Add readers-writer locking to multipart operation id checks

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Mbed-TLS · Nov 29, 2021 · 50cc174 · 50cc174
1 parent b7948b6
commit 50cc174
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
@@ -4309,6 +4309,10 @@ psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation,
         operation->ad_remaining -= input_length;
     }
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
 
     status = psa_get_and_lock_key_slot( operation->key_id, &slot );
     if( status != PSA_SUCCESS )
@@ -4332,6 +4336,10 @@ psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation,
         operation->ad_started = 1;
     else
         psa_aead_abort( operation );
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
 
     return( status );
 }
@@ -4382,6 +4390,11 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
         operation->body_remaining -= input_length;
     }
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_get_and_lock_key_slot( operation->key_id, &slot );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4406,6 +4419,11 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
     else
         psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }
 
@@ -4436,6 +4454,11 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
     *ciphertext_length = 0;
     *tag_length = tag_size;
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_aead_final_checks( operation );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4481,6 +4504,11 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
 
     psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }
 
@@ -4498,6 +4526,11 @@ psa_status_t psa_aead_verify( psa_aead_operation_t *operation,
 
     *plaintext_length = 0;
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_aead_final_checks( operation );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4530,6 +4563,11 @@ psa_status_t psa_aead_verify( psa_aead_operation_t *operation,
 exit:
     psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }