Skip to content

Commit

Permalink
pkcs11_1007: close sessions before trying new ones
Browse files Browse the repository at this point in the history
Close opened sessions after secure service memory is exhausted before
testing closure on invalid session. This change attempts to fix a
non systematic issue found as described in [1].

A test case is slightly changed: where a likely invalid session
ID (valid ID + 1024) was tried to be closed, this change now
tries to close a session that has been already closed.

Link: OP-TEE/optee_os#6952 [1]
Signed-off-by: Etienne Carriere <[email protected]>
Acked-by: Jens Wiklander <[email protected]>
  • Loading branch information
etienne-lms committed Sep 9, 2024
1 parent dd5692a commit 03d6783
Showing 1 changed file with 10 additions and 8 deletions.
18 changes: 10 additions & 8 deletions host/xtest/pkcs11_1000.c
Original file line number Diff line number Diff line change
Expand Up @@ -1757,6 +1757,7 @@ static void xtest_pkcs11_test_1007(ADBG_Case_t *c)
CK_RV rv = CKR_GENERAL_ERROR;
CK_SLOT_ID slot = 0;
CK_SESSION_HANDLE sessions[128];
CK_SESSION_HANDLE session_saved = 0;
size_t n = 0;

for (n = 0; n < ARRAY_SIZE(sessions); n++)
Expand Down Expand Up @@ -1787,15 +1788,8 @@ static void xtest_pkcs11_test_1007(ADBG_Case_t *c)

Do_ADBG_Log(" created sessions count: %zu", n);

/* Closing session with out bound and invalid IDs (or negative ID) */
rv = C_CloseSession(sessions[n - 1] + 1024);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);
rv = C_CloseSession(CK_INVALID_HANDLE);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);
rv = C_CloseSession(~0);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);

/* Closing each session: all related resources shall be free */
session_saved = sessions[n - 1];
for (n = 0; n < ARRAY_SIZE(sessions); n++) {
if (sessions[n] == CK_INVALID_HANDLE)
continue;
Expand All @@ -1805,6 +1799,14 @@ static void xtest_pkcs11_test_1007(ADBG_Case_t *c)
sessions[n] = CK_INVALID_HANDLE;
}

/* Closing session with out bound and invalid IDs (or negative ID) */
rv = C_CloseSession(session_saved);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);
rv = C_CloseSession(CK_INVALID_HANDLE);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);
rv = C_CloseSession(~0);
ADBG_EXPECT_CK_RESULT(c, CKR_SESSION_HANDLE_INVALID, rv);

/* Open and close another session */
rv = open_cipher_session(c, slot, &sessions[0],
cktest_allowed_valid[0].attr_key,
Expand Down

0 comments on commit 03d6783

Please sign in to comment.