Hi all,
Looks like the shared memory allocated by linux tee driver (via IOCTL TEE_IOC_SHM_ALLOC) is not zeroed out.
I verified this by modifying tee_client_api.c for checking for non-null bytes in mmap memory in function: TEEC_AllocateSharedMemory.
This could be exploited to leak data.
Is there any reason why it is not Zeroed out? or Am i missing something?
-Best,
Aravind