TF-M Secure Storage allows writing (SST_NUM_ASSETS + 1)th asset
Closed, ResolvedPublic
Actions

Description

While developing an example application to write Pelion certificates to TF-M secure storage (SST), I found out that SST implementation allows writing (SST_NUM_ASSETS + 1)th element which is reserved to support updating existing assets. If application writes (SST_NUM_ASSETS + 1) assets to SST then after that updating an existing asset fails due to insufficient space (unable to allocate new file handle).

The space for (SST_NUM_ASSETS + 1)th asset is crucial for SST implementation and should be protected. IMHO, insufficient space error should be returned when application tries to write (SST_NUM_ASSETS + 1)th asset.

Event Timeline

devran01 created this task.Aug 22 2019, 12:47 PM

jf549 triaged this task as High priority.Aug 30 2019, 5:55 PM

jf549 edited projects, added Restricted Project; removed Trusted Firmware M.

https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/1953/

jf549 reassigned this task from jf549 to Unknown Object (User).Sep 27 2019, 1:24 PM

jf549 moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.

jf549 added a subscriber: jf549.

Fixed by merged patch

TF-M Secure Storage allows writing (SST_NUM_ASSETS + 1)th assetClosed, ResolvedPublicActions

Description

Event Timeline

TF-M Secure Storage allows writing (SST_NUM_ASSETS + 1)th asset
Closed, ResolvedPublic
Actions