1 /* 2 * Common Public License Version 0.5 3 * 4 * THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF 5 * THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, 6 * REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES 7 * RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT. 8 * 9 * 1. DEFINITIONS 10 * 11 * "Contribution" means: 12 * a) in the case of the initial Contributor, the 13 * initial code and documentation distributed under 14 * this Agreement, and 15 * 16 * b) in the case of each subsequent Contributor: 17 * i) changes to the Program, and 18 * ii) additions to the Program; 19 * 20 * where such changes and/or additions to the Program 21 * originate from and are distributed by that 22 * particular Contributor. A Contribution 'originates' 23 * from a Contributor if it was added to the Program 24 * by such Contributor itself or anyone acting on such 25 * Contributor's behalf. Contributions do not include 26 * additions to the Program which: (i) are separate 27 * modules of software distributed in conjunction with 28 * the Program under their own license agreement, and 29 * (ii) are not derivative works of the Program. 30 * 31 * 32 * "Contributor" means any person or entity that distributes 33 * the Program. 34 * 35 * "Licensed Patents " mean patent claims licensable by a 36 * Contributor which are necessarily infringed by the use or 37 * sale of its Contribution alone or when combined with the 38 * Program. 39 * 40 * "Program" means the Contributions distributed in 41 * accordance with this Agreement. 42 * 43 * "Recipient" means anyone who receives the Program under 44 * this Agreement, including all Contributors. 45 * 46 * 2. GRANT OF RIGHTS 47 * 48 * a) Subject to the terms of this Agreement, each 49 * Contributor hereby grants Recipient a 50 * no - exclusive, worldwide, royalt - free copyright 51 * license to reproduce, prepare derivative works of, 52 * publicly display, publicly perform, distribute and 53 * sublicense the Contribution of such Contributor, if 54 * any, and such derivative works, in source code and 55 * object code form. 56 * 57 * b) Subject to the terms of this Agreement, each 58 * Contributor hereby grants Recipient a 59 * no - exclusive, worldwide, royalt - free patent 60 * license under Licensed Patents to make, use, sell, 61 * offer to sell, import and otherwise transfer the 62 * Contribution of such Contributor, if any, in source 63 * code and object code form. This patent license 64 * shall apply to the combination of the Contribution 65 * and the Program if, at the time the Contribution is 66 * added by the Contributor, such addition of the 67 * Contribution causes such combination to be covered 68 * by the Licensed Patents. The patent license shall 69 * not apply to any other combinations which include 70 * the Contribution. No hardware per se is licensed 71 * hereunder. 72 * 73 * c) Recipient understands that although each 74 * Contributor grants the licenses to its 75 * Contributions set forth herein, no assurances are 76 * provided by any Contributor that the Program does 77 * not infringe the patent or other intellectual 78 * property rights of any other entity. Each 79 * Contributor disclaims any liability to Recipient 80 * for claims brought by any other entity based on 81 * infringement of intellectual property rights or 82 * otherwise. As a condition to exercising the rights 83 * and licenses granted hereunder, each Recipient 84 * hereby assumes sole responsibility to secure any 85 * other intellectual property rights needed, if any. 86 * 87 * For example, if a third party patent license is 88 * required to allow Recipient to distribute the 89 * Program, it is Recipient's responsibility to 90 * acquire that license before distributing the 91 * Program. 92 * 93 * d) Each Contributor represents that to its 94 * knowledge it has sufficient copyright rights in its 95 * Contribution, if any, to grant the copyright 96 * license set forth in this Agreement. 97 * 98 * 3. REQUIREMENTS 99 * 100 * A Contributor may choose to distribute the Program in 101 * object code form under its own license agreement, provided 102 * that: 103 * a) it complies with the terms and conditions of 104 * this Agreement; and 105 * 106 * b) its license agreement: 107 * i) effectively disclaims on behalf of all 108 * Contributors all warranties and conditions, express 109 * and implied, including warranties or conditions of 110 * title and no - infringement, and implied warranties 111 * or conditions of merchantability and fitness for a 112 * particular purpose; 113 * 114 * ii) effectively excludes on behalf of all 115 * Contributors all liability for damages, including 116 * direct, indirect, special, incidental and 117 * consequential damages, such as lost profits; 118 * 119 * iii) states that any provisions which differ from 120 * this Agreement are offered by that Contributor 121 * alone and not by any other party; and 122 * 123 * iv) states that source code for the Program is 124 * available from such Contributor, and informs 125 * licensees how to obtain it in a reasonable manner 126 * on or through a medium customarily used for 127 * software exchange. 128 * 129 * When the Program is made available in source code form: 130 * a) it must be made available under this Agreement; 131 * and 132 * b) a copy of this Agreement must be included with 133 * each copy of the Program. 134 * 135 * Contributors may not remove or alter any copyright notices 136 * contained within the Program. 137 * 138 * Each Contributor must identify itself as the originator of 139 * its Contribution, if any, in a manner that reasonably 140 * allows subsequent Recipients to identify the originator of 141 * the Contribution. 142 * 143 * 144 * 4. COMMERCIAL DISTRIBUTION 145 * 146 * Commercial distributors of software may accept certain 147 * responsibilities with respect to end users, business 148 * partners and the like. While this license is intended to 149 * facilitate the commercial use of the Program, the 150 * Contributor who includes the Program in a commercial 151 * product offering should do so in a manner which does not 152 * create potential liability for other Contributors. 153 * Therefore, if a Contributor includes the Program in a 154 * commercial product offering, such Contributor ("Commercial 155 * Contributor") hereby agrees to defend and indemnify every 156 * other Contributor ("Indemnified Contributor") against any 157 * losses, damages and costs (collectively "Losses") arising 158 * from claims, lawsuits and other legal actions brought by a 159 * third party against the Indemnified Contributor to the 160 * extent caused by the acts or omissions of such Commercial 161 * Contributor in connection with its distribution of the 162 * Program in a commercial product offering. The obligations 163 * in this section do not apply to any claims or Losses 164 * relating to any actual or alleged intellectual property 165 * infringement. In order to qualify, an Indemnified 166 * Contributor must: a) promptly notify the Commercial 167 * Contributor in writing of such claim, and b) allow the 168 * Commercial Contributor to control, and cooperate with the 169 * Commercial Contributor in, the defense and any related 170 * settlement negotiations. The Indemnified Contributor may 171 * participate in any such claim at its own expense. 172 * 173 * 174 * For example, a Contributor might include the Program in a 175 * commercial product offering, Product X. That Contributor 176 * is then a Commercial Contributor. If that Commercial 177 * Contributor then makes performance claims, or offers 178 * warranties related to Product X, those performance claims 179 * and warranties are such Commercial Contributor's 180 * responsibility alone. Under this section, the Commercial 181 * Contributor would have to defend claims against the other 182 * Contributors related to those performance claims and 183 * warranties, and if a court requires any other Contributor 184 * to pay any damages as a result, the Commercial Contributor 185 * must pay those damages. 186 * 187 * 188 * 5. NO WARRANTY 189 * 190 * EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE 191 * PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT 192 * WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR 193 * IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR 194 * CONDITIONS OF TITLE, NO - INFRINGEMENT, MERCHANTABILITY OR 195 * FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely 196 * responsible for determining the appropriateness of using 197 * and distributing the Program and assumes all risks 198 * associated with its exercise of rights under this 199 * Agreement, including but not limited to the risks and 200 * costs of program errors, compliance with applicable laws, 201 * damage to or loss of data, programs or equipment, and 202 * unavailability or interruption of operations. 203 * 204 * 6. DISCLAIMER OF LIABILITY 205 * EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER 206 * RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY 207 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, 208 * OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION 209 * LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF 210 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 211 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 212 * OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE 213 * OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE 214 * POSSIBILITY OF SUCH DAMAGES. 215 * 216 * 7. GENERAL 217 * 218 * If any provision of this Agreement is invalid or 219 * unenforceable under applicable law, it shall not affect 220 * the validity or enforceability of the remainder of the 221 * terms of this Agreement, and without further action by the 222 * parties hereto, such provision shall be reformed to the 223 * minimum extent necessary to make such provision valid and 224 * enforceable. 225 * 226 * 227 * If Recipient institutes patent litigation against a 228 * Contributor with respect to a patent applicable to 229 * software (including a cros - claim or counterclaim in a 230 * lawsuit), then any patent licenses granted by that 231 * Contributor to such Recipient under this Agreement shall 232 * terminate as of the date such litigation is filed. In 233 * addition, If Recipient institutes patent litigation 234 * against any entity (including a cros - claim or 235 * counterclaim in a lawsuit) alleging that the Program 236 * itself (excluding combinations of the Program with other 237 * software or hardware) infringes such Recipient's 238 * patent(s), then such Recipient's rights granted under 239 * Section 2(b) shall terminate as of the date such 240 * litigation is filed. 241 * 242 * All Recipient's rights under this Agreement shall 243 * terminate if it fails to comply with any of the material 244 * terms or conditions of this Agreement and does not cure 245 * such failure in a reasonable period of time after becoming 246 * aware of such noncompliance. If all Recipient's rights 247 * under this Agreement terminate, Recipient agrees to cease 248 * use and distribution of the Program as soon as reasonably 249 * practicable. However, Recipient's obligations under this 250 * Agreement and any licenses granted by Recipient relating 251 * to the Program shall continue and survive. 252 * 253 * Everyone is permitted to copy and distribute copies of 254 * this Agreement, but in order to avoid inconsistency the 255 * Agreement is copyrighted and may only be modified in the 256 * following manner. The Agreement Steward reserves the right 257 * to publish new versions (including revisions) of this 258 * Agreement from time to time. No one other than the 259 * Agreement Steward has the right to modify this Agreement. 260 * 261 * IBM is the initial Agreement Steward. IBM may assign the 262 * responsibility to serve as the Agreement Steward to a 263 * suitable separate entity. Each new version of the 264 * Agreement will be given a distinguishing version number. 265 * The Program (including Contributions) may always be 266 * distributed subject to the version of the Agreement under 267 * which it was received. In addition, after a new version of 268 * the Agreement is published, Contributor may elect to 269 * distribute the Program (including its Contributions) under 270 * the new version. Except as expressly stated in Sections 271 * 2(a) and 2(b) above, Recipient receives no rights or 272 * licenses to the intellectual property of any Contributor 273 * under this Agreement, whether expressly, by implication, 274 * estoppel or otherwise. All rights in the Program not 275 * expressly granted under this Agreement are reserved. 276 * 277 * 278 * This Agreement is governed by the laws of the State of New 279 * York and the intellectual property laws of the United 280 * States of America. No party to this Agreement will bring a 281 * legal action under this Agreement more than one year after 282 * the cause of action arose. Each party waives its rights to 283 * a jury trial in any resulting litigation. 284 * 285 * 286 * 287 * (C) COPYRIGHT International Business Machines Corp. 2001, 2002 288 */ 289 /* 290 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 291 * Use is subject to license terms. 292 */ 293 294 #include "tpmtok_int.h" 295 296 pthread_rwlock_t obj_list_rw_mutex = PTHREAD_RWLOCK_INITIALIZER; 297 298 static CK_RV 299 object_mgr_search_shm_for_obj(TOK_OBJ_ENTRY *, 300 CK_ULONG, CK_ULONG, OBJECT *, CK_ULONG *); 301 static CK_RV object_mgr_update_from_shm(TSS_HCONTEXT); 302 static CK_RV object_mgr_check_shm(TSS_HCONTEXT, OBJECT *); 303 304 static CK_RV 305 check_object_access(SESSION *sess, OBJECT *o) 306 { 307 CK_BBOOL sess_obj, priv_obj; 308 CK_RV rc = CKR_OK; 309 310 /* 311 * check whether session has permissions to create the object, etc 312 * 313 * Object R/O R/W R/O R/W R/W 314 * Type Public Public User User SO 315 * ------------------------------------------------------------- 316 * Public session R/W R/W R/W R/W R/W 317 * Private session R/W R/W 318 * Public token R/O R/W R/O R/W R/W 319 * Private token R/O R/W 320 */ 321 sess_obj = object_is_session_object(o); 322 priv_obj = object_is_private(o); 323 324 if (sess->session_info.state == CKS_RO_PUBLIC_SESSION) { 325 if (priv_obj) { 326 rc = CKR_USER_NOT_LOGGED_IN; 327 goto done; 328 } 329 330 if (!sess_obj) { 331 rc = CKR_SESSION_READ_ONLY; 332 goto done; 333 } 334 } 335 336 if (sess->session_info.state == CKS_RO_USER_FUNCTIONS) { 337 if (! sess_obj) { 338 rc = CKR_SESSION_READ_ONLY; 339 goto done; 340 } 341 } 342 343 if (sess->session_info.state == CKS_RW_PUBLIC_SESSION) { 344 if (priv_obj) { 345 rc = CKR_USER_NOT_LOGGED_IN; 346 goto done; 347 } 348 } 349 350 if (sess->session_info.state == CKS_RW_SO_FUNCTIONS) { 351 if (priv_obj) { 352 rc = CKR_USER_NOT_LOGGED_IN; 353 goto done; 354 } 355 } 356 done: 357 return (rc); 358 } 359 360 CK_RV 361 object_mgr_add(SESSION * sess, 362 CK_ATTRIBUTE * pTemplate, 363 CK_ULONG ulCount, 364 CK_OBJECT_HANDLE * handle) 365 { 366 OBJECT * o = NULL; 367 CK_BBOOL priv_obj, sess_obj; 368 CK_RV rc; 369 370 if (! sess || ! pTemplate || ! handle) { 371 return (CKR_FUNCTION_FAILED); 372 } 373 374 rc = pthread_mutex_lock(&obj_list_mutex); 375 if (rc != CKR_OK) 376 return (CKR_FUNCTION_FAILED); 377 378 rc = object_create(pTemplate, ulCount, &o); 379 if (rc != CKR_OK) { 380 goto done; 381 } 382 rc = check_object_access(sess, o); 383 if (rc != CKR_OK) 384 goto done; 385 386 /* 387 * okay, object is created and the session permissions look okay. 388 * add the object to the appropriate list and assign an object handle 389 */ 390 sess_obj = object_is_session_object(o); 391 priv_obj = object_is_private(o); 392 393 if (sess_obj) { 394 o->session = sess; 395 (void) memset(o->name, 0x00, sizeof (CK_BYTE) * 8); 396 397 sess_obj_list = dlist_add_as_first(sess_obj_list, o); 398 } else { 399 CK_BYTE current[8]; 400 CK_BYTE next[8]; 401 402 rc = XProcLock(xproclock); 403 if (rc != CKR_OK) { 404 goto done; 405 } else { 406 407 if (priv_obj) { 408 if (global_shm->num_priv_tok_obj >= 409 MAX_TOK_OBJS) { 410 rc = CKR_HOST_MEMORY; 411 (void) XProcUnLock(xproclock); 412 goto done; 413 } 414 } else { 415 if (global_shm->num_publ_tok_obj >= 416 MAX_TOK_OBJS) { 417 rc = CKR_HOST_MEMORY; 418 (void) XProcUnLock(xproclock); 419 goto done; 420 } 421 } 422 423 (void) memcpy(current, 424 &nv_token_data->next_token_object_name, 8); 425 426 o->session = NULL; 427 (void) memcpy(&o->name, current, 8); 428 429 (void) compute_next_token_obj_name(current, next); 430 431 (void) memcpy(&nv_token_data->next_token_object_name, 432 next, 8); 433 434 rc = save_token_object(sess->hContext, o); 435 if (rc != CKR_OK) { 436 (void) XProcUnLock(xproclock); 437 goto done; 438 } 439 440 (void) object_mgr_add_to_shm(o); 441 (void) XProcUnLock(xproclock); 442 443 (void) save_token_data(nv_token_data); 444 } 445 446 if (priv_obj) 447 priv_token_obj_list = 448 dlist_add_as_last(priv_token_obj_list, o); 449 else 450 publ_token_obj_list = 451 dlist_add_as_last(publ_token_obj_list, o); 452 } 453 454 rc = object_mgr_add_to_map(sess, o, handle); 455 if (rc != CKR_OK) { 456 DL_NODE *node = NULL; 457 458 if (sess_obj) { 459 node = dlist_find(sess_obj_list, o); 460 if (node) 461 sess_obj_list = 462 dlist_remove_node(sess_obj_list, node); 463 } else { 464 (void) delete_token_object(o); 465 466 if (priv_obj) { 467 node = dlist_find(priv_token_obj_list, o); 468 if (node) 469 priv_token_obj_list = 470 dlist_remove_node( 471 priv_token_obj_list, node); 472 } else { 473 node = dlist_find(publ_token_obj_list, o); 474 if (node) 475 publ_token_obj_list = 476 dlist_remove_node( 477 publ_token_obj_list, node); 478 } 479 480 rc = XProcLock(xproclock); 481 if (rc != CKR_OK) { 482 goto done; 483 } 484 (void) object_mgr_del_from_shm(o); 485 486 (void) XProcUnLock(xproclock); 487 } 488 } 489 490 done: 491 (void) pthread_mutex_unlock(&obj_list_mutex); 492 493 if ((rc != CKR_OK) && (o != NULL)) 494 (void) object_free(o); 495 496 return (rc); 497 } 498 499 CK_RV 500 object_mgr_add_to_map(SESSION * sess, 501 OBJECT * obj, 502 CK_OBJECT_HANDLE * handle) { 503 OBJECT_MAP *map_node = NULL; 504 505 if (! sess || ! obj || ! handle) { 506 return (CKR_FUNCTION_FAILED); 507 } 508 509 map_node = (OBJECT_MAP *)malloc(sizeof (OBJECT_MAP)); 510 if (! map_node) { 511 return (CKR_HOST_MEMORY); 512 } 513 map_node->handle = next_object_handle++; 514 map_node->session = sess; 515 map_node->ptr = obj; 516 517 if (obj->session != NULL) 518 map_node->is_session_obj = TRUE; 519 else 520 map_node->is_session_obj = FALSE; 521 522 // add the new map entry to the list 523 if (pthread_rwlock_wrlock(&obj_list_rw_mutex)) { 524 return (CKR_FUNCTION_FAILED); 525 } 526 object_map = dlist_add_as_first(object_map, map_node); 527 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 528 529 *handle = map_node->handle; 530 return (CKR_OK); 531 } 532 533 // object_mgr_copy() 534 // 535 // algorithm: 536 // 1) find the old object 537 // 2) get the template from the old object 538 // 3) merge in the new object's template 539 // 4) perform class - specific sanity checks 540 // 541 CK_RV 542 object_mgr_copy(SESSION * sess, 543 CK_ATTRIBUTE * pTemplate, 544 CK_ULONG ulCount, 545 CK_OBJECT_HANDLE old_handle, 546 CK_OBJECT_HANDLE * new_handle) 547 { 548 OBJECT *old_obj = NULL; 549 OBJECT *new_obj = NULL; 550 CK_BBOOL priv_obj; 551 CK_BBOOL sess_obj; 552 CK_RV rc; 553 554 if (! sess || ! pTemplate || ! new_handle) { 555 return (CKR_FUNCTION_FAILED); 556 } 557 558 rc = pthread_mutex_lock(&obj_list_mutex); 559 if (rc != CKR_OK) 560 return (CKR_FUNCTION_FAILED); 561 562 rc = object_mgr_find_in_map1(sess->hContext, old_handle, &old_obj); 563 if (rc != CKR_OK) { 564 goto done; 565 } 566 rc = object_copy(pTemplate, ulCount, old_obj, &new_obj); 567 if (rc != CKR_OK) { 568 goto done; 569 } 570 571 rc = check_object_access(sess, new_obj); 572 if (rc != CKR_OK) 573 goto done; 574 575 sess_obj = object_is_session_object(new_obj); 576 priv_obj = object_is_private(new_obj); 577 578 if (sess_obj) { 579 new_obj->session = sess; 580 (void) memset(&new_obj->name, 0x00, sizeof (CK_BYTE) * 8); 581 582 sess_obj_list = dlist_add_as_first(sess_obj_list, new_obj); 583 } else { 584 CK_BYTE current[8]; 585 CK_BYTE next[8]; 586 587 rc = XProcLock(xproclock); 588 if (rc != CKR_OK) { 589 goto done; 590 } else { 591 if (priv_obj) { 592 if (global_shm->num_priv_tok_obj >= 593 MAX_TOK_OBJS) { 594 (void) XProcUnLock(xproclock); 595 rc = CKR_HOST_MEMORY; 596 goto done; 597 } 598 } else { 599 if (global_shm->num_publ_tok_obj >= 600 MAX_TOK_OBJS) { 601 (void) XProcUnLock(xproclock); 602 rc = CKR_HOST_MEMORY; 603 goto done; 604 } 605 } 606 (void) memcpy(current, 607 &nv_token_data->next_token_object_name, 8); 608 609 new_obj->session = NULL; 610 (void) memcpy(&new_obj->name, current, 8); 611 612 (void) compute_next_token_obj_name(current, next); 613 (void) memcpy(&nv_token_data->next_token_object_name, 614 next, 8); 615 616 rc = save_token_object(sess->hContext, new_obj); 617 if (rc != CKR_OK) { 618 (void) XProcUnLock(xproclock); 619 goto done; 620 } 621 622 (void) object_mgr_add_to_shm(new_obj); 623 624 (void) XProcUnLock(xproclock); 625 626 (void) save_token_data(nv_token_data); 627 } 628 629 if (priv_obj) 630 priv_token_obj_list = dlist_add_as_last( 631 priv_token_obj_list, new_obj); 632 else 633 publ_token_obj_list = dlist_add_as_last( 634 publ_token_obj_list, new_obj); 635 } 636 637 rc = object_mgr_add_to_map(sess, new_obj, new_handle); 638 if (rc != CKR_OK) { 639 DL_NODE *node = NULL; 640 641 if (sess_obj) { 642 node = dlist_find(sess_obj_list, new_obj); 643 if (node) 644 sess_obj_list = dlist_remove_node( 645 sess_obj_list, node); 646 } else { 647 (void) delete_token_object(new_obj); 648 649 if (priv_obj) { 650 node = dlist_find(priv_token_obj_list, new_obj); 651 if (node) 652 priv_token_obj_list = dlist_remove_node( 653 priv_token_obj_list, node); 654 } else { 655 node = dlist_find(publ_token_obj_list, new_obj); 656 if (node) 657 publ_token_obj_list = dlist_remove_node( 658 publ_token_obj_list, node); 659 } 660 661 rc = XProcLock(xproclock); 662 if (rc != CKR_OK) { 663 goto done; 664 } 665 (void) object_mgr_del_from_shm(new_obj); 666 667 (void) XProcUnLock(xproclock); 668 } 669 } 670 671 done: 672 (void) pthread_mutex_unlock(&obj_list_mutex); 673 674 if ((rc != CKR_OK) && (new_obj != NULL)) 675 (void) object_free(new_obj); 676 677 return (rc); 678 } 679 680 // 681 // determines whether the session is allowed to create an object. creates 682 // the object but doesn't add the object to any object lists or to the 683 // process' object map. 684 // 685 CK_RV 686 object_mgr_create_skel(SESSION * sess, 687 CK_ATTRIBUTE * pTemplate, 688 CK_ULONG ulCount, 689 CK_ULONG mode, 690 CK_ULONG obj_type, 691 CK_ULONG sub_class, 692 OBJECT ** obj) 693 { 694 OBJECT *o = NULL; 695 CK_RV rc; 696 CK_BBOOL priv_obj; 697 CK_BBOOL sess_obj; 698 699 if (! sess || ! obj) { 700 return (CKR_FUNCTION_FAILED); 701 } 702 if (! pTemplate && (ulCount != 0)) { 703 return (CKR_FUNCTION_FAILED); 704 } 705 rc = object_create_skel(pTemplate, ulCount, 706 mode, obj_type, sub_class, &o); 707 if (rc != CKR_OK) { 708 return (rc); 709 } 710 sess_obj = object_is_session_object(o); 711 priv_obj = object_is_private(o); 712 713 if (sess->session_info.state == CKS_RO_PUBLIC_SESSION) { 714 if (priv_obj) { 715 (void) object_free(o); 716 return (CKR_USER_NOT_LOGGED_IN); 717 } 718 719 if (! sess_obj) { 720 (void) object_free(o); 721 return (CKR_SESSION_READ_ONLY); 722 } 723 } 724 725 if (sess->session_info.state == CKS_RO_USER_FUNCTIONS) { 726 if (! sess_obj) { 727 (void) object_free(o); 728 return (CKR_SESSION_READ_ONLY); 729 } 730 } 731 732 if (sess->session_info.state == CKS_RW_PUBLIC_SESSION) { 733 if (priv_obj) { 734 (void) object_free(o); 735 return (CKR_USER_NOT_LOGGED_IN); 736 } 737 } 738 739 if (sess->session_info.state == CKS_RW_SO_FUNCTIONS) { 740 if (priv_obj) { 741 (void) object_free(o); 742 return (CKR_USER_NOT_LOGGED_IN); 743 } 744 } 745 746 *obj = o; 747 return (CKR_OK); 748 } 749 750 CK_RV 751 object_mgr_create_final(SESSION * sess, 752 OBJECT * obj, 753 CK_OBJECT_HANDLE * handle) 754 { 755 CK_BBOOL sess_obj; 756 CK_BBOOL priv_obj; 757 CK_RV rc; 758 759 if (!sess || !obj || !handle) 760 return (CKR_FUNCTION_FAILED); 761 762 rc = pthread_mutex_lock(&obj_list_mutex); 763 if (rc != CKR_OK) 764 return (CKR_FUNCTION_FAILED); 765 766 sess_obj = object_is_session_object(obj); 767 priv_obj = object_is_private(obj); 768 769 if (sess_obj) { 770 obj->session = sess; 771 (void) memset(obj->name, 0x0, sizeof (CK_BYTE) * 8); 772 773 sess_obj_list = dlist_add_as_first(sess_obj_list, obj); 774 } else { 775 CK_BYTE current[8]; 776 CK_BYTE next[8]; 777 778 rc = XProcLock(xproclock); 779 if (rc != CKR_OK) { 780 goto done; 781 } else { 782 if (priv_obj) { 783 if (global_shm->num_priv_tok_obj >= 784 MAX_TOK_OBJS) { 785 (void) XProcUnLock(xproclock); 786 rc = CKR_HOST_MEMORY; 787 goto done; 788 } 789 } else { 790 if (global_shm->num_publ_tok_obj >= 791 MAX_TOK_OBJS) { 792 (void) XProcUnLock(xproclock); 793 rc = CKR_HOST_MEMORY; 794 goto done; 795 } 796 } 797 (void) memcpy(current, 798 &nv_token_data->next_token_object_name, 8); 799 800 obj->session = NULL; 801 (void) memcpy(&obj->name, current, 8); 802 803 (void) compute_next_token_obj_name(current, next); 804 (void) memcpy(&nv_token_data->next_token_object_name, 805 next, 8); 806 807 rc = save_token_object(sess->hContext, obj); 808 if (rc != CKR_OK) { 809 (void) XProcUnLock(xproclock); 810 goto done; 811 } 812 813 (void) object_mgr_add_to_shm(obj); 814 815 (void) XProcUnLock(xproclock); 816 817 (void) save_token_data(nv_token_data); 818 } 819 820 if (priv_obj) 821 priv_token_obj_list = dlist_add_as_last( 822 priv_token_obj_list, obj); 823 else 824 publ_token_obj_list = dlist_add_as_last( 825 publ_token_obj_list, obj); 826 } 827 828 rc = object_mgr_add_to_map(sess, obj, handle); 829 if (rc != CKR_OK) { 830 DL_NODE *node = NULL; 831 832 if (sess_obj) { 833 node = dlist_find(sess_obj_list, obj); 834 if (node) 835 sess_obj_list = dlist_remove_node( 836 sess_obj_list, node); 837 } else { 838 (void) delete_token_object(obj); 839 840 if (priv_obj) { 841 node = dlist_find(priv_token_obj_list, obj); 842 if (node) 843 priv_token_obj_list = dlist_remove_node( 844 priv_token_obj_list, node); 845 } else { 846 node = dlist_find(publ_token_obj_list, obj); 847 if (node) 848 publ_token_obj_list = dlist_remove_node( 849 publ_token_obj_list, node); 850 } 851 852 rc = XProcLock(xproclock); 853 if (rc != CKR_OK) { 854 goto done; 855 } 856 (void) object_mgr_del_from_shm(obj); 857 858 (void) XProcUnLock(xproclock); 859 } 860 } 861 862 done: 863 (void) pthread_mutex_unlock(&obj_list_mutex); 864 865 return (rc); 866 } 867 868 CK_RV 869 object_mgr_destroy_object(SESSION * sess, 870 CK_OBJECT_HANDLE handle) 871 { 872 OBJECT * obj = NULL; 873 CK_BBOOL sess_obj; 874 CK_BBOOL priv_obj; 875 CK_RV rc; 876 877 if (! sess) 878 return (CKR_FUNCTION_FAILED); 879 880 rc = pthread_mutex_lock(&obj_list_mutex); 881 if (rc != CKR_OK) 882 return (CKR_FUNCTION_FAILED); 883 884 rc = object_mgr_find_in_map1(sess->hContext, handle, &obj); 885 if (rc != CKR_OK) { 886 goto done; 887 } 888 889 rc = check_object_access(sess, obj); 890 if (rc != CKR_OK) 891 goto done; 892 893 sess_obj = object_is_session_object(obj); 894 priv_obj = object_is_private(obj); 895 896 if (sess_obj) { 897 DL_NODE *node; 898 899 node = dlist_find(sess_obj_list, obj); 900 if (node) { 901 (void) object_mgr_remove_from_map(handle); 902 903 (void) object_free(obj); 904 sess_obj_list = dlist_remove_node( 905 sess_obj_list, node); 906 907 rc = CKR_OK; 908 goto done; 909 } 910 } else { 911 DL_NODE *node = NULL; 912 913 (void) delete_token_object(obj); 914 915 if (priv_obj) 916 node = dlist_find(priv_token_obj_list, obj); 917 else 918 node = dlist_find(publ_token_obj_list, obj); 919 920 if (node) { 921 rc = XProcLock(xproclock); 922 if (rc != CKR_OK) { 923 goto done; 924 } 925 (void) object_mgr_del_from_shm(obj); 926 927 (void) XProcUnLock(xproclock); 928 929 (void) object_mgr_remove_from_map(handle); 930 931 (void) object_free(obj); 932 933 if (priv_obj) 934 priv_token_obj_list = dlist_remove_node( 935 priv_token_obj_list, node); 936 else 937 publ_token_obj_list = dlist_remove_node( 938 publ_token_obj_list, node); 939 940 rc = CKR_OK; 941 goto done; 942 } 943 } 944 945 rc = CKR_FUNCTION_FAILED; 946 done: 947 (void) pthread_mutex_unlock(&obj_list_mutex); 948 949 return (rc); 950 } 951 952 CK_RV 953 object_mgr_destroy_token_objects(TSS_HCONTEXT hContext) 954 { 955 CK_BBOOL locked2 = FALSE; 956 CK_RV rc; 957 958 rc = pthread_mutex_lock(&obj_list_mutex); 959 if (rc != CKR_OK) 960 return (CKR_FUNCTION_FAILED); 961 962 while (publ_token_obj_list) { 963 OBJECT *obj = (OBJECT *)publ_token_obj_list->data; 964 965 CK_OBJECT_HANDLE handle; 966 967 rc = object_mgr_find_in_map2(hContext, obj, &handle); 968 if (rc == CKR_OK) { 969 (void) object_mgr_remove_from_map(handle); 970 } 971 (void) delete_token_object(obj); 972 (void) object_free(obj); 973 974 publ_token_obj_list = dlist_remove_node( 975 publ_token_obj_list, publ_token_obj_list); 976 } 977 978 while (priv_token_obj_list) { 979 OBJECT *obj = (OBJECT *)priv_token_obj_list->data; 980 981 CK_OBJECT_HANDLE handle; 982 983 rc = object_mgr_find_in_map2(hContext, obj, &handle); 984 if (rc == CKR_OK) { 985 (void) object_mgr_remove_from_map(handle); 986 } 987 (void) delete_token_object(obj); 988 (void) object_free(obj); 989 990 priv_token_obj_list = dlist_remove_node( 991 priv_token_obj_list, priv_token_obj_list); 992 } 993 994 // now we want to purge the token object list in shared memory 995 // 996 rc = XProcLock(xproclock); 997 if (rc == CKR_OK) { 998 locked2 = TRUE; 999 1000 global_shm->num_priv_tok_obj = 0; 1001 global_shm->num_publ_tok_obj = 0; 1002 1003 (void) memset(&global_shm->publ_tok_objs, 0x0, 1004 MAX_TOK_OBJS * sizeof (TOK_OBJ_ENTRY)); 1005 (void) memset(&global_shm->priv_tok_objs, 0x0, 1006 MAX_TOK_OBJS * sizeof (TOK_OBJ_ENTRY)); 1007 } 1008 1009 (void) pthread_mutex_unlock(&obj_list_mutex); 1010 1011 if (locked2 == TRUE) (void) XProcUnLock(xproclock); 1012 1013 return (rc); 1014 } 1015 1016 // 1017 // Locates the specified object in the map 1018 // without going and checking for cache update 1019 // 1020 CK_RV 1021 object_mgr_find_in_map_nocache(CK_OBJECT_HANDLE handle, 1022 OBJECT ** ptr) { 1023 DL_NODE * node = NULL; 1024 OBJECT * obj = NULL; 1025 1026 if (! ptr) { 1027 return (CKR_FUNCTION_FAILED); 1028 } 1029 if (pthread_rwlock_rdlock(&obj_list_rw_mutex)) { 1030 return (CKR_FUNCTION_FAILED); 1031 } 1032 node = object_map; 1033 while (node) { 1034 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1035 1036 if (map->handle == handle) { 1037 obj = map->ptr; 1038 break; 1039 } 1040 1041 node = node->next; 1042 } 1043 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1044 1045 if (obj == NULL || node == NULL) { 1046 return (CKR_OBJECT_HANDLE_INVALID); 1047 } 1048 1049 if (object_is_session_object(obj) == TRUE) { 1050 *ptr = obj; 1051 return (CKR_OK); 1052 } 1053 1054 *ptr = obj; 1055 return (CKR_OK); 1056 } 1057 1058 CK_RV 1059 object_mgr_find_in_map1( 1060 TSS_HCONTEXT hContext, 1061 CK_OBJECT_HANDLE handle, 1062 OBJECT ** ptr) 1063 { 1064 DL_NODE * node = NULL; 1065 OBJECT * obj = NULL; 1066 1067 if (! ptr) { 1068 return (CKR_FUNCTION_FAILED); 1069 } 1070 if (pthread_rwlock_rdlock(&obj_list_rw_mutex)) { 1071 return (CKR_FUNCTION_FAILED); 1072 } 1073 node = object_map; 1074 while (node) { 1075 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1076 1077 if (map->handle == handle) { 1078 obj = map->ptr; 1079 break; 1080 } 1081 1082 node = node->next; 1083 } 1084 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1085 1086 if (obj == NULL || node == NULL) { 1087 return (CKR_OBJECT_HANDLE_INVALID); 1088 } 1089 1090 if (object_is_session_object(obj) == TRUE) { 1091 *ptr = obj; 1092 return (CKR_OK); 1093 } 1094 1095 (void) object_mgr_check_shm(hContext, obj); 1096 1097 *ptr = obj; 1098 return (CKR_OK); 1099 } 1100 1101 CK_RV 1102 object_mgr_find_in_map2( 1103 TSS_HCONTEXT hContext, 1104 OBJECT * obj, 1105 CK_OBJECT_HANDLE * handle) 1106 { 1107 DL_NODE * node = NULL; 1108 CK_OBJECT_HANDLE h = (CK_OBJECT_HANDLE)NULL; 1109 1110 if (! obj || ! handle) { 1111 return (CKR_FUNCTION_FAILED); 1112 } 1113 if (pthread_rwlock_rdlock(&obj_list_rw_mutex)) { 1114 return (CKR_FUNCTION_FAILED); 1115 } 1116 node = object_map; 1117 while (node) { 1118 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1119 1120 if (map->ptr == obj) { 1121 h = map->handle; 1122 break; 1123 } 1124 1125 node = node->next; 1126 } 1127 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1128 1129 if (node == NULL) { 1130 return (CKR_OBJECT_HANDLE_INVALID); 1131 } 1132 1133 if (object_is_session_object(obj) == TRUE) { 1134 *handle = h; 1135 return (CKR_OK); 1136 } 1137 1138 (void) object_mgr_check_shm(hContext, obj); 1139 1140 *handle = h; 1141 return (CKR_OK); 1142 } 1143 1144 CK_RV 1145 object_mgr_find_init(SESSION * sess, 1146 CK_ATTRIBUTE * pTemplate, 1147 CK_ULONG ulCount) 1148 { 1149 if (! sess) { 1150 return (CKR_FUNCTION_FAILED); 1151 } 1152 if (sess->find_active != FALSE) { 1153 return (CKR_OPERATION_ACTIVE); 1154 } 1155 // initialize the found object list. if it doesn't exist, allocate 1156 // a list big enough for 10 handles. we'll reallocate if we need more 1157 // 1158 if (sess->find_list != NULL) { 1159 (void) memset(sess->find_list, 0x0, 1160 sess->find_len * sizeof (CK_OBJECT_HANDLE)); 1161 } else { 1162 sess->find_list = (CK_OBJECT_HANDLE *)malloc( 1163 10 * sizeof (CK_OBJECT_HANDLE)); 1164 if (! sess->find_list) { 1165 return (CKR_HOST_MEMORY); 1166 } else { 1167 (void) memset(sess->find_list, 0x0, 1168 10 * sizeof (CK_OBJECT_HANDLE)); 1169 sess->find_len = 10; 1170 } 1171 } 1172 1173 sess->find_count = 0; 1174 sess->find_idx = 0; 1175 1176 // --- need to grab the object lock here 1177 if (pthread_mutex_lock(&obj_list_mutex)) 1178 return (CKR_FUNCTION_FAILED); 1179 1180 (void) object_mgr_update_from_shm(sess->hContext); 1181 1182 // which objects can be return (ed: 1183 // 1184 // Public Session: public session objects, public token objects 1185 // User Session: all session objects, all token objects 1186 // SO session: public session objects, public token objects 1187 // 1188 switch (sess->session_info.state) { 1189 case CKS_RO_PUBLIC_SESSION: 1190 case CKS_RW_PUBLIC_SESSION: 1191 case CKS_RW_SO_FUNCTIONS: 1192 (void) object_mgr_find_build_list(sess, pTemplate, 1193 ulCount, publ_token_obj_list, TRUE); 1194 (void) object_mgr_find_build_list(sess, pTemplate, 1195 ulCount, sess_obj_list, TRUE); 1196 break; 1197 1198 case CKS_RO_USER_FUNCTIONS: 1199 case CKS_RW_USER_FUNCTIONS: 1200 (void) object_mgr_find_build_list(sess, pTemplate, 1201 ulCount, priv_token_obj_list, FALSE); 1202 (void) object_mgr_find_build_list(sess, pTemplate, 1203 ulCount, publ_token_obj_list, FALSE); 1204 (void) object_mgr_find_build_list(sess, pTemplate, 1205 ulCount, sess_obj_list, FALSE); 1206 break; 1207 } 1208 (void) pthread_mutex_unlock(&obj_list_mutex); 1209 1210 sess->find_active = TRUE; 1211 1212 return (CKR_OK); 1213 } 1214 1215 CK_RV 1216 object_mgr_find_build_list(SESSION * sess, 1217 CK_ATTRIBUTE * pTemplate, 1218 CK_ULONG ulCount, 1219 DL_NODE * obj_list, 1220 CK_BBOOL public_only) 1221 { 1222 OBJECT * obj = NULL; 1223 DL_NODE * node = NULL; 1224 CK_OBJECT_HANDLE handle; 1225 CK_BBOOL is_priv; 1226 CK_BBOOL match; 1227 CK_BBOOL hw_feature = FALSE; 1228 CK_BBOOL hidden_object = FALSE; 1229 CK_RV rc; 1230 CK_ATTRIBUTE * attr; 1231 unsigned int i; 1232 1233 if (! sess) { 1234 return (CKR_FUNCTION_FAILED); 1235 } 1236 if (! obj_list) 1237 return (CKR_OK); 1238 // PKCS#11 v2.11 (pg. 79): "When searching using C_FindObjectsInit 1239 // and C_FindObjects, hardware feature objects are not returned 1240 // unless the CKA_CLASS attribute in the template has the value 1241 // CKO_HW_FEATURE." So, we check for CKO_HW_FEATURE and if its set, 1242 // we'll find these objects below. - KEY 1243 for (i = 0; i < ulCount; i++) { 1244 if (pTemplate[i].type == CKA_CLASS) { 1245 if (*(CK_ULONG *)pTemplate[i].pValue == 1246 CKO_HW_FEATURE) { 1247 hw_feature = TRUE; 1248 break; 1249 } 1250 } 1251 1252 if (pTemplate[i].type == CKA_HIDDEN) { 1253 if (*(CK_BBOOL *)pTemplate[i].pValue == TRUE) { 1254 hidden_object = TRUE; 1255 break; 1256 } 1257 } 1258 } 1259 1260 node = obj_list; 1261 while (node) { 1262 match = FALSE; 1263 obj = (OBJECT *)node->data; 1264 is_priv = object_is_private(obj); 1265 1266 1267 if ((is_priv == FALSE) || (public_only == FALSE)) { 1268 if (pTemplate == NULL || ulCount == 0) 1269 match = TRUE; 1270 else 1271 match = template_compare(pTemplate, 1272 ulCount, obj->template); 1273 } 1274 1275 if (match) { 1276 rc = object_mgr_find_in_map2(sess->hContext, obj, 1277 &handle); 1278 if (rc != CKR_OK) { 1279 rc = object_mgr_add_to_map(sess, obj, &handle); 1280 if (rc != CKR_OK) { 1281 return (CKR_FUNCTION_FAILED); 1282 } 1283 } 1284 if (rc == CKR_OK) { 1285 if ((hw_feature == FALSE) && 1286 (template_attribute_find(obj->template, 1287 CKA_CLASS, &attr) == TRUE)) { 1288 if (*(CK_OBJECT_CLASS *)attr->pValue == 1289 CKO_HW_FEATURE) 1290 goto next_loop; 1291 } 1292 1293 if ((hidden_object == FALSE) && 1294 (template_attribute_find(obj->template, 1295 CKA_HIDDEN, &attr) == TRUE)) { 1296 if (*(CK_BBOOL *)attr->pValue == TRUE) 1297 goto next_loop; 1298 } 1299 1300 sess->find_list[ sess->find_count ] = handle; 1301 sess->find_count++; 1302 1303 if (sess->find_count >= sess->find_len) { 1304 sess->find_len += 15; 1305 sess->find_list = 1306 (CK_OBJECT_HANDLE *)realloc( 1307 sess->find_list, sess->find_len * 1308 sizeof (CK_OBJECT_HANDLE)); 1309 if (! sess->find_list) { 1310 return (CKR_HOST_MEMORY); 1311 } 1312 } 1313 } 1314 } 1315 next_loop: 1316 node = node->next; 1317 } 1318 1319 return (CKR_OK); 1320 } 1321 1322 CK_RV 1323 object_mgr_find_final(SESSION *sess) 1324 { 1325 if (! sess) { 1326 return (CKR_FUNCTION_FAILED); 1327 } 1328 if (sess->find_active == FALSE) { 1329 return (CKR_OPERATION_NOT_INITIALIZED); 1330 } 1331 free(sess->find_list); 1332 sess->find_list = NULL; 1333 sess->find_count = 0; 1334 sess->find_idx = 0; 1335 sess->find_active = FALSE; 1336 1337 return (CKR_OK); 1338 } 1339 1340 CK_RV 1341 object_mgr_get_attribute_values(SESSION * sess, 1342 CK_OBJECT_HANDLE handle, 1343 CK_ATTRIBUTE * pTemplate, 1344 CK_ULONG ulCount) 1345 { 1346 OBJECT * obj; 1347 CK_BBOOL priv_obj; 1348 CK_RV rc; 1349 1350 if (! pTemplate) { 1351 return (CKR_FUNCTION_FAILED); 1352 } 1353 rc = pthread_mutex_lock(&obj_list_mutex); 1354 if (rc != CKR_OK) 1355 return (CKR_FUNCTION_FAILED); 1356 1357 rc = object_mgr_find_in_map1(sess->hContext, handle, &obj); 1358 if (rc != CKR_OK) { 1359 goto done; 1360 } 1361 priv_obj = object_is_private(obj); 1362 1363 if (priv_obj == TRUE) { 1364 if (sess->session_info.state == CKS_RO_PUBLIC_SESSION || 1365 sess->session_info.state == CKS_RW_PUBLIC_SESSION) { 1366 rc = CKR_USER_NOT_LOGGED_IN; 1367 goto done; 1368 } 1369 } 1370 1371 rc = object_get_attribute_values(obj, pTemplate, ulCount); 1372 done: 1373 (void) pthread_mutex_unlock(&obj_list_mutex); 1374 1375 return (rc); 1376 } 1377 1378 CK_RV 1379 object_mgr_get_object_size( 1380 TSS_HCONTEXT hContext, 1381 CK_OBJECT_HANDLE handle, 1382 CK_ULONG * size) 1383 { 1384 OBJECT * obj; 1385 CK_RV rc; 1386 1387 rc = pthread_mutex_lock(&obj_list_mutex); 1388 if (rc != CKR_OK) 1389 return (CKR_FUNCTION_FAILED); 1390 1391 rc = object_mgr_find_in_map1(hContext, handle, &obj); 1392 if (rc != CKR_OK) { 1393 rc = CKR_OBJECT_HANDLE_INVALID; 1394 goto done; 1395 } 1396 1397 *size = object_get_size(obj); 1398 1399 done: 1400 (void) pthread_mutex_unlock(&obj_list_mutex); 1401 return (rc); 1402 } 1403 1404 1405 // object_mgr_invalidate_handle1() 1406 // 1407 // Returns: TRUE if successfully removes the node 1408 // FALSE if cannot remove the node (not found, etc) 1409 // 1410 CK_BBOOL 1411 object_mgr_invalidate_handle1(CK_OBJECT_HANDLE handle) 1412 { 1413 DL_NODE *node = NULL; 1414 1415 if (pthread_rwlock_wrlock(&obj_list_rw_mutex)) { 1416 return (CKR_FUNCTION_FAILED); 1417 } 1418 node = object_map; 1419 1420 while (node) { 1421 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1422 1423 if (map->handle == handle) { 1424 object_map = dlist_remove_node(object_map, node); 1425 free(map); 1426 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1427 return (TRUE); 1428 } 1429 1430 node = node->next; 1431 } 1432 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1433 return (FALSE); 1434 } 1435 1436 // object_mgr_invalidate_handle2() 1437 // 1438 // Returns: TRUE if successfully removes the node 1439 // FALSE if cannot remove the node (not found, etc) 1440 // 1441 CK_BBOOL 1442 object_mgr_invalidate_handle2(OBJECT *obj) 1443 { 1444 DL_NODE *node = NULL; 1445 1446 if (! obj) 1447 return (FALSE); 1448 if (pthread_rwlock_wrlock(&obj_list_rw_mutex)) { 1449 return (CKR_FUNCTION_FAILED); 1450 } 1451 node = object_map; 1452 1453 while (node) { 1454 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1455 if (map->ptr == obj) { 1456 object_map = dlist_remove_node(object_map, node); 1457 free(map); 1458 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1459 return (TRUE); 1460 } 1461 node = node->next; 1462 } 1463 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1464 1465 return (FALSE); 1466 } 1467 1468 // object_mgr_purge_session_objects() 1469 // 1470 // Args: SESSION * 1471 // SESS_OBJ_TYPE: can be ALL, PRIVATE or PUBLIC 1472 // 1473 // Remove all session objects owned by the specified session satisfying 1474 // the 'type' requirements 1475 // 1476 CK_BBOOL 1477 object_mgr_purge_session_objects(SESSION * sess, 1478 SESS_OBJ_TYPE type) 1479 { 1480 DL_NODE *node = NULL; 1481 DL_NODE *next = NULL; 1482 OBJECT *obj = NULL; 1483 CK_BBOOL del; 1484 CK_RV rc; 1485 1486 if (!sess) 1487 return (FALSE); 1488 1489 rc = pthread_mutex_lock(&obj_list_mutex); 1490 if (rc != CKR_OK) 1491 return (FALSE); 1492 1493 node = sess_obj_list; 1494 1495 while (node) { 1496 obj = (OBJECT *)node->data; 1497 del = FALSE; 1498 1499 if (obj->session == sess) { 1500 if (type == PRIVATE) { 1501 if (object_is_private(obj)) 1502 del = TRUE; 1503 } else if (type == PUBLIC) { 1504 if (object_is_public(obj)) 1505 del = TRUE; 1506 } else if (type == ALL) 1507 del = TRUE; 1508 } 1509 if (del == TRUE) { 1510 1511 CK_OBJECT_HANDLE handle; 1512 CK_RV rc; 1513 1514 rc = object_mgr_find_in_map2(sess->hContext, obj, 1515 &handle); 1516 if (rc == CKR_OK) { 1517 (void) object_mgr_invalidate_handle1(handle); 1518 (void) object_free(obj); 1519 } 1520 1521 next = node->next; 1522 sess_obj_list = dlist_remove_node(sess_obj_list, node); 1523 node = next; 1524 } 1525 else 1526 node = node->next; 1527 } 1528 1529 (void) pthread_mutex_unlock(&obj_list_mutex); 1530 1531 return (TRUE); 1532 } 1533 1534 // 1535 // This routine cleans up the list of token objects. in general, we don't 1536 // need to do this but when tracing memory leaks, it's best that we free 1537 // everything that we've allocated. 1538 // 1539 CK_BBOOL 1540 object_mgr_purge_token_objects(TSS_HCONTEXT hContext) 1541 { 1542 DL_NODE *node = NULL; 1543 DL_NODE *next = NULL; 1544 OBJECT *obj = NULL; 1545 CK_RV rc; 1546 1547 rc = pthread_mutex_lock(&obj_list_mutex); 1548 if (rc != CKR_OK) 1549 return (FALSE); 1550 1551 node = publ_token_obj_list; 1552 while (publ_token_obj_list) { 1553 CK_OBJECT_HANDLE handle; 1554 CK_RV rc; 1555 1556 obj = (OBJECT *)node->data; 1557 1558 rc = object_mgr_find_in_map2(hContext, obj, &handle); 1559 if (rc == CKR_OK) { 1560 (void) object_mgr_invalidate_handle1(handle); 1561 } 1562 (void) object_free(obj); 1563 1564 next = node->next; 1565 publ_token_obj_list = dlist_remove_node( 1566 publ_token_obj_list, node); 1567 node = next; 1568 } 1569 1570 node = priv_token_obj_list; 1571 1572 while (priv_token_obj_list) { 1573 CK_OBJECT_HANDLE handle; 1574 CK_RV rc; 1575 1576 obj = (OBJECT *)node->data; 1577 1578 rc = object_mgr_find_in_map2(hContext, obj, &handle); 1579 if (rc == CKR_OK) 1580 (void) object_mgr_invalidate_handle1(handle); 1581 (void) object_free(obj); 1582 1583 next = node->next; 1584 priv_token_obj_list = dlist_remove_node( 1585 priv_token_obj_list, node); 1586 node = next; 1587 } 1588 1589 (void) pthread_mutex_unlock(&obj_list_mutex); 1590 1591 return (TRUE); 1592 } 1593 1594 CK_BBOOL 1595 object_mgr_purge_private_token_objects(TSS_HCONTEXT hContext) { 1596 OBJECT * obj = NULL; 1597 DL_NODE * node = NULL; 1598 DL_NODE * next = NULL; 1599 CK_RV rc; 1600 1601 rc = pthread_mutex_lock(&obj_list_mutex); 1602 if (rc != CKR_OK) 1603 return (FALSE); 1604 1605 node = priv_token_obj_list; 1606 while (priv_token_obj_list) { 1607 CK_OBJECT_HANDLE handle; 1608 CK_RV rc; 1609 1610 obj = (OBJECT *)node->data; 1611 1612 rc = object_mgr_find_in_map2(hContext, obj, &handle); 1613 if (rc == CKR_OK) { 1614 (void) object_mgr_invalidate_handle1(handle); 1615 } 1616 1617 (void) object_free(obj); 1618 1619 next = node->next; 1620 priv_token_obj_list = dlist_remove_node( 1621 priv_token_obj_list, node); 1622 node = next; 1623 } 1624 1625 (void) pthread_mutex_unlock(&obj_list_mutex); 1626 1627 return (TRUE); 1628 } 1629 1630 CK_RV 1631 object_mgr_remove_from_map(CK_OBJECT_HANDLE handle) 1632 { 1633 DL_NODE *node = NULL; 1634 1635 if (pthread_rwlock_wrlock(&obj_list_rw_mutex)) { 1636 return (CKR_FUNCTION_FAILED); 1637 } 1638 node = object_map; 1639 while (node) { 1640 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 1641 if (map->handle == handle) { 1642 object_map = dlist_remove_node(object_map, node); 1643 free(map); 1644 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1645 return (CKR_OK); 1646 } 1647 node = node->next; 1648 } 1649 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 1650 1651 return (CKR_FUNCTION_FAILED); 1652 } 1653 1654 CK_RV 1655 object_mgr_restore_obj(CK_BYTE *data, OBJECT *oldObj) 1656 { 1657 OBJECT * obj = NULL; 1658 CK_BBOOL priv; 1659 CK_RV rc; 1660 1661 if (! data) { 1662 return (CKR_FUNCTION_FAILED); 1663 } 1664 if (oldObj != NULL) { 1665 obj = oldObj; 1666 rc = object_restore(data, &obj, TRUE); 1667 } else { 1668 rc = object_restore(data, &obj, FALSE); 1669 if (rc == CKR_OK) { 1670 priv = object_is_private(obj); 1671 1672 if (priv) 1673 priv_token_obj_list = dlist_add_as_last( 1674 priv_token_obj_list, obj); 1675 else 1676 publ_token_obj_list = dlist_add_as_last( 1677 publ_token_obj_list, obj); 1678 1679 (void) XProcLock(xproclock); 1680 1681 if (priv) { 1682 if (global_shm->priv_loaded == FALSE) { 1683 if (global_shm->num_priv_tok_obj < 1684 MAX_TOK_OBJS) 1685 (void) object_mgr_add_to_shm( 1686 obj); 1687 else 1688 rc = CKR_HOST_MEMORY; 1689 } 1690 } else { 1691 if (global_shm->publ_loaded == FALSE) { 1692 if (global_shm->num_publ_tok_obj < 1693 MAX_TOK_OBJS) 1694 (void) object_mgr_add_to_shm( 1695 obj); 1696 else 1697 rc = CKR_HOST_MEMORY; 1698 } 1699 } 1700 1701 (void) XProcUnLock(xproclock); 1702 } 1703 } 1704 1705 // make the callers have to have the mutes 1706 // to many grab it now. 1707 return (rc); 1708 } 1709 1710 CK_RV 1711 object_mgr_set_attribute_values(SESSION * sess, 1712 CK_OBJECT_HANDLE handle, 1713 CK_ATTRIBUTE * pTemplate, 1714 CK_ULONG ulCount) 1715 { 1716 OBJECT * obj; 1717 CK_BBOOL sess_obj, priv_obj; 1718 CK_BBOOL modifiable; 1719 CK_RV rc; 1720 1721 if (! pTemplate) { 1722 return (CKR_FUNCTION_FAILED); 1723 } 1724 rc = pthread_mutex_lock(&obj_list_mutex); 1725 if (rc != CKR_OK) 1726 return (CKR_FUNCTION_FAILED); 1727 1728 rc = object_mgr_find_in_map1(sess->hContext, handle, &obj); 1729 if (rc != CKR_OK) { 1730 (void) pthread_mutex_unlock(&obj_list_mutex); 1731 return (CKR_OBJECT_HANDLE_INVALID); 1732 } 1733 (void) pthread_mutex_unlock(&obj_list_mutex); 1734 1735 modifiable = object_is_modifiable(obj); 1736 sess_obj = object_is_session_object(obj); 1737 priv_obj = object_is_private(obj); 1738 1739 if (! modifiable) { 1740 return (CKR_ATTRIBUTE_READ_ONLY); 1741 } 1742 rc = check_object_access(sess, obj); 1743 if (rc != CKR_OK) 1744 return (rc); 1745 1746 rc = object_set_attribute_values(obj, pTemplate, ulCount); 1747 if (rc != CKR_OK) { 1748 return (rc); 1749 } 1750 if (! sess_obj) { 1751 TOK_OBJ_ENTRY *entry = NULL; 1752 CK_ULONG index; 1753 1754 obj->count_lo++; 1755 if (obj->count_lo == 0) 1756 obj->count_hi++; 1757 1758 rc = save_token_object(sess->hContext, obj); 1759 if (rc != CKR_OK) 1760 return (rc); 1761 1762 rc = XProcLock(xproclock); 1763 if (rc != CKR_OK) { 1764 return (rc); 1765 } 1766 if (priv_obj) { 1767 rc = object_mgr_search_shm_for_obj( 1768 global_shm->priv_tok_objs, 1769 0, global_shm->num_priv_tok_obj - 1, 1770 obj, &index); 1771 1772 if (rc != CKR_OK) { 1773 (void) XProcUnLock(xproclock); 1774 return (rc); 1775 } 1776 1777 entry = &global_shm->priv_tok_objs[index]; 1778 } else { 1779 rc = object_mgr_search_shm_for_obj( 1780 global_shm->publ_tok_objs, 1781 0, global_shm->num_publ_tok_obj - 1, 1782 obj, &index); 1783 if (rc != CKR_OK) { 1784 (void) XProcUnLock(xproclock); 1785 return (rc); 1786 } 1787 1788 entry = &global_shm->publ_tok_objs[index]; 1789 } 1790 1791 entry->count_lo = obj->count_lo; 1792 entry->count_hi = obj->count_hi; 1793 1794 (void) XProcUnLock(xproclock); 1795 } 1796 1797 return (rc); 1798 } 1799 1800 CK_RV 1801 object_mgr_add_to_shm(OBJECT *obj) 1802 { 1803 TOK_OBJ_ENTRY * entry = NULL; 1804 CK_BBOOL priv; 1805 1806 priv = object_is_private(obj); 1807 1808 if (priv) 1809 entry = &global_shm->priv_tok_objs[ 1810 global_shm->num_priv_tok_obj]; 1811 else 1812 entry = &global_shm->publ_tok_objs[ 1813 global_shm->num_publ_tok_obj]; 1814 1815 entry->deleted = FALSE; 1816 entry->count_lo = 0; 1817 entry->count_hi = 0; 1818 (void) memcpy(entry->name, obj->name, 8); 1819 1820 if (priv) { 1821 global_shm->num_priv_tok_obj++; 1822 } else { 1823 global_shm->num_publ_tok_obj++; 1824 } 1825 1826 return (CKR_OK); 1827 } 1828 1829 CK_RV 1830 object_mgr_del_from_shm(OBJECT *obj) 1831 { 1832 CK_ULONG index, count; 1833 CK_BBOOL priv; 1834 CK_RV rc; 1835 1836 priv = object_is_private(obj); 1837 1838 if (priv) { 1839 rc = object_mgr_search_shm_for_obj(global_shm->priv_tok_objs, 1840 0, global_shm->num_priv_tok_obj - 1, obj, &index); 1841 if (rc != CKR_OK) { 1842 return (CKR_FUNCTION_FAILED); 1843 } 1844 1845 global_shm->num_priv_tok_obj--; 1846 if (index > global_shm->num_priv_tok_obj) { 1847 count = index - global_shm->num_priv_tok_obj; 1848 } else { 1849 count = global_shm->num_priv_tok_obj - index; 1850 } 1851 1852 if (count > 0) { 1853 (void) memcpy((char *)&global_shm->priv_tok_objs[index], 1854 (char *)&global_shm->priv_tok_objs[index + 1], 1855 sizeof (TOK_OBJ_ENTRY) * count); 1856 1857 (void) memset((char *)&global_shm->priv_tok_objs[ 1858 global_shm->num_priv_tok_obj + 1], 0, 1859 sizeof (TOK_OBJ_ENTRY)); 1860 } else { 1861 (void) memset((char *)&global_shm->priv_tok_objs[ 1862 global_shm->num_priv_tok_obj], 0, 1863 sizeof (TOK_OBJ_ENTRY)); 1864 } 1865 } else { 1866 rc = object_mgr_search_shm_for_obj(global_shm->publ_tok_objs, 1867 0, global_shm->num_publ_tok_obj - 1, obj, &index); 1868 if (rc != CKR_OK) { 1869 return (CKR_FUNCTION_FAILED); 1870 } 1871 global_shm->num_publ_tok_obj--; 1872 1873 if (index > global_shm->num_publ_tok_obj) { 1874 count = index - global_shm->num_publ_tok_obj; 1875 } else { 1876 count = global_shm->num_publ_tok_obj - index; 1877 } 1878 1879 if (count > 0) { 1880 (void) memcpy((char *)&global_shm->publ_tok_objs[index], 1881 (char *)&global_shm->publ_tok_objs[index + 1], 1882 sizeof (TOK_OBJ_ENTRY) * count); 1883 (void) memset((char *)&global_shm->publ_tok_objs[ 1884 global_shm->num_publ_tok_obj + 1], 0, 1885 sizeof (TOK_OBJ_ENTRY)); 1886 } else { 1887 (void) memset((char *)&global_shm->publ_tok_objs[ 1888 global_shm->num_publ_tok_obj], 0, 1889 sizeof (TOK_OBJ_ENTRY)); 1890 } 1891 } 1892 1893 return (CKR_OK); 1894 } 1895 1896 static CK_RV 1897 object_mgr_check_shm(TSS_HCONTEXT hContext, OBJECT *obj) 1898 { 1899 TOK_OBJ_ENTRY * entry = NULL; 1900 CK_BBOOL priv; 1901 CK_ULONG index; 1902 CK_RV rc; 1903 1904 1905 priv = object_is_private(obj); 1906 1907 if (priv) { 1908 rc = object_mgr_search_shm_for_obj( 1909 global_shm->priv_tok_objs, 1910 0, global_shm->num_priv_tok_obj - 1, obj, &index); 1911 if (rc != CKR_OK) { 1912 return (CKR_FUNCTION_FAILED); 1913 } 1914 entry = &global_shm->priv_tok_objs[index]; 1915 } else { 1916 rc = object_mgr_search_shm_for_obj( 1917 global_shm->publ_tok_objs, 1918 0, global_shm->num_publ_tok_obj - 1, obj, &index); 1919 if (rc != CKR_OK) { 1920 return (CKR_FUNCTION_FAILED); 1921 } 1922 entry = &global_shm->publ_tok_objs[index]; 1923 } 1924 1925 if ((obj->count_hi == entry->count_hi) && 1926 (obj->count_lo == entry->count_lo)) 1927 return (CKR_OK); 1928 rc = reload_token_object(hContext, obj); 1929 return (rc); 1930 } 1931 1932 /*ARGSUSED*/ 1933 static CK_RV 1934 object_mgr_search_shm_for_obj( 1935 TOK_OBJ_ENTRY *obj_list, 1936 CK_ULONG lo, 1937 CK_ULONG hi, 1938 OBJECT *obj, 1939 CK_ULONG *index) 1940 { 1941 CK_ULONG idx; 1942 if (obj->index == 0) { 1943 for (idx = lo; idx <= hi; idx++) { 1944 if (memcmp(obj->name, obj_list[idx].name, 8) == 0) { 1945 *index = idx; 1946 obj->index = idx; 1947 return (CKR_OK); 1948 } 1949 } 1950 } else { 1951 if (memcmp(obj->name, obj_list[obj->index].name, 8) == 0) { 1952 *index = obj->index; 1953 return (CKR_OK); 1954 } else { 1955 for (idx = lo; idx <= hi; idx++) { 1956 if (memcmp(obj->name, 1957 obj_list[idx].name, 8) == 0) { 1958 *index = idx; 1959 obj->index = idx; 1960 return (CKR_OK); 1961 } 1962 } 1963 } 1964 } 1965 return (CKR_FUNCTION_FAILED); 1966 } 1967 1968 static CK_RV 1969 object_mgr_update_publ_tok_obj_from_shm(TSS_HCONTEXT hContext) 1970 { 1971 DL_NODE * node = NULL; 1972 DL_NODE * next = NULL; 1973 TOK_OBJ_ENTRY * te = NULL; 1974 OBJECT * obj = NULL; 1975 CK_OBJECT_HANDLE handle; 1976 CK_ULONG index; 1977 int val; 1978 CK_RV rc; 1979 1980 node = publ_token_obj_list; 1981 index = 0; 1982 1983 while ((node != NULL) && (index < global_shm->num_publ_tok_obj)) { 1984 te = &global_shm->publ_tok_objs[index]; 1985 obj = (OBJECT *)node->data; 1986 1987 val = memcmp(obj->name, te->name, 8); 1988 1989 // 3 cases: 1990 // 1) object in local list but not in the global list, 1991 // need to remove from local list 1992 // 2) object in both lists, need to compare counters 1993 // and update as needed 1994 // 3) object in global list but not in the local list, 1995 // need to add the object here. 1996 // 1997 if (val < 0) { 1998 rc = object_mgr_find_in_map2(hContext, obj, &handle); 1999 if (rc == CKR_OK) { 2000 (void) object_mgr_remove_from_map(handle); 2001 } 2002 (void) object_free(obj); 2003 2004 next = node->next; 2005 publ_token_obj_list = dlist_remove_node( 2006 publ_token_obj_list, node); 2007 2008 } else if (val == 0) { 2009 if ((te->count_hi != obj->count_hi) || 2010 (te->count_lo != obj->count_lo)) { 2011 (void) reload_token_object(hContext, obj); 2012 obj->count_hi = te->count_hi; 2013 obj->count_lo = te->count_lo; 2014 } 2015 2016 next = node->next; 2017 index++; 2018 } else { 2019 DL_NODE *new_node = NULL; 2020 OBJECT *new_obj = NULL; 2021 2022 new_obj = (OBJECT *)malloc(sizeof (OBJECT)); 2023 (void) memset(new_obj, 0x0, sizeof (OBJECT)); 2024 2025 (void) memcpy(new_obj->name, te->name, 8); 2026 (void) reload_token_object(hContext, new_obj); 2027 2028 new_node = (DL_NODE *)malloc(sizeof (DL_NODE)); 2029 new_node->data = new_obj; 2030 2031 new_node->next = node->next; 2032 node->next = new_node; 2033 new_node->prev = node; 2034 2035 next = new_node->next; 2036 index++; 2037 } 2038 2039 node = next; 2040 } 2041 2042 if ((node == NULL) && (index < global_shm->num_publ_tok_obj)) { 2043 OBJECT *new_obj = NULL; 2044 unsigned int i; 2045 2046 for (i = index; i < global_shm->num_publ_tok_obj; i++) { 2047 new_obj = (OBJECT *)malloc(sizeof (OBJECT)); 2048 (void) memset(new_obj, 0x0, sizeof (OBJECT)); 2049 2050 te = &global_shm->publ_tok_objs[index]; 2051 2052 (void) memcpy(new_obj->name, te->name, 8); 2053 (void) reload_token_object(hContext, new_obj); 2054 2055 publ_token_obj_list = dlist_add_as_last( 2056 publ_token_obj_list, new_obj); 2057 } 2058 } else if ((node != NULL) && (index >= global_shm->num_publ_tok_obj)) { 2059 while (node) { 2060 obj = (OBJECT *)node->data; 2061 2062 rc = object_mgr_find_in_map2(hContext, obj, &handle); 2063 if (rc == CKR_OK) { 2064 (void) object_mgr_remove_from_map(handle); 2065 } 2066 (void) object_free(obj); 2067 2068 next = node->next; 2069 publ_token_obj_list = dlist_remove_node( 2070 publ_token_obj_list, node); 2071 2072 node = next; 2073 } 2074 } 2075 2076 return (CKR_OK); 2077 } 2078 2079 static CK_RV 2080 object_mgr_update_priv_tok_obj_from_shm(TSS_HCONTEXT hContext) 2081 { 2082 DL_NODE * node = NULL; 2083 DL_NODE * next = NULL; 2084 TOK_OBJ_ENTRY * te = NULL; 2085 OBJECT * obj = NULL; 2086 CK_OBJECT_HANDLE handle; 2087 CK_ULONG index; 2088 int val; 2089 CK_RV rc; 2090 2091 node = priv_token_obj_list; 2092 index = 0; 2093 2094 if (! (global_login_state == CKS_RW_USER_FUNCTIONS || 2095 global_login_state == CKS_RO_USER_FUNCTIONS)) { 2096 return (CKR_OK); 2097 } 2098 2099 while ((node != NULL) && (index < global_shm->num_priv_tok_obj)) { 2100 te = &global_shm->priv_tok_objs[index]; 2101 obj = (OBJECT *)node->data; 2102 2103 val = memcmp(obj->name, te->name, 8); 2104 2105 if (val < 0) { 2106 rc = object_mgr_find_in_map2(hContext, obj, &handle); 2107 if (rc == CKR_OK) { 2108 (void) object_mgr_remove_from_map(handle); 2109 } 2110 (void) object_free(obj); 2111 2112 next = node->next; 2113 priv_token_obj_list = dlist_remove_node( 2114 priv_token_obj_list, node); 2115 2116 } else if (val == 0) { 2117 if ((te->count_hi != obj->count_hi) || 2118 (te->count_lo != obj->count_lo)) { 2119 (void) reload_token_object(hContext, obj); 2120 obj->count_hi = te->count_hi; 2121 obj->count_lo = te->count_lo; 2122 } 2123 2124 next = node->next; 2125 index++; 2126 } else { 2127 DL_NODE *new_node = NULL; 2128 OBJECT *new_obj = NULL; 2129 2130 new_obj = (OBJECT *)malloc(sizeof (OBJECT)); 2131 (void) memset(new_obj, 0x0, sizeof (OBJECT)); 2132 2133 (void) memcpy(new_obj->name, te->name, 8); 2134 (void) reload_token_object(hContext, new_obj); 2135 2136 new_node = (DL_NODE *)malloc(sizeof (DL_NODE)); 2137 new_node->data = new_obj; 2138 2139 new_node->next = node->next; 2140 node->next = new_node; 2141 new_node->prev = node; 2142 2143 next = new_node->next; 2144 index++; 2145 } 2146 2147 node = next; 2148 } 2149 2150 if ((node == NULL) && (index < global_shm->num_priv_tok_obj)) { 2151 OBJECT *new_obj = NULL; 2152 unsigned int i; 2153 2154 for (i = index; i < global_shm->num_priv_tok_obj; i++) { 2155 new_obj = (OBJECT *)malloc(sizeof (OBJECT)); 2156 (void) memset(new_obj, 0x0, sizeof (OBJECT)); 2157 2158 te = &global_shm->priv_tok_objs[index]; 2159 2160 (void) memcpy(new_obj->name, te->name, 8); 2161 (void) reload_token_object(hContext, new_obj); 2162 2163 priv_token_obj_list = dlist_add_as_last( 2164 priv_token_obj_list, new_obj); 2165 } 2166 } else if ((node != NULL) && (index >= global_shm->num_priv_tok_obj)) { 2167 while (node) { 2168 obj = (OBJECT *)node->data; 2169 2170 rc = object_mgr_find_in_map2(hContext, obj, &handle); 2171 if (rc == CKR_OK) { 2172 (void) object_mgr_remove_from_map(handle); 2173 } 2174 (void) object_free(obj); 2175 2176 next = node->next; 2177 priv_token_obj_list = dlist_remove_node( 2178 priv_token_obj_list, node); 2179 2180 node = next; 2181 } 2182 } 2183 2184 return (CKR_OK); 2185 } 2186 2187 static CK_RV 2188 object_mgr_update_from_shm(TSS_HCONTEXT hContext) 2189 { 2190 (void) object_mgr_update_publ_tok_obj_from_shm(hContext); 2191 (void) object_mgr_update_priv_tok_obj_from_shm(hContext); 2192 2193 return (CKR_OK); 2194 } 2195 2196 /*ARGSUSED*/ 2197 CK_BBOOL 2198 object_mgr_purge_map( 2199 SESSION *sess, 2200 SESS_OBJ_TYPE type) 2201 { 2202 DL_NODE *node = NULL; 2203 DL_NODE *next = NULL; 2204 2205 if (pthread_rwlock_wrlock(&obj_list_rw_mutex)) { 2206 return (CKR_FUNCTION_FAILED); 2207 } 2208 node = object_map; 2209 while (node) { 2210 OBJECT_MAP *map = (OBJECT_MAP *)node->data; 2211 OBJECT *obj = (OBJECT *)map->ptr; 2212 next = node->next; 2213 if (type == PRIVATE) { 2214 if (object_is_private(obj)) { 2215 object_map = dlist_remove_node( 2216 object_map, node); 2217 free(map); 2218 } 2219 } 2220 if (type == PUBLIC) { 2221 if (object_is_public(obj)) { 2222 object_map = dlist_remove_node( 2223 object_map, node); 2224 free(map); 2225 } 2226 } 2227 node = next; 2228 } 2229 (void) pthread_rwlock_unlock(&obj_list_rw_mutex); 2230 2231 return (TRUE); 2232 } 2233