aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTamas Ban <tamas.ban@arm.com>2018-11-19 13:28:32 +0000
committerTamas Ban <tamas.ban@arm.com>2018-12-05 16:05:02 +0100
commit997aeb3d6ceb529d03f27e83578278d99b84d1a3 (patch)
tree4795fb240901fdbecde6ed2c302eb5fa63e1c563
parent03220ae0c3748526b94db9a919c604c26a5f40a1 (diff)
downloadtrusted-firmware-m-997aeb3d6ceb529d03f27e83578278d99b84d1a3.tar.gz
Core: Create wrapper functions around C lib calls
In long term standard C library might be removed from TF-M project or replaced with a secure implementation due to security concerns. Wrappers are introduced to indicate this concern and future change to developers. Change-Id: I86e9cd8563fd89bf70b0df59cb2ae1aeee9c02b9 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
-rw-r--r--secure_fw/core/secure_utilities.h24
-rw-r--r--secure_fw/core/tfm_handler.c4
-rw-r--r--secure_fw/spm/spm_api.c3
3 files changed, 29 insertions, 2 deletions
diff --git a/secure_fw/core/secure_utilities.h b/secure_fw/core/secure_utilities.h
index f268f30b89..32030fd564 100644
--- a/secure_fw/core/secure_utilities.h
+++ b/secure_fw/core/secure_utilities.h
@@ -10,6 +10,7 @@
#include "cmsis_compiler.h"
#include "tfm_svc.h"
+#include "string.h"
#define EXC_RETURN_INDICATOR (0xF << 28)
#define EXC_RETURN_SECURITY_STACK_STATUS_MASK (0x3 << 5)
@@ -103,4 +104,27 @@ __STATIC_INLINE void __set_CONTROL_SPSEL(int32_t SPSEL)
__asm("ISB");
}
+/* FIXME: The following functions are wrappers around standard C library
+ * functions: memcpy, memcmp, memset
+ * In long term standard C library might be removed from TF-M project or
+ * replaced with a secure implementation due to security concerns.
+ */
+__attribute__ ((always_inline)) __STATIC_INLINE
+void tfm_memcpy(void *dest, const void *src, uint32_t size)
+{
+ memcpy(dest, src, size);
+}
+
+__attribute__ ((always_inline)) __STATIC_INLINE
+int32_t tfm_memcmp(const void * ptr1, const void * ptr2, size_t num)
+{
+ return (memcmp(ptr1, ptr2, num));
+}
+
+__attribute__ ((always_inline)) __STATIC_INLINE
+void * tfm_memset(void * ptr, int value, size_t num)
+{
+ return (memset(ptr, value, num));
+}
+
#endif /* __SECURE_UTILITIES_H__ */
diff --git a/secure_fw/core/tfm_handler.c b/secure_fw/core/tfm_handler.c
index 4cf313c401..88ac443c72 100644
--- a/secure_fw/core/tfm_handler.c
+++ b/secure_fw/core/tfm_handler.c
@@ -62,7 +62,9 @@ void SecureFault_Handler(void)
sp <= S_DATA_LIMIT - sizeof(tfm_fault_context) + 1) ||
(sp >= NS_DATA_START &&
sp <= NS_DATA_LIMIT - sizeof(tfm_fault_context) + 1)) {
- memcpy(&tfm_fault_context, (const void *)sp, sizeof(tfm_fault_context));
+ tfm_memcpy(&tfm_fault_context,
+ (const void *)sp,
+ sizeof(tfm_fault_context));
}
LOG_MSG("Oops... Secure fault!!! You're not going anywhere!");
diff --git a/secure_fw/spm/spm_api.c b/secure_fw/spm/spm_api.c
index b17ee99d4a..2aeb903495 100644
--- a/secure_fw/spm/spm_api.c
+++ b/secure_fw/spm/spm_api.c
@@ -11,6 +11,7 @@
#include <string.h>
#include "spm_api.h"
#include "platform/include/tfm_spm_hal.h"
+#include "secure_utilities.h"
#include "spm_db_setup.h"
#include "tfm_internal.h"
#include "tfm_api.h"
@@ -71,7 +72,7 @@ enum spm_err_t tfm_spm_db_init(void)
{
struct spm_partition_desc_t *part_ptr;
- memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db));
+ tfm_memset (&g_spm_partition_db, 0, sizeof(g_spm_partition_db));
/* This function initialises partition db */
g_spm_partition_db.running_partition_idx = SPM_INVALID_PARTITION_IDX;