Make psa_destroy_key threadsafe

We do not require linearizability in the case of destroying a key in use. Using a key and destroying it simultaneously will not cause any issues as the user will only use the copy of the key in the slot. Two simulatenous deletion calls to one key cannot interfere, the first caller sets the slot's state to PENDING_DELETION, the second caller will back off. Remove outdated comment about one key being in multiple slots, psa_open_key does not put the key into a new slot. Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-25 17:56:32 +00:00 · 2024-01-25 17:56:32 +00:00 · c053d968f2
commit c053d968f2
parent 16abd59a62
1 changed files with 18 additions and 8 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -1071,6 +1071,10 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
        return status;
    }

+#if defined(MBEDTLS_THREADING_C)
+    PSA_THREADING_CHK_GOTO_EXIT(mbedtls_mutex_lock(
+                                    &mbedtls_threading_key_slot_mutex));
+#endif
    /* Set the key slot containing the key description's state to
     * PENDING_DELETION. This stops new operations from registering
     * to read the slot. Current readers can safely continue to access
@ -1079,7 +1083,12 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
     * If the key is persistent, we can now delete the copy of the key
     * from memory. If the key is opaque, we require the driver to
     * deal with the deletion. */
-    slot->state = PSA_SLOT_PENDING_DELETION;
+    status = psa_key_slot_state_transition(slot, PSA_SLOT_FULL,
+                                           PSA_SLOT_PENDING_DELETION);
+
+    if (status != PSA_SUCCESS) {
+        goto exit;
+    }

    if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) {
        /* Refuse the destruction of a read-only key (which may or may not work
@ -1134,11 +1143,6 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
        if (overall_status == PSA_SUCCESS) {
            overall_status = status;
        }
-
-        /* TODO: other slots may have a copy of the same key. We should
-         * invalidate them.
-         * https://github.com/ARMmbed/mbed-crypto/issues/214
-         */
    }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */

@ -1159,8 +1163,14 @@ exit:
    /* Unregister from reading the slot. If we are the last active reader
     * then this will wipe the slot. */
    status = psa_unregister_read(slot);
-    /* Prioritize CORRUPTION_DETECTED from unregistering over
-     * a storage error. */
+
+#if defined(MBEDTLS_THREADING_C)
+    PSA_THREADING_CHK_RET(mbedtls_mutex_unlock(
+                              &mbedtls_threading_key_slot_mutex));
+#endif
+
+    /* Prioritize CORRUPTION_DETECTED from unregistering or
+     * SERVICE_FAILURE from unlocking over a storage error. */
    if (status != PSA_SUCCESS) {
        overall_status = status;
    }