Make multi-part MAC operations thread-safe

Within setup we create a copy of the key and put it in the operation field.
After setup, we only ever use the new copy - and do not interact with any key slots.
Therefore we need only register as a reader of the key during setup,
then unregister after we stop accessing the key.

Simultaneous API calls on the same operation object are not thread-safe.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This commit is contained in:
Ryan Everett 2024-02-14 12:16:41 +00:00
parent d237190f04
commit fb9857ff9e

View file

@ -2565,7 +2565,7 @@ exit:
psa_mac_abort(operation); psa_mac_abort(operation);
} }
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read_under_mutex(slot);
return (status == PSA_SUCCESS) ? unlock_status : status; return (status == PSA_SUCCESS) ? unlock_status : status;
} }