From: lizhi <lizhi206@huawei.com> 1. Atomic variables may cause race conditions in multi-thread, replace them with thread locks. 2. Add null check conditions for the obtained soft computing functions. Signed-off-by: lizhi <lizhi206@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_prov_sm2.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/src/uadk_prov_sm2.c b/src/uadk_prov_sm2.c index 465e233..b748414 100644 --- a/src/uadk_prov_sm2.c +++ b/src/uadk_prov_sm2.c @@ -32,6 +32,9 @@ #define SM2_GET_SIGNLEN 1 #define SM3_DIGEST_LENGTH 32 +static pthread_mutex_t sign_mutex = PTHREAD_MUTEX_INITIALIZER; +static pthread_mutex_t asym_mutex = PTHREAD_MUTEX_INITIALIZER; + UADK_PKEY_KEYMGMT_DESCR(sm2, SM2); UADK_PKEY_SIGNATURE_DESCR(sm2, SM2); UADK_PKEY_ASYM_CIPHER_DESCR(sm2, SM2); @@ -703,19 +706,19 @@ static UADK_PKEY_SIGNATURE get_default_sm2_signature(void) static UADK_PKEY_SIGNATURE s_signature; static int initilazed; - if (__atomic_compare_exchange_n(&initilazed, &(int){0}, 1, false, __ATOMIC_SEQ_CST, - __ATOMIC_SEQ_CST)) { + pthread_mutex_lock(&sign_mutex); + if (!initilazed) { UADK_PKEY_SIGNATURE *signature = (UADK_PKEY_SIGNATURE *)EVP_SIGNATURE_fetch(NULL, "SM2", "provider=default"); - if (signature) { s_signature = *signature; EVP_SIGNATURE_free((EVP_SIGNATURE *)signature); + initilazed = 1; } else { - __atomic_store_n(&initilazed, 0, __ATOMIC_SEQ_CST); fprintf(stderr, "failed to EVP_SIGNATURE_fetch default SM2 provider\n"); } } + pthread_mutex_unlock(&sign_mutex); return s_signature; } @@ -988,7 +991,7 @@ static int uadk_prov_sm2_update_sess(SM2_PROV_CTX *smctx) static int uadk_signature_sm2_sign_init_sw(void *vpsm2ctx, void *ec, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().sign_init) { fprintf(stderr, "switch to software sm2 sign_init.\n"); return get_default_sm2_signature().sign_init(vpsm2ctx, ec, params); } @@ -1327,7 +1330,7 @@ uninit_iot: static int uadk_signature_sm2_sign_sw(void *vpsm2ctx, unsigned char *sig, size_t *siglen, size_t sigsize, const unsigned char *tbs, size_t tbslen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().sign) { fprintf(stderr, "switch to soft sm2 sign\n"); return get_default_sm2_signature().sign(vpsm2ctx, sig, siglen, sigsize, tbs, tbslen); @@ -1509,7 +1512,7 @@ uninit_iot: static int uadk_signature_sm2_verify_sw(void *vpsm2ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().verify) { fprintf(stderr, "switch to soft sm2 verify\n"); return get_default_sm2_signature().verify(vpsm2ctx, sig, siglen, tbs, tbslen); } @@ -2170,7 +2173,7 @@ static int uadk_prov_sm2_locate_id_digest(PROV_SM2_SIGN_CTX *psm2ctx, const OSS static int uadk_signature_sm2_set_ctx_params_sw(void *vpsm2ctx, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_signature().set_ctx_params) { fprintf(stderr, "switch to software sm2 set_ctx_params\n"); return get_default_sm2_signature().set_ctx_params(vpsm2ctx, params); } @@ -2360,8 +2363,8 @@ static UADK_PKEY_ASYM_CIPHER get_default_sm2_asym_cipher(void) static UADK_PKEY_ASYM_CIPHER s_asym_cipher; static int initilazed; - if (__atomic_compare_exchange_n(&initilazed, &(int){0}, 1, false, __ATOMIC_SEQ_CST, - __ATOMIC_SEQ_CST)) { + pthread_mutex_lock(&asym_mutex); + if (!initilazed) { UADK_PKEY_ASYM_CIPHER *asym_cipher = (UADK_PKEY_ASYM_CIPHER *)EVP_ASYM_CIPHER_fetch(NULL, "SM2", "provider=default"); @@ -2369,11 +2372,13 @@ static UADK_PKEY_ASYM_CIPHER get_default_sm2_asym_cipher(void) if (asym_cipher) { s_asym_cipher = *asym_cipher; EVP_ASYM_CIPHER_free((EVP_ASYM_CIPHER *)asym_cipher); + initilazed = 1; } else { - __atomic_store_n(&initilazed, 0, __ATOMIC_SEQ_CST); fprintf(stderr, "failed to EVP_ASYM_CIPHER_fetch default SM2 provider\n"); } } + pthread_mutex_unlock(&asym_mutex); + return s_asym_cipher; } @@ -2477,7 +2482,7 @@ static void uadk_prov_sm2_set_default_md(PROV_SM2_ASYM_CTX *psm2ctx) static int uadk_asym_cipher_sm2_encrypt_init_sw(void *vpsm2ctx, void *vkey, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().encrypt_init) { fprintf(stderr, "switch to software sm2 encrypt init\n"); return get_default_sm2_asym_cipher().encrypt_init(vpsm2ctx, vkey, params); } @@ -2684,7 +2689,7 @@ static int uadk_prov_sm2_encrypt_sw(PROV_SM2_ASYM_CTX *vpsm2ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().encrypt) { fprintf(stderr, "switch to software sm2 encrypt\n"); return get_default_sm2_asym_cipher().encrypt(vpsm2ctx, out, outlen, 0, in, inlen); } @@ -2967,7 +2972,7 @@ static int uadk_prov_sm2_decrypt_sw(PROV_SM2_ASYM_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().decrypt) { fprintf(stderr, "switch to software sm2 decrypt\n"); return get_default_sm2_asym_cipher().decrypt(ctx, out, outlen, 0, in, inlen); } @@ -3189,7 +3194,7 @@ static int uadk_asym_cipher_sm2_get_ctx_params(void *vpsm2ctx, OSSL_PARAM *param static EVP_MD *uadk_prov_load_digest_from_params(SM2_MD_DATA *smd, const OSSL_PARAM params[], OSSL_LIB_CTX *ctx) { - const char *propquery; + const char *propquery = NULL; const OSSL_PARAM *p; /* Load common param properties, p can be NULL */ @@ -3227,7 +3232,7 @@ static EVP_MD *uadk_prov_load_digest_from_params(SM2_MD_DATA *smd, const OSSL_PA static int uadk_asym_cipher_sm2_set_ctx_params_sw(void *vpsm2ctx, const OSSL_PARAM params[]) { - if (uadk_get_sw_offload_state()) { + if (uadk_get_sw_offload_state() && get_default_sm2_asym_cipher().set_ctx_params) { fprintf(stderr, "switch to software sm2 set ctx params\n"); return get_default_sm2_asym_cipher().set_ctx_params(vpsm2ctx, params); } -- 2.33.0