commit 7fee4f731895aa13a11dd353ead4ee9e9e260e9e
author Ryan Everett <ryan.everett@arm.com> Fri Feb 09 14:11:27 2024 +0000
committer Ryan Everett <ryan.everett@arm.com> Fri Feb 09 14:11:27 2024 +0000
tree add59c615589cad1fe587ca70d428fde96aade56
parent a76a0011aba1b192df04b710ae876f4395381439

Fix mutex unlock error handling in psa_destroy_key

Signed-off-by: Ryan Everett <ryan.everett@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9d7b72f..27ea3b8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1167,17 +1167,19 @@
     /* Unregister from reading the slot. If we are the last active reader
      * then this will wipe the slot. */
     status = psa_unregister_read(slot);
+    /* Prioritize CORRUPTION_DETECTED from unregistering over
+     * a storage error. */
+    if (status != PSA_SUCCESS) {
+        overall_status = status;
+    }
 
 #if defined(MBEDTLS_THREADING_C)
+    /* Don't overwrite existing errors if the unlock fails. */
+    status = overall_status;
     PSA_THREADING_CHK_RET(mbedtls_mutex_unlock(
                               &mbedtls_threading_key_slot_mutex));
 #endif
 
-    /* Prioritize CORRUPTION_DETECTED from unregistering or
-     * SERVICE_FAILURE from unlocking over a storage error. */
-    if (status != PSA_SUCCESS) {
-        overall_status = status;
-    }
     return overall_status;
 }