Page MenuHomePhabricator

Tf-M: Core: Remove the NS memory check block from has_access_to_region(...)
Closed, ResolvedPublic


In case an unprivileged non-secure caller, the has_access_to_region function should return error if privileged memory is provided as a parameter. In the current implementation the cmse_check_address_range return error as expected, but there is a fallback in the function to return success if the region is in the non-secure memory.


/* If all else fails, check whether the region is in the non-secure
 * memory
if ((check_address_range(p, s, NS_CODE_START,
                         NS_CODE_LIMIT) == TFM_SUCCESS) ||
    (check_address_range(p, s, NS_DATA_START,
                         NS_DATA_LIMIT) == TFM_SUCCESS)) {
    return TFM_SUCCESS;
} else {

needs to be removed

Event Timeline

matetothpal triaged this task as Normal priority.Oct 21 2019, 6:49 AM
matetothpal created this task.
matetothpal closed this task as Resolved.Oct 28 2019, 10:13 AM

The fix for the issue had been merged with another commit: