Return on other errors at pkcs11_get_session #579
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The `C_OpenSession` function can return several error codes, as seen in the open-source implementation of `pkcs11_api` in the OP-TEE client repository: [OP-TEE optee_client - pkcs11_api.c#L278](https://github.com/OP-TEE/optee_client/blob/e79465eea85adc18a4075529ee20a16dfa263aea/libckteec/src/pkcs11_api.c#L278) Some of these errors include: - `CKR_CRYPTOKI_NOT_INITIALIZED` - `CKR_DEVICE_ERROR` - `CKR_DEVICE_MEMORY` - `CKR_DEVICE_REMOVED` - `CKR_FUNCTION_FAILED` - `CKR_GENERAL_ERROR` - `CKR_HOST_MEMORY` - `CKR_SESSION_COUNT` - `CKR_SESSION_PARALLEL_NOT_SUPPORTED` - `CKR_SESSION_READ_WRITE_SO_EXISTS` - `CKR_SLOT_ID_INVALID` - `CKR_TOKEN_NOT_PRESENT` - `CKR_TOKEN_NOT_RECOGNIZED` - `CKR_TOKEN_WRITE_PROTECTED` - `CKR_ARGUMENTS_BAD` If any of these errors occur, the function currently does not return, causing it to be stuck at `pthread_cond_wait`, leading to a freeze in the caller process that uses the `libp11` API. This commit ensures that when these errors are encountered, the function properly returns, preventing potential deadlocks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
C_OpenSessionfunction can return several error codes, as seen in the open-source implementation ofpkcs11_apiin the OP-TEE client repository: OP-TEE optee_client - pkcs11_api.c#L278Some of these errors include:
CKR_CRYPTOKI_NOT_INITIALIZEDCKR_DEVICE_ERRORCKR_DEVICE_MEMORYCKR_DEVICE_REMOVEDCKR_FUNCTION_FAILEDCKR_GENERAL_ERRORCKR_HOST_MEMORYCKR_SESSION_COUNTCKR_SESSION_PARALLEL_NOT_SUPPORTEDCKR_SESSION_READ_WRITE_SO_EXISTSCKR_SLOT_ID_INVALIDCKR_TOKEN_NOT_PRESENTCKR_TOKEN_NOT_RECOGNIZEDCKR_TOKEN_WRITE_PROTECTEDCKR_ARGUMENTS_BADIf any of these errors occur, the function currently does not return, causing it to be stuck at
pthread_cond_wait, leading to a freeze in the caller process that uses thelibp11API.This commit ensures that when these errors are encountered, the function properly returns, preventing potential deadlocks.