One of those fixes made it into session_btree-0.4.patch, so I've reposted the patch without it:
https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409164&aid=3196229 Thanks, Kent On Mon, Apr 18, 2011 at 11:08 AM, Kent Yoder <[email protected]> wrote: > I've attached [1] to the bugzilla -- two additional bugfixes I've > found during testing. One is an access to an initialized variable, > the other sets the correct login state after all sessions are closed. > > Thanks, > Kent > > Signed-off-by: Kent Yoder <[email protected]> > > [1] > https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409160&aid=3196229 > > On Mon, Apr 11, 2011 at 2:58 PM, Kent Yoder <[email protected]> wrote: >> Hi, >> >> This patch changes the way opencryptoki handles sessions by moving >> from using a reference to memory to using a handle which references a >> binary tree node. This keeps opencryptoki from crashing when an app >> uses an invalid session handle. testcases/driver/sess_bench reports >> no performance regression using this patch. Due to its size, the patch >> is not inline, but available here [1]. >> >> - Uses a binary tree implemented in usr/lib/pkcs11/common/btree.c >> - One tree at the API level and another for each STDLL, replacing a >> linked list at the API level >> - The Session_Struct_t list is totally gone now, replaced by sess_btree >> in the API_Proc_Struct_t. The "value" pointer in the API-level btree >> holds a ref to a ST_SESSION_T (a struct with just a handle and slot ID) and >> the "value" pointer in the STDLL btree is a ref to a SESSION struct. >> - The C_CloseAllSessions was tricky and required me to iterate through >> all the nodes of the tree, checking if the slot ID is matches and >> removing the node if so. For this you'll see a bt_for_each_node() >> function, which uses a callback to check if the slot matches and if so, >> close the session. Calling C_CloseSession from the callback would be >> nicer, but we'd hit a deadlock on SessListMutex. >> - There are a couple of minor clean ups in here too: >> -- Pass ST_SESSION_T * through various APIs instead of the full struct >> itself >> -- Pass a SESSION struct down into the TPM STDLL instead of a ST_SESSION_T >> -- No more SESS_SET macro, which was ugly :) >> >> Tested on the TPM and software tokens on i686 and the software token on >> s390x. >> >> Note that this patch doesn't address passing in CK_OBJECT_HANDLE's, >> which also use references to memory. Another patch for that will >> follow. >> >> Thanks, >> Kent >> >> usr/include/pkcs11/apictl.h | 27 +-- >> usr/include/pkcs11/local_types.h | 31 ++ >> usr/include/pkcs11/stdll.h | 112 ++++---- >> usr/lib/pkcs11/aep_stdll/Makefile.am | 2 +- >> usr/lib/pkcs11/api/Makefile.am | 3 +- >> usr/lib/pkcs11/api/api_interface.c | 483 >> +++++++++++---------------- >> usr/lib/pkcs11/api/apiproto.h | 9 +- >> usr/lib/pkcs11/api/apiutil.c | 167 +++++----- >> usr/lib/pkcs11/bcom_stdll/Makefile.am | 2 +- >> usr/lib/pkcs11/cca_stdll/Makefile.am | 1 + >> usr/lib/pkcs11/cca_stdll/globals.c | 2 +- >> usr/lib/pkcs11/cca_stdll/h_extern.h | 6 +- >> usr/lib/pkcs11/cca_stdll/new_host.c | 281 +++++++--------- >> usr/lib/pkcs11/common/btree.c | 318 ++++++++++++++++++ >> usr/lib/pkcs11/common/globals.c | 2 +- >> usr/lib/pkcs11/common/h_extern.h | 6 +- >> usr/lib/pkcs11/common/new_host.c | 276 +++++++--------- >> usr/lib/pkcs11/common/sess_mgr.c | 241 ++++++++------- >> usr/lib/pkcs11/cr_stdll/Makefile.am | 2 +- >> usr/lib/pkcs11/ica_s390_stdll/Makefile.am | 2 +- >> usr/lib/pkcs11/ica_stdll/Makefile.am | 2 +- >> usr/lib/pkcs11/soft_stdll/Makefile.am | 1 + >> usr/lib/pkcs11/tpm_stdll/Makefile.am | 1 + >> usr/lib/pkcs11/tpm_stdll/globals.c | 2 +- >> usr/lib/pkcs11/tpm_stdll/h_extern.h | 6 +- >> usr/lib/pkcs11/tpm_stdll/new_host.c | 275 +++++++--------- >> usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h | 2 +- >> usr/lib/pkcs11/tpm_stdll/tok_specific.h | 2 +- >> usr/lib/pkcs11/tpm_stdll/tpm_specific.c | 3 +- >> 29 files changed, 1200 insertions(+), 1067 deletions(-) >> >> [1] >> https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=408193&aid=3196229 >> > ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
