From d6d6a76e46526a396bc2fb4a2b0ab239b26db5d6 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 18:24:21 +0000 Subject: [PATCH 1/4] Add ..._GOTO_RETURN macro Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 47 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 7b167248e8..85eeb1a6d8 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -20,6 +20,9 @@ #include "psa/crypto.h" #include "psa/crypto_se_driver.h" +#if defined(MBEDTLS_THREADING_C) +#include "mbedtls/threading.h" +#endif /** * Tell if PSA is ready for this hash. @@ -111,6 +114,50 @@ typedef struct { } key; } psa_key_slot_t; +typedef enum { + PSA_MUTEX_LOCK = 0, + PSA_MUTEX_UNLOCK, +} psa_mutex_operation_t; + +/** If threading is enabled: perform a lock or unlock operation on the + * key slot mutex. + * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. + * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. + * Returns PSA_ERROR_SERVICE_FAILURE if the operation fails + * and status was PSA_SUCCESS. + * If threading is not enabled, do nothing. + * + * Assumptions: + * psa_status_t status exists. + * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + */ +#if defined(MBEDTLS_THREADING_C) +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) \ + do \ + { \ + if (op == PSA_MUTEX_LOCK) { \ + if (mbedtls_mutex_lock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ + } \ + if (op == PSA_MUTEX_UNLOCK) { \ + if (mbedtls_mutex_unlock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ + } \ + } while (0); +#else +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) +#endif + /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ From 90afb132e067b57a2bbc12c986ac5112e91fc201 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 18:24:36 +0000 Subject: [PATCH 2/4] Add ..._GOTO_EXIT macro Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 40 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 85eeb1a6d8..8b5ac26c6e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -158,6 +158,46 @@ typedef enum { #define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) #endif +/** If threading is enabled: perform a lock or unlock operation on the + * key slot mutex. + * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. + * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. + * This will goto the exit label if the operation fails, + * setting status to PSA_SERVICE_FAILURE if status was PSA_SUCCESS. + * If threading is not enabled, do nothing. + * + * Assumptions: + * psa_status_t status exists. + * Label exit: exists. + * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + */ +#if defined(MBEDTLS_THREADING_C) +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) \ + do \ + { \ + if (op == PSA_MUTEX_LOCK) { \ + if (mbedtls_mutex_lock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ + } \ + if (op == PSA_MUTEX_UNLOCK) { \ + if (mbedtls_mutex_unlock( \ + &mbedtls_threading_key_slot_mutex) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ + } \ + } while (0); +#else +#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) do { } while (0) +#endif + /* A mask of key attribute flags used only internally. * Currently there aren't any. */ #define PSA_KA_MASK_INTERNAL_ONLY ( \ From cb05ce30e990f7e60c47b18af95cf21c8213a614 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Tue, 23 Jan 2024 19:25:10 +0000 Subject: [PATCH 3/4] Minor fixes to locking macros Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 8b5ac26c6e..0e9f83faee 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -144,7 +144,7 @@ typedef enum { return status; \ } \ } \ - if (op == PSA_MUTEX_UNLOCK) { \ + else if (op == PSA_MUTEX_UNLOCK) { \ if (mbedtls_mutex_unlock( \ &mbedtls_threading_key_slot_mutex) != 0) { \ if (status == PSA_SUCCESS) { \ @@ -163,7 +163,7 @@ typedef enum { * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. * This will goto the exit label if the operation fails, - * setting status to PSA_SERVICE_FAILURE if status was PSA_SUCCESS. + * setting status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. * If threading is not enabled, do nothing. * * Assumptions: @@ -184,7 +184,7 @@ typedef enum { goto exit; \ } \ } \ - if (op == PSA_MUTEX_UNLOCK) { \ + else if (op == PSA_MUTEX_UNLOCK) { \ if (mbedtls_mutex_unlock( \ &mbedtls_threading_key_slot_mutex) != 0) { \ if (status == PSA_SUCCESS) { \ From 3877d4858b666b6596743a8fcfdb7b1c6ea54ec5 Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Wed, 24 Jan 2024 13:26:26 +0000 Subject: [PATCH 4/4] Refactor macros Signed-off-by: Ryan Everett --- library/psa_crypto_core.h | 93 +++++++++++---------------------------- 1 file changed, 26 insertions(+), 67 deletions(-) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 0e9f83faee..dc376d7ebf 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -114,88 +114,47 @@ typedef struct { } key; } psa_key_slot_t; -typedef enum { - PSA_MUTEX_LOCK = 0, - PSA_MUTEX_UNLOCK, -} psa_mutex_operation_t; +#if defined(MBEDTLS_THREADING_C) -/** If threading is enabled: perform a lock or unlock operation on the - * key slot mutex. - * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. - * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. +/** Perform a mutex operation and return immediately upon failure. + * * Returns PSA_ERROR_SERVICE_FAILURE if the operation fails * and status was PSA_SUCCESS. - * If threading is not enabled, do nothing. * * Assumptions: * psa_status_t status exists. - * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + * f is a mutex operation which returns 0 upon success. */ -#if defined(MBEDTLS_THREADING_C) -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) \ - do \ - { \ - if (op == PSA_MUTEX_LOCK) { \ - if (mbedtls_mutex_lock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - return PSA_ERROR_SERVICE_FAILURE; \ - } \ - return status; \ - } \ - } \ - else if (op == PSA_MUTEX_UNLOCK) { \ - if (mbedtls_mutex_unlock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - return PSA_ERROR_SERVICE_FAILURE; \ - } \ - return status; \ - } \ - } \ +#define PSA_THREADING_CHK_RET(f) \ + do \ + { \ + if ((f) != 0) { \ + if (status == PSA_SUCCESS) { \ + return PSA_ERROR_SERVICE_FAILURE; \ + } \ + return status; \ + } \ } while (0); -#else -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_RETURN(op) do { } while (0) -#endif -/** If threading is enabled: perform a lock or unlock operation on the - * key slot mutex. - * Call with parameter PSA_MUTEX_LOCK to perform a lock operation. - * Call with parameter PSA_MUTEX_UNLOCK to perform an unlock operation. - * This will goto the exit label if the operation fails, - * setting status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. - * If threading is not enabled, do nothing. +/** Perform a mutex operation and goto exit on failure. + * + * Sets status to PSA_ERROR_SERVICE_FAILURE if status was PSA_SUCCESS. * * Assumptions: * psa_status_t status exists. * Label exit: exists. - * op is PSA_MUTEX_LOCK or PSA_MUTEX_UNLOCK. + * f is a mutex operation which returns 0 upon success. */ -#if defined(MBEDTLS_THREADING_C) -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) \ - do \ - { \ - if (op == PSA_MUTEX_LOCK) { \ - if (mbedtls_mutex_lock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - status = PSA_ERROR_SERVICE_FAILURE; \ - } \ - goto exit; \ - } \ - } \ - else if (op == PSA_MUTEX_UNLOCK) { \ - if (mbedtls_mutex_unlock( \ - &mbedtls_threading_key_slot_mutex) != 0) { \ - if (status == PSA_SUCCESS) { \ - status = PSA_ERROR_SERVICE_FAILURE; \ - } \ - goto exit; \ - } \ - } \ +#define PSA_THREADING_CHK_GOTO_EXIT(f) \ + do \ + { \ + if ((f) != 0) { \ + if (status == PSA_SUCCESS) { \ + status = PSA_ERROR_SERVICE_FAILURE; \ + } \ + goto exit; \ + } \ } while (0); -#else -#define PSA_KEY_SLOT_MUTEX_LOCKFUNC_GOTO_EXIT(op) do { } while (0) #endif /* A mask of key attribute flags used only internally.