nrf_security: Make the sxsymcrypt free functions return int

The mac/aead/blockipher _free functions had a void type even though
they are calling the key_clean function pointers which return int.

This changes the return type of the functions to return int so that
they can propagate a possible failure by the key_clean functions.

Signed-off-by: Georgios Vasilakis <[email protected]>

Author: Vge0rge

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/cipher.c

@@ -807,7 +807,13 @@ psa_status_t cracen_cipher_finish(cracen_cipher_operation_t *operation, uint8_t
 
 psa_status_t cracen_cipher_abort(cracen_cipher_operation_t *operation)
 {
-	sx_blkcipher_free(&operation->cipher);
+	int sx_status;
+
+	sx_status = sx_blkcipher_free(&operation->cipher);
+	if (sx_status != SX_OK) {
+		return silex_statuscodes_to_psa(sx_status);
+	}
+
 	safe_memzero(operation, sizeof(cracen_cipher_operation_t));
 	return PSA_SUCCESS;
 }

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_management.c

@@ -1420,6 +1420,7 @@ psa_status_t cracen_export_key(const psa_key_attributes_t *attributes, const uin
 {
 #ifdef CONFIG_PSA_NEED_CRACEN_KMU_DRIVER
 	int status;
+	int nested_err;
 	psa_key_location_t location =
 		PSA_KEY_LIFETIME_GET_LOCATION(psa_get_key_lifetime(attributes));
 
@@ -1454,8 +1455,10 @@ psa_status_t cracen_export_key(const psa_key_attributes_t *attributes, const uin
 			*data_length = key_out_size;
 		}
 
-		(void)cracen_kmu_clean_key(key_buffer);
+		nested_err = cracen_kmu_clean_key(key_buffer);
+
 		nrf_security_mutex_unlock(cracen_mutex_symmetric);
+		status = sx_handle_nested_error(nested_err, status);
 
 		return silex_statuscodes_to_psa(status);
 	}
@@ -1488,26 +1491,30 @@ psa_status_t cracen_copy_key(psa_key_attributes_t *attributes, const uint8_t *so
 					 target_key_buffer_length, &key_bits);
 	}
 
-	int status;
+	int sx_status;
+	int nested_err;
 	psa_status_t psa_status;
 	size_t key_size = PSA_BITS_TO_BYTES(psa_get_key_bits(attributes));
 
 	nrf_security_mutex_lock(cracen_mutex_symmetric);
-	status = cracen_kmu_prepare_key(source_key);
+	sx_status = cracen_kmu_prepare_key(source_key);
 
-	if (status == SX_OK) {
+	if (sx_status == SX_OK) {
 		size_t key_bits;
 
 		psa_status = cracen_import_key(attributes, kmu_push_area, key_size,
 					       target_key_buffer, target_key_buffer_size,
 					       target_key_buffer_length, &key_bits);
 	}
 
-	(void)cracen_kmu_clean_key(source_key);
+	nested_err = cracen_kmu_clean_key(source_key);
+
 	nrf_security_mutex_unlock(cracen_mutex_symmetric);
 
-	if (status != SX_OK) {
-		return silex_statuscodes_to_psa(status);
+	sx_status = sx_handle_nested_error(nested_err, sx_status);
+
+	if (sx_status != SX_OK) {
+		return silex_statuscodes_to_psa(sx_status);
 	}
 
 	return psa_status;

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/include/sxsymcrypt/aes.h

@@ -388,8 +388,10 @@ static inline bool sx_aead_aesccm_nonce_size_is_valid(size_t noncesz)
  * @brief Free resources related to blkcipher operation.
  *
  * @param[out] c block cipher operation context
+ *
+ * @return sxsymcrypt status code.
  */
-void sx_blkcipher_free(struct sxblkcipher *c);
+int sx_blkcipher_free(struct sxblkcipher *c);
 #ifdef __cplusplus
 }
 #endif

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/include/sxsymcrypt/internal.h

@@ -13,6 +13,7 @@ extern "C" {
 #include <stdint.h>
 #include <stddef.h>
 #include <stdbool.h>
+#include <cracen/statuscodes.h>
 
 #ifndef SX_EXTRA_IN_DESCS
 #define SX_EXTRA_IN_DESCS 0
@@ -168,6 +169,20 @@ struct sxcmmask {
 	struct sxchannel channel;
 };
 
+/**
+ * @brief Function to handle CRACEN nested errors in the sxsymcrypt
+ *
+ * @param[in] nested_err	Nested error occurred while handling an error.
+ * @param[in] err		Original error code.
+ *
+ * @return Return the nested error if it is not SX_OK, otherwise return
+ *         the original error code.
+ */
+inline int sx_handle_nested_error(int nested_err, int err)
+{
+	return nested_err ? nested_err != SX_OK : err;
+}
+
 #ifdef __cplusplus
 }
 #endif

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/include/sxsymcrypt/mac.h

@@ -164,8 +164,9 @@ int sx_mac_status(struct sxmac *c);
  *
  * @param[in,out] c MAC operation context
  *
+ * @return sxsymcrypt status code.
  */
-void sx_mac_free(struct sxmac *c);
+int sx_mac_free(struct sxmac *c);
 
 /** Find an available MAC engine for the operation.
  *

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/aead.c

@@ -95,12 +95,15 @@ static int lenAlenC_aesgcm_ba411(size_t aadsz, size_t datasz, uint8_t *out)
 	return 1;
 }
 
-void sx_aead_free(struct sxaead *c)
+int sx_aead_free(struct sxaead *c)
 {
+	int sx_err = SX_OK;
+
 	if (c->key->clean_key) {
-		c->key->clean_key(c->key->user_data);
+		sx_err = c->key->clean_key(c->key->user_data);
 	}
 	sx_cmdma_release_hw(&c->dma);
+	return sx_err;
 }
 
 int sx_aead_hw_reserve(struct sxaead *c)
@@ -130,7 +133,7 @@ int sx_aead_hw_reserve(struct sxaead *c)
 
 exit:
 	if (err != SX_OK) {
-		sx_aead_free(c);
+		return sx_handle_nested_error(sx_aead_free(c), err);
 	}
 
 	return err;
@@ -294,12 +297,10 @@ int sx_aead_feed_aad(struct sxaead *c, const char *aad, size_t aadsz)
 		return SX_ERR_UNINITIALIZED_OBJ;
 	}
 	if (aadsz >= DMA_MAX_SZ) {
-		sx_aead_free(c);
-		return SX_ERR_TOO_BIG;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_TOO_BIG);
 	}
 	if (c->dataintotalsz) {
-		sx_aead_free(c);
-		return SX_ERR_FEED_AFTER_DATA;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_FEED_AFTER_DATA);
 	}
 
 	c->totalaadsz += aadsz;
@@ -324,8 +325,7 @@ int sx_aead_crypt(struct sxaead *c, const char *datain, size_t datainsz, char *d
 		return SX_ERR_UNINITIALIZED_OBJ;
 	}
 	if (datainsz >= DMA_MAX_SZ) {
-		sx_aead_free(c);
-		return SX_ERR_TOO_BIG;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_TOO_BIG);
 	}
 
 	sx_aead_discard_aad(c);
@@ -354,13 +354,12 @@ int sx_aead_produce_tag(struct sxaead *c, char *tagout)
 	if (c->cfg->mode == BA411_MODEID_CCM) {
 		if ((c->dma.dmamem.cfg & c->cfg->ctxload) && (c->datainsz == 0) &&
 		    (c->discardaadsz == 0)) {
-			sx_aead_free(c);
-			return SX_ERR_INPUT_BUFFER_TOO_SMALL;
+			return sx_handle_nested_error(sx_aead_free(c),
+						      SX_ERR_INPUT_BUFFER_TOO_SMALL);
 		}
 	}
 	if ((c->dataintotalsz + c->totalaadsz) < c->cfg->inputminsz) {
-		sx_aead_free(c);
-		return SX_ERR_INCOMPATIBLE_HW;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_INCOMPATIBLE_HW);
 	}
 
 	if (c->cfg->lenAlenC(c->totalaadsz, c->dataintotalsz, &c->extramem[0])) {
@@ -385,13 +384,12 @@ int sx_aead_verify_tag(struct sxaead *c, const char *tagin)
 	if (c->cfg->mode == BA411_MODEID_CCM) {
 		if ((c->dma.dmamem.cfg & c->cfg->ctxload) && (c->datainsz == 0) &&
 		    (c->discardaadsz == 0)) {
-			sx_aead_free(c);
-			return SX_ERR_INPUT_BUFFER_TOO_SMALL;
+			return sx_handle_nested_error(sx_aead_free(c),
+						      SX_ERR_INPUT_BUFFER_TOO_SMALL);
 		}
 	}
 	if ((c->dataintotalsz + c->totalaadsz) < c->cfg->inputminsz) {
-		sx_aead_free(c);
-		return SX_ERR_INCOMPATIBLE_HW;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_INCOMPATIBLE_HW);
 	}
 
 	if (c->cfg->lenAlenC(c->totalaadsz, c->dataintotalsz, &c->extramem[0])) {
@@ -449,8 +447,7 @@ int sx_aead_save_state(struct sxaead *c)
 	}
 
 	if (c->cfg->statesz == 0) {
-		sx_aead_free(c);
-		return SX_ERR_CONTEXT_SAVING_NOT_SUPPORTED;
+		return sx_handle_nested_error(sx_aead_free(c), SX_ERR_CONTEXT_SAVING_NOT_SUPPORTED);
 	}
 
 	sx_aead_discard_aad(c);
@@ -477,8 +474,7 @@ int sx_aead_status(struct sxaead *c)
 		return r;
 	}
 	if (r) {
-		sx_aead_free(c);
-		return r;
+		return sx_handle_nested_error(sx_aead_free(c), r);
 	}
 
 #if CONFIG_DCACHE
@@ -491,9 +487,7 @@ int sx_aead_status(struct sxaead *c)
 			    : SX_OK;
 	}
 
-	sx_aead_free(c);
-
-	return r;
+	return sx_handle_nested_error(sx_aead_free(c), r);
 }
 
 int sx_aead_wait(struct sxaead *c)

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/src/blkcipher.c

@@ -78,12 +78,14 @@ static const struct sx_blkcipher_cmdma_cfg ba411xtscfg = {
 	.blocksz = BLKCIPHER_BLOCK_SZ,
 };
 
-void sx_blkcipher_free(struct sxblkcipher *c)
+int sx_blkcipher_free(struct sxblkcipher *c)
 {
+	int sx_err = SX_OK;
 	if (c->key.clean_key) {
-		c->key.clean_key(c->key.user_data);
+		sx_err = c->key.clean_key(c->key.user_data);
 	}
 	sx_cmdma_release_hw(&c->dma);
+	return sx_err;
 }
 
 
@@ -111,7 +113,7 @@ static int sx_blkcipher_hw_reserve(struct sxblkcipher *c)
 
 exit:
 	if (err != SX_OK) {
-		sx_blkcipher_free(c);
+		return sx_handle_nested_error(sx_blkcipher_free(c), err);
 	}
 
 	return SX_OK;
@@ -269,8 +271,7 @@ int sx_blkcipher_crypt(struct sxblkcipher *c, const char *datain, size_t sz, cha
 		return SX_ERR_UNINITIALIZED_OBJ;
 	}
 	if (sz >= DMA_MAX_SZ) {
-		sx_blkcipher_free(c);
-		return SX_ERR_TOO_BIG;
+		return sx_handle_nested_error(sx_blkcipher_free(c), SX_ERR_TOO_BIG);
 	}
 
 	c->textsz += sz;
@@ -287,12 +288,10 @@ int sx_blkcipher_run(struct sxblkcipher *c)
 	}
 
 	if (c->textsz < c->cfg->inminsz) {
-		sx_blkcipher_free(c);
-		return SX_ERR_INPUT_BUFFER_TOO_SMALL;
+		return sx_handle_nested_error(sx_blkcipher_free(c), SX_ERR_INPUT_BUFFER_TOO_SMALL);
 	}
 	if (c->textsz % c->cfg->granularity) {
-		sx_blkcipher_free(c);
-		return SX_ERR_WRONG_SIZE_GRANULARITY;
+		return sx_handle_nested_error(sx_blkcipher_free(c), SX_ERR_WRONG_SIZE_GRANULARITY);
 	}
 
 	if (c->dma.dmamem.cfg & c->cfg->ctxsave) {
@@ -345,17 +344,15 @@ int sx_blkcipher_save_state(struct sxblkcipher *c)
 	}
 
 	if (c->cfg->statesz == 0) {
-		sx_blkcipher_free(c);
-		return SX_ERR_CONTEXT_SAVING_NOT_SUPPORTED;
+		return sx_handle_nested_error(sx_blkcipher_free(c),
+					      SX_ERR_CONTEXT_SAVING_NOT_SUPPORTED);
 	}
 
 	if (c->textsz < c->cfg->blocksz) {
-		sx_blkcipher_free(c);
-		return SX_ERR_INPUT_BUFFER_TOO_SMALL;
+		return sx_handle_nested_error(sx_blkcipher_free(c), SX_ERR_INPUT_BUFFER_TOO_SMALL);
 	}
 	if (c->textsz & (c->cfg->blocksz - 1)) {
-		sx_blkcipher_free(c);
-		return SX_ERR_WRONG_SIZE_GRANULARITY;
+		return sx_handle_nested_error(sx_blkcipher_free(c), SX_ERR_WRONG_SIZE_GRANULARITY);
 	}
 
 	c->dma.dmamem.cfg |= c->cfg->ctxsave;
@@ -384,9 +381,7 @@ int sx_blkcipher_status(struct sxblkcipher *c)
 	sys_cache_data_invd_range((void *)&c->extramem, sizeof(c->extramem));
 #endif
 
-	sx_blkcipher_free(c);
-
-	return r;
+	return sx_handle_nested_error(sx_blkcipher_free(c), r);
 }
 
 int sx_blkcipher_wait(struct sxblkcipher *c)