Fix iovec parameter handling when calling from NS->S when TFM_LVL==1
Closed, ResolvedPublic
Actions

Edit Task
Edit Related Tasks...
Create Subtask
Edit Parent Tasks
Edit Subtasks
Merge Duplicates In
Close As Duplicate
Mute Notifications
Award Token
Flag For Later

Description

When non-secure code makes a call to a secure function in case of TFM_LVL==1, the iovec parameters for the function are copied on the stack of the callee secure partition. If the secure function uses more stack (~300 bytes) the parameters can be overwritten, and writing the parameters can corrupt the stack.

Fix:
The iovec parameters should be copied into the stack memory allocated for the partition, but before the actual stack.

Event Timeline

matetothpal triaged this task as High priority.Jan 15 2019, 2:10 PM

matetothpal created this task.

Change for this issue is https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/520/

The change for this issue had been merged

Fix iovec parameter handling when calling from NS->S when TFM_LVL==1Closed, ResolvedPublicActions

Description

Event Timeline

Fix iovec parameter handling when calling from NS->S when TFM_LVL==1
Closed, ResolvedPublic
Actions