Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 2bd0d43b authored by David Drysdale's avatar David Drysdale
Browse files

Turn off CFI for the Keymaster VTS

On a bramble device, observed a crash in the VTS binary itself when
executing BoringSSL signature verification code locally (i.e. with no
KeyMaster interaction involved).

The crash call stack involves CFI checks, and seems to occur at the
point when some BoringSSL digest calculation code invokes a function
pointer.

 - SHA1_Update passes &sha1_block_data_order to (inlined)...
 - crypto_md32_update() which invokes the function pointer
   via its block_func parameter.

Moving the BoringSSL dependency from static_libs: libcrypto_static to
shared_libs: libcrypto makes the crash go away, but a smaller change
that also fixes the problem is to disable CFI checks for the test
binary.

This approach was inspired by:
https://googleplex-android.googlesource.com/platform/system/security/+/ab65cd0e89829675fec75d629019b10511584100%5E%21/#F0

The same problem looks to be relevant for the bugs listed below.

Bug: 206496340
Bug: 206498742
Test: VtsHalKeymasterV4_0TargetTest --gtest_filter="*VerificationOperationsTest.RsaAllPaddingsAndDigests*"
Change-Id: I12b145dad5535846d68c97954d31a93123bb95e7
parent 2edfc467
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment