From 9aa93c8e780e3c6768762d5ce712b8ea6cdafc43 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 7 Aug 2023 16:32:09 +0200 Subject: [PATCH] Added a note about new primitives for secure destruction Signed-off-by: Gilles Peskine --- docs/architecture/psa-thread-safety.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/architecture/psa-thread-safety.md b/docs/architecture/psa-thread-safety.md index 7cba70f14a..b0ca8088f7 100644 --- a/docs/architecture/psa-thread-safety.md +++ b/docs/architecture/psa-thread-safety.md @@ -280,3 +280,5 @@ There is currently no indication of when a slot is in the WRITING state. This on Problem: a key slot is destroyed (by `psa_wipe_key_slot`) while it's in use (READING or WRITING). TODO: how do we ensure that? This needs something more sophisticated than mutexes (concurrency number >2)! Even a per-slot mutex isn't enough (we'd need a reader-writer lock). + +Solution: after some team discussion, we've decided to rely on a new threading abstraction which mimics C11 (i.e. `mbedtls_fff` where `fff` is the C11 function name, having the same parameters and return type, with default implementations for C11, pthreads and Windows). We'll likely use condition variables in addition to mutexes.