docs/security/security_advisories/crypto_multi_part_ops_abort_fail.rst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209

Advisory TFMV-3
===============

+-----------------+------------------------------------------------------------+
| Title           | ``abort()`` function may not take effect in TF-M Crypto    |
|                 | multi-part MAC/hashing/cipher operations.                  |
+=================+============================================================+
| CVE ID          | CVE-2021-32032                                             |
+-----------------+------------------------------------------------------------+
| Public          | May 10, 2021                                               |
| Disclosure Date |                                                            |
+-----------------+------------------------------------------------------------+
| Versions        | Affected all versions up to and including TF-M v1.3.0      |
| Affected        |                                                            |
+-----------------+------------------------------------------------------------+
| Configurations  | All                                                        |
+-----------------+------------------------------------------------------------+
| Impact          | It can cause memory leakage in TF-M Crypto service,        |
|                 | eventually making TF-M Crypto service unavailable and      |
|                 | impacting other services relied on it.                     |
+-----------------+------------------------------------------------------------+
| Fix Version     | commit `7e2e52`_                                           |
+-----------------+------------------------------------------------------------+
| Credit          | | Chongqing Lei, Southeast University                      |
|                 | | Zhen Ling, Associate Professor, Southeast University     |
|                 | | Xinwen Fu, Professor, University of Massachusetts Lowell |
+-----------------+------------------------------------------------------------+

Background
----------

PSA multi-part crypto operation sequence
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

PSA Crypto API specification defines a common sequence for all multi-part crypto
operations. The sequence can be simplified to the following steps:

- ``setup()`` sets up the multi-part operation.
- ``update()`` adds data/configurations into the multi-part operation.
- ``finish()`` completes the multi-part operation.

PSA Crypto API specification requests that the corresponding ``abort()``
function shall be called when ``update()`` or ``finish()`` function fails.
The ``abort()`` function aborts the ongoing multi-part operation and cleans up
the operation context.

TF-M multi-part crypto operation functions eventually call the underlying crypto
library (Mbed TLS by default) to perform those steps, including ``abort()``
step.

PSA multi-part crypto operation objects
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

PSA Crypto API specification defines an operation object for each type of
multi-part crypto operations. For example, ``psa_mac_operation_t`` for
multi-part MAC operations and ``psa_hash_operation_t`` for multi-part hashing
operations.

TF-M Crypto service relies on the underlying crypto library (Mbed TLS by
default) to implement those objects. The structures of those objects are crypto
library specific and hidden to TF-M. The underlying crypto library usually
stores and manages the context of ongoing multi-part crypto operations in the
corresponding PSA operation object. For example, Mbed TLS stores multi-part
hashing operation context in its ``psa_hash_operation_t`` implementation.

The context is cleaned up in crypto library ``abort()`` function when the client
calls ``abort()`` to handle a previous error. The clean-up execution can include
zeroing the memory area and freeing allocated memory.

TF-M multi-part crypto operation objects
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

TF-M Crypto service defines a dedicated operation structure
``tfm_crypto_operation_s`` to wrap PSA multi-part crypto operation object and
maintains its own status, as shown in the code block below.

.. code-block:: c

    struct tfm_crypto_operation_s {

        ...

        union {
            psa_cipher_operation_t cipher;    /*!< Cipher operation context */
            psa_mac_operation_t mac;          /*!< MAC operation context */
            psa_hash_operation_t hash;        /*!< Hash operation context */
            psa_key_derivation_operation_t key_deriv; /*!< Key derivation operation context */
        } operation;
    };

TF-M Crypto service assigns a ``tfm_crypto_operation_s`` object for each
multi-part crypto operation sequence during ``setup()`` step. The
``tfm_crypto_operation_s`` object content will be cleaned after the sequence
completes or fails.

Impact
------

During multi-part hashing/MAC/cipher operations, if the underlying crypto
library function returns an error code, TF-M ``update()`` and ``finish()``
functions will immediately clean up the structure ``tfm_crypto_operation_s``
content and exit.

When ``tfm_crypto_operation_s`` content is cleaned in TF-M ``update()`` and
``finish()`` functions, the content in PSA multi-part crypto operation object
inside ``tfm_crypto_operation_s`` is also cleaned. If the underlying crypto
library stores operation context in the PSA operation object, the operation
context is lost before clients call ``abort()`` to handle the error.

Therefore, the underlying crypto library ``abort()`` function can be unable to
perform normal abort operation if it cannot fetch the context or its content.
In other words, the underlying crypto library ``abort()`` may not work normally
or take effect.

In theory when the case analyzed above occurs:

- If the underlying crypto library dynamically allocates some memory regions
  during multi-part operation and stores those memory region pointers in the PSA
  multi-part operation object, the underlying crypto library will be unable to
  locate and free those allocated memory regions in ``abort()``.
  It will cause memory leakage in TF-M Crypto service. It may further make TF-M
  Crypto service unavailable and affect other services relying on TF-M Crypto
  service.

- The underlying crypto library ``abort()`` may still consider the field values
  in the context as valid. ``abort()`` may perform unexpected behaviors or
  access invalid memory regions. It may trigger further faults and block TF-M
  Crypto service or even the whole system.

.. note::

   The actual consequences depend on the implementation of the multi-part
   operations in the underlying crypto library.

Impacted PSA Crypto API functions
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The following PSA multi-part crypto operation functions are impacted:

- Multi-part hashing operations

    - ``psa_hash_update()``
    - ``psa_hash_finish()``
    - ``psa_hash_verify()``
    - ``psa_hash_clone()``

- Multi-part MAC operations

    - ``psa_mac_update()``
    - ``psa_mac_sign_finish()``
    - ``psa_mac_verify_finish()``

- Multi-part cipher operations

    - ``psa_cipher_generate_iv()``
    - ``psa_cipher_set_iv()``
    - ``psa_cipher_update()``
    - ``psa_cipher_finish()``

Justifications on unaffected multi-part operations
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

TF-M multi-part AEAD operations and multi-part key derivation operations are not
impacted by this issue.

TF-M Crypto service has not implemented multi-part AEAD operations. TF-M
multi-part AEAD functions directly return an error of unsupported operations.

In TF-M key derivation implementation, the ``psa_key_derivation_operation_t``
object is only cleaned in the ``abort()`` function after the underlying crypto
library completes abort.

Mitigation
----------

The clean-up operation shall be removed from error handling routines in the
following TF-M Crypto functions:

- Multi-part hashing operations

    - ``tfm_crypto_hash_update()``
    - ``tfm_crypto_hash_finish()``
    - ``tfm_crypto_hash_verify()``
    - ``tfm_crypto_hash_clone()``

- Multi-part MAC operations

    - ``tfm_crypto_mac_update()``
    - ``tfm_crypto_mac_sign_finish()``
    - ``tfm_crypto_mac_verify_finish()``

- Multi-part cipher operations

    - ``tfm_crypto_cipher_generate_iv()``
    - ``tfm_crypto_cipher_set_iv()``
    - ``tfm_crypto_cipher_update()``
    - ``tfm_crypto_cipher_finish()``

.. note::

   This mitigation assumes that client follows the sequence specified in PSA
   Crypto API specification to call ``abort()`` when an error occurs during
   multi-part crypto operations.

.. _7e2e52: https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/commit/?id=7e2e523a1c4e9ac7b9cc4fd551831f7639ed5ff9

---------------------

*Copyright (c) 2021, Arm Limited. All rights reserved.*