Initialize and free the key slot mutex

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2025-03-01 13:13:28 +00:00 · 2024-01-08 11:10:03 +00:00 · 2024-01-08 11:10:03 +00:00 · 846889355c
commit 846889355c
parent 491f7e5ac3
2 changed files with 24 additions and 1 deletions
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@ -147,7 +147,14 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory(

 psa_status_t psa_initialize_key_slots(void)
 {
-    /* Nothing to do: program startup and psa_wipe_all_key_slots() both
+#if defined(MBEDTLS_THREADING_C)
+    /* Initialize the global key slot mutex. */
+    if (!global_data.key_slots_initialized) {
+        mbedtls_mutex_init(&global_data.key_slot_mutex);
+    }
+#endif
+
+    /* Program startup and psa_wipe_all_key_slots() both
     * guarantee that the key slots are initialized to all-zero, which
     * means that all the key slots are in a valid, empty state. */
    global_data.key_slots_initialized = 1;
@ -164,6 +171,14 @@ void psa_wipe_all_key_slots(void)
        slot->state = PSA_SLOT_PENDING_DELETION;
        (void) psa_wipe_key_slot(slot);
    }
+
+#if defined(MBEDTLS_THREADING_C)
+    /* Free the global key slot mutex. */
+    if (global_data.key_slots_initialized) {
+        mbedtls_mutex_free(&global_data.key_slot_mutex);
+    }
+#endif
+
    global_data.key_slots_initialized = 0;
 }

--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@ -85,6 +85,10 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
                                       psa_key_slot_t **p_slot);

 /** Initialize the key slot structures.
+ * If multi-threading is enabled then initialize the key slot mutex.
+ * This function is not thread-safe,
+ * if called by competing threads the key slot mutex may be initialized
+ * more than once.
 *
 * \retval #PSA_SUCCESS
 *         Currently this function always succeeds.
@ -92,6 +96,10 @@ psa_status_t psa_get_and_lock_key_slot(mbedtls_svc_key_id_t key,
 psa_status_t psa_initialize_key_slots(void);

 /** Delete all data from key slots in memory.
+ * If multi-threading is enabled then free the key slot mutex.
+ * This function is not thread-safe,
+ * if called by competing threads the key slot mutex may be freed
+ * more than once.
 *
 * This does not affect persistent storage. */
 void psa_wipe_all_key_slots(void);