Sigh, looks like I was right the first time, here's the correct patch. :-) [1] https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409166&aid=3196229
On Mon, Apr 18, 2011 at 11:18 AM, Kent Yoder <[email protected]> wrote: > One of those fixes made it into session_btree-0.4.patch, so I've > reposted the patch without it: > > https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409164&aid=3196229 > > Thanks, > Kent > > On Mon, Apr 18, 2011 at 11:08 AM, Kent Yoder <[email protected]> wrote: >> I've attached [1] to the bugzilla -- two additional bugfixes I've >> found during testing. One is an access to an initialized variable, >> the other sets the correct login state after all sessions are closed. >> >> Thanks, >> Kent >> >> Signed-off-by: Kent Yoder <[email protected]> >> >> [1] >> https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=409160&aid=3196229 >> >> On Mon, Apr 11, 2011 at 2:58 PM, Kent Yoder <[email protected]> wrote: >>> Hi, >>> >>> This patch changes the way opencryptoki handles sessions by moving >>> from using a reference to memory to using a handle which references a >>> binary tree node. This keeps opencryptoki from crashing when an app >>> uses an invalid session handle. testcases/driver/sess_bench reports >>> no performance regression using this patch. Due to its size, the patch >>> is not inline, but available here [1]. >>> >>> - Uses a binary tree implemented in usr/lib/pkcs11/common/btree.c >>> - One tree at the API level and another for each STDLL, replacing a >>> linked list at the API level >>> - The Session_Struct_t list is totally gone now, replaced by sess_btree >>> in the API_Proc_Struct_t. The "value" pointer in the API-level btree >>> holds a ref to a ST_SESSION_T (a struct with just a handle and slot ID) and >>> the "value" pointer in the STDLL btree is a ref to a SESSION struct. >>> - The C_CloseAllSessions was tricky and required me to iterate through >>> all the nodes of the tree, checking if the slot ID is matches and >>> removing the node if so. For this you'll see a bt_for_each_node() >>> function, which uses a callback to check if the slot matches and if so, >>> close the session. Calling C_CloseSession from the callback would be >>> nicer, but we'd hit a deadlock on SessListMutex. >>> - There are a couple of minor clean ups in here too: >>> -- Pass ST_SESSION_T * through various APIs instead of the full struct >>> itself >>> -- Pass a SESSION struct down into the TPM STDLL instead of a ST_SESSION_T >>> -- No more SESS_SET macro, which was ugly :) >>> >>> Tested on the TPM and software tokens on i686 and the software token on >>> s390x. >>> >>> Note that this patch doesn't address passing in CK_OBJECT_HANDLE's, >>> which also use references to memory. Another patch for that will >>> follow. >>> >>> Thanks, >>> Kent >>> >>> usr/include/pkcs11/apictl.h | 27 +-- >>> usr/include/pkcs11/local_types.h | 31 ++ >>> usr/include/pkcs11/stdll.h | 112 ++++---- >>> usr/lib/pkcs11/aep_stdll/Makefile.am | 2 +- >>> usr/lib/pkcs11/api/Makefile.am | 3 +- >>> usr/lib/pkcs11/api/api_interface.c | 483 >>> +++++++++++---------------- >>> usr/lib/pkcs11/api/apiproto.h | 9 +- >>> usr/lib/pkcs11/api/apiutil.c | 167 +++++----- >>> usr/lib/pkcs11/bcom_stdll/Makefile.am | 2 +- >>> usr/lib/pkcs11/cca_stdll/Makefile.am | 1 + >>> usr/lib/pkcs11/cca_stdll/globals.c | 2 +- >>> usr/lib/pkcs11/cca_stdll/h_extern.h | 6 +- >>> usr/lib/pkcs11/cca_stdll/new_host.c | 281 +++++++--------- >>> usr/lib/pkcs11/common/btree.c | 318 ++++++++++++++++++ >>> usr/lib/pkcs11/common/globals.c | 2 +- >>> usr/lib/pkcs11/common/h_extern.h | 6 +- >>> usr/lib/pkcs11/common/new_host.c | 276 +++++++--------- >>> usr/lib/pkcs11/common/sess_mgr.c | 241 ++++++++------- >>> usr/lib/pkcs11/cr_stdll/Makefile.am | 2 +- >>> usr/lib/pkcs11/ica_s390_stdll/Makefile.am | 2 +- >>> usr/lib/pkcs11/ica_stdll/Makefile.am | 2 +- >>> usr/lib/pkcs11/soft_stdll/Makefile.am | 1 + >>> usr/lib/pkcs11/tpm_stdll/Makefile.am | 1 + >>> usr/lib/pkcs11/tpm_stdll/globals.c | 2 +- >>> usr/lib/pkcs11/tpm_stdll/h_extern.h | 6 +- >>> usr/lib/pkcs11/tpm_stdll/new_host.c | 275 +++++++--------- >>> usr/lib/pkcs11/tpm_stdll/tok_spec_struct.h | 2 +- >>> usr/lib/pkcs11/tpm_stdll/tok_specific.h | 2 +- >>> usr/lib/pkcs11/tpm_stdll/tpm_specific.c | 3 +- >>> 29 files changed, 1200 insertions(+), 1067 deletions(-) >>> >>> [1] >>> https://sourceforge.net/tracker/download.php?group_id=128009&atid=710344&file_id=408193&aid=3196229 >>> >> > ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
