From fde0384e556d7389081f90620a167dda0def9652 Mon Sep 17 00:00:00 2001
From: r4ndd00d <96065215+r4ndd00d@users.noreply.github.com>
Date: Fri, 15 Nov 2024 12:08:40 +0100
Subject: [PATCH] ta: warning on TA/PTA shared buffer handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added a warning regarding buffer reference handling in TA/PTA.

Link: https://github.com/OP-TEE/optee_os/issues/7131

Signed-off-by: Pierre-Sébastien Bost <ps.bost@gmail.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
---
 building/trusted_applications.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/building/trusted_applications.rst b/building/trusted_applications.rst
index accf555..fef95c3 100644
--- a/building/trusted_applications.rst
+++ b/building/trusted_applications.rst
@@ -347,6 +347,14 @@ sequence:
         }
     }
 
+.. warning::
+  As stated in the Global API documentation (v1.3.1, section 4.11.1), memory 
+  references (``TEE_PARAM_TYPE_MEMREF_*``) underlying buffers are not locked 
+  for TEE exclusive access and can therefore be modified by a non-secure client 
+  during command processing. It is the reponsability of the TA (or PTA) to ensure 
+  data immutability during command execution, if such a property is needed. 
+  For example, a TA (or PTA) could copy all input data into a locally allocated buffer
+  and only access this copy.
 
 Identifying TA's client
 ***********************