-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Installing a key on secure storage #6046
Comments
This shows that the error happens before entering the TA. The ELF loader (ldelf) does an invalid access to memory. Adding |
I followed what you said to find the ldelf panicked error.
I couldn't find a definition for this function, and the underscore at the beginning means it's private, but I don't know what that means, so I can't follow this function down to the source of the ldelf panicked. |
@jforissier I found question #4386 and I used the script you gave me to find the relocation in my .elf file, but nothing was returned. And I don't know how to calculate my fault address, maybe I can ask you to help me to see what this fault address is? Here is my terminal log:E/TC:? 0 User TA data-abort at address 0x4006e5c0 (write permission fault) There's my dmp file:SYMBOL TABLE: |
What is the output of |
@jforissier I use the readelf command(readelf -a src/ta/8aaaf200-2450-11e4-6969-696969696969.elf | grep TEXTREL), but the terminal returns nothing.
I don't know how to build my TA with -fPIC. What should I add to the Makefile?
|
Does |
yes. |
Can you see Which version of OP-TEE is that? For troubleshooting, I can only re-iterate my advice:
|
yes,I can see.
3.8.0 |
Sorry, I just misunderstood you, I can see this line in my arm.mk file, but I don't see the -fpic option when I use the make command. Here are my returns from my terminal(make V=1): |
That's not the TA build. Clean and rebuild. |
Oh, sorry. After rebuilding I can see this option now. Here are my returns from my terminal: |
OK so it's not related to PIC. Back to the very first thing I suggested and you did not try. |
@jforissier Thank you, I located the ldelf/ta_elf_rel.c file with DMSG() and found that an error occurred while writing, which corresponds to the write permission fault in the error log.
An error occurred when writing to the “where” pointer after looping to a certain address. Here is the error code segment I located:
I Outputs the variable value, (rela->r_offset = 0xf5c0, elf->load_addr = 0x4003d000, where =0x4004c5c0 ). The address of the where variable is the address of the error log. Can you please help me to see if this error address is calculated correctly? What should I do after finding the error address in the TA ELF file? I hope you can give me more help, thank you very much. |
Could you please run this script on your TA ELF file and attach the output here? Rename it to |
Thanks, I tried this script and realized I had used it before. |
So 0xfc50 is a valid offset into the GOT, should be fine for relocation. Can you post the output of |
|
Which compiler are you using? |
Is the compiler you are asking about referring to gcc? I'm running my qemu VM on ubuntu 20.04 and OP-TEE is running in qemu. |
Yes, please provide the following information:
|
The problem is that
|
OP-TEE 3.8.0. I really haven't tried the latest version of OP-TEE and I don't know how to do the upgrade.
Then I found the compiler in my folder(~/optee/toolchains/aarch64/bin) and executed the file to get the version information.
My return:
|
I recommend updating the compiler you use to build the TA, because I suspect something is wrong with it. 10.2 and 11.3 have been used successfully. You can download 11.3 from https://snapshots.linaro.org/gnu-toolchain/11.3-2022.06-1/aarch64-linux-gnu/ if you wish. |
This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time. |
Dear OPTEE group,
When I called someone else's successful code in REE environment to install and store the private key to TEE, the crash occurred.
This is the command I executed and the error code I returned.
./admin_cli/admin_cli put www.test.com etc/ecdsa_256.key
admin_cli: TEEC_Opensession failed with code 0xffff0000 origin 0x3
The log is as follows:
/TC:? 0 tee_ta_init_pseudo_ta_session:280 Lookup pseudo TA 8aaaf200-2450-11e4-6969-696969696969
D/TC:? 0 load_ldelf:704 ldelf load address 0x40006000
D/LD: ldelf:134 Loading TA 8aaaf200-2450-11e4-6969-696969696969
D/TC:? 0 tee_ta_init_session_with_context:573 Re-open TA 3a2f8978-5dc0-11e8-9c2d-fa7ae01bbebc
D/TC:? 0 system_open_ta_binary:250 Lookup user TA ELF 8aaaf200-2450-11e4-6969-696969696969 (Secure Storage TA)
D/TC:? 0 system_open_ta_binary:253 res=0xffff0008
D/TC:? 0 system_open_ta_binary:250 Lookup user TA ELF 8aaaf200-2450-11e4-6969-696969696969 (REE)
D/TC:? 0 system_open_ta_binary:253 res=0x0
D/TC:1 0 abort_handler:524 [abort] abort in User mode (TA will panic)
E/TC:? 0
E/TC:? 0 User TA data-abort at address 0x4007d5c0 (write permission fault)
E/TC:? 0 esr 0x9200004f ttbr0 0x200000e18a020 ttbr1 0x00000000 cidr 0x0
E/TC:? 0 cpu #1 cpsr 0x60000100
E/TC:? 0 x0 000000004006e000 x1 000000004007e170
E/TC:? 0 x2 000000000000f628 x3 000000000000f5c0
E/TC:? 0 x4 0000000000000403 x5 000000004007d5c0
E/TC:? 0 x6 0000000000000000 x7 0000000040010ef0
E/TC:? 0 x8 0000000000000007 x9 0000000000000011
E/TC:? 0 x10 0000000040005e98 x11 0000000040005e94
E/TC:? 0 x12 0000000000000000 x13 0000000040005ce8
E/TC:? 0 x14 0000000000000000 x15 0000000000000000
E/TC:? 0 x16 000000000e11e44c x17 3107c3c500000000
E/TC:? 0 x18 ab2163cc00000000 x19 0000000040010ef0
E/TC:? 0 x20 000000004007d628 x21 0000000000000003
E/TC:? 0 x22 000000004007d888 x23 000000004007d8d0
E/TC:? 0 x24 0000000000000001 x25 000000004007d778
E/TC:? 0 x26 0000000040010984 x27 0000000000000009
E/TC:? 0 x28 0000000000000018 x29 0000000040005ef0
E/TC:? 0 x30 00000000400063d8 elr 00000000400092b0
E/TC:? 0 sp_el0 0000000040005ef0
E/TC:? 0 region 0: va 0x0000000040000000 pa 0x000000000e102000 size 0x002000 flags ---R-X
E/TC:? 0 region 1: va 0x0000000040002000 pa 0x000000000e17c000 size 0x001000 flags ---RW-
E/TC:? 0 region 2: va 0x0000000040004000 pa 0x000000000e300000 size 0x002000 flags rw-RW-
E/TC:? 0 region 3: va 0x0000000040006000 pa 0x000000000e302000 size 0x007000 flags r-x---
E/TC:? 0 region 4: va 0x000000004000d000 pa 0x000000000e309000 size 0x001000 flags rw-RW-
E/TC:? 0 region 5: va 0x000000004000e000 pa 0x000000000e30a000 size 0x003000 flags rw-RW-
E/TC:? 0 region 6: va 0x0000000040011000 pa 0x000000000e30d000 size 0x001000 flags r--R--
E/TC:? 0 region 7: va 0x0000000040012000 pa 0x000000000e332000 size 0x011000 flags rw-RW-
E/TC:? 0 region 8: va 0x000000004006e000 pa 0x000000000e30e000 size 0x010000 flags r-xR--
E/TC:? 0 region 9: va 0x000000004007e000 pa 0x000000000e31e000 size 0x014000 flags rw-RW-
E/TC:? 0 init_with_ldelf:229 ldelf panicked
D/TC:? 0 tee_ta_close_session:499 csess 0xe178b20 id 1
D/TC:? 0 tee_ta_close_session:518 Destroy session
D/TC:? 0 destroy_context:298 Destroy TA ctx (0xe178ac0)
D/TC:? 0 tee_ta_close_session:499 csess 0xe178320 id 1
D/TC:? 0 tee_ta_close_session:518 Destroy session
E/TC:? 0 tee_ta_open_session:728 Failed. Return error 0xffff0000
Do you have any advice on how I can solve/block the fault?
Thanks,
Guagua
The text was updated successfully, but these errors were encountered: