diff options
-rw-r--r-- | interface/include/tfm_api.h | 1 | ||||
-rw-r--r-- | secure_fw/spm/cmsis_func/include/spm_func.h | 4 | ||||
-rw-r--r-- | secure_fw/spm/cmsis_func/spm_func.c | 33 | ||||
-rw-r--r-- | secure_fw/spm/ffm/tfm_boot_data.c | 4 |
4 files changed, 18 insertions, 24 deletions
diff --git a/interface/include/tfm_api.h b/interface/include/tfm_api.h index 9d0df047ac..1d4c9ee5a7 100644 --- a/interface/include/tfm_api.h +++ b/interface/include/tfm_api.h @@ -53,6 +53,7 @@ enum tfm_status_e TFM_ERROR_NOT_INITIALIZED, TFM_ERROR_NO_ACTIVE_PARTITION, TFM_ERROR_INVALID_EXC_MODE, + TFM_ERROR_NOT_IN_RANGE, TFM_SECURE_LOCK_FAILED, TFM_SECURE_UNLOCK_FAILED, TFM_ERROR_GENERIC = 0x1F, diff --git a/secure_fw/spm/cmsis_func/include/spm_func.h b/secure_fw/spm/cmsis_func/include/spm_func.h index 88d2f7dde3..ac0bc7b7d3 100644 --- a/secure_fw/spm/cmsis_func/include/spm_func.h +++ b/secure_fw/spm/cmsis_func/include/spm_func.h @@ -303,9 +303,9 @@ void tfm_spm_memory_permission_check_handler(uint32_t *svc_args); * \param[in] len The length of the buffer * \param[in] alignment The expected alignment (in bits) * - * \return 1 if the check passes, 0 otherwise. + * \return TFM_SUCCESS on successful return, an error code otherwise * - * \note For a 0 long buffer the check fails. + * \note For a zero length buffer the check fails. */ int32_t tfm_spm_check_buffer_access(uint32_t partition_idx, void *start_addr, diff --git a/secure_fw/spm/cmsis_func/spm_func.c b/secure_fw/spm/cmsis_func/spm_func.c index 62e006013e..096784479e 100644 --- a/secure_fw/spm/cmsis_func/spm_func.c +++ b/secure_fw/spm/cmsis_func/spm_func.c @@ -894,26 +894,19 @@ int32_t tfm_spm_check_buffer_access(uint32_t partition_idx, alignment_mask = (((uintptr_t)1) << alignment) - 1; - /* Check that the pointer is aligned properly */ - if (start_addr_value & alignment_mask) { - /* not aligned, return error */ - return 0; - } - - /* Protect against overflow (and zero len) */ - if (end_addr_value <= start_addr_value) { - return 0; - } - - /* For privileged partition execution, all secure data memory and stack - * is accessible - */ - if (start_addr_value >= S_DATA_START && - end_addr_value <= (S_DATA_START + S_DATA_SIZE)) { - return 1; + /* Check pointer alignment and protect against overflow and zero len */ + if (!(start_addr_value & alignment_mask) && + (end_addr_value > start_addr_value)) { + /* Check that the range is in S_DATA */ + if ((start_addr_value >= S_DATA_START) && + (end_addr_value <= (S_DATA_START + S_DATA_SIZE))) { + return TFM_SUCCESS; + } else { + return TFM_ERROR_NOT_IN_RANGE; + } } - return 0; + return TFM_ERROR_INVALID_PARAMETER; } void tfm_spm_get_caller_client_id_handler(uint32_t *svc_args) @@ -946,9 +939,9 @@ void tfm_spm_get_caller_client_id_handler(uint32_t *svc_args) (void *)result_ptr_value, sizeof(curr_part_data->caller_client_id), 2); - if (!res) { + if (res != TFM_SUCCESS) { /* Not in accessible range, return error */ - svc_args[0] = (uint32_t)TFM_ERROR_INVALID_PARAMETER; + svc_args[0] = (uint32_t)res; return; } diff --git a/secure_fw/spm/ffm/tfm_boot_data.c b/secure_fw/spm/ffm/tfm_boot_data.c index 1b9ed64e04..d7db3038cd 100644 --- a/secure_fw/spm/ffm/tfm_boot_data.c +++ b/secure_fw/spm/ffm/tfm_boot_data.c @@ -163,9 +163,9 @@ void tfm_core_get_boot_data_handler(uint32_t args[]) (void *)buf_start, buf_size, 2); - if (!res) { + if (res != TFM_SUCCESS) { /* Not in accessible range, return error */ - args[0] = (uint32_t)TFM_ERROR_INVALID_PARAMETER; + args[0] = (uint32_t)res; return; } #else |