Turn off CFI for the Keymaster VTS
On a bramble device, observed a crash in the VTS binary itself when
executing BoringSSL signature verification code locally (i.e. with no
KeyMaster interaction involved).
The crash call stack involves CFI checks, and seems to occur at the
point when some BoringSSL digest calculation code invokes a function
pointer.
- SHA1_Update passes &sha1_block_data_order to (inlined)...
- crypto_md32_update() which invokes the function pointer
via its block_func parameter.
Moving the BoringSSL dependency from static_libs: libcrypto_static to
shared_libs: libcrypto makes the crash go away, but a smaller change
that also fixes the problem is to disable CFI checks for the test
binary.
This approach was inspired by:
https://googleplex-android.googlesource.com/platform/system/security/+/ab65cd0e89829675fec75d629019b10511584100%5E%21/#F0
The same problem looks to be relevant for the bugs listed below.
Bug: 206496340
Bug: 206498742
Test: VtsHalKeymasterV4_0TargetTest --gtest_filter="*VerificationOperationsTest.RsaAllPaddingsAndDigests*"
Change-Id: I12b145dad5535846d68c97954d31a93123bb95e7
diff --git a/keymaster/4.0/vts/functional/Android.bp b/keymaster/4.0/vts/functional/Android.bp
index a7be660..8e5a0ff 100644
--- a/keymaster/4.0/vts/functional/Android.bp
+++ b/keymaster/4.0/vts/functional/Android.bp
@@ -41,6 +41,10 @@
"general-tests",
"vts",
],
+ sanitize: {
+ cfi: false,
+ },
+
}
cc_test_library {