Make one shot operations thread safe

These all follow a pattern of locking some key slot,
reading its contents, and then unregistering from reading the slot.
psa_copy_key also writes to another slot,
but calls the functions needed to be threadsafe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This commit is contained in:
Ryan Everett 2024-01-31 13:59:57 +00:00
parent fb792cad31
commit a103ec9ad4

View file

@ -1285,7 +1285,7 @@ psa_status_t psa_get_key_attributes(mbedtls_svc_key_id_t key,
psa_reset_key_attributes(attributes);
}
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -1381,7 +1381,7 @@ psa_status_t psa_export_key(mbedtls_svc_key_id_t key,
slot->key.data, slot->key.bytes,
data, data_size, data_length);
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -1495,7 +1495,7 @@ psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
data, data_size, data_length);
exit:
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -2167,7 +2167,7 @@ exit:
psa_fail_key_creation(target_slot, driver);
}
unlock_status = psa_unregister_read(source_slot);
unlock_status = psa_unregister_read_under_mutex(source_slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -2674,7 +2674,7 @@ exit:
psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length);
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -2818,7 +2818,7 @@ exit:
psa_wipe_tag_output_buffer(signature, status, signature_size,
*signature_length);
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -2866,7 +2866,7 @@ static psa_status_t psa_verify_internal(mbedtls_svc_key_id_t key,
signature, signature_length);
}
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
@ -3133,7 +3133,7 @@ psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key,
alg, input, input_length, salt, salt_length,
output, output_size, output_length);
exit:
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -3185,7 +3185,7 @@ psa_status_t psa_asymmetric_decrypt(mbedtls_svc_key_id_t key,
output, output_size, output_length);
exit:
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}
@ -4256,7 +4256,7 @@ psa_status_t psa_cipher_encrypt(mbedtls_svc_key_id_t key,
output_size - default_iv_length, output_length);
exit:
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
if (status == PSA_SUCCESS) {
status = unlock_status;
}
@ -4317,7 +4317,7 @@ psa_status_t psa_cipher_decrypt(mbedtls_svc_key_id_t key,
output, output_size, output_length);
exit:
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
if (status == PSA_SUCCESS) {
status = unlock_status;
}
@ -4443,7 +4443,7 @@ psa_status_t psa_aead_encrypt(mbedtls_svc_key_id_t key,
}
exit:
psa_unregister_read(slot);
psa_unregister_read_under_mutex(slot);
return status;
}
@ -4498,7 +4498,7 @@ psa_status_t psa_aead_decrypt(mbedtls_svc_key_id_t key,
}
exit:
psa_unregister_read(slot);
psa_unregister_read_under_mutex(slot);
return status;
}
@ -7151,7 +7151,7 @@ exit:
*output_length = output_size;
}
unlock_status = psa_unregister_read(slot);
unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status;
}