Skip to content

Commit bc29749

Browse files
jackctj117jackctj117
committed
Fix DMA resource leak by ensuring POST is always called after successful PRE in NVM and
 cert handlers
1 parent 55f2e89 commit bc29749

1 file changed

Lines changed: 46 additions & 26 deletions

File tree

src/wh_server_cert.c

Lines changed: 46 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -556,9 +556,10 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
556556

557557
#ifdef WOLFHSM_CFG_DMA
558558
case WH_MESSAGE_CERT_ACTION_ADDTRUSTED_DMA: {
559-
whMessageCert_AddTrustedDmaRequest req = {0};
560-
whMessageCert_SimpleResponse resp = {0};
561-
void* cert_data = NULL;
559+
whMessageCert_AddTrustedDmaRequest req = {0};
560+
whMessageCert_SimpleResponse resp = {0};
561+
void* cert_data = NULL;
562+
int cert_dma_pre_ok = 0;
562563

563564
if (req_size != sizeof(req)) {
564565
/* Request is malformed */
@@ -574,6 +575,9 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
574575
resp.rc = wh_Server_DmaProcessClientAddress(
575576
server, req.cert_addr, &cert_data, req.cert_len,
576577
WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0});
578+
if (resp.rc == WH_ERROR_OK) {
579+
cert_dma_pre_ok = 1;
580+
}
577581
}
578582
if (resp.rc == WH_ERROR_OK) {
579583
/* Process the add trusted action */
@@ -586,9 +590,10 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
586590
(void)WH_SERVER_NVM_UNLOCK(server);
587591
} /* WH_SERVER_NVM_LOCK() */
588592
}
589-
if (resp.rc == WH_ERROR_OK) {
590-
/* Post-process client address */
591-
resp.rc = wh_Server_DmaProcessClientAddress(
593+
/* Always call POST for successful PRE, regardless of operation
594+
* result */
595+
if (cert_dma_pre_ok) {
596+
(void)wh_Server_DmaProcessClientAddress(
592597
server, req.cert_addr, &cert_data, req.cert_len,
593598
WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0});
594599
}
@@ -600,11 +605,12 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
600605
}; break;
601606

602607
case WH_MESSAGE_CERT_ACTION_READTRUSTED_DMA: {
603-
whMessageCert_ReadTrustedDmaRequest req = {0};
604-
whMessageCert_SimpleResponse resp = {0};
605-
void* cert_data = NULL;
608+
whMessageCert_ReadTrustedDmaRequest req = {0};
609+
whMessageCert_SimpleResponse resp = {0};
610+
void* cert_data = NULL;
606611
uint32_t cert_len;
607612
whNvmMetadata meta;
613+
int cert_dma_pre_ok = 0;
608614

609615
if (req_size != sizeof(req)) {
610616
/* Request is malformed */
@@ -620,6 +626,9 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
620626
resp.rc = wh_Server_DmaProcessClientAddress(
621627
server, req.cert_addr, &cert_data, req.cert_len,
622628
WH_DMA_OPER_CLIENT_WRITE_PRE, (whServerDmaFlags){0});
629+
if (resp.rc == WH_ERROR_OK) {
630+
cert_dma_pre_ok = 1;
631+
}
623632
}
624633
if (resp.rc == WH_ERROR_OK) {
625634
/* Check metadata to see if the certificate is non-exportable */
@@ -641,10 +650,11 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
641650
(void)WH_SERVER_NVM_UNLOCK(server);
642651
} /* WH_SERVER_NVM_LOCK() */
643652
}
644-
if (resp.rc == WH_ERROR_OK) {
645-
/* Post-process client address */
646-
resp.rc = wh_Server_DmaProcessClientAddress(
647-
server, req.cert_addr, &cert_data, cert_len,
653+
/* Always call POST for successful PRE, regardless of operation
654+
* result */
655+
if (cert_dma_pre_ok) {
656+
(void)wh_Server_DmaProcessClientAddress(
657+
server, req.cert_addr, &cert_data, req.cert_len,
648658
WH_DMA_OPER_CLIENT_WRITE_POST, (whServerDmaFlags){0});
649659
}
650660

@@ -655,10 +665,11 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
655665
}; break;
656666

657667
case WH_MESSAGE_CERT_ACTION_VERIFY_DMA: {
658-
whMessageCert_VerifyDmaRequest req = {0};
659-
whMessageCert_VerifyDmaResponse resp = {0};
660-
void* cert_data = NULL;
661-
whKeyId keyId = WH_KEYID_ERASED;
668+
whMessageCert_VerifyDmaRequest req = {0};
669+
whMessageCert_VerifyDmaResponse resp = {0};
670+
void* cert_data = NULL;
671+
whKeyId keyId = WH_KEYID_ERASED;
672+
int cert_dma_pre_ok = 0;
662673

663674
if (req_size != sizeof(req)) {
664675
/* Request is malformed */
@@ -677,6 +688,9 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
677688
resp.rc = wh_Server_DmaProcessClientAddress(
678689
server, req.cert_addr, &cert_data, req.cert_len,
679690
WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0});
691+
if (resp.rc == WH_ERROR_OK) {
692+
cert_dma_pre_ok = 1;
693+
}
680694
}
681695
if (resp.rc == WH_ERROR_OK) {
682696
resp.rc = WH_SERVER_NVM_LOCK(server);
@@ -693,9 +707,10 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
693707
(void)WH_SERVER_NVM_UNLOCK(server);
694708
} /* WH_SERVER_NVM_LOCK() */
695709
}
696-
if (resp.rc == WH_ERROR_OK) {
697-
/* Post-process client address */
698-
resp.rc = wh_Server_DmaProcessClientAddress(
710+
/* Always call POST for successful PRE, regardless of operation
711+
* result */
712+
if (cert_dma_pre_ok) {
713+
(void)wh_Server_DmaProcessClientAddress(
699714
server, req.cert_addr, &cert_data, req.cert_len,
700715
WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0});
701716
}
@@ -766,9 +781,10 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
766781
#if defined(WOLFHSM_CFG_DMA)
767782
case WH_MESSAGE_CERT_ACTION_VERIFY_ACERT_DMA: {
768783
/* Acert verify request uses standard cert verify request struct */
769-
whMessageCert_VerifyDmaRequest req = {0};
770-
whMessageCert_SimpleResponse resp = {0};
771-
void* cert_data = NULL;
784+
whMessageCert_VerifyDmaRequest req = {0};
785+
whMessageCert_SimpleResponse resp = {0};
786+
void* cert_data = NULL;
787+
int cert_dma_pre_ok = 0;
772788

773789
if (req_size != sizeof(req)) {
774790
/* Request is malformed */
@@ -783,6 +799,9 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
783799
rc = wh_Server_DmaProcessClientAddress(
784800
server, req.cert_addr, &cert_data, req.cert_len,
785801
WH_DMA_OPER_CLIENT_READ_PRE, (whServerDmaFlags){0});
802+
if (rc == WH_ERROR_OK) {
803+
cert_dma_pre_ok = 1;
804+
}
786805
}
787806
if (rc == WH_ERROR_OK) {
788807
/* Process the verify action */
@@ -805,9 +824,10 @@ int wh_Server_HandleCertRequest(whServerContext* server, uint16_t magic,
805824
resp.rc = rc;
806825
}
807826
}
808-
if (rc == WH_ERROR_OK) {
809-
/* Post-process client address */
810-
rc = wh_Server_DmaProcessClientAddress(
827+
/* Always call POST for successful PRE, regardless of operation
828+
* result */
829+
if (cert_dma_pre_ok) {
830+
(void)wh_Server_DmaProcessClientAddress(
811831
server, req.cert_addr, &cert_data, req.cert_len,
812832
WH_DMA_OPER_CLIENT_READ_POST, (whServerDmaFlags){0});
813833
}

0 commit comments

Comments
 (0)