ssflib: Fixes to Transient Object (de)allocation

TO allocation and deallocation was done incorrectly. Functions
TEE_AllocateTransientObject and TEE_FreeTransientObject were
rewritten to work correctly.

Change-Id: I717dd8e2922a5d209df61953a3c1f7c6201be870

diff --git a/TEECLib/src/teec_api.c b/TEECLib/src/teec_api.c
index 7a81e34..6b34a40 100644 (file)
--- a/TEECLib/src/teec_api.c
+++ b/TEECLib/src/teec_api.c
@@ -79,7 +79,7 @@ static int32_t initShm(char* path) {
        int fd;
        struct stat attr;
        snprintf(path, 20, "/tmp/shm%d", pathId);
-       
+
        pthread_rwlock_wrlock(&file_create_lock);
        if (stat(path, &attr) == -1) {
                fd = creat(path, S_IRWXU);

diff --git a/ssflib/src/ssf_client.cpp b/ssflib/src/ssf_client.cpp
index b76f0c8..eb8a1f9 100644 (file)
--- a/ssflib/src/ssf_client.cpp
+++ b/ssflib/src/ssf_client.cpp
@@ -53,7 +53,7 @@ int32_t connecttoServer(void) {
                return -1;
        }
        daemonsock.sun_family = AF_UNIX;
-       
+
        sock_path_len = strlen(SOCKPATH);
        strncpy(daemonsock.sun_path, SOCKPATH, sock_path_len+1);
 

diff --git a/ssflib/src/ssf_storage.cpp b/ssflib/src/ssf_storage.cpp
index dbb54a3..78c8ba0 100644 (file)
--- a/ssflib/src/ssf_storage.cpp
+++ b/ssflib/src/ssf_storage.cpp
@@ -34,7 +34,7 @@
 #define PO_INTERNAL_MODULE_NAME "po_file"
 #define PO_STAT_INTERNAL_MODULE_NAME "po_stat"
 #define PI_FILE_NAME "pi_file"
-#define UUID_FILE "/usr/apps/tee/TA-UUID.list"
+#define UUID_FILE "/usr/lib/tastore/uuidlist.uuid"
 
 TEE_UUID ssf_sharedthisTAUUID;
 static TEE_UUID this_uuid;
@@ -153,8 +153,10 @@ void printhex(unsigned char* buf, unsigned int size) {
 ////////////////////////////////////////////////////////////////////////////////////
 TEE_Result copy_attribute(TEE_Attribute* dest, TEE_Attribute* src) {
        if (!dest || !src) {
+               TZ_ERROR("Invalid pointers to attributes to copy\n");
                return TEE_ERROR_BAD_PARAMETERS;
        }
+
        dest->attributeID = src->attributeID;
        if (src->attributeID & TEE_ATTR_FLAG_VALUE) {
                dest->content.value.a = src->content.value.a;
@@ -169,6 +171,7 @@ TEE_Result copy_attribute(TEE_Attribute* dest, TEE_Attribute* src) {
                dest->content.ref.buffer = buffer;
                dest->content.ref.length = src->content.ref.length;
        }
+
        return TEE_SUCCESS;
 }
 
@@ -188,7 +191,8 @@ TEE_Result allocate_transient_object(TransientObject* tr, uint32_t objectType,
     uint32_t maxObjectSize) {
        tr->attr.attr_number = 0;
 
-/*     switch (objectType) {
+       // TODO below switch requires finishing and verification
+       switch (objectType) {
                case TEE_TYPE_AES:
                        if (maxObjectSize != 128 && maxObjectSize != 192
                            && maxObjectSize != 256) {
@@ -262,7 +266,7 @@ TEE_Result allocate_transient_object(TransientObject* tr, uint32_t objectType,
                default:
                        return TEE_ERROR_NOT_SUPPORTED;
        }
-*/
+
        // Object info
        tr->info.objectType = objectType;
        tr->info.objectSize = 0;
@@ -1469,19 +1473,19 @@ TEE_Result TEE_AllocateTransientObject(uint32_t objectType,
        PERMISSION_CHECK(PERM_STORAGE);
        TEE_Result rc;
 
-
-       TransientObject * tr = (TransientObject*)OsaMalloc(sizeof(TransientObject));
-       if (!tr) {
-               OsaFree(tr);
+       TEE_ObjectHandle obj = (TEE_ObjectHandle)OsaMalloc(sizeof(struct __TEE_ObjectHandle));
+       if (!obj) {
                return TEE_ERROR_OUT_OF_MEMORY;
        }
-       memset(tr, 0, sizeof(TransientObject));
-       rc = allocate_transient_object(tr, objectType, maxObjectSize);
+
+       memset(obj, 0, sizeof(struct __TEE_ObjectHandle));
+       rc = allocate_transient_object(&obj->tr, objectType, maxObjectSize);
        if (rc != TEE_SUCCESS) {
-               OsaFree(tr);
+               OsaFree(obj);
                return rc;
        }
-       *object = (TEE_ObjectHandle)&tr->info;
+
+       *object = obj;
        return TEE_SUCCESS;
 }
 
@@ -1498,7 +1502,7 @@ void TEE_FreeTransientObject(TEE_ObjectHandle object) {
                free_attribute(&attrs[i]);
        }
        memset(&tr->attr, 0, sizeof(tr->attr));
-       OsaFree(tr);
+       OsaFree(object);
 }
 
 void TEE_ResetTransientObject(TEE_ObjectHandle object) {
@@ -1533,9 +1537,9 @@ TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object,
                TZ_ERROR("operation error line = %d,%s\n", __LINE__, __func__);
                TEE_Panic(0);
        }
+
        TEE_Attribute* curr_attr = &tr->attr.attr_array[tr->attr.attr_number];
        for (i = 0; i < attrCount; i++) {
-
                if (attrs[i].content.ref.length > tr->info.maxObjectSize) {
                        TZ_ERROR("operation error line = %d,%s\n", __LINE__, __func__);
                        TEE_Panic(0);
@@ -1603,6 +1607,7 @@ TEE_Result TEE_PopulateTransientObject(TEE_ObjectHandle object,
                        return TEE_ERROR_BAD_PARAMETERS;
        }
        tr->info.handleFlags |= TEE_HANDLE_FLAG_INITIALIZED;
+
        return TEE_SUCCESS;
 }
 
@@ -1824,6 +1829,7 @@ TEE_Result TEE_GenerateKey(TEE_ObjectHandle object, uint32_t keySize,
                }
                        break;
        }
+
        return TEE_SUCCESS;
 }