Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-16 09:34:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(intel): update fcs functions to check ddr range

Browse source 
The src addr and dest addr of fcs functions are not checked against
their valid ddr range. Thus adding the ddr range checking to avoid
overlap/overwritten ddr address.

Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I9b4d4155dd16d9d5d36e0c91e4a2600c17867daf
This commit is contained in:
Jit Loon Lim 2023-11-17 10:36:30 +08:00 committed by Sieu Mun Tang
parent d0574da589
commit e8a3454cb7
1 changed files with 23 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
plat/intel/soc/common/sip/socfpga_sip_fcs.c
View file

@ -247,14 +247,6 @@ uint32_t intel_fcs_encryption(uint32_t src_addr, uint32_t src_size,
int status;
uint32_t load_size;
fcs_encrypt_payload payload = {
FCS_ENCRYPTION_DATA_0,
src_addr,
src_size,
dst_addr,
dst_size };
load_size = sizeof(payload) / MBOX_WORD_BYTE;
if (!is_address_in_ddr_range(src_addr, src_size) ||
!is_address_in_ddr_range(dst_addr, dst_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@ -264,6 +256,14 @@ uint32_t intel_fcs_encryption(uint32_t src_addr, uint32_t src_size,
return INTEL_SIP_SMC_STATUS_REJECTED;
}
fcs_encrypt_payload payload = {
FCS_ENCRYPTION_DATA_0,
src_addr,
src_size,
dst_addr,
dst_size };
load_size = sizeof(payload) / MBOX_WORD_BYTE;
status = mailbox_send_cmd_async(send_id, MBOX_FCS_ENCRYPT_REQ,
(uint32_t *) &payload, load_size,
CMD_INDIRECT);
@ -283,6 +283,15 @@ uint32_t intel_fcs_decryption(uint32_t src_addr, uint32_t src_size,
uint32_t load_size;
uintptr_t id_offset;
if (!is_address_in_ddr_range(src_addr, src_size) ||
!is_address_in_ddr_range(dst_addr, dst_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
if (!is_size_4_bytes_aligned(src_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
inv_dcache_range(src_addr, src_size); /* flush cache before mmio read to avoid reading old values */
id_offset = src_addr + FCS_OWNER_ID_OFFSET;
fcs_decrypt_payload payload = {
@ -295,15 +304,6 @@ uint32_t intel_fcs_decryption(uint32_t src_addr, uint32_t src_size,
dst_size };
load_size = sizeof(payload) / MBOX_WORD_BYTE;
if (!is_address_in_ddr_range(src_addr, src_size) ||
!is_address_in_ddr_range(dst_addr, dst_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
if (!is_size_4_bytes_aligned(src_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
status = mailbox_send_cmd_async(send_id, MBOX_FCS_DECRYPT_REQ,
(uint32_t *) &payload, load_size,
CMD_INDIRECT);
@ -2023,6 +2023,10 @@ int intel_fcs_ecdsa_get_pubkey_finalize(uint32_t session_id, uint32_t context_id
return INTEL_SIP_SMC_STATUS_REJECTED;
}
if (!is_address_in_ddr_range(dst_addr, *dst_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
if (fcs_ecdsa_get_pubkey_param.session_id != session_id ||
fcs_ecdsa_get_pubkey_param.context_id != context_id) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@ -2234,7 +2238,8 @@ int intel_fcs_aes_crypt_update_finalize(uint32_t session_id,
}
if ((!is_8_bytes_aligned(dst_addr)) ||
(!is_32_bytes_aligned(dst_size))) {
(!is_32_bytes_aligned(dst_size)) ||
(!is_address_in_ddr_range(dst_addr, dst_size))) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}