Skip to content

aes: explicit validation before TEE_FreeOperation call #145

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

aes: explicit validation before TEE_FreeOperation call #145

wants to merge 1 commit into from

Conversation

@Akshay-Belsare
Copy link

@Akshay-Belsare Akshay-Belsare commented Oct 29, 2025

Add null checks before calling TEE_FreeOperation() to prevent TA panic when __OPTEE_CORE_API_COMPAT_1_1 is enable. The __GP11_TEE_FreeOperation() wrapper calls TEE_Panic(0) when passed TEE_HANDLE_NULL. Explicit validation ensures only valid handles reach the TEE API functions.

This resolves #144

@jenswi-linaro
Copy link
Contributor

jenswi-linaro commented Oct 29, 2025

How about fixing the problem by stepping up the used API?

@amey-raghatate
Copy link
Contributor

amey-raghatate commented Oct 29, 2025

Hi @jenswi-linaro, Could you please specify which TEE API should I use to replace the GP 1.1 compatibility mode.

@jenswi-linaro
Copy link
Contributor

jenswi-linaro commented Oct 29, 2025

Removing the CFG_TA_OPTEE_CORE_API_COMPAT_1_1=y line in each TA Makefile should be enough. If you don't mind, please fix all the TAs in this git.

@jenswi-linaro
Copy link
Contributor

jenswi-linaro commented Oct 31, 2025

Please squash these changes into one commit.

@Akshay-Belsare
Copy link
Author

Akshay-Belsare commented Oct 31, 2025

Sure @jenswi-linaro.
I kept them separate to facilitate a smoother review process.
Since the CFG_TA_OPTEE_CORE_API_COMPAT_1_1 has been removed, would you like me to drop the first patch?

@jenswi-linaro
Copy link
Contributor

jenswi-linaro commented Oct 31, 2025

Yes, please. The diff looks good.

etienne-lms
etienne-lms reviewed Oct 31, 2025
View reviewed changes
@amey-raghatate @Akshay-Belsare
aes: remove CFG_TA_OPTEE_CORE_API_COMPAT_1_1
e3c24ec 
Remove CFG_TA_OPTEE_CORE_API_COMPAT_1_1=y to fix TA panic 0x0 from
null handle operations.
Change tag_len/out_len from uint32_t to size_t in auth_enc_op() to match
modern TEE API function signatures for TEE_AEEncryptFinal and
TEE_AEDecryptFinal.
Fix format specifiers from %d to %zu for size_t variables to resolve
compiler warnings.

Signed-off-by: Amey Avinash Raghatate <ameyavinash.raghatate@amd.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@etienne-lms etienne-lms etienne-lms left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AES TA panic after removing null checks from TEE_FreeOperation() calls in GP 1.1 compatibility mode

4 participants

@Akshay-Belsare @jenswi-linaro @amey-raghatate @etienne-lms