fix(intel): reject non 4-byte align request size for FPGA Crypto Service (FCS)
This patch is to add size checking to make sure that
each certificate and encryption/decryption request
are 4-byte align as this driver is expecting. Unaligned
size may indicate invalid/corrupted request hence will
be rejected.
Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ib6f97849ec470e45679c5adc4fbfa3afd10eda90
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index 3a7d693..85551a4 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -11,6 +11,15 @@
#include "socfpga_mailbox.h"
#include "socfpga_sip_svc.h"
+static bool is_size_4_bytes_aligned(uint32_t size)
+{
+ if ((size % MBOX_WORD_BYTE) != 0U) {
+ return false;
+ } else {
+ return true;
+ }
+}
+
uint32_t intel_fcs_random_number_gen(uint64_t addr, uint64_t *ret_size,
uint32_t *mbox_error)
{
@@ -57,6 +66,10 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ if (!is_size_4_bytes_aligned(size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
status = mailbox_send_cmd_async(send_id, MBOX_CMD_VAB_SRC_CERT,
(uint32_t *)addr, size / MBOX_WORD_BYTE,
CMD_DIRECT);
@@ -89,11 +102,6 @@
int status;
uint32_t cmd;
- if (!is_address_in_ddr_range(src_addr, src_size) ||
- !is_address_in_ddr_range(dst_addr, dst_size)) {
- return INTEL_SIP_SMC_STATUS_REJECTED;
- }
-
fcs_crypt_payload payload = {
FCS_CRYPTION_DATA_0,
src_addr,
@@ -101,6 +109,15 @@
dst_addr,
dst_size };
+ if (!is_address_in_ddr_range(src_addr, src_size) ||
+ !is_address_in_ddr_range(dst_addr, dst_size)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
+ if (!is_size_4_bytes_aligned(sizeof(fcs_crypt_payload))) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
if (mode != 0U) {
cmd = MBOX_FCS_ENCRYPT_REQ;
} else {