keystore: don't use binder input buffers for rsa sign/verify directly
authorDima Zavin <dima@android.com>
Sat, 27 Apr 2013 07:05:57 +0000 (00:05 -0700)
committerDima Zavin <dima@android.com>
Sat, 27 Apr 2013 07:31:20 +0000 (00:31 -0700)
commit9449b168e067934c54cd846f61791cc8e52cea22
tree2e2f0b53c1e942327f455dd3c4e5811a0902e048
parent6568c0f1e188d3470333e15cc157d7199117e664
keystore: don't use binder input buffers for rsa sign/verify directly

The input buffers for RSA sign/verify are passed over the binder, which
maps it into this process as read-only. When this buffer is passed
to mobicore, it tries to pin the page with __get_user_pages with
PROT_WRITE, which fails. Since the mobicore transport code doesn't
know if the APIs are producers or consumers, it "rightfully" assumes
all buffers are read/write. The interface to trustzone currently
doesn't support specifying read/write access bits, so instead
we create a copy of the input data in a locally allocated
malloc buffer and use that instead.

Bug: 8019596
Change-Id: I3c77c893f674ec73196a8a2ea3e5a24fb9e3b860
Signed-off-by: Dima Zavin <dima@android.com>
libkeymaster/keymaster_mobicore.cpp