diff options
author | Neil Horman <nhorman@openssl.org> | 2024-04-15 22:56:29 +0200 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-04-19 15:22:53 +0200 |
commit | 24d16d3a1915a06a2130385a87de9a37fc09c4b9 (patch) | |
tree | 2add2328ebad114d63abcc440f0cbf3325eda44b /crypto/context.c | |
parent | OSSL_STORE: Add reference docs for the built-in Windows store implementation (diff) | |
download | openssl-24d16d3a1915a06a2130385a87de9a37fc09c4b9.tar.xz openssl-24d16d3a1915a06a2130385a87de9a37fc09c4b9.zip |
Make rcu_thread_key context-aware
Currently, rcu has a global bit of data, the CRYPTO_THREAD_LOCAL object
to store per thread data. This works in some cases, but fails in FIPS,
becuase it contains its own copy of the global key.
So
1) Make the rcu_thr_key a per-context variable, and force
ossl_rcu_lock_new to be context aware
2) Store a pointer to the context in the lock object
3) Use the context to get the global thread key on read/write lock
4) Use ossl_thread_start_init to properly register a cleanup on thread
exit
5) Fix up missed calls to OSSL_thread_stop() in our tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24162)
Diffstat (limited to 'crypto/context.c')
-rw-r--r-- | crypto/context.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/crypto/context.c b/crypto/context.c index 33d52a964b..3d55084d7b 100644 --- a/crypto/context.c +++ b/crypto/context.c @@ -29,6 +29,7 @@ struct ossl_lib_ctx_st { void *global_properties; void *drbg; void *drbg_nonce; + CRYPTO_THREAD_LOCAL rcu_local_key; #ifndef FIPS_MODULE void *provider_conf; void *bio_core; @@ -81,9 +82,12 @@ static int context_init(OSSL_LIB_CTX *ctx) { int exdata_done = 0; + if (!CRYPTO_THREAD_init_local(&ctx->rcu_local_key, NULL)) + return 0; + ctx->lock = CRYPTO_THREAD_lock_new(); if (ctx->lock == NULL) - return 0; + goto err; ctx->rand_crngt_lock = CRYPTO_THREAD_lock_new(); if (ctx->rand_crngt_lock == NULL) @@ -209,6 +213,7 @@ static int context_init(OSSL_LIB_CTX *ctx) CRYPTO_THREAD_lock_free(ctx->rand_crngt_lock); CRYPTO_THREAD_lock_free(ctx->lock); + CRYPTO_THREAD_cleanup_local(&ctx->rcu_local_key); memset(ctx, '\0', sizeof(*ctx)); return 0; } @@ -355,6 +360,7 @@ static int context_deinit(OSSL_LIB_CTX *ctx) CRYPTO_THREAD_lock_free(ctx->lock); ctx->rand_crngt_lock = NULL; ctx->lock = NULL; + CRYPTO_THREAD_cleanup_local(&ctx->rcu_local_key); return 1; } @@ -652,3 +658,11 @@ const char *ossl_lib_ctx_get_descriptor(OSSL_LIB_CTX *libctx) return "Non-default library context"; #endif } + +CRYPTO_THREAD_LOCAL *ossl_lib_ctx_get_rcukey(OSSL_LIB_CTX *libctx) +{ + libctx = ossl_lib_ctx_get_concrete(libctx); + if (libctx == NULL) + return NULL; + return &libctx->rcu_local_key; +} |