diff -up ./nss/lib/pk11wrap/dev3hack.c.init-token-race ./nss/lib/pk11wrap/dev3hack.c
--- ./nss/lib/pk11wrap/dev3hack.c.init-token-race 2014-10-24 15:55:55.000000000 -0700
+++ ./nss/lib/pk11wrap/dev3hack.c 2015-02-18 12:37:03.184120865 -0800
@@ -245,6 +245,16 @@ nssSlot_Refresh
if (slot->token && slot->token->base.name[0] == 0) {
doit = PR_TRUE;
}
+ /* invalidate the session in the nss3slot if we haven't done an init
+ * token since we noticed that the token->default session is invalid.
+ * This works because the monitor lock and the token session lock are the
+ * same locks */
+ PK11_EnterSlotMonitor(nss3slot);
+ if ((slot->token == NULL) || (slot->token->defaultSession == NULL) ||
+ (slot->token->defaultSession->handle == CK_INVALID_SESSION)) {
+ nss3slot->session = CK_INVALID_SESSION;
+ }
+ PK11_ExitSlotMonitor(nss3slot);
if (PK11_InitToken(nss3slot, PR_FALSE) != SECSuccess) {
return PR_FAILURE;
}
@@ -252,7 +262,8 @@ nssSlot_Refresh
nssTrustDomain_UpdateCachedTokenCerts(slot->token->trustDomain,
slot->token);
}
- return nssToken_Refresh(slot->token);
+ /* no need to call nssToken_Refresh since PK11_Init has already done so */
+ return PR_SUCCESS;
}
NSS_IMPLEMENT PRStatus
diff -up ./nss/lib/pk11wrap/pk11auth.c.init-token-race ./nss/lib/pk11wrap/pk11auth.c
--- ./nss/lib/pk11wrap/pk11auth.c.init-token-race 2014-10-24 15:55:55.000000000 -0700
+++ ./nss/lib/pk11wrap/pk11auth.c 2015-02-18 12:37:03.184120865 -0800
@@ -73,7 +73,6 @@ pk11_CheckPassword(PK11SlotInfo *slot, C
(unsigned char *)pw,len);
slot->lastLoginCheck = 0;
mustRetry = PR_FALSE;
- if (!alreadyLocked) PK11_ExitSlotMonitor(slot);
switch (crv) {
/* if we're already logged in, we're good to go */
case CKR_OK:
@@ -100,7 +99,16 @@ pk11_CheckPassword(PK11SlotInfo *slot, C
break;
}
if (retry++ == 0) {
+ /* we already know the this session is invalid */
+ slot->session = CK_INVALID_SESSION;
+ /* can't enter PK11_InitToken holding the lock
+ * This is safe because the only places that tries to
+ * hold the slot monitor over this call pass their own
+ * session, which would have failed above.
+ * (session != slot->session) */
+ PK11_ExitSlotMonitor(slot);
rv = PK11_InitToken(slot,PR_FALSE);
+ PK11_EnterSlotMonitor(slot);
if (rv == SECSuccess) {
if (slot->session != CK_INVALID_SESSION) {
session = slot->session; /* we should have
@@ -118,6 +126,7 @@ pk11_CheckPassword(PK11SlotInfo *slot, C
PORT_SetError(PK11_MapError(crv));
rv = SECFailure; /* some failure we can't fix by retrying */
}
+ if (!alreadyLocked) PK11_ExitSlotMonitor(slot);
} while (mustRetry);
return rv;
}
@@ -455,14 +464,18 @@ done:
slot->lastLoginCheck = 0;
PK11_RestoreROSession(slot,rwsession);
if (rv == SECSuccess) {
+ PK11_EnterSlotMonitor(slot);
/* update our view of the world */
+ if (slot->session != CK_INVALID_SESSION) {
+ PK11_GETTAB(slot)->C_CloseSession(slot->session);
+ slot->session = CK_INVALID_SESSION;
+ }
+ PK11_ExitSlotMonitor(slot);
PK11_InitToken(slot,PR_TRUE);
if (slot->needLogin) {
- PK11_EnterSlotMonitor(slot);
PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
(unsigned char *)userpw,len);
slot->lastLoginCheck = 0;
- PK11_ExitSlotMonitor(slot);
}
}
return rv;
@@ -506,7 +519,7 @@ PK11_ChangePW(PK11SlotInfo *slot, const
PK11_RestoreROSession(slot,rwsession);
/* update our view of the world */
- PK11_InitToken(slot,PR_TRUE);
+ /* PK11_InitToken(slot,PR_TRUE); */
return rv;
}
diff -up ./nss/lib/pk11wrap/pk11slot.c.init-token-race ./nss/lib/pk11wrap/pk11slot.c
--- ./nss/lib/pk11wrap/pk11slot.c.init-token-race 2015-11-08 21:12:59.000000000 -0800
+++ ./nss/lib/pk11wrap/pk11slot.c 2016-01-12 17:58:34.519114993 -0800
@@ -1053,6 +1053,7 @@ PK11_ReadMechanismList(PK11SlotInfo *slo
CK_ULONG count;
CK_RV crv;
PRUint32 i;
+ char mechanismBits[sizeof(slot->mechanismBits)];
if (slot->mechanismList) {
PORT_Free(slot->mechanismList);
@@ -1060,10 +1061,8 @@ PK11_ReadMechanismList(PK11SlotInfo *slo
}
slot->mechanismCount = 0;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
if (crv != CKR_OK) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
PORT_SetError(PK11_MapError(crv));
return SECFailure;
}
@@ -1071,12 +1070,10 @@ PK11_ReadMechanismList(PK11SlotInfo *slo
slot->mechanismList = (CK_MECHANISM_TYPE *)
PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
if (slot->mechanismList == NULL) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
return SECFailure;
}
crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,
slot->mechanismList, &count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
if (crv != CKR_OK) {
PORT_Free(slot->mechanismList);
slot->mechanismList = NULL;
@@ -1084,14 +1081,16 @@ PK11_ReadMechanismList(PK11SlotInfo *slo
return SECSuccess;
}
slot->mechanismCount = count;
- PORT_Memset(slot->mechanismBits, 0, sizeof(slot->mechanismBits));
+ PORT_Memset(mechanismBits, 0, sizeof(slot->mechanismBits));
for (i=0; i < count; i++) {
CK_MECHANISM_TYPE mech = slot->mechanismList[i];
if (mech < 0x7ff) {
- slot->mechanismBits[mech & 0xff] |= 1 << (mech >> 8);
+ mechanismBits[mech & 0xff] |= 1 << (mech >> 8);
}
}
+ PORT_Memcpy(slot->mechanismBits, mechanismBits,
+ sizeof(slot->mechanismBits));
return SECSuccess;
}
@@ -1108,12 +1107,20 @@ PK11_InitToken(PK11SlotInfo *slot, PRBoo
CK_RV crv;
SECStatus rv;
PRStatus status;
+ CK_SESSION_HANDLE session;
+
+ PK11_EnterSlotMonitor(slot);
+ if (slot->session != CK_INVALID_SESSION) {
+ /* The reason for doing an InitToken has already been satisfied by
+ * another thread. Just return */
+ PK11_ExitSlotMonitor(slot);
+ return SECSuccess;
+ }
/* set the slot flags to the current token values */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,&tokenInfo);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
PORT_SetError(PK11_MapError(crv));
return SECFailure;
}
@@ -1150,7 +1157,10 @@ PK11_InitToken(PK11SlotInfo *slot, PRBoo
slot->defRWSession = (PRBool)((!slot->readOnly) &&
(tokenInfo.ulMaxSessionCount == 1));
rv = PK11_ReadMechanismList(slot);
- if (rv != SECSuccess) return rv;
+ if (rv != SECSuccess) {
+ PK11_ExitSlotMonitor(slot);
+ return rv;
+ }
slot->hasRSAInfo = PR_FALSE;
slot->RSAInfoFlags = 0;
@@ -1165,50 +1175,23 @@ PK11_InitToken(PK11SlotInfo *slot, PRBoo
slot->maxKeyCount = tokenInfo.ulMaxSessionCount/2;
}
- /* Make sure our session handle is valid */
- if (slot->session == CK_INVALID_SESSION) {
- /* we know we don't have a valid session, go get one */
- CK_SESSION_HANDLE session;
-
- /* session should be Readonly, serial */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
+ /* we know we don't have a valid session, go get one */
+ /* session should be Readonly, serial */
+ crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
(slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
slot,pk11_notify,&session);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- slot->session = session;
- } else {
- /* The session we have may be defunct (the token associated with it)
- * has been removed */
- CK_SESSION_INFO sessionInfo;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
- if (crv == CKR_DEVICE_ERROR) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- crv = CKR_SESSION_CLOSED;
- }
- if ((crv==CKR_SESSION_CLOSED) || (crv==CKR_SESSION_HANDLE_INVALID)) {
- crv =PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- slot->session = CK_INVALID_SESSION;
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
+ if (crv != CKR_OK) {
+ PK11_ExitSlotMonitor(slot);
+ PORT_SetError(PK11_MapError(crv));
+ return SECFailure;
}
+ slot->session = session;
status = nssToken_Refresh(slot->nssToken);
- if (status != PR_SUCCESS)
+ if (status != PR_SUCCESS) {
+ PK11_ExitSlotMonitor(slot);
return SECFailure;
+ }
if (!(slot->isInternal) && (slot->hasRandom)) {
/* if this slot has a random number generater, use it to add entropy
@@ -1221,28 +1204,20 @@ PK11_InitToken(PK11SlotInfo *slot, PRBoo
/* if this slot can issue random numbers, get some entropy from
* that random number generater and give it to our internal token.
*/
- PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_GenerateRandom
(slot->session,random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(int_slot);
PK11_GETTAB(int_slot)->C_SeedRandom(int_slot->session,
random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
}
/* Now return the favor and send entropy to the token's random
* number generater */
- PK11_EnterSlotMonitor(int_slot);
crv = PK11_GETTAB(int_slot)->C_GenerateRandom(int_slot->session,
random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(slot);
crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session,
random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
}
PK11_FreeSlot(int_slot);
}
@@ -1274,6 +1249,7 @@ PK11_InitToken(PK11SlotInfo *slot, PRBoo
PK11_GETTAB(slot)->C_CloseSession(session);
}
}
+ PK11_ExitSlotMonitor(slot);
return SECSuccess;
}
@@ -1387,6 +1363,8 @@ PK11_InitSlot(SECMODModule *mod, CK_SLOT
}
/* if the token is present, initialize it */
if ((slotInfo.flags & CKF_TOKEN_PRESENT) != 0) {
+ /* session was initialized to CK_INVALID_SESSION when the slot
+ * was created */
rv = PK11_InitToken(slot,PR_TRUE);
/* the only hard failures are on permanent devices, or function
* verify failures... function verify failures are already handled
@@ -1826,10 +1804,15 @@ PK11_DoesMechanism(PK11SlotInfo *slot, C
return (slot->mechanismBits[type & 0xff] & (1 << (type >> 8))) ?
PR_TRUE : PR_FALSE;
}
-
+
+ PK11_EnterSlotMonitor(slot);
for (i=0; i < (int) slot->mechanismCount; i++) {
- if (slot->mechanismList[i] == type) return PR_TRUE;
+ if (slot->mechanismList[i] == type) {
+ PK11_ExitSlotMonitor(slot);
+ return PR_TRUE;
+ }
}
+ PK11_ExitSlotMonitor(slot);
return PR_FALSE;
}
diff -up ./nss/lib/pk11wrap/pk11util.c.init-token-race ./nss/lib/pk11wrap/pk11util.c
--- ./nss/lib/pk11wrap/pk11util.c.init-token-race 2015-02-18 12:37:03.176120865 -0800
+++ ./nss/lib/pk11wrap/pk11util.c 2015-02-18 12:39:44.158120658 -0800
@@ -1560,6 +1560,11 @@ SECMOD_RestartModules(PRBool force)
* older modules require it, and it doesn't hurt (compliant modules
* will return CKR_NOT_INITIALIZED */
(void) PK11_GETTAB(mod)->C_Finalize(NULL);
+ /* finalize clears the session, mark them dead in the
+ * slot as well */
+ for (i=0; i < mod->slotCount; i++) {
+ mod->slots[i]->session = CK_INVALID_SESSION;
+ }
/* now initialize the module, this function reinitializes
* a module in place, preserving existing slots (even if they
* no longer exist) */
@@ -1579,17 +1584,18 @@ SECMOD_RestartModules(PRBool force)
/* get new token sessions, bump the series up so that
* we refresh other old sessions. This will tell much of
* NSS to flush cached handles it may hold as well */
- rv = PK11_InitToken(mod->slots[i],PR_TRUE);
+ PK11SlotInfo *slot = mod->slots[i];
+ rv = PK11_InitToken(slot,PR_TRUE);
/* PK11_InitToken could fail if the slot isn't present.
* If it is present, though, something is wrong and we should
* disable the slot and let the caller know. */
- if (rv != SECSuccess && PK11_IsPresent(mod->slots[i])) {
+ if (rv != SECSuccess && PK11_IsPresent(slot)) {
/* save the last error code */
lastError = PORT_GetError();
rrv = rv;
/* disable the token */
- mod->slots[i]->disabled = PR_TRUE;
- mod->slots[i]->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
+ slot->disabled = PR_TRUE;
+ slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
}
}
}