core: crypto: libtomcrypt: fix LTC_CLEAN_STACK bug

LTC_CLEAN_STACK uses burn_stack() API that uses a recursive call which leads to approx. double the size of stack cleaned than expected on ARM64. So this causes stack overflow corrupting canaries in case we perform a SHA512 hash operation which utilizes maximum stack as compared to other libtomcrypt APIs. So get rid of this recursive call via using variable length array to clean stack. Also, convert zeromem() API as a wrapper to call memzero_explicit(). Fixes: ad56511 ("core: crypto: libtomcrypt: enable LTC_CLEAN_STACK") Suggested-by: Daniel Thompson <[email protected]> Signed-off-by: Sumit Garg <[email protected]>
OP-TEE · Jun 27, 2019 · 18e6ec2 · 18e6ec2
1 parent 55e6414
commit 18e6ec2
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 7 deletions.
diff --git a/core/lib/libtomcrypt/src/misc/burn_stack.c b/core/lib/libtomcrypt/src/misc/burn_stack.c
@@ -49,10 +49,8 @@
 */
 void burn_stack(unsigned long len)
 {
-   unsigned char buf[32];
+   unsigned char buf[len];
    zeromem(buf, sizeof(buf));
-   if (len > (unsigned long)sizeof(buf))
-      burn_stack(len - sizeof(buf));
 }
 
 

diff --git a/core/lib/libtomcrypt/src/misc/zeromem.c b/core/lib/libtomcrypt/src/misc/zeromem.c
@@ -37,6 +37,7 @@
  * Tom St Denis, [email protected], http://libtom.org
  */
 #include "tomcrypt.h"
+#include <string_ext.h>
 
 /**
    @file zeromem.c
@@ -50,11 +51,8 @@
 */
 void zeromem(volatile void *out, size_t outlen)
 {
-   volatile char *mem = out;
    LTC_ARGCHKVD(out != NULL);
-   while (outlen-- > 0) {
-      *mem++ = 0;
-   }
+   memzero_explicit((void *)out, outlen);
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/zeromem.c,v $ */