ta: pkcs11: preserve object when set attribute fails

Preserve original object attributes when C_SetAttributeValue service fails instead of possibly changing object attributes before the whole new attribute set is validated. Fixes: bcac212 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
OP-TEE · Jan 11, 2024 · 6959626 · 6959626
1 parent 2ea9746
commit 6959626
Showing 1 changed file with 25 additions and 3 deletions.
diff --git a/ta/pkcs11/src/object.c b/ta/pkcs11/src/object.c
@@ -988,6 +988,8 @@ enum pkcs11_rc entry_set_attribute_value(struct pkcs11_client *client,
 	size_t template_size = 0;
 	struct pkcs11_object *obj = NULL;
 	struct obj_attrs *head = NULL;
+	struct obj_attrs *head_new = NULL;
+	struct obj_attrs *head_old = NULL;
 	uint32_t object_handle = 0;
 	enum processing_func function = PKCS11_FUNCTION_MODIFY;
 
@@ -1061,30 +1063,50 @@ enum pkcs11_rc entry_set_attribute_value(struct pkcs11_client *client,
 	if (rc)
 		goto out;
 
+	/* Create new object attributes to modify */
+	template_size = sizeof(*obj->attributes) + obj->attributes->attrs_size;
+	head_new = TEE_Malloc(template_size, TEE_MALLOC_FILL_ZERO);
+	if (!head_new) {
+		rc = PKCS11_CKR_DEVICE_MEMORY;
+		goto out;
+	}
+
+	TEE_MemMove(head_new, obj->attributes, template_size);
+
 	/*
 	 * All checks complete. The attributes in @head have been checked and
 	 * can now be used to set/modify the object attributes.
 	 */
-	rc = modify_attributes_list(&obj->attributes, head);
+	rc = modify_attributes_list(&head_new, head);
 	if (rc)
 		goto out;
 
 	/* Set key check value attribute */
-	rc = set_check_value_attr(&obj->attributes);
+	rc = set_check_value_attr(&head_new);
 	if (rc)
 		goto out;
 
+	/* Update the object */
+	head_old = obj->attributes;
+	obj->attributes = head_new;
+	head_new = NULL;
+
 	if (get_bool(obj->attributes, PKCS11_CKA_TOKEN)) {
 		rc = update_persistent_object_attributes(obj);
-		if (rc)
+		if (rc) {
+			obj->attributes = head_old;
 			goto out;
+		}
 	}
 
+	TEE_Free(head_old);
+
 	DMSG("PKCS11 session %"PRIu32": set attributes %#"PRIx32,
 	     session->handle, object_handle);
 
 out:
 	TEE_Free(head);
+	TEE_Free(head_new);
 	TEE_Free(template);
 	return rc;
 }