Make multi-part cipher operations thread-safe Within setup we create a copy of the key and put it in the operation field. After setup, we only ever use the new copy, and do not interact with any key slots. Therefore we need only register as a reader of the key during setup, then unregister after we stop accessing the key. Simultaneous API calls on the same operation object are not thread-safe. Signed-off-by: Ryan Everett <ryan.everett@arm.com>

commit: c0053cc4999a8265736ad5df24afd03ac13f042c [log] [tgz]
author: Ryan Everett <ryan.everett@arm.com> Wed Feb 14 16:27:13 2024 +0000
committer: Ryan Everett <ryan.everett@arm.com> Thu Feb 22 10:27:52 2024 +0000
tree: 1754d27686bbb62c9a4228786d495846ced65c95
parent: 291267f4866c87e8e79e31453775cbebcb0f20c3 [diff]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 66af7cf..c51bb8d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -4088,7 +4088,7 @@
         psa_cipher_abort(operation);
     }
 
-    unlock_status = psa_unregister_read(slot);
+    unlock_status = psa_unregister_read_under_mutex(slot);
 
     return (status == PSA_SUCCESS) ? unlock_status : status;
 }
commit	c0053cc4999a8265736ad5df24afd03ac13f042c	[log] [tgz]
author	Ryan Everett <ryan.everett@arm.com>	Wed Feb 14 16:27:13 2024 +0000
committer	Ryan Everett <ryan.everett@arm.com>	Thu Feb 22 10:27:52 2024 +0000
tree	1754d27686bbb62c9a4228786d495846ced65c95
parent	291267f4866c87e8e79e31453775cbebcb0f20c3 [diff]