Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bbb443fc authored by Gaurav Kashyap's avatar Gaurav Kashyap
Browse files

hwkm: fail on last byte corruption 



When the last byte of an incoming keyblob is corrupted for
an UNWRAP_IMPORT operation, HWKM does not fail as it is
considered a noop. However, we must fail as it will classify as
a corrupted keyblob.

Change-Id: Ia9f74d150163139f879287e9ffcc82277d76685a
Signed-off-by: default avatarGaurav Kashyap <gaurkash@codeaurora.org>
parent bd0cb901

drivers/soc/qcom/hwkm.c

+13 −0
Original line number Diff line number Diff line
@@ -505,6 +505,19 @@ static int qti_handle_key_unwrap_import(const struct hwkm_cmd *cmd_in, 
		return -EINVAL;

	}



	/*

	 * Unwrap in HWKM does not do an integrity check for the last byte

	 * (68th byte) as it is a noop. However, we need to make sure no

	 * part of the keyblob provided was tampered with, even though it

	 * is a noop. Adding an explicit check for the last byte before

	 * providing to unwrap command.

	 */

	if ((cmd_in->unwrap.wkb[EXPECTED_UNWRAP_KEY_SIZE - 1]) != 0x00) {

		pr_err("%s: Last byte corrupted, expecting zero value\n",

								__func__);

		return -EINVAL;

	}



	memcpy(cmd, &operation, OPERATION_INFO_LENGTH);

	memcpy(cmd + COMMAND_WRAPPED_KEY_IDX, cmd_in->unwrap.wkb,

			cmd_in->unwrap.sz);