diff options
author | Robin van der Gracht <robin@protonic.nl> | 2021-01-06 14:20:19 +0100 |
---|---|---|
committer | Jérôme Forissier <jerome@forissier.org> | 2021-01-11 12:58:01 +0100 |
commit | 7f12c782bedfc8ff4c48053b50b2296febfeb87d (patch) | |
tree | 67d2ec0cd472f72ea92ade995c52cad0ae26d65f | |
parent | 1a27b197d8b16ef2d4dab8d205f359627b6f0232 (diff) |
ta: pkcs11: Remove persistent objects on token re-initialization
When re-initializing a token the previously created objects need
to be removed.
Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
-rw-r--r-- | ta/pkcs11/src/object.c | 4 | ||||
-rw-r--r-- | ta/pkcs11/src/object.h | 4 | ||||
-rw-r--r-- | ta/pkcs11/src/pkcs11_token.c | 13 |
3 files changed, 19 insertions, 2 deletions
diff --git a/ta/pkcs11/src/object.c b/ta/pkcs11/src/object.c index 137eeba0..3d9f1ab6 100644 --- a/ta/pkcs11/src/object.c +++ b/ta/pkcs11/src/object.c @@ -65,8 +65,8 @@ static void cleanup_volatile_obj_ref(struct pkcs11_object *obj) } /* Release resources of a persistent object including volatile resources */ -static void cleanup_persistent_object(struct pkcs11_object *obj, - struct ck_token *token) +void cleanup_persistent_object(struct pkcs11_object *obj, + struct ck_token *token) { TEE_Result res = TEE_SUCCESS; diff --git a/ta/pkcs11/src/object.h b/ta/pkcs11/src/object.h index 91559f06..12b624da 100644 --- a/ta/pkcs11/src/object.h +++ b/ta/pkcs11/src/object.h @@ -10,6 +10,7 @@ #include <sys/queue.h> #include <tee_internal_api.h> +struct ck_token; struct obj_attrs; struct pkcs11_client; struct pkcs11_session; @@ -45,6 +46,9 @@ struct pkcs11_object *create_token_object(struct obj_attrs *head, enum pkcs11_rc create_object(void *session, struct obj_attrs *attributes, uint32_t *handle); +void cleanup_persistent_object(struct pkcs11_object *obj, + struct ck_token *token); + void destroy_object(struct pkcs11_session *session, struct pkcs11_object *object, bool session_object_only); diff --git a/ta/pkcs11/src/pkcs11_token.c b/ta/pkcs11/src/pkcs11_token.c index f29d03e1..9a2521f1 100644 --- a/ta/pkcs11/src/pkcs11_token.c +++ b/ta/pkcs11/src/pkcs11_token.c @@ -800,6 +800,7 @@ enum pkcs11_rc entry_ck_token_initialize(uint32_t ptypes, TEE_Param *params) uint32_t token_id = 0; uint32_t pin_size = 0; void *pin = NULL; + struct pkcs11_object *obj = NULL; if (ptypes != exp_pt) return PKCS11_CKR_ARGUMENTS_BAD; @@ -924,6 +925,18 @@ inited: update_persistent_db(token); + /* Remove all persistent objects */ + while (!LIST_EMPTY(&token->object_list)) { + obj = LIST_FIRST(&token->object_list); + + /* Try twice otherwise panic! */ + if (unregister_persistent_object(token, obj->uuid) && + unregister_persistent_object(token, obj->uuid)) + TEE_Panic(0); + + cleanup_persistent_object(obj, token); + } + IMSG("PKCS11 token %"PRIu32": initialized", token_id); return PKCS11_CKR_OK; |