The function elf_load_body is used to load the code and data segments while dynamically loading a TA. The amount of memory allocated for the code and data segments is previously determined and the sum of it is stored in state->vasize. The actual allocated amount of memory is rounded up the next multiple of the memory pool granularity. To ensure that the newly loaded TA is not able to observe any data belonging to a TA previously stored on this exact location in memory, the memory block is set to zero. The size used to memset the block to zero is the sum of the sizes of the segments, not the rounded size of the actual allocation. This means that the remaining space at the end of the allocation is not cleared, potentially leaking code and/or data of a previous TA. The information gained by this attack is limited by the memory layout of the (compromised) TA performing the attack and the flags (i.e. is unloading the TA prevented when the last session is closed due to TA_FLAG_INSTANCE_KEEP_ALIVE) and layout of the attacked TA.
Patches
optee_os.git
- core: clear the entire TA area (7e768f8)
Workarounds
N/A
References
N/A
OP-TEE ID
OP-TEE-2018-0006
Reported by
Riscure
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.
The function
elf_load_bodyis used to load the code and data segments while dynamically loading a TA. The amount of memory allocated for the code and data segments is previously determined and the sum of it is stored instate->vasize. The actual allocated amount of memory is rounded up the next multiple of the memory pool granularity. To ensure that the newly loaded TA is not able to observe any data belonging to a TA previously stored on this exact location in memory, the memory block is set to zero. The size used to memset the block to zero is the sum of the sizes of the segments, not the rounded size of the actual allocation. This means that the remaining space at the end of the allocation is not cleared, potentially leaking code and/or data of a previous TA. The information gained by this attack is limited by the memory layout of the (compromised) TA performing the attack and the flags (i.e. is unloading the TA prevented when the last session is closed due toTA_FLAG_INSTANCE_KEEP_ALIVE) and layout of the attacked TA.Patches
optee_os.git
Workarounds
N/A
References
N/A
OP-TEE ID
OP-TEE-2018-0006
Reported by
Riscure
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.