commit c97c775bbf86aea2746cd59c5a91d65d90e85d17
author Maulik Patel <maulik.patel@arm.com> Tue Oct 17 20:06:29 2023 +0100
committer David Hu <david.hu@arm.com> Thu Oct 19 12:59:34 2023 +0200
tree 34d1580c91c6f78828dc2fe01ca27b6b30fa6f32
parent 4c87a9c79a4625efb3f37ac872b354ddcb8a9882

DPE: Invalidate child context handle once used

Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: I0106ec07500bf8ae86ad5a125b7adc39e0278bfd

partitions/dice_protection_environment/dpe_context_mngr.c

diff --git a/partitions/dice_protection_environment/dpe_context_mngr.c b/partitions/dice_protection_environment/dpe_context_mngr.c
index 3f00963..6823fd5 100644
--- a/partitions/dice_protection_environment/dpe_context_mngr.c
+++ b/partitions/dice_protection_environment/dpe_context_mngr.c
@@ -547,6 +547,9 @@
         }
     }
 
+    /* Renew nonce of child context so it cannot be used again */
+    child_ctx->nonce = INVALID_NONCE_VALUE;
+
     if (allow_child_to_derive) {
         /* Generate new handle for child for subsequent requests */
         if (generate_new_handle(new_child_ctx_handle) != DPE_NO_ERROR) {
@@ -569,8 +572,6 @@
         /* Tag this component as a leaf */
         child_ctx->is_leaf = true;
         invalidate_handle(new_child_ctx_handle);
-        /* Renew nonce of child context so it cannot be used again */
-        child_ctx->nonce = INVALID_NONCE_VALUE;
     }
 
     if (retain_parent_context) {