rpms/p11-kit
6
0
Fork 0
Code Issues Pull Requests Releases Activity
65f97a1bf2
p11-kit/p11-kit-0.23.1-no-finalize.patch

87 lines
2.2 KiB
Diff
Raw Blame History

From cacaf8cd0b0a4f2cd61b61b012cd5cbf715fe38f Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 24 Jun 2015 09:43:57 +0200
Subject: In proxy module don't call C_Finalize on a forked process.
This corrects a deadlock on the forked process. The deadlock
happened because the proxy called C_Finalize prior to a C_Initialize
which is wrong according to PKCS #11 (2.40). This patch eliminates
the C_Finalize call in that case.
This resolves #90289
https://bugs.freedesktop.org/show_bug.cgi?id=90289
Reviewed-by: Stef Walter <stefw@redhat.com>
diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c
index db2acb8..28fd186 100644
--- a/p11-kit/proxy.c
+++ b/p11-kit/proxy.c
@@ -98,6 +98,7 @@ static State *all_instances = NULL;
static State global = { { { { -1, -1 }, NULL, }, }, NULL, NULL, FIRST_HANDLE, NULL };
#define PROXY_VALID(px) ((px) && (px)->forkid == p11_forkid)
+#define PROXY_FORKED(px) ((px) && (px)->forkid != p11_forkid)
#define MANUFACTURER_ID "PKCS#11 Kit "
#define LIBRARY_DESCRIPTION "PKCS#11 Kit Proxy Module "
@@ -187,10 +188,11 @@ map_session_to_real (Proxy *px,
}
static void
-proxy_free (Proxy *py)
+proxy_free (Proxy *py, unsigned finalize)
{
if (py) {
- p11_kit_modules_finalize (py->inited);
+ if (finalize)
+ p11_kit_modules_finalize (py->inited);
free (py->inited);
p11_dict_free (py->sessions);
free (py->mappings);
@@ -227,7 +229,7 @@ proxy_C_Finalize (CK_X_FUNCTION_LIST *self,
p11_unlock ();
- proxy_free (py);
+ proxy_free (py, 1);
}
p11_debug ("out: %lu", rv);
@@ -301,7 +303,7 @@ proxy_create (Proxy **res)
}
if (rv != CKR_OK) {
- proxy_free (py);
+ proxy_free (py, 1);
return rv;
}
@@ -331,8 +333,13 @@ proxy_C_Initialize (CK_X_FUNCTION_LIST *self,
p11_lock ();
if (!PROXY_VALID (state->px)) {
+ unsigned call_finalize = 1;
+
initialize = true;
- proxy_free (state->px);
+ if (PROXY_FORKED(state->px))
+ call_finalize = 0;
+ proxy_free (state->px, call_finalize);
+
state->px = NULL;
} else {
state->px->refs++;
@@ -360,7 +367,7 @@ proxy_C_Initialize (CK_X_FUNCTION_LIST *self,
p11_unlock ();
- proxy_free (py);
+ proxy_free (py, 1);
p11_debug ("out: 0");
return rv;
}
--
cgit v0.10.2
Reference in New Issue View Git Blame Copy Permalink