TF-M Secure Storage allows writing (SST_NUM_ASSETS + 1)th asset
Closed, ResolvedPublic


While developing an example application to write Pelion certificates to TF-M secure storage (SST), I found out that SST implementation allows writing (SST_NUM_ASSETS + 1)th element which is reserved to support updating existing assets. If application writes (SST_NUM_ASSETS + 1) assets to SST then after that updating an existing asset fails due to insufficient space (unable to allocate new file handle).

The space for (SST_NUM_ASSETS + 1)th asset is crucial for SST implementation and should be protected. IMHO, insufficient space error should be returned when application tries to write (SST_NUM_ASSETS + 1)th asset.

jf549 edited projects, added Restricted Project; removed Trusted Firmware M.Aug 30 2019, 5:55 PM
jf549 triaged this task as High priority.
jf549 reassigned this task from jf549 to raefcoles-arm.Sep 27 2019, 1:24 PM
jf549 moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.
jf549 added a subscriber: jf549.
raefcoles-arm closed this task as Resolved.Oct 8 2019, 2:51 PM

Fixed by merged patch