-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src: add proper mutexes for accessing FIPS state #42278
Conversation
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections.
Review requested:
|
src/crypto/crypto_util.cc
Outdated
// TODO: This should not be possible to set from worker threads. | ||
// CHECK(env->owns_process_state()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left out because this could be seen as a semver-major change. If we don’t think it’s semver-major, I’m happy to add this as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it worth doing this for Node.js 18 as a semver-major anyway?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, sure. It’s just not quite as important and I didn’t want to make this PR one that wouldn’t be backported.
This comment was marked as outdated.
This comment was marked as outdated.
@@ -136,7 +136,13 @@ bool InitCryptoOnce(Isolate* isolate) { | |||
return true; | |||
} | |||
|
|||
// Protect accesses to FIPS state with a mutex. This should potentially | |||
// be part of a larger mutex for global OpenSSL state. | |||
static Mutex fips_mutex; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This makes sense for semantic reasons, but is my understanding correct that this is technically not required since per_process::cli_options_mutex
will already guarantee mutually exclusive access whenever fips_mutex
is used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that is correct as far as the current state of this PR is concerned. 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for clarifying! 😃
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with or without fips_mutex
.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
I have no idea what's going on with arm CI... |
This comment was marked as outdated.
This comment was marked as outdated.
Landed in 1c69dfe |
|
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: nodejs#42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: #42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: nodejs#42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: #42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: #42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: #42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes accesses to global OpenSSL state without any protection against parallel modifications from multiple threads. This commit adds such protections. PR-URL: nodejs/node#42278 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
The FIPS state handling and OpenSSL initialization code makes
accesses to global OpenSSL state without any protection against
parallel modifications from multiple threads.
This commit adds such protections.