Skip to content

Commit d27306b

Browse files
dgarskedgarske
committed
Improve mutex locking protection for concurrent thread usage. Use a global mutex instead of one that is part of TPM2_CTX. ZD 19771
1 parent 122885a commit d27306b

File tree

2 files changed

+22
-43
lines changed

2 files changed

+22
-43
lines changed

src/tpm2.c

Lines changed: 22 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,11 @@ static THREAD_LS_T TPM2_CTX* gActiveTPM;
4242
static volatile int gWolfCryptRefCount = 0;
4343
#endif
4444

45+
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(WOLFTPM_NO_LOCK) && \
46+
!defined(SINGLE_THREADED)
47+
static wolfSSL_Mutex gHwLock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(gHwLock);
48+
#endif
49+
4550
#ifdef WOLFTPM_LINUX_DEV
4651
#define INTERNAL_SEND_COMMAND TPM2_LINUX_SendCommand
4752
#define TPM2_INTERNAL_CLEANUP(ctx)
@@ -61,43 +66,24 @@ static volatile int gWolfCryptRefCount = 0;
6166
/******************************************************************************/
6267
static TPM_RC TPM2_AcquireLock(TPM2_CTX* ctx)
6368
{
64-
#if defined(WOLFTPM2_NO_WOLFCRYPT) || defined(WOLFTPM_NO_LOCK)
65-
(void)ctx;
66-
#else
67-
int ret;
68-
69-
if (!ctx->hwLockInit) {
70-
if (wc_InitMutex(&ctx->hwLock) != 0) {
71-
#ifdef DEBUG_WOLFTPM
72-
printf("TPM Mutex Init failed\n");
73-
#endif
74-
return TPM_RC_FAILURE;
75-
}
76-
ctx->hwLockInit = 1;
77-
ctx->lockCount = 0;
78-
}
79-
80-
if (ctx->lockCount == 0) {
81-
ret = wc_LockMutex(&ctx->hwLock);
82-
if (ret != 0)
83-
return TPM_RC_FAILURE;
69+
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(WOLFTPM_NO_LOCK) && \
70+
!defined(SINGLE_THREADED)
71+
int ret = wc_LockMutex(&gHwLock);
72+
if (ret != 0) {
73+
return TPM_RC_FAILURE;
8474
}
85-
ctx->lockCount++;
8675
#endif
76+
(void)ctx;
8777
return TPM_RC_SUCCESS;
8878
}
8979

9080
static void TPM2_ReleaseLock(TPM2_CTX* ctx)
9181
{
92-
#if defined(WOLFTPM2_NO_WOLFCRYPT) || defined(WOLFTPM_NO_LOCK)
93-
(void)ctx;
94-
#else
95-
ctx->lockCount--;
96-
if (ctx->lockCount == 0) {
97-
wc_UnLockMutex(&ctx->hwLock);
98-
}
99-
82+
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(WOLFTPM_NO_LOCK) && \
83+
!defined(SINGLE_THREADED)
84+
wc_UnLockMutex(&gHwLock);
10085
#endif
86+
(void)ctx;
10187
}
10288

10389
static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
@@ -507,6 +493,9 @@ static inline int TPM2_WolfCrypt_Init(void)
507493
if (rc == 0)
508494
rc = wc_SetSeed_Cb(wc_GenerateSeed);
509495
#endif
496+
#ifndef WOLFSSL_MUTEX_INITIALIZER
497+
wc_InitMutex(&gHwMutex);
498+
#endif
510499
}
511500
gWolfCryptRefCount++;
512501

@@ -697,19 +686,16 @@ TPM_RC TPM2_Cleanup(TPM2_CTX* ctx)
697686
wc_FreeRng(&ctx->rng);
698687
}
699688
#endif
700-
#ifndef WOLFTPM_NO_LOCK
701-
if (ctx->hwLockInit) {
702-
ctx->hwLockInit = 0;
703-
wc_FreeMutex(&ctx->hwLock);
704-
}
705-
#endif
706689

707690
/* track wolf initialize reference count in wolfTPM. wolfCrypt does not
708-
properly track reference count in v4.1 or older releases */
691+
* properly track reference count in v4.1 or older releases */
709692
gWolfCryptRefCount--;
710693
if (gWolfCryptRefCount < 0)
711694
gWolfCryptRefCount = 0;
712695
if (gWolfCryptRefCount == 0) {
696+
#ifndef WOLFSSL_MUTEX_INITIALIZER
697+
wc_FreeMutex(&gHwMutex);
698+
#endif
713699
wolfCrypt_Cleanup();
714700
}
715701
#endif /* !WOLFTPM2_NO_WOLFCRYPT */

wolftpm/tpm2.h

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1855,10 +1855,6 @@ typedef struct TPM2_CTX {
18551855
struct wolfTPM_winContext winCtx;
18561856
#endif
18571857
#ifndef WOLFTPM2_NO_WOLFCRYPT
1858-
#ifndef WOLFTPM_NO_LOCK
1859-
wolfSSL_Mutex hwLock;
1860-
int lockCount;
1861-
#endif
18621858
#ifdef WOLFTPM2_USE_WOLF_RNG
18631859
WC_RNG rng;
18641860
#endif
@@ -1878,9 +1874,6 @@ typedef struct TPM2_CTX {
18781874
byte rid;
18791875
/* Informational Bits - use unsigned int for best compiler compatibility */
18801876
#ifndef WOLFTPM2_NO_WOLFCRYPT
1881-
#ifndef WOLFTPM_NO_LOCK
1882-
unsigned int hwLockInit:1;
1883-
#endif
18841877
#ifndef WC_NO_RNG
18851878
unsigned int rngInit:1;
18861879
#endif

0 commit comments

Comments
 (0)