diff options
author | r.tyminski <r.tyminski@partner.samsung.com> | 2017-06-05 12:44:25 +0200 |
---|---|---|
committer | r.tyminski <r.tyminski@partner.samsung.com> | 2017-06-05 12:44:25 +0200 |
commit | 146aec115cd05a164a88e6d7b07435c57a33817f (patch) | |
tree | d8099075c92576b1928069af274f9b833aca996e /core/arch/arm/kernel/pseudo_ta.c | |
parent | f9a43781767007462965b21f3f518c4cfc0744c7 (diff) | |
download | tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.tar.gz tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.tar.bz2 tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.zip |
Update from upstream to 2.4.0 versionupstream/2.4.0upstream
Change-Id: I2b3a30f20684d6629fe379d9cd7895aff759c301
Diffstat (limited to 'core/arch/arm/kernel/pseudo_ta.c')
-rw-r--r-- | core/arch/arm/kernel/pseudo_ta.c | 45 |
1 files changed, 40 insertions, 5 deletions
diff --git a/core/arch/arm/kernel/pseudo_ta.c b/core/arch/arm/kernel/pseudo_ta.c index 6352a28..78b2bfd 100644 --- a/core/arch/arm/kernel/pseudo_ta.c +++ b/core/arch/arm/kernel/pseudo_ta.c @@ -37,9 +37,41 @@ #include <trace.h> #include <types_ext.h> +#ifdef CFG_SECURE_DATA_PATH +static bool client_is_secure(struct tee_ta_session *s) +{ + /* rely on core entry to have constrained client IDs */ + if (s->clnt_id.login == TEE_LOGIN_TRUSTED_APP) + return true; + + return false; +} + +static bool validate_in_param(struct tee_ta_session *s, struct mobj *mobj) +{ + /* for secure clients, core entry always holds valid memref objects */ + if (client_is_secure(s)) + return true; + + /* all non-secure memory references are hanlded by pTAs */ + if (mobj_is_nonsec(mobj)) + return true; + + return false; +} +#else +static bool validate_in_param(struct tee_ta_session *s __unused, + struct mobj *mobj __unused) +{ + /* At this point, core has filled only valid accessible memref mobj */ + return true; +} +#endif + /* Maps static TA params */ -static TEE_Result copy_in_param(struct tee_ta_param *param, - TEE_Param tee_param[TEE_NUM_PARAMS]) +static TEE_Result copy_in_param(struct tee_ta_session *s __maybe_unused, + struct tee_ta_param *param, + TEE_Param tee_param[TEE_NUM_PARAMS]) { size_t n; void *va; @@ -55,6 +87,9 @@ static TEE_Result copy_in_param(struct tee_ta_param *param, case TEE_PARAM_TYPE_MEMREF_INPUT: case TEE_PARAM_TYPE_MEMREF_OUTPUT: case TEE_PARAM_TYPE_MEMREF_INOUT: + if (!validate_in_param(s, param->u[n].mem.mobj)) + return TEE_ERROR_BAD_PARAMETERS; + va = mobj_get_va(param->u[n].mem.mobj, param->u[n].mem.offs); if (!va) @@ -110,7 +145,7 @@ static TEE_Result pseudo_ta_enter_open_session(struct tee_ta_session *s, } if (stc->pseudo_ta->open_session_entry_point) { - res = copy_in_param(param, tee_param); + res = copy_in_param(s, param, tee_param); if (res != TEE_SUCCESS) { *eo = TEE_ORIGIN_TEE; goto out; @@ -136,7 +171,7 @@ static TEE_Result pseudo_ta_enter_invoke_cmd(struct tee_ta_session *s, TEE_Param tee_param[TEE_NUM_PARAMS]; tee_ta_push_current_session(s); - res = copy_in_param(param, tee_param); + res = copy_in_param(s, param, tee_param); if (res != TEE_SUCCESS) { *eo = TEE_ORIGIN_TEE; goto out; @@ -224,7 +259,7 @@ TEE_Result tee_ta_init_pseudo_ta_session(const TEE_UUID *uuid, struct tee_ta_ctx *ctx; const struct pseudo_ta_head *ta; - DMSG(" Lookup for Static TA %pUl", (void *)uuid); + DMSG(" Lookup for pseudo TA %pUl", (void *)uuid); ta = &__start_ta_head_section; while (true) { |