From 2f545ae45d4b93649e40ff7f93e2c3e6ce3154ae Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sat, 27 Aug 2016 16:01:08 +0200 Subject: [PATCH] Add support for reference counting using C11 atomics Reviewed-by: Andy Polyakov Reviewed-by: Rich Salz GH: #1500 --- crypto/bio/bio_lcl.h | 3 +- crypto/bio/bio_lib.c | 4 +- crypto/bio/bio_meth.c | 4 +- crypto/dh/dh_lib.c | 4 +- crypto/dh/dh_locl.h | 3 +- crypto/dsa/dsa_lib.c | 4 +- crypto/dsa/dsa_locl.h | 3 +- crypto/dso/dso_lib.c | 4 +- crypto/dso/dso_locl.h | 3 +- crypto/ec/ec_key.c | 4 +- crypto/ec/ec_lcl.h | 3 +- crypto/ec/ec_mult.c | 6 +-- crypto/ec/ecp_nistp224.c | 6 +-- crypto/ec/ecp_nistp256.c | 6 +-- crypto/ec/ecp_nistp521.c | 6 +-- crypto/ec/ecp_nistz256.c | 6 +-- crypto/engine/eng_int.h | 3 +- crypto/engine/eng_lib.c | 5 +++ crypto/engine/eng_list.c | 2 +- crypto/evp/p_lib.c | 4 +- crypto/include/internal/evp_int.h | 4 +- crypto/include/internal/x509_int.h | 8 ++-- crypto/rsa/rsa_lib.c | 4 +- crypto/rsa/rsa_locl.h | 3 +- crypto/x509/x509_lcl.h | 4 +- crypto/x509/x509_lu.c | 4 +- crypto/x509/x509_set.c | 2 +- crypto/x509/x509cset.c | 2 +- include/internal/refcount.h | 65 ++++++++++++++++++++++++++++++ ssl/ssl_cert.c | 2 +- ssl/ssl_lib.c | 12 +++--- ssl/ssl_locl.h | 9 +++-- ssl/ssl_sess.c | 4 +- 33 files changed, 145 insertions(+), 61 deletions(-) create mode 100644 include/internal/refcount.h diff --git a/crypto/bio/bio_lcl.h b/crypto/bio/bio_lcl.h index d46f4e745c..f7de429cbb 100644 --- a/crypto/bio/bio_lcl.h +++ b/crypto/bio/bio_lcl.h @@ -9,6 +9,7 @@ #define USE_SOCKETS #include "e_os.h" +#include "internal/refcount.h" /* BEGIN BIO_ADDRINFO/BIO_ADDR stuff. */ @@ -125,7 +126,7 @@ struct bio_st { void *ptr; struct bio_st *next_bio; /* used by filter BIOs */ struct bio_st *prev_bio; /* used by filter BIOs */ - int references; + CRYPTO_REF_COUNT references; uint64_t num_read; uint64_t num_write; CRYPTO_EX_DATA ex_data; diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index c14e238ddc..4c2af7d746 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -113,7 +113,7 @@ int BIO_free(BIO *a) if (a == NULL) return 0; - if (CRYPTO_atomic_add(&a->references, -1, &ret, a->lock) <= 0) + if (CRYPTO_DOWN_REF(&a->references, &ret, a->lock) <= 0) return 0; REF_PRINT_COUNT("BIO", a); @@ -178,7 +178,7 @@ int BIO_up_ref(BIO *a) { int i; - if (CRYPTO_atomic_add(&a->references, 1, &i, a->lock) <= 0) + if (CRYPTO_UP_REF(&a->references, &i, a->lock) <= 0) return 0; REF_PRINT_COUNT("BIO", a); diff --git a/crypto/bio/bio_meth.c b/crypto/bio/bio_meth.c index 588c5170f7..3cbac5bf85 100644 --- a/crypto/bio/bio_meth.c +++ b/crypto/bio/bio_meth.c @@ -21,14 +21,14 @@ DEFINE_RUN_ONCE_STATIC(do_bio_type_init) int BIO_get_new_index() { - static int bio_count = BIO_TYPE_START; + static CRYPTO_REF_COUNT bio_count = BIO_TYPE_START; int newval; if (!RUN_ONCE(&bio_type_init, do_bio_type_init)) { BIOerr(BIO_F_BIO_GET_NEW_INDEX, ERR_R_MALLOC_FAILURE); return -1; } - if (!CRYPTO_atomic_add(&bio_count, 1, &newval, bio_type_lock)) + if (!CRYPTO_UP_REF(&bio_count, &newval, bio_type_lock)) return -1; return newval; } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index adf1771514..3dfe7c4e58 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -111,7 +111,7 @@ void DH_free(DH *r) if (r == NULL) return; - CRYPTO_atomic_add(&r->references, -1, &i, r->lock); + CRYPTO_DOWN_REF(&r->references, &i, r->lock); REF_PRINT_COUNT("DH", r); if (i > 0) return; @@ -142,7 +142,7 @@ int DH_up_ref(DH *r) { int i; - if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) + if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) return 0; REF_PRINT_COUNT("DH", r); diff --git a/crypto/dh/dh_locl.h b/crypto/dh/dh_locl.h index 19301c3185..6867555c4a 100644 --- a/crypto/dh/dh_locl.h +++ b/crypto/dh/dh_locl.h @@ -8,6 +8,7 @@ */ #include +#include "internal/refcount.h" struct dh_st { /* @@ -29,7 +30,7 @@ struct dh_st { unsigned char *seed; int seedlen; BIGNUM *counter; - int references; + CRYPTO_REF_COUNT references; CRYPTO_EX_DATA ex_data; const DH_METHOD *meth; ENGINE *engine; diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 42324c70fb..e24c6b526f 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -120,7 +120,7 @@ void DSA_free(DSA *r) if (r == NULL) return; - CRYPTO_atomic_add(&r->references, -1, &i, r->lock); + CRYPTO_DOWN_REF(&r->references, &i, r->lock); REF_PRINT_COUNT("DSA", r); if (i > 0) return; @@ -148,7 +148,7 @@ int DSA_up_ref(DSA *r) { int i; - if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) + if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) return 0; REF_PRINT_COUNT("DSA", r); diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h index 9021fce0bf..f575195c37 100644 --- a/crypto/dsa/dsa_locl.h +++ b/crypto/dsa/dsa_locl.h @@ -8,6 +8,7 @@ */ #include +#include "internal/refcount.h" struct dsa_st { /* @@ -24,7 +25,7 @@ struct dsa_st { int flags; /* Normally used to cache montgomery values */ BN_MONT_CTX *method_mont_p; - int references; + CRYPTO_REF_COUNT references; CRYPTO_EX_DATA ex_data; const DSA_METHOD *meth; /* functional reference if 'meth' is ENGINE-provided */ diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c index 52816dfb9d..8f185b3828 100644 --- a/crypto/dso/dso_lib.c +++ b/crypto/dso/dso_lib.c @@ -65,7 +65,7 @@ int DSO_free(DSO *dso) if (dso == NULL) return (1); - if (CRYPTO_atomic_add(&dso->references, -1, &i, dso->lock) <= 0) + if (CRYPTO_DOWN_REF(&dso->references, &i, dso->lock) <= 0) return 0; REF_PRINT_COUNT("DSO", dso); @@ -107,7 +107,7 @@ int DSO_up_ref(DSO *dso) return 0; } - if (CRYPTO_atomic_add(&dso->references, 1, &i, dso->lock) <= 0) + if (CRYPTO_UP_REF(&dso->references, &i, dso->lock) <= 0) return 0; REF_PRINT_COUNT("DSO", r); diff --git a/crypto/dso/dso_locl.h b/crypto/dso/dso_locl.h index fbfad0544a..14a0ccb7c0 100644 --- a/crypto/dso/dso_locl.h +++ b/crypto/dso/dso_locl.h @@ -11,6 +11,7 @@ #include "internal/cryptlib.h" #include "internal/dso.h" #include "internal/dso_conf.h" +#include "internal/refcount.h" /**********************************************************************/ /* The low-level handle type used to refer to a loaded shared library */ @@ -24,7 +25,7 @@ struct dso_st { * "Handles" and such go in a STACK. */ STACK_OF(void) *meth_data; - int references; + CRYPTO_REF_COUNT references; int flags; /* * For use by applications etc ... use this for your bits'n'pieces, don't diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index f1f0afb466..2d10a8c26b 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -49,7 +49,7 @@ void EC_KEY_free(EC_KEY *r) if (r == NULL) return; - CRYPTO_atomic_add(&r->references, -1, &i, r->lock); + CRYPTO_DOWN_REF(&r->references, &i, r->lock); REF_PRINT_COUNT("EC_KEY", r); if (i > 0) return; @@ -169,7 +169,7 @@ int EC_KEY_up_ref(EC_KEY *r) { int i; - if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) + if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) return 0; REF_PRINT_COUNT("EC_KEY", r); diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index ded35a72a0..7d72a52734 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -26,6 +26,7 @@ #include #include #include +#include "internal/refcount.h" #include "e_os.h" @@ -261,7 +262,7 @@ struct ec_key_st { BIGNUM *priv_key; unsigned int enc_flag; point_conversion_form_t conv_form; - int references; + CRYPTO_REF_COUNT references; int flags; CRYPTO_EX_DATA ex_data; CRYPTO_RWLOCK *lock; diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 036cdde490..832b70fb73 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -38,7 +38,7 @@ struct ec_pre_comp_st { * generator: 'num' pointers to EC_POINT * objects followed by a NULL */ size_t num; /* numblocks * 2^(w-1) */ - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -73,7 +73,7 @@ EC_PRE_COMP *EC_ec_pre_comp_dup(EC_PRE_COMP *pre) { int i; if (pre != NULL) - CRYPTO_atomic_add(&pre->references, 1, &i, pre->lock); + CRYPTO_UP_REF(&pre->references, &i, pre->lock); return pre; } @@ -84,7 +84,7 @@ void EC_ec_pre_comp_free(EC_PRE_COMP *pre) if (pre == NULL) return; - CRYPTO_atomic_add(&pre->references, -1, &i, pre->lock); + CRYPTO_DOWN_REF(&pre->references, &i, pre->lock); REF_PRINT_COUNT("EC_ec", pre); if (i > 0) return; diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index 0c11abc089..cf56368fb2 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -236,7 +236,7 @@ static const felem gmul[2][16][3] = { /* Precomputation for the group generator. */ struct nistp224_pre_comp_st { felem g_pre_comp[2][16][3]; - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -1239,7 +1239,7 @@ NISTP224_PRE_COMP *EC_nistp224_pre_comp_dup(NISTP224_PRE_COMP *p) { int i; if (p != NULL) - CRYPTO_atomic_add(&p->references, 1, &i, p->lock); + CRYPTO_UP_REF(&p->references, &i, p->lock); return p; } @@ -1250,7 +1250,7 @@ void EC_nistp224_pre_comp_free(NISTP224_PRE_COMP *p) if (p == NULL) return; - CRYPTO_atomic_add(&p->references, -1, &i, p->lock); + CRYPTO_DOWN_REF(&p->references, &i, p->lock); REF_PRINT_COUNT("EC_nistp224", x); if (i > 0) return; diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 8cd7222854..162f146329 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1765,7 +1765,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, /* Precomputation for the group generator. */ struct nistp256_pre_comp_st { smallfelem g_pre_comp[2][16][3]; - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -1855,7 +1855,7 @@ NISTP256_PRE_COMP *EC_nistp256_pre_comp_dup(NISTP256_PRE_COMP *p) { int i; if (p != NULL) - CRYPTO_atomic_add(&p->references, 1, &i, p->lock); + CRYPTO_UP_REF(&p->references, &i, p->lock); return p; } @@ -1866,7 +1866,7 @@ void EC_nistp256_pre_comp_free(NISTP256_PRE_COMP *pre) if (pre == NULL) return; - CRYPTO_atomic_add(&pre->references, -1, &i, pre->lock); + CRYPTO_DOWN_REF(&pre->references, &i, pre->lock); REF_PRINT_COUNT("EC_nistp256", x); if (i > 0) return; diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 7207494b8d..33c4cd5df5 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1594,7 +1594,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, /* Precomputation for the group generator. */ struct nistp521_pre_comp_st { felem g_pre_comp[16][3]; - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -1684,7 +1684,7 @@ NISTP521_PRE_COMP *EC_nistp521_pre_comp_dup(NISTP521_PRE_COMP *p) { int i; if (p != NULL) - CRYPTO_atomic_add(&p->references, 1, &i, p->lock); + CRYPTO_UP_REF(&p->references, &i, p->lock); return p; } @@ -1695,7 +1695,7 @@ void EC_nistp521_pre_comp_free(NISTP521_PRE_COMP *p) if (p == NULL) return; - CRYPTO_atomic_add(&p->references, -1, &i, p->lock); + CRYPTO_DOWN_REF(&p->references, &i, p->lock); REF_PRINT_COUNT("EC_nistp521", x); if (i > 0) return; diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index 6e4ca51017..5c8affa4c7 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -84,7 +84,7 @@ struct nistz256_pre_comp_st { */ PRECOMP256_ROW *precomp; void *precomp_storage; - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -1477,7 +1477,7 @@ NISTZ256_PRE_COMP *EC_nistz256_pre_comp_dup(NISTZ256_PRE_COMP *p) { int i; if (p != NULL) - CRYPTO_atomic_add(&p->references, 1, &i, p->lock); + CRYPTO_UP_REF(&p->references, &i, p->lock); return p; } @@ -1488,7 +1488,7 @@ void EC_nistz256_pre_comp_free(NISTZ256_PRE_COMP *pre) if (pre == NULL) return; - CRYPTO_atomic_add(&pre->references, -1, &i, pre->lock); + CRYPTO_DOWN_REF(&pre->references, &i, pre->lock); REF_PRINT_COUNT("EC_nistz256", x); if (i > 0) return; diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h index c604faddd7..741e6876b6 100644 --- a/crypto/engine/eng_int.h +++ b/crypto/engine/eng_int.h @@ -19,6 +19,7 @@ # include "internal/cryptlib.h" # include # include +# include "internal/refcount.h" #ifdef __cplusplus extern "C" { @@ -156,7 +157,7 @@ struct engine_st { const ENGINE_CMD_DEFN *cmd_defns; int flags; /* reference count on the structure itself */ - int struct_ref; + CRYPTO_REF_COUNT struct_ref; /* * reference count on usability of the engine type. NB: This controls the * loading and initialisation of any functionality required by this diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c index 28de21d73d..8a21f38028 100644 --- a/crypto/engine/eng_lib.c +++ b/crypto/engine/eng_lib.c @@ -9,6 +9,7 @@ #include "eng_int.h" #include +#include "internal/refcount.h" CRYPTO_RWLOCK *global_engine_lock; @@ -72,10 +73,14 @@ int engine_free_util(ENGINE *e, int locked) if (e == NULL) return 1; +#ifdef HAVE_ATOMICS + CRYPTO_DOWN_REF(&e->struct_ref, &i, global_engine_lock); +#else if (locked) CRYPTO_atomic_add(&e->struct_ref, -1, &i, global_engine_lock); else i = --e->struct_ref; +#endif engine_ref_debug(e, 0, -1) if (i > 0) return 1; diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 934389f74e..d8eb076a68 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -349,6 +349,6 @@ int ENGINE_up_ref(ENGINE *e) ENGINEerr(ENGINE_F_ENGINE_UP_REF, ERR_R_PASSED_NULL_PARAMETER); return 0; } - CRYPTO_atomic_add(&e->struct_ref, 1, &i, global_engine_lock); + CRYPTO_UP_REF(&e->struct_ref, &i, global_engine_lock); return 1; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 9828620552..234d05f270 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -160,7 +160,7 @@ int EVP_PKEY_up_ref(EVP_PKEY *pkey) { int i; - if (CRYPTO_atomic_add(&pkey->references, 1, &i, pkey->lock) <= 0) + if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0) return 0; REF_PRINT_COUNT("EVP_PKEY", pkey); @@ -392,7 +392,7 @@ void EVP_PKEY_free(EVP_PKEY *x) if (x == NULL) return; - CRYPTO_atomic_add(&x->references, -1, &i, x->lock); + CRYPTO_DOWN_REF(&x->references, &i, x->lock); REF_PRINT_COUNT("EVP_PKEY", x); if (i > 0) return; diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index d1e607e7d3..0809dc3d05 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/refcount.h" + struct evp_pkey_ctx_st { /* Method associated with this operation */ const EVP_PKEY_METHOD *pmeth; @@ -353,7 +355,7 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } struct evp_pkey_st { int type; int save_type; - int references; + CRYPTO_REF_COUNT references; const EVP_PKEY_ASN1_METHOD *ameth; ENGINE *engine; union { diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h index 2845026dd8..10b605f709 100644 --- a/crypto/include/internal/x509_int.h +++ b/crypto/include/internal/x509_int.h @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/refcount.h" + /* Internal X509 structures and functions: not for application use */ /* Note: unless otherwise stated a field pointer is mandatory and should @@ -54,7 +56,7 @@ struct X509_req_st { X509_REQ_INFO req_info; /* signed certificate request data */ X509_ALGOR sig_alg; /* signature algorithm */ ASN1_BIT_STRING *signature; /* signature */ - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -73,7 +75,7 @@ struct X509_crl_st { X509_CRL_INFO crl; /* signed CRL data */ X509_ALGOR sig_alg; /* CRL signature algorithm */ ASN1_BIT_STRING signature; /* CRL signature */ - int references; + CRYPTO_REF_COUNT references; int flags; /* * Cached copies of decoded extension values, since extensions @@ -144,7 +146,7 @@ struct x509_st { X509_CINF cert_info; X509_ALGOR sig_alg; ASN1_BIT_STRING signature; - int references; + CRYPTO_REF_COUNT references; CRYPTO_EX_DATA ex_data; /* These contain copies of various extension values */ long ex_pathlen; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 48e9100a97..e41644b099 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -128,7 +128,7 @@ void RSA_free(RSA *r) if (r == NULL) return; - CRYPTO_atomic_add(&r->references, -1, &i, r->lock); + CRYPTO_DOWN_REF(&r->references, &i, r->lock); REF_PRINT_COUNT("RSA", r); if (i > 0) return; @@ -162,7 +162,7 @@ int RSA_up_ref(RSA *r) { int i; - if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0) + if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0) return 0; REF_PRINT_COUNT("RSA", r); diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h index 5d16aa6f43..e342ca8dfb 100644 --- a/crypto/rsa/rsa_locl.h +++ b/crypto/rsa/rsa_locl.h @@ -8,6 +8,7 @@ */ #include +#include "internal/refcount.h" struct rsa_st { /* @@ -29,7 +30,7 @@ struct rsa_st { BIGNUM *iqmp; /* be careful using this if the RSA structure is shared */ CRYPTO_EX_DATA ex_data; - int references; + CRYPTO_REF_COUNT references; int flags; /* Used to cache montgomery values */ BN_MONT_CTX *_method_mod_n; diff --git a/crypto/x509/x509_lcl.h b/crypto/x509/x509_lcl.h index 9b22974f4d..0cc38c6443 100644 --- a/crypto/x509/x509_lcl.h +++ b/crypto/x509/x509_lcl.h @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/refcount.h" + /* * This structure holds all parameters associated with a verify operation by * including an X509_VERIFY_PARAM structure in related structures the @@ -130,7 +132,7 @@ struct x509_store_st { STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm); int (*cleanup) (X509_STORE_CTX *ctx); CRYPTO_EX_DATA ex_data; - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 04ae1cbb30..d425a057ca 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -196,7 +196,7 @@ void X509_STORE_free(X509_STORE *vfy) if (vfy == NULL) return; - CRYPTO_atomic_add(&vfy->references, -1, &i, vfy->lock); + CRYPTO_DOWN_REF(&vfy->references, &i, vfy->lock); REF_PRINT_COUNT("X509_STORE", vfy); if (i > 0) return; @@ -221,7 +221,7 @@ int X509_STORE_up_ref(X509_STORE *vfy) { int i; - if (CRYPTO_atomic_add(&vfy->references, 1, &i, vfy->lock) <= 0) + if (CRYPTO_UP_REF(&vfy->references, &i, vfy->lock) <= 0) return 0; REF_PRINT_COUNT("X509_STORE", a); diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c index c0ea41883d..e46174a463 100644 --- a/crypto/x509/x509_set.c +++ b/crypto/x509/x509_set.c @@ -96,7 +96,7 @@ int X509_up_ref(X509 *x) { int i; - if (CRYPTO_atomic_add(&x->references, 1, &i, x->lock) <= 0) + if (CRYPTO_UP_REF(&x->references, &i, x->lock) <= 0) return 0; REF_PRINT_COUNT("X509", x); diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c index 205785961b..3c9c32296e 100644 --- a/crypto/x509/x509cset.c +++ b/crypto/x509/x509cset.c @@ -67,7 +67,7 @@ int X509_CRL_up_ref(X509_CRL *crl) { int i; - if (CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock) <= 0) + if (CRYPTO_UP_REF(&crl->references, &i, crl->lock) <= 0) return 0; REF_PRINT_COUNT("X509_CRL", crl); diff --git a/include/internal/refcount.h b/include/internal/refcount.h new file mode 100644 index 0000000000..b83e05c4cc --- /dev/null +++ b/include/internal/refcount.h @@ -0,0 +1,65 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#ifndef HEADER_INTERNAL_REFCOUNT_H +# define HEADER_INTERNAL_REFCOUNT_H + +# if __STDC_VERSION__ >= 201112L && !defined(__STDC_NO_ATOMICS__) +# include +# define HAVE_C11_ATOMICS +# endif + +# if defined(HAVE_C11_ATOMICS) && ATOMIC_INT_LOCK_FREE > 0 + +# define HAVE_ATOMICS 1 + +typedef _Atomic int CRYPTO_REF_COUNT; + +static ossl_inline int CRYPTO_UP_REF(_Atomic int *val, int *ret, void *lock) +{ + *ret = atomic_fetch_add_explicit(val, 1, memory_order_relaxed) + 1; + return 1; +} + +static ossl_inline int CRYPTO_DOWN_REF(_Atomic int *val, int *ret, void *lock) +{ + *ret = atomic_fetch_sub_explicit(val, 1, memory_order_release) - 1; + if (*ret == 0) + atomic_thread_fence(memory_order_acquire); + return 1; +} + +# elif defined(__GNUC__) && defined(__ATOMIC_RELAXED) && __GCC_ATOMIC_INT_LOCK_FREE > 0 + +# define HAVE_ATOMICS 1 + +typedef int CRYPTO_REF_COUNT; + +static ossl_inline int CRYPTO_UP_REF(int *val, int *ret, void *lock) +{ + *ret = __atomic_fetch_add(val, 1, __ATOMIC_RELAXED) + 1; + return 1; +} + +static ossl_inline int CRYPTO_DOWN_REF(int *val, int *ret, void *lock) +{ + *ret = __atomic_fetch_sub(val, 1, __ATOMIC_RELEASE) - 1; + if (*ret == 0) + __atomic_thread_fence(__ATOMIC_ACQUIRE); + return 1; +} + +# else + +typedef int CRYPTO_REF_COUNT; + +# define CRYPTO_UP_REF(val, ret, lock) CRYPTO_atomic_add(val, 1, ret, lock) +# define CRYPTO_DOWN_REF(val, ret, lock) CRYPTO_atomic_add(val, -1, ret, lock) + +# endif +#endif diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 9d359572a9..f26e876014 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -235,7 +235,7 @@ void ssl_cert_free(CERT *c) if (c == NULL) return; - CRYPTO_atomic_add(&c->references, -1, &i, c->lock); + CRYPTO_DOWN_REF(&c->references, &i, c->lock); REF_PRINT_COUNT("CERT", c); if (i > 0) return; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index b6f701536f..5f2c941b79 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -682,7 +682,7 @@ int SSL_up_ref(SSL *s) { int i; - if (CRYPTO_atomic_add(&s->references, 1, &i, s->lock) <= 0) + if (CRYPTO_UP_REF(&s->references, &i, s->lock) <= 0) return 0; REF_PRINT_COUNT("SSL", s); @@ -965,7 +965,7 @@ void SSL_free(SSL *s) if (s == NULL) return; - CRYPTO_atomic_add(&s->references, -1, &i, s->lock); + CRYPTO_DOWN_REF(&s->references, &i, s->lock); REF_PRINT_COUNT("SSL", s); if (i > 0) return; @@ -1379,7 +1379,7 @@ int SSL_copy_session_id(SSL *t, const SSL *f) return 0; } - CRYPTO_atomic_add(&f->cert->references, 1, &i, f->cert->lock); + CRYPTO_UP_REF(&f->cert->references, &i, f->cert->lock); ssl_cert_free(t->cert); t->cert = f->cert; if (!SSL_set_session_id_context(t, f->sid_ctx, (int)f->sid_ctx_length)) { @@ -2570,7 +2570,7 @@ int SSL_CTX_up_ref(SSL_CTX *ctx) { int i; - if (CRYPTO_atomic_add(&ctx->references, 1, &i, ctx->lock) <= 0) + if (CRYPTO_UP_REF(&ctx->references, &i, ctx->lock) <= 0) return 0; REF_PRINT_COUNT("SSL_CTX", ctx); @@ -2585,7 +2585,7 @@ void SSL_CTX_free(SSL_CTX *a) if (a == NULL) return; - CRYPTO_atomic_add(&a->references, -1, &i, a->lock); + CRYPTO_DOWN_REF(&a->references, &i, a->lock); REF_PRINT_COUNT("SSL_CTX", a); if (i > 0) return; @@ -3199,7 +3199,7 @@ SSL *SSL_dup(SSL *s) /* If we're not quiescent, just up_ref! */ if (!SSL_in_init(s) || !SSL_in_before(s)) { - CRYPTO_atomic_add(&s->references, 1, &i, s->lock); + CRYPTO_UP_REF(&s->references, &i, s->lock); return s; } diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 88b2f8b575..41382bafc0 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -66,6 +66,7 @@ # include "statem/statem.h" # include "packet_locl.h" # include "internal/dane.h" +# include "internal/refcount.h" # ifdef OPENSSL_BUILD_SHLIBSSL # undef OPENSSL_EXTERN @@ -536,7 +537,7 @@ struct ssl_session_st { * certificate is not ok, we must remember the error for session reuse: */ long verify_result; /* only for servers */ - int references; + CRYPTO_REF_COUNT references; long timeout; long time; unsigned int compress_meth; /* Need to lookup the method */ @@ -663,7 +664,7 @@ struct ssl_ctx_st { * :-) */ } stats; - int references; + CRYPTO_REF_COUNT references; /* if defined, these override the X509_verify_cert() calls */ int (*app_verify_callback) (X509_STORE_CTX *, void *); @@ -1006,7 +1007,7 @@ struct ssl_st { CRYPTO_EX_DATA ex_data; /* for server side, keep the list of CA_dn we can use */ STACK_OF(X509_NAME) *client_CA; - int references; + CRYPTO_REF_COUNT references; /* protocol behaviour */ uint32_t options; /* API behaviour */ @@ -1543,7 +1544,7 @@ typedef struct cert_st { /* If not NULL psk identity hint to use for servers */ char *psk_identity_hint; # endif - int references; /* >1 only if SSL_copy_session_id is used */ + CRYPTO_REF_COUNT references; /* >1 only if SSL_copy_session_id is used */ CRYPTO_RWLOCK *lock; } CERT; diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 47dbf85676..c9a9e2364a 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -752,7 +752,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) if (ss == NULL) return; - CRYPTO_atomic_add(&ss->references, -1, &i, ss->lock); + CRYPTO_DOWN_REF(&ss->references, &i, ss->lock); REF_PRINT_COUNT("SSL_SESSION", ss); if (i > 0) return; @@ -788,7 +788,7 @@ int SSL_SESSION_up_ref(SSL_SESSION *ss) { int i; - if (CRYPTO_atomic_add(&ss->references, 1, &i, ss->lock) <= 0) + if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0) return 0; REF_PRINT_COUNT("SSL_SESSION", ss); -- 2.40.0