fix multi-threaded operation

Fixes #118, #130, #134

Author: gotthardp

.cirrus.yml

@@ -1,10 +1,11 @@
 task:
   freebsd_instance:
-    image_family: freebsd-14-0
+    image_family: freebsd-14-2
   env:
     PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
     LD_LIBRARY_PATH: /usr/local/lib
     PATH: ${PATH}:/usr/local/sbin:/usr/sbin
+    TPM2ABRMD_TCTI: "mssim:host=localhost,port=2321"
     TPM2TOOLS_TCTI: "tabrmd:bus_name=com.intel.tss2.Tabrmd"
     TPM2OPENSSL_TCTI: ${TPM2TOOLS_TCTI}
     IBMSWTPM_VER: rev183-2024-08-02
@@ -33,8 +34,10 @@ task:
   run_simulator_background_script:
     ibmswtpm2-$IBMSWTPM_VER/src/tpm_server
 
-  run_abrmd_background_script: |
-    sudo -u _tss tpm2-abrmd --tcti mssim:host=localhost,port=2321
+  run_abrmd_script: |
+    sleep 1
+    service tpm2-abrmd enable
+    service tpm2-abrmd start
 
   check_script: |
     openssl version

.github/workflows/clang-asan-check.yml

@@ -15,7 +15,7 @@ jobs:
     strategy:
       matrix:
         branch: [openssl-3.0, openssl-3.1, openssl-3.2, master]
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v4
 

.github/workflows/codeql.yml

@@ -8,7 +8,7 @@ on:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       actions: read
       contents: read
@@ -29,15 +29,15 @@ jobs:
           sudo apt-get install --yes autoconf-archive libtss2-dev
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
           queries: +security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
         with:
           category: "/language:${{ matrix.language }}"

.github/workflows/coverity-scan.yml

@@ -8,7 +8,7 @@ on:
 jobs:
   latest:
     if: github.repository == 'tpm2-software/tpm2-openssl'
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v4
 

.github/workflows/gcc-distcheck.yml

@@ -8,7 +8,7 @@ env:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v4
 
@@ -51,7 +51,7 @@ jobs:
         TPM2OPENSSL_TCTI: ${{ env.TCTI_ADDRESS }}
 
     - name: Submit code coverage
-      uses: codecov/codecov-action@v1.2.1
+      uses: codecov/codecov-action@v5
 
     - name: Check the distribution
       # AM_DISTCHECK_CONFIGURE_FLAGS are not ready for clang and asan

.gitignore

@@ -27,6 +27,8 @@ test/.dirstamp
 test/*.o
 test/*.trs
 test/selftest
+test/rand_processes
+test/rand_threads
 test/ec_genpkey_store_load
 test/ec_genpkey_x509_csr
 test/rsa_genpkey_decrypt

Makefile.am

@@ -7,6 +7,8 @@ tpm2_la_SOURCES = \
     src/tpm2-provider.c \
     src/tpm2-provider.h \
     src/tpm2-provider-core.c \
+    src/tpm2-provider-semaphore.c \
+    src/tpm2-provider-semaphore.h \
     src/tpm2-provider-types.c \
     src/tpm2-provider-types.h \
     src/tpm2-provider-x509.c \
@@ -58,6 +60,18 @@ test_selftest_CFLAGS = $(COMMON_CFLAGS)
 test_selftest_LDADD = $(CRYPTO_LIBS)
 test_selftest_LDFLAGS = $(COMMON_LDFLAGS)
 
+check_PROGRAMS += test/rand_processes
+test_rand_processes_SOURCES = test/rand_processes.c
+test_rand_processes_CFLAGS = $(COMMON_CFLAGS)
+test_rand_processes_LDADD = $(CRYPTO_LIBS)
+test_rand_processes_LDFLAGS = $(COMMON_LDFLAGS)
+
+check_PROGRAMS += test/rand_threads
+test_rand_threads_SOURCES = test/rand_threads.c
+test_rand_threads_CFLAGS = $(COMMON_CFLAGS)
+test_rand_threads_LDADD = $(CRYPTO_LIBS)
+test_rand_threads_LDFLAGS = $(COMMON_LDFLAGS)
+
 check_PROGRAMS += test/ec_genpkey_store_load
 test_ec_genpkey_store_load_SOURCES = test/ec_genpkey_store_load.c
 test_ec_genpkey_store_load_CFLAGS = $(COMMON_CFLAGS)

docs/CHANGELOG.md

@@ -5,9 +5,11 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/)
 
 ## [1.3.0] - 2024-xx-yy
 ### Added
-- Added support for RSA-OAEP decryption
-- Added Parent to textual information printed by 'openssl pkey -text'
+- Added support for RSA-OAEP decryption.
+- Added Parent to textual information printed by 'openssl pkey -text'.
 ### Fixed
+- Fixed multi-threaded operation, preventing the 'Esys called in bad sequence'
+  errors (thanks to @Danigaralfo, @famez, and @AndreasFuchsTPM).
 - Fixed handling of absent emptyAuth value in the TSS2 PRIVATE KEY file.
 - Set authorization value of newly generated keys. This allows users of the
   C API to direcly use just generated EVP_PKEY.

src/tpm2-provider-asymcipher-rsa.c

@@ -20,6 +20,7 @@ typedef struct tpm2_rsa_asymcipher_ctx_st TPM2_RSA_ASYMCIPHER_CTX;
 
 struct tpm2_rsa_asymcipher_ctx_st {
     const OSSL_CORE_HANDLE *core;
+    tpm2_semaphore_t esys_lock;
     ESYS_CONTEXT *esys_ctx;
     TPM2_CAPABILITY capability;
     TPMT_RSA_DECRYPT decrypt;
@@ -47,6 +48,7 @@ static void
         return NULL;
 
     actx->core = cprov->core;
+    actx->esys_lock = cprov->esys_lock;
     actx->esys_ctx = cprov->esys_ctx;
     actx->capability = cprov->capability;
     actx->decrypt.scheme = TPM2_ALG_RSAES;
@@ -78,9 +80,12 @@ decrypt_message(TPM2_RSA_ASYMCIPHER_CTX *actx,
     cipher.size = inlen;
     memcpy(cipher.buffer, in, inlen);
 
+    if (!tpm2_semaphore_lock(actx->esys_lock))
+        return 0;
     r = Esys_RSA_Decrypt(actx->esys_ctx, actx->pkey->object,
                          ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
                          &cipher, &actx->decrypt, &label, &actx->message);
+    tpm2_semaphore_unlock(actx->esys_lock);
     TPM2_CHECK_RC(actx->core, r, TPM2_ERR_CANNOT_DECRYPT, return 0);
 
     return 1;
@@ -114,9 +119,7 @@ rsa_asymcipher_freectx(void *ctx)
     if (actx == NULL)
         return;
 
-    if (actx->message != NULL)
-        free(actx->message);
-
+    free(actx->message);
     OPENSSL_clear_free(actx, sizeof(TPM2_RSA_ASYMCIPHER_CTX));
 }
 

src/tpm2-provider-cipher.c

@@ -14,6 +14,7 @@ typedef struct tpm2_cipher_ctx_st TPM2_CIPHER_CTX;
 
 struct tpm2_cipher_ctx_st {
     const OSSL_CORE_HANDLE *core;
+    tpm2_semaphore_t esys_lock;
     ESYS_CONTEXT *esys_ctx;
     TPM2_CAPABILITY capability;
     ESYS_TR object;
@@ -46,6 +47,7 @@ tpm2_cipher_all_newctx(void *provctx,
         return NULL;
 
     cctx->core = cprov->core;
+    cctx->esys_lock = cprov->esys_lock;
     cctx->esys_ctx = cprov->esys_ctx;
     cctx->capability = cprov->capability;
     cctx->algorithm = algdef;
@@ -82,7 +84,7 @@ tpm2_cipher_freectx(void *ctx)
     if (cctx == NULL)
         return;
 
-    Esys_FlushContext(cctx->esys_ctx, cctx->object);
+    tpm2_esys_flush_context(cctx->esys_lock, cctx->esys_ctx, cctx->object);
     OPENSSL_clear_free(cctx->ivector, sizeof(TPM2B_IV));
 
     OPENSSL_clear_free(cctx, sizeof(TPM2_CIPHER_CTX));
@@ -127,18 +129,21 @@ tpm2_load_external_key(TPM2_CIPHER_CTX *cctx, ESYS_TR parent,
     TPM2B_PUBLIC *keyPublic = NULL;
     TPM2B_PRIVATE *keyPrivate = NULL;
 
+    if (!tpm2_semaphore_lock(cctx->esys_lock))
+        return 0;
     /* older TPM2 chips do not support Esys_CreateLoaded */
     r = Esys_Create(cctx->esys_ctx, parent,
                     ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
                     &inSensitive, &inPublic, &outside_info, &creation_pcr,
                     &keyPrivate, &keyPublic, NULL, NULL, NULL);
-    TPM2_CHECK_RC(cctx->core, r, TPM2_ERR_CANNOT_CREATE_KEY, return 0);
-
-    r = Esys_Load(cctx->esys_ctx, parent,
-                  ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
-                  keyPrivate, keyPublic, &cctx->object);
-    free(keyPublic);
-    free(keyPrivate);
+    if (!r) {
+        r = Esys_Load(cctx->esys_ctx, parent,
+                      ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
+                      keyPrivate, keyPublic, &cctx->object);
+        free(keyPublic);
+        free(keyPrivate);
+    }
+    tpm2_semaphore_unlock(cctx->esys_lock);
     TPM2_CHECK_RC(cctx->core, r, TPM2_ERR_CANNOT_CREATE_KEY, return 0);
 
     return 1;
@@ -158,12 +163,13 @@ tpm2_cipher_init(TPM2_CIPHER_CTX *cctx,
         DBG("CIPHER %sCRYPT_INIT load key %zu bytes\n",
             cctx->decrypt ? "DE" : "EN", keylen);
 
-        if (!tpm2_build_primary(cctx->core, cctx->esys_ctx, cctx->capability.algorithms,
+        if (!tpm2_build_primary(cctx->core, cctx->esys_lock, cctx->esys_ctx,
+                                cctx->capability.algorithms,
                                 ESYS_TR_RH_NULL, NULL, &parent))
             return 0;
 
         res = tpm2_load_external_key(cctx, parent, key, keylen);
-        Esys_FlushContext(cctx->esys_ctx, parent);
+        tpm2_esys_flush_context(cctx->esys_lock, cctx->esys_ctx, parent);
         if (!res)
             return 0;
     }
@@ -212,6 +218,8 @@ encrypt_decrypt(TPM2_CIPHER_CTX *cctx,
 {
     TSS2_RC r;
 
+    if (!tpm2_semaphore_lock(cctx->esys_lock))
+        return 0;
     r = Esys_EncryptDecrypt2(cctx->esys_ctx, cctx->object,
                              ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
                              &cctx->buffer, cctx->decrypt, TPM2_ALG_NULL,
@@ -222,6 +230,7 @@ encrypt_decrypt(TPM2_CIPHER_CTX *cctx,
                                 cctx->decrypt, TPM2_ALG_NULL, cctx->ivector,
                                 &cctx->buffer, outbuff, ivector);
     }
+    tpm2_semaphore_unlock(cctx->esys_lock);
 
     return r;
 }

src/tpm2-provider-core.c

@@ -100,6 +100,34 @@ tpm2_list_params(const char *text, const OSSL_PARAM params[])
     fprintf(stderr, " ]\n");
 }
 
+TSS2_RC
+tpm2_esys_tr_close(tpm2_semaphore_t esys_lock, ESYS_CONTEXT *esys_ctx, ESYS_TR *object)
+{
+    TSS2_RC r;
+
+    if (!tpm2_semaphore_lock(esys_lock))
+        return TSS2_ESYS_RC_GENERAL_FAILURE;
+
+    r = Esys_TR_Close(esys_ctx, object);
+
+    tpm2_semaphore_unlock(esys_lock);
+    return r;
+}
+
+TSS2_RC
+tpm2_esys_flush_context(tpm2_semaphore_t esys_lock, ESYS_CONTEXT *esys_ctx, ESYS_TR flush_handle)
+{
+    TSS2_RC r;
+
+    if (!tpm2_semaphore_lock(esys_lock))
+        return TSS2_ESYS_RC_GENERAL_FAILURE;
+
+    r = Esys_FlushContext(esys_ctx, flush_handle);
+
+    tpm2_semaphore_unlock(esys_lock);
+    return r;
+}
+
 int
 tpm2_supports_algorithm(const TPMS_CAPABILITY_DATA *caps, TPM2_ALG_ID algorithm)
 {

src/tpm2-provider-decoder-tss2.c

@@ -20,6 +20,7 @@ typedef struct tpm2_tss2_decoder_ctx_st TPM2_TSS2_DECODER_CTX;
 struct tpm2_tss2_decoder_ctx_st {
     const OSSL_CORE_HANDLE *core;
     OSSL_LIB_CTX *libctx;
+    tpm2_semaphore_t esys_lock;
     ESYS_CONTEXT *esys_ctx;
     TPM2_CAPABILITY capability;
     TPM2B_DIGEST parentAuth;
@@ -42,6 +43,7 @@ tpm2_tss2_decoder_newctx(void *provctx)
 
     dctx->core = cprov->core;
     dctx->libctx = cprov->libctx;
+    dctx->esys_lock = cprov->esys_lock;
     dctx->esys_ctx = cprov->esys_ctx;
     dctx->capability = cprov->capability;
     return dctx;
@@ -70,16 +72,19 @@ decode_privkey(TPM2_TSS2_DECODER_CTX *dctx, TPM2_PKEY *pkey,
 
         if (pkey->data.parent && pkey->data.parent != TPM2_RH_OWNER) {
             DBG("TSS2 DECODER LOAD parent: persistent 0x%x\n", pkey->data.parent);
-            if (!tpm2_load_parent(pkey->core, pkey->esys_ctx,
+            if (!tpm2_load_parent(pkey->core, pkey->esys_lock, pkey->esys_ctx,
                                   pkey->data.parent, &dctx->parentAuth, &parent))
                 goto error1;
         } else {
             DBG("TSS2 DECODER LOAD parent: primary 0x%x\n", TPM2_RH_OWNER);
-            if (!tpm2_build_primary(pkey->core, pkey->esys_ctx, pkey->capability.algorithms,
+            if (!tpm2_build_primary(pkey->core, pkey->esys_lock, pkey->esys_ctx,
+                                    pkey->capability.algorithms,
                                     ESYS_TR_RH_OWNER, &dctx->parentAuth, &parent))
                 goto error1;
         }
 
+        if (!tpm2_semaphore_lock(pkey->esys_lock))
+            goto error1;
         r = Esys_Load(pkey->esys_ctx, parent,
                       ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
                       &pkey->data.priv, &pkey->data.pub, &pkey->object);
@@ -89,11 +94,15 @@ decode_privkey(TPM2_TSS2_DECODER_CTX *dctx, TPM2_PKEY *pkey,
         else
             Esys_FlushContext(pkey->esys_ctx, parent);
 
+        tpm2_semaphore_unlock(pkey->esys_lock);
         TPM2_CHECK_RC(pkey->core, r, TPM2_ERR_CANNOT_LOAD_KEY, goto error1);
     } else if (pkey->data.privatetype == KEY_TYPE_HANDLE) {
+        if (!tpm2_semaphore_lock(pkey->esys_lock))
+            goto error1;
         r = Esys_TR_FromTPMPublic(pkey->esys_ctx, pkey->data.handle,
                                   ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
                                   &pkey->object);
+        tpm2_semaphore_unlock(pkey->esys_lock);
         TPM2_CHECK_RC(pkey->core, r, TPM2_ERR_CANNOT_LOAD_KEY, goto error1);
     } else {
         TPM2_ERROR_raise(pkey->core, TPM2_ERR_INPUT_CORRUPTED);
@@ -111,7 +120,10 @@ decode_privkey(TPM2_TSS2_DECODER_CTX *dctx, TPM2_PKEY *pkey,
         }
         userauth.size = plen;
 
+        if (!tpm2_semaphore_lock(pkey->esys_lock))
+            goto error2;
         r = Esys_TR_SetAuth(dctx->esys_ctx, pkey->object, &userauth);
+        tpm2_semaphore_unlock(pkey->esys_lock);
         TPM2_CHECK_RC(dctx->core, r, TPM2_ERR_CANNOT_LOAD_KEY, goto error2);
     }
 
@@ -123,9 +135,9 @@ decode_privkey(TPM2_TSS2_DECODER_CTX *dctx, TPM2_PKEY *pkey,
     return keytype;
 error2:
     if (pkey->data.privatetype == KEY_TYPE_HANDLE)
-        Esys_TR_Close(pkey->esys_ctx, &pkey->object);
+        tpm2_esys_tr_close(pkey->esys_lock, pkey->esys_ctx, &pkey->object);
     else
-        Esys_FlushContext(pkey->esys_ctx, pkey->object);
+        tpm2_esys_flush_context(pkey->esys_lock, pkey->esys_ctx, pkey->object);
 error1:
     pkey->object = ESYS_TR_NONE;
     return NULL;
@@ -156,6 +168,7 @@ tpm2_tss2_decoder_decode(void *ctx, OSSL_CORE_BIO *cin, int selection,
         goto error2;
 
     pkey->core = dctx->core;
+    pkey->esys_lock = dctx->esys_lock;
     pkey->esys_ctx = dctx->esys_ctx;
     pkey->capability = dctx->capability;
     pkey->object = ESYS_TR_NONE;
@@ -188,9 +201,9 @@ tpm2_tss2_decoder_decode(void *ctx, OSSL_CORE_BIO *cin, int selection,
 error1:
     if (pkey->object != ESYS_TR_NONE) {
         if (pkey->data.privatetype == KEY_TYPE_HANDLE)
-            Esys_TR_Close(pkey->esys_ctx, &pkey->object);
+            tpm2_esys_tr_close(pkey->esys_lock, pkey->esys_ctx, &pkey->object);
         else
-            Esys_FlushContext(pkey->esys_ctx, pkey->object);
+            tpm2_esys_flush_context(pkey->esys_lock, pkey->esys_ctx, pkey->object);
     }
     OPENSSL_clear_free(pkey, sizeof(TPM2_PKEY));
     return res;