Skip to content

Commit

Permalink
core: fail build when CFG_INSECURE=n used with unsafe RNG seed
Browse files Browse the repository at this point in the history 
A production build needs a proper RNG seed. Fail the build when
CFG_INSECURE=n is used in conjunction with the default weak stub
implementation of plat_rng_init().

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
  • Loading branch information
@saschahauer @jforissier
saschahauer authored and jforissier committed Feb 3, 2025
1 parent fe33e97 commit fbffc8a
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions core/tee/tee_cryp_utl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -200,7 +200,14 @@ void __plat_rng_init(void)
}
}

/*
* Override this in your platform code. This default implementation only seeds
* the random number generator from an easily predictable timestamp value or a
* constant value. It is not suitable for a secure environment.
*/
#ifdef CFG_INSECURE
void plat_rng_init(void) __weak __alias("__plat_rng_init");
#endif

static TEE_Result tee_cryp_init(void)
{
Expand Down

0 comments on commit fbffc8a

Please sign in to comment.