TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / next / TF-M / trusted-firmware-m / 5da82de7eabbf2f924d6de5be02dcec25417dc5f
commit5da82de7eabbf2f924d6de5be02dcec25417dc5f[log] [tgz]
authorDavid Hu <david.hu@arm.com>Wed Dec 02 16:41:30 2020 +0800
committerDavid Hu <david.hu@arm.com>Mon Dec 07 06:28:57 2020 +0000
tree09653b58a94120f54c324d35ce8debaf590126bd
parentc72d9551307393c7316aa2bf9c5fd74ccf8aa4ef [diff]
SPM: Copy iovec parameters into SPE before validation in Library model

In Library model, the NS input/output buffer addresses are
validated inside NS memory before being copied into the Secure
Service. The addresses can be tampered before they are copied from
NS memory into Secure side.

This commit adds a Secure temporary buffer to copy the NS input
and output buffer addresses before them are validated. Then the
addresses are passed to the Secure Service after validation passes.

It can enhance the protection of iovecs against TOCTOU attack.

Change-Id: I2f925bfd90c989934c64b1ec739047cf70cc9218
Signed-off-by: David Hu <david.hu@arm.com>
2 files changed
tree: 09653b58a94120f54c324d35ce8debaf590126bd
  1. bl2/
  2. build_docs/
  3. cmake/
  4. config/
  5. docs/
  6. doxygen/
  7. interface/
  8. lib/
  9. platform/
  10. secure_fw/
  11. tools/
  12. .gitignore
  13. .gitreview
  14. CMakeLists.txt
  15. dco.txt
  16. license.rst
  17. readme.rst
  18. toolchain_ARMCLANG.cmake
  19. toolchain_GNUARM.cmake
  20. toolchain_IARARM.cmake