Hi, This patch changes the way opencryptoki handles sessions by moving from using a reference to memory to using a handle which references a binary tree node. This keeps opencryptoki from crashing when an app uses an invalid session handle. testcases/driver/sess_bench reports no performance regression using this patch. Due to its size, the patch is not inline, but available here [1].
- Uses a binary tree implemented in usr/lib/pkcs11/common/btree.c - One tree at the API level and another for each STDLL, replacing a linked list at the API level - The Session_Struct_t list is totally gone now, replaced by sess_btree in the API_Proc_Struct_t. The "value" pointer in the API-level btree holds a ref to a ST_SESSION_T (a struct with just a handle and slot ID) and the "value" pointer in the STDLL btree is a ref to a SESSION struct. - The C_CloseAllSessions was tricky and required me to iterate through all the nodes of the tree, checking if the slot ID is matches and removing the node if so. For this you'll see a bt_for_each_node() function, which uses a callback to check if the slot matches and if so, close the session. Calling C_CloseSession from the callback would be nicer, but we'd hit a deadlock on SessListMutex. - There are a couple of minor clean ups in here too: -- Pass ST_SESSION_T * through various APIs instead of the full struct itself -- Pass a SESSION struct down into the TPM STDLL instead of a ST_SESSION_T -- No more SESS_SET macro, which was ugly :) Tested on the TPM and software tokens on i686 and the software token on s390x. Note that this patch doesn't address passing in CK_OBJECT_HANDLE's, which also use references to memory. Another patch for that will follow. Thanks, Kent usr/include/pkcs11/apictl.h | 27 +-- usr/include/pkcs11/local_types.h | 31 ++ usr/include/pkcs11/stdll.h | 112 ++++---- usr/lib/pkcs11/aep_stdll/Makefile.am | 2 +- usr/lib/pkcs11/api/Makefile.am | 3 +- usr/lib/pkcs11/api/api_interface.c | 483 +++++++++++---------------- usr/lib/pkcs11/api/apiproto.h | 9 +- usr/lib/pkcs11/api/apiutil.c | 167 +++++----- usr/lib/pkcs11/bcom_stdll/Makefile.am | 2 +- usr/lib/pkcs11/cca_stdll/Makefile.am | 1 + usr/lib/pkcs11/cca_stdll/globals.c | 2 +- usr/lib/pkcs11/cca_stdll/h_extern.h | 6 +- usr/lib/pkcs11/cca_stdll/new_host.c | 281 +++++++--------- usr/lib/pkcs11/common/btree.c | 318 ++++++++++++++++++ usr/lib/pkcs11/common/globals.c | 2 +- usr/lib/pkcs11/common/h_extern.h | 6 +- usr/lib/pkcs11/common/new_host.c | 276 +++++++--------- usr/lib/pkcs11/common/sess_mgr.c | 241 ++++++++------- usr/lib/pkcs11/cr_stdll/Makefile.am | 2 +- usr/lib/pkcs11/ica_s390_stdll/Makefile.am | 2 +- usr/lib/pkcs11/ica_stdll/Makefile.am | 2 +- usr/lib/pkcs11/soft_stdll/Makefile.am | 1 + usr/lib/pkcs11/tpm_stdll/Makefile.am | 1 + usr/lib/pkcs11/tpm_stdll/globals.c | 2 +- usr/lib/pkcs11/tpm_stdll/h_extern.h | 6 +- usr/lib/pkcs11/tpm_stdll/new_host.c | 275 +++++++--------- usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h | 2 +- usr/lib/pkcs11/tpm_stdll/tok_specific.h | 2 +- usr/lib/pkcs11/tpm_stdll/tpm_specific.c | 3 +- 29 files changed, 1200 insertions(+), 1067 deletions(-) [1] https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=408193&aid=3196229 ------------------------------------------------------------------------------ Forrester Wave Report - Recovery time is now measured in hours and minutes not days. Key insights are discussed in the 2010 Forrester Wave Report as part of an in-depth evaluation of disaster recovery service providers. Forrester found the best-in-class provider in terms of services and vision. Read this report now! http://p.sf.net/sfu/ibm-webcastpromo _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
