diff options
| author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2022-12-06 17:27:07 +0100 |
|---|---|---|
| committer | TrustedFirmware Code Review <review@review.trustedfirmware.org> | 2022-12-06 17:27:07 +0100 |
| commit | 9ccdfc44af0869c5129623d8d9bebd5e14596540 (patch) | |
| tree | 0316faf9bcc57785339bbc727dff1c6d38531056 /plat/intel | |
| parent | 34ffe4aaca4455bfe41f1a72e9e8da9abc24f557 (diff) | |
| parent | c42402cdf8a3dfc6f6e62a92b2898066e8cc46f6 (diff) | |
| download | arm-trusted-firmware-9ccdfc44af0869c5129623d8d9bebd5e14596540.tar.gz | |
Merge "fix(intel): fix fcs_client crashed when increased param size" into integration
Diffstat (limited to 'plat/intel')
| -rw-r--r-- | plat/intel/soc/common/include/socfpga_fcs.h | 8 | ||||
| -rw-r--r-- | plat/intel/soc/common/sip/socfpga_sip_fcs.c | 23 |
2 files changed, 31 insertions, 0 deletions
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h index 893551de3..91e00361b 100644 --- a/plat/intel/soc/common/include/socfpga_fcs.h +++ b/plat/intel/soc/common/include/socfpga_fcs.h @@ -84,6 +84,14 @@ #define FCS_ECDSA_HASH_SIGN_CMD_MAX_WORD_SIZE 17U #define FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE 52U #define FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE 29U + +#define FCS_CRYPTO_ECB_BUFFER_SIZE 12U +#define FCS_CRYPTO_CBC_CTR_BUFFER_SIZE 28U +#define FCS_CRYPTO_BLOCK_MODE_MASK 0x07 +#define FCS_CRYPTO_ECB_MODE 0x00 +#define FCS_CRYPTO_CBC_MODE 0x01 +#define FCS_CRYPTO_CTR_MODE 0x02 + /* FCS Payload Structure */ typedef struct fcs_rng_payload_t { uint32_t session_id; diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c index facee0fbd..5f6f5decf 100644 --- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c +++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c @@ -1620,6 +1620,29 @@ int intel_fcs_aes_crypt_init(uint32_t session_id, uint32_t context_id, uint32_t key_id, uint64_t param_addr, uint32_t param_size, uint32_t *mbox_error) { + /* ptr to get param_addr value */ + uint64_t *param_addr_ptr; + + param_addr_ptr = (uint64_t *) param_addr; + + /* + * Since crypto param size vary between mode. + * Check ECB here and limit to size 12 bytes + */ + if (((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_ECB_MODE) && + (param_size > FCS_CRYPTO_ECB_BUFFER_SIZE)) { + return INTEL_SIP_SMC_STATUS_REJECTED; + } + /* + * Since crypto param size vary between mode. + * Check CBC/CTR here and limit to size 28 bytes + */ + if ((((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CBC_MODE) || + ((*param_addr_ptr & FCS_CRYPTO_BLOCK_MODE_MASK) == FCS_CRYPTO_CTR_MODE)) && + (param_size > FCS_CRYPTO_CBC_CTR_BUFFER_SIZE)) { + return INTEL_SIP_SMC_STATUS_REJECTED; + } + if (mbox_error == NULL) { return INTEL_SIP_SMC_STATUS_REJECTED; } |