ATTESTATION_PTA_KEY_SIZE.
With default attestation key size (CFG_ATTESTATION_PTA_KEY_SIZE) of
3072 bits, only 777 bytes is needed to store the key but the allocated
buffer size is still 1033 bytes.
When the key has already been generated, the key stored is deserialized
and the deserialize_key() function expects the size of the previously
generated key to be equal to the maximum buffer size.
The assertion can be removed as the buffer size and the key size could
mismatch. The deserialize_bignum() function, however, still checks the
buffer size is big enough to hold the given key size.
Fixes: 7e05ec25b ("core: pta: add remote attestation PTA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| #
7e05ec25 |
| 27-Oct-2021 |
Jerome Forissier <jerome@forissier.org> |
core: pta: add remote attestation PTA
Add a PTA to perform remote attestation of user space TAs and TEE core
memory. Enabled with CFG_ATTESTATION_PTA=y. Four commands are defined:
- PTA_ATTESTATION
core: pta: add remote attestation PTA
Add a PTA to perform remote attestation of user space TAs and TEE core
memory. Enabled with CFG_ATTESTATION_PTA=y. Four commands are defined:
- PTA_ATTESTATION_GET_PUBKEY
Returns the public RSA key used to sign the measurements generated by
the other commands. The key pair is generated on first call (any
command) and saved to secure storage. It is therefore device-specific.
- PTA_ATTESTATION_GET_TA_SHDR_DIGEST
Returns the digest found in the secure header (struct shdr) of a TA
or trusted shared library given its UUID.
- PTA_ATTESTATION_HASH_TA_MEMORY
This command must be called by a user space TA (not a CA). It computes
a hash of the memory pages that belong to the caller and contain code
or read-only data. This hash is therefore a runtime measurement of the
TA execution environment, including shared libraries (if any). It can be
used to remotely attest that the device is running untampered TA code.
- PTA_ATTESTATION_HASH_TEE_MEMORY
Returns a hash of the TEE OS core (.text and .rodata sections, less the
small part of .text that may be modified at boot). Similar to
PTA_ATTESTATION_HASH_TA_MEMORY, the hash is computed each time the
command is called, so that the result reflects the actual memory
content.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|