I've attached [1] to the bugzilla -- two additional bugfixes I've found during testing. One is an access to an initialized variable, the other sets the correct login state after all sessions are closed.
Thanks, Kent Signed-off-by: Kent Yoder <[email protected]> [1] https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409160&aid=3196229 On Mon, Apr 11, 2011 at 2:58 PM, Kent Yoder <[email protected]> wrote: > Hi, > > This patch changes the way opencryptoki handles sessions by moving > from using a reference to memory to using a handle which references a > binary tree node. This keeps opencryptoki from crashing when an app > uses an invalid session handle. testcases/driver/sess_bench reports > no performance regression using this patch. Due to its size, the patch > is not inline, but available here [1]. > > - Uses a binary tree implemented in usr/lib/pkcs11/common/btree.c > - One tree at the API level and another for each STDLL, replacing a > linked list at the API level > - The Session_Struct_t list is totally gone now, replaced by sess_btree > in the API_Proc_Struct_t. The "value" pointer in the API-level btree > holds a ref to a ST_SESSION_T (a struct with just a handle and slot ID) and > the "value" pointer in the STDLL btree is a ref to a SESSION struct. > - The C_CloseAllSessions was tricky and required me to iterate through > all the nodes of the tree, checking if the slot ID is matches and > removing the node if so. For this you'll see a bt_for_each_node() > function, which uses a callback to check if the slot matches and if so, > close the session. Calling C_CloseSession from the callback would be > nicer, but we'd hit a deadlock on SessListMutex. > - There are a couple of minor clean ups in here too: > -- Pass ST_SESSION_T * through various APIs instead of the full struct itself > -- Pass a SESSION struct down into the TPM STDLL instead of a ST_SESSION_T > -- No more SESS_SET macro, which was ugly :) > > Tested on the TPM and software tokens on i686 and the software token on s390x. > > Note that this patch doesn't address passing in CK_OBJECT_HANDLE's, > which also use references to memory. Another patch for that will > follow. > > Thanks, > Kent > > usr/include/pkcs11/apictl.h | 27 +-- > usr/include/pkcs11/local_types.h | 31 ++ > usr/include/pkcs11/stdll.h | 112 ++++---- > usr/lib/pkcs11/aep_stdll/Makefile.am | 2 +- > usr/lib/pkcs11/api/Makefile.am | 3 +- > usr/lib/pkcs11/api/api_interface.c | 483 +++++++++++---------------- > usr/lib/pkcs11/api/apiproto.h | 9 +- > usr/lib/pkcs11/api/apiutil.c | 167 +++++----- > usr/lib/pkcs11/bcom_stdll/Makefile.am | 2 +- > usr/lib/pkcs11/cca_stdll/Makefile.am | 1 + > usr/lib/pkcs11/cca_stdll/globals.c | 2 +- > usr/lib/pkcs11/cca_stdll/h_extern.h | 6 +- > usr/lib/pkcs11/cca_stdll/new_host.c | 281 +++++++--------- > usr/lib/pkcs11/common/btree.c | 318 ++++++++++++++++++ > usr/lib/pkcs11/common/globals.c | 2 +- > usr/lib/pkcs11/common/h_extern.h | 6 +- > usr/lib/pkcs11/common/new_host.c | 276 +++++++--------- > usr/lib/pkcs11/common/sess_mgr.c | 241 ++++++++------- > usr/lib/pkcs11/cr_stdll/Makefile.am | 2 +- > usr/lib/pkcs11/ica_s390_stdll/Makefile.am | 2 +- > usr/lib/pkcs11/ica_stdll/Makefile.am | 2 +- > usr/lib/pkcs11/soft_stdll/Makefile.am | 1 + > usr/lib/pkcs11/tpm_stdll/Makefile.am | 1 + > usr/lib/pkcs11/tpm_stdll/globals.c | 2 +- > usr/lib/pkcs11/tpm_stdll/h_extern.h | 6 +- > usr/lib/pkcs11/tpm_stdll/new_host.c | 275 +++++++--------- > usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h | 2 +- > usr/lib/pkcs11/tpm_stdll/tok_specific.h | 2 +- > usr/lib/pkcs11/tpm_stdll/tpm_specific.c | 3 +- > 29 files changed, 1200 insertions(+), 1067 deletions(-) > > [1] > https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=408193&aid=3196229 > ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
