Merge branch 'ksng' into no-rtos

author: Rob Austein <sra@hactrn.net> 2017-04-30 10:21:09 -0400
committer: Rob Austein <sra@hactrn.net> 2017-04-30 10:21:09 -0400
commit: a76a684fbd33c2b90a33e9c12e7536149630d6b5 (patch)
tree: edb512556900a5a6680dd946050e60c0ea8e1128 /mkm.c
parent: 18c297c5f88681236aec2537f7e7f2d9b50fcd7e (diff)
parent: 018b238e7aac5b4a990a28f49323b821246c9f66 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/mkm.c b/mkm.c
index 2b2141f..05c733d 100644
--- a/mkm.c
+++ b/mkm.c
@@ -201,7 +201,15 @@ hal_error_t hal_mkm_get_kek(uint8_t *kek,
 
 #if HAL_MKM_FLASH_BACKUP_KLUDGE
 
-  if (hal_mkm_flash_read(kek, len) == LIBHAL_OK) {
+  /*
+   * It turns out that, in every case where this function is called,
+   * we already hold the keystore lock, so attempting to grab it again
+   * would deadlock.  This almost never happens when the volatile MKM
+   * is set, but there's a race condition that might drop us here if
+   * hal_mkm_volatile_read() returns HAL_ERROR_CORE_BUSY.  Whee!
+   */
+
+  if (hal_mkm_flash_read_no_lock(kek, len) == LIBHAL_OK) {
     *kek_len = len;
     return LIBHAL_OK;
   }
author	Rob Austein <sra@hactrn.net>	2017-04-30 10:21:09 -0400
committer	Rob Austein <sra@hactrn.net>	2017-04-30 10:21:09 -0400
commit	a76a684fbd33c2b90a33e9c12e7536149630d6b5 (patch)
tree	edb512556900a5a6680dd946050e60c0ea8e1128 /mkm.c
parent	18c297c5f88681236aec2537f7e7f2d9b50fcd7e (diff)
parent	018b238e7aac5b4a990a28f49323b821246c9f66 (diff)