alzix (Alexander Zilberkant)
User

Projects

User does not belong to any projects.

User Details

User Since
Jul 3 2018, 1:07 PM (53 w, 6 d)

Recent Activity

Feb 12 2019

alzix added a comment to T216: psa_set_rhandle() during PSA_IPC_CONNECT.

the changes will solve current issue, but it is only a partial solution. Full solution depends on https://developer.trustedfirmware.org/T244
It seems the way connection handle is allocated needs to be reworked, thus the changes proposed in https://review.trustedfirmware.org/#/c/trusted-firmware-m/+/627/ will no longer be relevant.

Feb 12 2019, 9:03 AM · Trusted Firmware M

Feb 5 2019

alzix created T235: IPC error handling.
Feb 5 2019, 9:22 AM · Trusted Firmware M

Jan 31 2019

alzix added a comment to T216: psa_set_rhandle() during PSA_IPC_CONNECT.

I think we found temporary workaround on our side.
It is no longer a blocker for us, but still HP.
tnx

Jan 31 2019, 9:25 AM · Trusted Firmware M
alzix created T224: tfm_memory_check is inaccurate.
Jan 31 2019, 7:12 AM · Trusted Firmware M

Jan 30 2019

alzix created T216: psa_set_rhandle() during PSA_IPC_CONNECT.
Jan 30 2019, 10:31 AM · Trusted Firmware M

Jan 29 2019

alzix added a comment to T194: invec/outvec checks TOCTOU.

Miklos,
As always you are 100% right. I just wanted to provide simplistic example. Perhaps i've oversimplified :).
While you assumption is true for single core systems, it breaks on asymmetrical multi-core system where SPM is running on one core and NSPE on other.
TF-M is not supporting such a targets right now, but we are now working on a port for such a target.
I suggest to take this in to consideration while implementing new functionality.

Jan 29 2019, 8:59 AM · Trusted Firmware M
alzix added a comment to T194: invec/outvec checks TOCTOU.

the spec specifies that caller passes a pointer array of psa_invec. The array is allocated in caller memory, thus is modifiable by a caller at any time.
SPM must first copy each individual psa_invec to SPM own memory, and only then verify accessibility of each individual range.

Jan 29 2019, 8:50 AM · Trusted Firmware M

Jan 28 2019

alzix added a comment to T194: invec/outvec checks TOCTOU.

from what i see invecs are not copied. Perhaps i'm looking at outdated sources? https://review.trustedfirmware.org/c/trusted-firmware-m/+/468/1/secure_fw/core/ipc/tfm_svcalls.c#131

in_vec = (psa_invec *)((psa_invec *)args[1])->base;
in_num = ((psa_invec *)args[1])->len;
out_vec = ((psa_outvec *)args[2])->base;
out_num = ((psa_outvec *)args[2])->len;
Jan 28 2019, 7:54 AM · Trusted Firmware M
alzix added a comment to T195: Message allocation enhancement.

Please note that newer version of PSA FF spec introduced a change to psa_get API especially to address this issue. psa_get now return an error code (it had void return value before and was not allowed to fail).
PSA_ERR_NOMSG is a special error code that can be returned from psa_get if you encounter resource allocation issue.
SP should then ignore current signal and retry later on.

Jan 28 2019, 7:51 AM · Trusted Firmware M

Jan 27 2019

alzix created T194: invec/outvec checks TOCTOU.
Jan 27 2019, 8:56 PM · Trusted Firmware M
alzix added a comment to T189: Identify the source of a given handle to know if it is malicious.

isolation level 3 assumes mutual distrust between secure partitions.
we need to save connection "owner" client ID and not only secure domain origin.

Jan 27 2019, 8:40 PM · Trusted Firmware M