typedef struct _Module {
CK_FUNCTION_LIST_PTR funcs;
+ CK_C_INITIALIZE_ARGS init_args;
int ref_count;
/* Registered modules */
/* Loaded modules */
void *dl_module;
- /* Initialized modules */
- CK_C_INITIALIZE_ARGS init_args;
- int initialize_count;
- int initializing;
+ /* Initialization, mutex must be held */
+ pthread_mutex_t initialize_mutex;
+ int initialize_called;
+ pthread_t initialize_thread;
} Module;
/*
assert (mod);
/* Module must be finalized */
- assert (mod->initialize_count == 0);
+ assert (mod->initialize_called == 0);
+ assert (mod->initialize_thread == 0);
/* Module must have no outstanding references */
assert (mod->ref_count == 0);
if (mod->dl_module)
dlclose (mod->dl_module);
+
+ pthread_mutex_destroy (&mod->initialize_mutex);
hash_free (mod->config);
free (mod->name);
free (mod);
mod->init_args.LockMutex = lock_mutex;
mod->init_args.UnlockMutex = unlock_mutex;
mod->init_args.flags = CKF_OS_LOCKING_OK;
+ pthread_mutex_init (&mod->initialize_mutex, NULL);
return mod;
}
prev = hash_get (gl.modules, mod->funcs);
- /* Replace previous module that was loaded explicitly? */
- if (prev && !prev->name) {
- mod->ref_count = prev->ref_count;
- mod->initialize_count = prev->initialize_count;
- prev->ref_count = 0;
- prev->initialize_count = 0;
- prev = NULL; /* freed by hash_set below */
- }
+ /* If same module was loaded previously, just take over config */
+ if (prev && !prev->name && !prev->config) {
+ prev->name = mod->name;
+ mod->name = NULL;
+ prev->config = mod->config;
+ mod->config = NULL;
+ free_module_unlocked (mod);
- /* Refuse to load duplicate module */
- if (prev) {
+ /* Ignore duplicate module */
+ } else if (prev) {
_p11_message ("duplicate configured module: %s: %s", mod->name, path);
free_module_unlocked (mod);
- return CKR_OK;
- }
+ /* Add this new module to our hash table */
+ } else {
+ if (!hash_set (gl.modules, mod->funcs, mod)) {
+ free_module_unlocked (mod);
+ return CKR_HOST_MEMORY;
+ }
+
+ }
/*
* We support setting of CK_C_INITIALIZE_ARGS.pReserved from
* 'x-init-reserved' setting in the config. This only works with specific
*/
mod->init_args.pReserved = hash_get (mod->config, "x-init-reserved");
- if (!hash_set (gl.modules, mod->funcs, mod)) {
- free_module_unlocked (mod);
- return CKR_HOST_MEMORY;
- }
-
return CKR_OK;
}
initialize_module_unlocked_reentrant (Module *mod)
{
CK_RV rv = CKR_OK;
+ pthread_t self;
assert (mod);
- if (mod->initializing) {
+ self = pthread_self ();
+
+ if (mod->initialize_thread == self) {
_p11_message ("p11-kit initialization called recursively");
return CKR_FUNCTION_FAILED;
}
* underneath us when the mutex is unlocked below.
*/
++mod->ref_count;
+ mod->initialize_thread = self;
- if (!mod->initialize_count) {
-
- mod->initializing = 1;
- debug ("C_Initialize: calling");
+ /* Change over to the module specific mutex */
+ pthread_mutex_lock (&mod->initialize_mutex);
+ _p11_unlock ();
- _p11_unlock ();
+ if (!mod->initialize_called) {
- assert (mod->funcs);
- rv = mod->funcs->C_Initialize (&mod->init_args);
+ debug ("C_Initialize: calling");
- _p11_lock ();
+ assert (mod->funcs);
+ rv = mod->funcs->C_Initialize (&mod->init_args);
debug ("C_Initialize: result: %lu", rv);
- mod->initializing = 0;
-
- /*
- * Because we have the mutex unlocked above, two initializes could
- * race. Therefore we need to take CKR_CRYPTOKI_ALREADY_INITIALIZED
- * into account.
- *
- * We also need to take into account where in a race both calls return
- * CKR_OK (which is not according to the spec but may happen, I mean we
- * do it in this module, so it's not unimaginable).
- */
+ /* Module was initialized and C_Finalize should be called */
if (rv == CKR_OK)
- ++mod->initialize_count;
+ mod->initialize_called = 1;
+
+ /* Module was already initialized, we don't call C_Finalize */
else if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED)
rv = CKR_OK;
- else
- --mod->ref_count;
}
+ pthread_mutex_unlock (&mod->initialize_mutex);
+ _p11_lock ();
+
+ /* Don't claim reference if failed */
+ if (rv != CKR_OK)
+ --mod->ref_count;
+
+ mod->initialize_thread = 0;
return rv;
}
if (gl.modules) {
hash_iterate (gl.modules, &iter);
while (hash_next (&iter, NULL, (void **)&mod)) {
- if (mod->initialize_count > 0) {
- mod->initialize_count = 0;
+ if (mod->initialize_called) {
+ mod->initialize_called = 0;
/* WARNING: Reentrancy can occur here */
initialize_module_unlocked_reentrant (mod);
*/
++mod->ref_count;
- while (mod->initialize_count > 0) {
-
- _p11_unlock ();
+ pthread_mutex_lock (&mod->initialize_mutex);
+ _p11_unlock ();
- assert (mod->funcs);
- mod->funcs->C_Finalize (NULL);
+ if (mod->initialize_called) {
- _p11_lock ();
+ assert (mod->funcs);
+ mod->funcs->C_Finalize (NULL);
- if (mod->initialize_count > 0)
- --mod->initialize_count;
+ mod->initialize_called = 0;
}
+ pthread_mutex_unlock (&mod->initialize_mutex);
+ _p11_lock ();
+
/* Match the increment above */
--mod->ref_count;
#include <sys/wait.h>
#include <assert.h>
+#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
CuAssertTrue (tc, rv == CKR_OK);
}
-
static CK_RV
mock_C_Initialize__with_recursive (CK_VOID_PTR init_args)
{
CuAssertTrue (tc, rv == CKR_FUNCTION_FAILED);
}
+static pthread_mutex_t race_mutex = PTHREAD_MUTEX_INITIALIZER;
+static int initialization_count = 0;
+static int finalization_count = 0;
+
+#include "private.h"
+
+static CK_RV
+mock_C_Initialize__threaded_race (CK_VOID_PTR init_args)
+{
+ struct timespec ts = { 0, 100 * 1000 * 1000 };
+
+ /* Atomically increment value */
+ pthread_mutex_lock (&race_mutex);
+ initialization_count += 1;
+ pthread_mutex_unlock (&race_mutex);
+
+ nanosleep (&ts, NULL);
+ return CKR_OK;
+}
+
+static CK_RV
+mock_C_Finalize__threaded_race (CK_VOID_PTR reserved)
+{
+ struct timespec ts = { 0, 100 * 1000 * 1000 };
+
+ /* Atomically increment value */
+ pthread_mutex_lock (&race_mutex);
+ finalization_count += 1;
+ pthread_mutex_unlock (&race_mutex);
+
+ nanosleep (&ts, NULL);
+ return CKR_OK;
+}
+
+static void *
+initialization_thread (void *data)
+{
+ CuTest *tc = data;
+ CK_RV rv;
+
+ rv = p11_kit_initialize_module (&module);
+ CuAssertTrue (tc, rv == CKR_OK);
+
+ return tc;
+}
+
+static void *
+finalization_thread (void *data)
+{
+ CuTest *tc = data;
+ CK_RV rv;
+
+ rv = p11_kit_finalize_module (&module);
+ CuAssertTrue (tc, rv == CKR_OK);
+
+ return tc;
+}
+
+static void
+test_threaded_initialization (CuTest *tc)
+{
+ static const int num_threads = 100;
+ pthread_t threads[num_threads];
+ void *retval;
+ int ret;
+ int i;
+
+ /* Build up our own function list */
+ memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST));
+ module.C_Initialize = mock_C_Initialize__threaded_race;
+ module.C_Finalize = mock_C_Finalize__threaded_race;
+
+ initialization_count = 0;
+ finalization_count = 0;
+
+ for (i = 0; i < num_threads; i++) {
+ ret = pthread_create (&threads[i], NULL, initialization_thread, tc);
+ CuAssertIntEquals (tc, 0, ret);
+ }
+
+ for (i = 0; i < num_threads; i++) {
+ ret = pthread_join (threads[i], &retval);
+ CuAssertIntEquals (tc, 0, ret);
+ CuAssertPtrEquals (tc, tc, retval);
+ }
+
+ for (i = 0; i < num_threads; i++) {
+ ret = pthread_create (&threads[i], NULL, finalization_thread, tc);
+ CuAssertIntEquals (tc, 0, ret);
+ }
+
+ for (i = 0; i < num_threads; i++) {
+ ret = pthread_join (threads[i], &retval);
+ CuAssertIntEquals (tc, 0, ret);
+ CuAssertPtrEquals (tc, tc, retval);
+ }
+
+ /* C_Initialize should have been called exactly once */
+ CuAssertIntEquals (tc, 1, initialization_count);
+ CuAssertIntEquals (tc, 1, finalization_count);
+}
+
int
main (void)
{
SUITE_ADD_TEST (suite, test_fork_initialization);
SUITE_ADD_TEST (suite, test_recursive_initialization);
+ SUITE_ADD_TEST (suite, test_threaded_initialization);
CuSuiteRun (suite);
CuSuiteSummary (suite, output);
projects / p11-kit / commitdiff