Turn off CFI for the Keymaster VTS
On a bramble device, observed a crash in the VTS binary itself when executing BoringSSL signature verification code locally (i.e. with no KeyMaster interaction involved). The crash call stack involves CFI checks, and seems to occur at the point when some BoringSSL digest calculation code invokes a function pointer. - SHA1_Update passes &sha1_block_data_order to (inlined)... - crypto_md32_update() which invokes the function pointer via its block_func parameter. Moving the BoringSSL dependency from static_libs: libcrypto_static to shared_libs: libcrypto makes the crash go away, but a smaller change that also fixes the problem is to disable CFI checks for the test binary. This approach was inspired by: https://googleplex-android.googlesource.com/platform/system/security/+/ab65cd0e89829675fec75d629019b10511584100%5E%21/#F0 The same problem looks to be relevant for the bugs listed below. Bug: 206496340 Bug: 206498742 Test: VtsHalKeymasterV4_0TargetTest --gtest_filter="*VerificationOperationsTest.RsaAllPaddingsAndDigests*" Change-Id: I12b145dad5535846d68c97954d31a93123bb95e7
Loading
Please register or sign in to comment