libutee: process a full buffer immediately

In tee_buffer_update, libutee currently delays processing an input block until more space is needed in the buffer, which is perfectly valid behavior, but doesn't match AOSP compatibility requirements. Specifically, both CTS (testKatEncryptOneByteAtATime [1]) and VTS (EncryptionOperationsTest.*OneByteAtATime [2]) expect block cipher implementations to produce an output block as soon as a full block of input has been received. Change libutee behavior to be AOSP compatible. Link: https://android.googlesource.com/platform/cts/+/refs/heads/main/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java#779 [1] Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp#827 [2] Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
OP-TEE · Apr 24, 2024 · aeb530a · aeb530a
1 parent 5c4fcb7
commit aeb530a
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/lib/libutee/tee_api_operations.c b/lib/libutee/tee_api_operations.c
@@ -1118,6 +1118,12 @@ static TEE_Result tee_buffer_update(
 		l = ROUNDUP(op->buffer_offs + slen - buffer_size,
 				op->block_size);
 		l = MIN(op->buffer_offs, l);
+		/*
+		 * If we're buffering only a single block, process it
+		 * immediately.
+		 */
+		if (!op->buffer_two_blocks)
+			l = op->block_size;
 		tmp_dlen = dlen;
 		res = update_func(op->state, op->buffer, l, dst, &tmp_dlen);
 		if (res != TEE_SUCCESS)