There is a warning in _plat__GetUnique():
platform/Unique.c: In function ‘_plat__GetUnique’:
platform/Unique.c:77:51: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
The array is accessed incorrectly and fixed easily. However, when looking closer at this, there are more issues.
deviceUniqueValue is supposed to be a buffer large enough to hold a TEE_UUID and one more byte, but it's declared as an array of char pointers instead of only char.- The value appears to be used to protect secrets, yet a value accessible by any TA is used.
- The function has a very complicated way of copying the data into the buffer.
There is a warning in _plat__GetUnique():
The array is accessed incorrectly and fixed easily. However, when looking closer at this, there are more issues.
deviceUniqueValueis supposed to be a buffer large enough to hold a TEE_UUID and one more byte, but it's declared as an array of char pointers instead of only char.