From 50cc174ca7725722684baf898bc36853e8b13d22 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <Andrzej.Kurek@arm.com>
Date: Mon, 29 Nov 2021 16:39:32 +0100
Subject: [PATCH] Add readers-writer locking to multipart operation id checks

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 library/psa_crypto.c | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 90669a923627..f37348c248e6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4309,6 +4309,10 @@ psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation,
         operation->ad_remaining -= input_length;
     }
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
 
     status = psa_get_and_lock_key_slot( operation->key_id, &slot );
     if( status != PSA_SUCCESS )
@@ -4332,6 +4336,10 @@ psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation,
         operation->ad_started = 1;
     else
         psa_aead_abort( operation );
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
 
     return( status );
 }
@@ -4382,6 +4390,11 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
         operation->body_remaining -= input_length;
     }
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_get_and_lock_key_slot( operation->key_id, &slot );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4406,6 +4419,11 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
     else
         psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }
 
@@ -4436,6 +4454,11 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
     *ciphertext_length = 0;
     *tag_length = tag_size;
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_aead_final_checks( operation );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4481,6 +4504,11 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
 
     psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }
 
@@ -4498,6 +4526,11 @@ psa_status_t psa_aead_verify( psa_aead_operation_t *operation,
 
     *plaintext_length = 0;
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_lock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     status = psa_aead_final_checks( operation );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4530,6 +4563,11 @@ psa_status_t psa_aead_verify( psa_aead_operation_t *operation,
 exit:
     psa_aead_abort( operation );
 
+#if defined(MBEDTLS_THREADING_C)
+    if( mbedtls_rwlock_unlock_reader( &mbedtls_psa_slots_lock ) != 0 )
+        return( PSA_ERROR_BAD_STATE );
+#endif
+
     return( status );
 }