TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / d8abdfdf96b74ce2d102f55173e864ed2bed524f^! / . / secure_fw / partitions / crypto / crypto_key.c
commitd8abdfdf96b74ce2d102f55173e864ed2bed524f[log] [tgz]
authorSoby Mathew <soby.mathew@arm.com>Wed Oct 14 10:28:01 2020 +0100
committerSoby Mathew <soby.mathew@arm.com>Mon Oct 19 16:55:46 2020 +0100
tree06d1fc4d83c7543ec19cc46619641ce8ad23f359
parent5869e4cc07f92b4c2752d8bb104eaf23678cf45d [diff] [blame]
Crypto: Fix difference between IPC and Library mode

This patch fixes the difference in empty buffer handling between
IPC mode and Library mode. In the IPC mode implementation for Crypto
partition, the function tfm_crypto_call_sfn() reduces the empty
buffers in IOVEC[] from `in_len` and `out_len`. In Library mode,
these empty buffers are still accounted for in `in_len` and
`out_len`. This meant that the generic sanity check within
each Crypto Service API was failing for IPC mode when empty
buffers were passed in by the client.

This patch introduces a macro which validates `in_len` and `out_len`
differently for IPC mode and Library mode. For IPC mode, the lengths
are compared against an expected range of values. For Library mode,
the lengths are validated against a fixed value as expected by the
API.

Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I55e79a31fcf7d16329aa8166fc704455ca01ac20

diff --git a/secure_fw/partitions/crypto/crypto_key.c b/secure_fw/partitions/crypto/crypto_key.c
index ff062ac..caf5387 100644
--- a/secure_fw/partitions/crypto/crypto_key.c
+++ b/secure_fw/partitions/crypto/crypto_key.c

@@ -17,6 +17,7 @@
 
 #include "tfm_crypto_api.h"
 #include "tfm_crypto_defs.h"
+#include "tfm_crypto_private.h"
 #include <stdbool.h>
 
 #ifndef TFM_CRYPTO_MAX_KEY_HANDLES
@@ -194,9 +195,7 @@
     return PSA_ERROR_NOT_SUPPORTED;
 #else
 
-    if ((in_len != 3) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 3, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||
@@ -256,9 +255,8 @@
 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 2) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (in_vec[1].len != sizeof(psa_app_key_id_t)) ||
@@ -313,9 +311,7 @@
 #else
     (void)out_vec;
 
-    if ((in_len != 1) || (out_len != 0)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
 
     if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
         return PSA_ERROR_CONNECTION_REFUSED;
@@ -352,9 +348,7 @@
 #else
     (void)out_vec;
 
-    if ((in_len != 1) || (out_len != 0)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 0);
 
     if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
         return PSA_ERROR_CONNECTION_REFUSED;
@@ -389,9 +383,8 @@
 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 1) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
@@ -428,9 +421,8 @@
 #if (TFM_CRYPTO_KEY_MODULE_DISABLED != 0)
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 1) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (out_vec[0].len != sizeof(struct psa_client_key_attributes_s))) {
@@ -469,9 +461,8 @@
 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 1) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
 
     if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
         return PSA_ERROR_CONNECTION_REFUSED;
@@ -494,9 +485,8 @@
 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 1) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 1, 1, out_len, 0, 1);
 
     if (in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) {
         return PSA_ERROR_CONNECTION_REFUSED;
@@ -520,9 +510,7 @@
     return PSA_ERROR_NOT_SUPPORTED;
 #else
 
-    if ((in_len != 2) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (out_vec[0].len != sizeof(psa_key_handle_t)) ||
@@ -583,9 +571,8 @@
 #ifdef TFM_CRYPTO_KEY_MODULE_DISABLED
     return PSA_ERROR_NOT_SUPPORTED;
 #else
-    if ((in_len != 2) || (out_len != 1)) {
-        return PSA_ERROR_CONNECTION_REFUSED;
-    }
+
+    CRYPTO_IN_OUT_LEN_VALIDATE(in_len, 2, 2, out_len, 1, 1);
 
     if ((in_vec[0].len != sizeof(struct tfm_crypto_pack_iovec)) ||
         (in_vec[1].len != sizeof(struct psa_client_key_attributes_s)) ||