On Wed, 2015-06-24 at 09:18 +0100, David Woodhouse wrote: > On Wed, 2015-06-24 at 10:03 +0200, Nikos Mavrogiannopoulos wrote: > > This patch set eliminates two issues in the proxy module: > > 1. A process using the proxy module would crash if at some point > > after > > initializing it would fork(). - patch set 0001-0002 > > 2. A process using the proxy module would call C_Finalize in a > > child > > process. - patch set 0003-0004 > > Thanks for looking at this. > > Bug 90289 wasn't a 'crash' but a deadlock, wasn't it? Or is that what > you meant?
Indeed 90289 wasn't a crash. But applying the fix for it reveals the crash solved by the second patch. > Your test case in patch #1 is actually *invalid* behaviour — the > first > thing the child calls MUST by C_Initialize(). Calling C_Finalize() in > the child without C_Initialize() first is broken. While it is broken with respect to PKCS #11 standard a crash on the parent process should not happen no matter what the child process does (or does not). > It's OK to ensure that p11-kit-proxy.so copes with that, but it's > probably best to explicitly note in the test case that it's not > guaranteed to work on modules in the general case. And if we want to > allow people to generally call C_Finalize() on p11-kit-proxy.so, we > also need to ensure that *doesn't* translate to invalid C_Finalize() > calls into the modules that it's loaded. > I posted a different test case, a week or two ago, to check for the > deadlock in the *valid* case of the child calling C_Initialize(). Isn't the one included in my patch set? regards,Nikos _______________________________________________ p11-glue mailing list p11-glue@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/p11-glue