diff options
| author | Zeng Tao <prime.zeng@hisilicon.com> | 2017-10-17 19:02:36 +0800 |
|---|---|---|
| committer | Jerome Forissier <jerome.forissier@linaro.org> | 2018-02-16 17:46:30 +0100 |
| commit | e091b079d91b04e03ed4c465d61d63e044539b09 (patch) | |
| tree | 906d46a455c910c54595311340ebef8ea4668f1a /core/tee | |
| parent | 9d858c7662cd09da8ba7702a12af65c67e4cfa90 (diff) | |
core: FS: storage: don't allow the object_id to reside in shared memory
According to the GP spec V1.1, the object_id in create/open/rename
functions is not allowed to reside in the share memory, this patch
simply removes the TEE_MEMORY_ACCESS_ANY_OWNER flag to limit the
object_id to TA private memory space.
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Diffstat (limited to 'core/tee')
| -rw-r--r-- | core/tee/tee_svc_storage.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/core/tee/tee_svc_storage.c b/core/tee/tee_svc_storage.c index b03d5463..2f8a53a4 100644 --- a/core/tee/tee_svc_storage.c +++ b/core/tee/tee_svc_storage.c @@ -292,8 +292,7 @@ TEE_Result syscall_storage_obj_open(unsigned long storage_id, void *object_id, utc = to_user_ta_ctx(sess->ctx); res = tee_mmu_check_access_rights(utc, - TEE_MEMORY_ACCESS_READ | - TEE_MEMORY_ACCESS_ANY_OWNER, + TEE_MEMORY_ACCESS_READ, (uaddr_t) object_id, object_id_len); if (res != TEE_SUCCESS) @@ -437,8 +436,7 @@ TEE_Result syscall_storage_obj_create(unsigned long storage_id, void *object_id, utc = to_user_ta_ctx(sess->ctx); res = tee_mmu_check_access_rights(utc, - TEE_MEMORY_ACCESS_READ | - TEE_MEMORY_ACCESS_ANY_OWNER, + TEE_MEMORY_ACCESS_READ, (uaddr_t) object_id, object_id_len); if (res != TEE_SUCCESS) @@ -577,8 +575,7 @@ TEE_Result syscall_storage_obj_rename(unsigned long obj, void *object_id, } res = tee_mmu_check_access_rights(utc, - TEE_MEMORY_ACCESS_READ | - TEE_MEMORY_ACCESS_ANY_OWNER, + TEE_MEMORY_ACCESS_READ, (uaddr_t) object_id, object_id_len); if (res != TEE_SUCCESS) goto exit; |