diff options
author | Tamas Ban <tamas.ban@arm.com> | 2018-11-19 13:28:32 +0000 |
---|---|---|
committer | Tamas Ban <tamas.ban@arm.com> | 2018-12-05 16:05:02 +0100 |
commit | 997aeb3d6ceb529d03f27e83578278d99b84d1a3 (patch) | |
tree | 4795fb240901fdbecde6ed2c302eb5fa63e1c563 | |
parent | 03220ae0c3748526b94db9a919c604c26a5f40a1 (diff) | |
download | trusted-firmware-m-997aeb3d6ceb529d03f27e83578278d99b84d1a3.tar.gz |
Core: Create wrapper functions around C lib calls
In long term standard C library might be removed from TF-M project or
replaced with a secure implementation due to security concerns.
Wrappers are introduced to indicate this concern and future change
to developers.
Change-Id: I86e9cd8563fd89bf70b0df59cb2ae1aeee9c02b9
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
-rw-r--r-- | secure_fw/core/secure_utilities.h | 24 | ||||
-rw-r--r-- | secure_fw/core/tfm_handler.c | 4 | ||||
-rw-r--r-- | secure_fw/spm/spm_api.c | 3 |
3 files changed, 29 insertions, 2 deletions
diff --git a/secure_fw/core/secure_utilities.h b/secure_fw/core/secure_utilities.h index f268f30b89..32030fd564 100644 --- a/secure_fw/core/secure_utilities.h +++ b/secure_fw/core/secure_utilities.h @@ -10,6 +10,7 @@ #include "cmsis_compiler.h" #include "tfm_svc.h" +#include "string.h" #define EXC_RETURN_INDICATOR (0xF << 28) #define EXC_RETURN_SECURITY_STACK_STATUS_MASK (0x3 << 5) @@ -103,4 +104,27 @@ __STATIC_INLINE void __set_CONTROL_SPSEL(int32_t SPSEL) __asm("ISB"); } +/* FIXME: The following functions are wrappers around standard C library + * functions: memcpy, memcmp, memset + * In long term standard C library might be removed from TF-M project or + * replaced with a secure implementation due to security concerns. + */ +__attribute__ ((always_inline)) __STATIC_INLINE +void tfm_memcpy(void *dest, const void *src, uint32_t size) +{ + memcpy(dest, src, size); +} + +__attribute__ ((always_inline)) __STATIC_INLINE +int32_t tfm_memcmp(const void * ptr1, const void * ptr2, size_t num) +{ + return (memcmp(ptr1, ptr2, num)); +} + +__attribute__ ((always_inline)) __STATIC_INLINE +void * tfm_memset(void * ptr, int value, size_t num) +{ + return (memset(ptr, value, num)); +} + #endif /* __SECURE_UTILITIES_H__ */ diff --git a/secure_fw/core/tfm_handler.c b/secure_fw/core/tfm_handler.c index 4cf313c401..88ac443c72 100644 --- a/secure_fw/core/tfm_handler.c +++ b/secure_fw/core/tfm_handler.c @@ -62,7 +62,9 @@ void SecureFault_Handler(void) sp <= S_DATA_LIMIT - sizeof(tfm_fault_context) + 1) || (sp >= NS_DATA_START && sp <= NS_DATA_LIMIT - sizeof(tfm_fault_context) + 1)) { - memcpy(&tfm_fault_context, (const void *)sp, sizeof(tfm_fault_context)); + tfm_memcpy(&tfm_fault_context, + (const void *)sp, + sizeof(tfm_fault_context)); } LOG_MSG("Oops... Secure fault!!! You're not going anywhere!"); diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c index b17ee99d4a..2aeb903495 100644 --- a/secure_fw/spm/spm_api.c +++ b/secure_fw/spm/spm_api.c @@ -11,6 +11,7 @@ #include <string.h> #include "spm_api.h" #include "platform/include/tfm_spm_hal.h" +#include "secure_utilities.h" #include "spm_db_setup.h" #include "tfm_internal.h" #include "tfm_api.h" @@ -71,7 +72,7 @@ enum spm_err_t tfm_spm_db_init(void) { struct spm_partition_desc_t *part_ptr; - memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db)); + tfm_memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db)); /* This function initialises partition db */ g_spm_partition_db.running_partition_idx = SPM_INVALID_PARTITION_IDX; |