|
 |
8520e9 |
commit e9548127edae313da7840bcb87fd0afd04549c2e
|
|
|
8520e9 |
Author: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
|
8520e9 |
Date: Mon Feb 8 15:26:23 2021 +0100
|
|
|
8520e9 |
|
|
|
8520e9 |
pkcsslotd: Refactoring in preparation for event support
|
|
|
8520e9 |
|
|
|
8520e9 |
No functional change so far, just making things a bit bore clearer.
|
|
|
8520e9 |
|
|
|
8520e9 |
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
|
|
8520e9 |
|
|
|
8520e9 |
diff --git a/usr/include/slotmgr.h b/usr/include/slotmgr.h
|
|
|
8520e9 |
index 3950a9a3..4d038435 100644
|
|
|
8520e9 |
--- a/usr/include/slotmgr.h
|
|
|
8520e9 |
+++ b/usr/include/slotmgr.h
|
|
|
8520e9 |
@@ -30,7 +30,7 @@
|
|
|
8520e9 |
#define TOK_PATH SBIN_PATH "/pkcsslotd"
|
|
|
8520e9 |
#define OCK_API_LOCK_FILE LOCKDIR_PATH "/LCK..APIlock"
|
|
|
8520e9 |
|
|
|
8520e9 |
-#define SOCKET_FILE_PATH "/var/run/pkcsslotd.socket"
|
|
|
8520e9 |
+#define PROC_SOCKET_FILE_PATH "/var/run/pkcsslotd.socket"
|
|
|
8520e9 |
|
|
|
8520e9 |
#define PID_FILE_PATH "/var/run/pkcsslotd.pid"
|
|
|
8520e9 |
#define OCK_CONFIG OCK_CONFDIR "/opencryptoki.conf"
|
|
|
8520e9 |
diff --git a/usr/lib/api/api_interface.c b/usr/lib/api/api_interface.c
|
|
|
8520e9 |
index b74b763f..2873a20a 100644
|
|
|
8520e9 |
--- a/usr/lib/api/api_interface.c
|
|
|
8520e9 |
+++ b/usr/lib/api/api_interface.c
|
|
|
8520e9 |
@@ -2831,7 +2831,7 @@ CK_RV C_Initialize(CK_VOID_PTR pVoid)
|
|
|
8520e9 |
TRACE_DEBUG("Shared memory %p \n", Anchor->SharedMemP);
|
|
|
8520e9 |
|
|
|
8520e9 |
/* Connect to slot daemon and retrieve slot infos */
|
|
|
8520e9 |
- Anchor->socketfd = connect_socket(SOCKET_FILE_PATH);
|
|
|
8520e9 |
+ Anchor->socketfd = connect_socket(PROC_SOCKET_FILE_PATH);
|
|
|
8520e9 |
if (Anchor->socketfd < 0) {
|
|
|
8520e9 |
OCK_SYSLOG(LOG_ERR, "C_Initialize: Module failed to create a "
|
|
|
8520e9 |
"socket. Verify that the slot management daemon is "
|
|
|
8520e9 |
diff --git a/usr/sbin/pkcsslotd/pkcsslotd.h b/usr/sbin/pkcsslotd/pkcsslotd.h
|
|
|
8520e9 |
index 813db9f4..69eb59f3 100644
|
|
|
8520e9 |
--- a/usr/sbin/pkcsslotd/pkcsslotd.h
|
|
|
8520e9 |
+++ b/usr/sbin/pkcsslotd/pkcsslotd.h
|
|
|
8520e9 |
@@ -61,7 +61,6 @@ extern key_t tok;
|
|
|
8520e9 |
extern Slot_Info_t_64 sinfo[NUMBER_SLOTS_MANAGED];
|
|
|
8520e9 |
extern unsigned int NumberSlotsInDB;
|
|
|
8520e9 |
|
|
|
8520e9 |
-extern int socketfd;
|
|
|
8520e9 |
extern Slot_Mgr_Socket_t socketData;
|
|
|
8520e9 |
|
|
|
8520e9 |
|
|
|
8520e9 |
@@ -89,9 +88,9 @@ int XProcLock(void);
|
|
|
8520e9 |
int XProcUnLock(void);
|
|
|
8520e9 |
int CreateXProcLock(void);
|
|
|
8520e9 |
|
|
|
8520e9 |
-int CreateListenerSocket(void);
|
|
|
8520e9 |
-int InitSocketData(Slot_Mgr_Socket_t *sp);
|
|
|
8520e9 |
-int SocketConnectionHandler(int socketfd, int timeout_secs);
|
|
|
8520e9 |
-void DetachSocketListener(int socketfd);
|
|
|
8520e9 |
+int init_socket_server();
|
|
|
8520e9 |
+int term_socket_server();
|
|
|
8520e9 |
+int init_socket_data(Slot_Mgr_Socket_t *sp);
|
|
|
8520e9 |
+int socket_connection_handler(int timeout_secs);
|
|
|
8520e9 |
|
|
|
8520e9 |
#endif /* _SLOTMGR_H */
|
|
|
8520e9 |
diff --git a/usr/sbin/pkcsslotd/signal.c b/usr/sbin/pkcsslotd/signal.c
|
|
|
8520e9 |
index cf7b9087..49482a2f 100644
|
|
|
8520e9 |
--- a/usr/sbin/pkcsslotd/signal.c
|
|
|
8520e9 |
+++ b/usr/sbin/pkcsslotd/signal.c
|
|
|
8520e9 |
@@ -101,7 +101,7 @@ void slotdGenericSignalHandler(int Signal)
|
|
|
8520e9 |
|
|
|
8520e9 |
InfoLog("Exiting on %s (%d; %#x)", SignalConst(Signal), Signal, Signal);
|
|
|
8520e9 |
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
+ term_socket_server();
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
diff --git a/usr/sbin/pkcsslotd/slotmgr.c b/usr/sbin/pkcsslotd/slotmgr.c
|
|
|
8520e9 |
index ea5c86f5..94288f13 100644
|
|
|
8520e9 |
--- a/usr/sbin/pkcsslotd/slotmgr.c
|
|
|
8520e9 |
+++ b/usr/sbin/pkcsslotd/slotmgr.c
|
|
|
8520e9 |
@@ -37,7 +37,6 @@ unsigned int NumberSlotsInDB = 0;
|
|
|
8520e9 |
|
|
|
8520e9 |
Slot_Info_t_64 *psinfo;
|
|
|
8520e9 |
|
|
|
8520e9 |
-int socketfd;
|
|
|
8520e9 |
Slot_Mgr_Socket_t socketData;
|
|
|
8520e9 |
|
|
|
8520e9 |
struct dircheckinfo_s {
|
|
|
8520e9 |
@@ -569,15 +568,15 @@ int main(int argc, char *argv[], char *envp[])
|
|
|
8520e9 |
if (!XProcUnLock())
|
|
|
8520e9 |
return 4;
|
|
|
8520e9 |
|
|
|
8520e9 |
- if ((socketfd = CreateListenerSocket()) < 0) {
|
|
|
8520e9 |
+ if (!init_socket_server()) {
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
return 5;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
- if (!InitSocketData(&socketData)) {
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
+ if (!init_socket_data(&socketData)) {
|
|
|
8520e9 |
+ term_socket_server();
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
@@ -598,7 +597,7 @@ int main(int argc, char *argv[], char *envp[])
|
|
|
8520e9 |
if (Daemon) {
|
|
|
8520e9 |
pid_t pid;
|
|
|
8520e9 |
if ((pid = fork()) < 0) {
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
+ term_socket_server();
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
@@ -643,7 +642,7 @@ int main(int argc, char *argv[], char *envp[])
|
|
|
8520e9 |
* the daemonization process redefines our handler for (at least) SIGTERM
|
|
|
8520e9 |
*/
|
|
|
8520e9 |
if (!SetupSignalHandlers()) {
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
+ term_socket_server();
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
@@ -664,7 +663,7 @@ int main(int argc, char *argv[], char *envp[])
|
|
|
8520e9 |
printf("Start garbage \n");
|
|
|
8520e9 |
/* start garbage collection thread */
|
|
|
8520e9 |
if (!StartGCThread(shmp)) {
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
+ term_socket_server();
|
|
|
8520e9 |
DestroyMutexes();
|
|
|
8520e9 |
DetachFromSharedMemory();
|
|
|
8520e9 |
DestroySharedMemory();
|
|
|
8520e9 |
@@ -684,7 +683,7 @@ int main(int argc, char *argv[], char *envp[])
|
|
|
8520e9 |
#if !(THREADED) && !(NOGARBAGE)
|
|
|
8520e9 |
CheckForGarbage(shmp);
|
|
|
8520e9 |
#endif
|
|
|
8520e9 |
- SocketConnectionHandler(socketfd, 10);
|
|
|
8520e9 |
+ socket_connection_handler(10);
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
/*************************************************************
|
|
|
8520e9 |
diff --git a/usr/sbin/pkcsslotd/socket_server.c b/usr/sbin/pkcsslotd/socket_server.c
|
|
|
8520e9 |
index ae0eff92..1fae0b95 100644
|
|
|
8520e9 |
--- a/usr/sbin/pkcsslotd/socket_server.c
|
|
|
8520e9 |
+++ b/usr/sbin/pkcsslotd/socket_server.c
|
|
|
8520e9 |
@@ -25,10 +25,14 @@
|
|
|
8520e9 |
#include "pkcsslotd.h"
|
|
|
8520e9 |
#include "apictl.h"
|
|
|
8520e9 |
|
|
|
8520e9 |
+int proc_listener_socket = -1;
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+static void close_listener_socket(int socketfd, const char *file_path);
|
|
|
8520e9 |
+
|
|
|
8520e9 |
// Creates the daemon's listener socket, to which clients will connect and
|
|
|
8520e9 |
// retrieve slot information through. Returns the file descriptor of the
|
|
|
8520e9 |
// created socket.
|
|
|
8520e9 |
-int CreateListenerSocket(void)
|
|
|
8520e9 |
+static int create_listener_socket(const char *file_path)
|
|
|
8520e9 |
{
|
|
|
8520e9 |
struct sockaddr_un address;
|
|
|
8520e9 |
struct group *grp;
|
|
|
8520e9 |
@@ -39,53 +43,60 @@ int CreateListenerSocket(void)
|
|
|
8520e9 |
ErrLog("Failed to create listener socket, errno 0x%X.", errno);
|
|
|
8520e9 |
return -1;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
- if (unlink(SOCKET_FILE_PATH) && errno != ENOENT) {
|
|
|
8520e9 |
+ if (unlink(file_path) && errno != ENOENT) {
|
|
|
8520e9 |
ErrLog("Failed to unlink socket file, errno 0x%X.", errno);
|
|
|
8520e9 |
- close(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
memset(&address, 0, sizeof(struct sockaddr_un));
|
|
|
8520e9 |
address.sun_family = AF_UNIX;
|
|
|
8520e9 |
- strcpy(address.sun_path, SOCKET_FILE_PATH);
|
|
|
8520e9 |
+ strcpy(address.sun_path, file_path);
|
|
|
8520e9 |
|
|
|
8520e9 |
if (bind(socketfd,
|
|
|
8520e9 |
(struct sockaddr *) &address, sizeof(struct sockaddr_un)) != 0) {
|
|
|
8520e9 |
ErrLog("Failed to bind to socket, errno 0x%X.", errno);
|
|
|
8520e9 |
- close(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
// make socket file part of the pkcs11 group, and write accessable
|
|
|
8520e9 |
// for that group
|
|
|
8520e9 |
grp = getgrnam("pkcs11");
|
|
|
8520e9 |
if (!grp) {
|
|
|
8520e9 |
ErrLog("Group PKCS#11 does not exist");
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
- if (chown(SOCKET_FILE_PATH, 0, grp->gr_gid)) {
|
|
|
8520e9 |
+ if (chown(file_path, 0, grp->gr_gid)) {
|
|
|
8520e9 |
ErrLog("Could not change file group on socket, errno 0x%X.", errno);
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
- if (chmod(SOCKET_FILE_PATH,
|
|
|
8520e9 |
+ if (chmod(file_path,
|
|
|
8520e9 |
S_IRUSR | S_IRGRP | S_IWUSR | S_IWGRP | S_IXUSR | S_IXGRP)) {
|
|
|
8520e9 |
ErrLog("Could not change file permissions on socket, errno 0x%X.",
|
|
|
8520e9 |
errno);
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
if (listen(socketfd, 20) != 0) {
|
|
|
8520e9 |
ErrLog("Failed to listen to socket, errno 0x%X.", errno);
|
|
|
8520e9 |
- DetachSocketListener(socketfd);
|
|
|
8520e9 |
- return -1;
|
|
|
8520e9 |
+ goto error;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
return socketfd;
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+error:
|
|
|
8520e9 |
+ if (socketfd >= 0)
|
|
|
8520e9 |
+ close_listener_socket(socketfd, file_path);
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ return -1;
|
|
|
8520e9 |
+}
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+static void close_listener_socket(int socketfd, const char *file_path)
|
|
|
8520e9 |
+{
|
|
|
8520e9 |
+ close(socketfd);
|
|
|
8520e9 |
+ unlink(file_path);
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
-int InitSocketData(Slot_Mgr_Socket_t *socketData)
|
|
|
8520e9 |
+int init_socket_data(Slot_Mgr_Socket_t *socketData)
|
|
|
8520e9 |
{
|
|
|
8520e9 |
unsigned int processed = 0;
|
|
|
8520e9 |
|
|
|
8520e9 |
@@ -102,19 +113,19 @@ int InitSocketData(Slot_Mgr_Socket_t *socketData)
|
|
|
8520e9 |
return TRUE;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
-int SocketConnectionHandler(int socketfd, int timeout_secs)
|
|
|
8520e9 |
+int socket_connection_handler(int timeout_secs)
|
|
|
8520e9 |
{
|
|
|
8520e9 |
int returnVal;
|
|
|
8520e9 |
fd_set set;
|
|
|
8520e9 |
struct timeval timeout;
|
|
|
8520e9 |
|
|
|
8520e9 |
FD_ZERO(&set);
|
|
|
8520e9 |
- FD_SET(socketfd, &set);
|
|
|
8520e9 |
+ FD_SET(proc_listener_socket, &set);
|
|
|
8520e9 |
|
|
|
8520e9 |
timeout.tv_sec = timeout_secs;
|
|
|
8520e9 |
timeout.tv_usec = 0;
|
|
|
8520e9 |
|
|
|
8520e9 |
- returnVal = select(socketfd + 1, &set, NULL, NULL, &timeout);
|
|
|
8520e9 |
+ returnVal = select(proc_listener_socket + 1, &set, NULL, NULL, &timeout);
|
|
|
8520e9 |
if (returnVal == -1) {
|
|
|
8520e9 |
ErrLog("select failed on socket connection, errno 0x%X.", errno);
|
|
|
8520e9 |
return FALSE;
|
|
|
8520e9 |
@@ -125,7 +136,7 @@ int SocketConnectionHandler(int socketfd, int timeout_secs)
|
|
|
8520e9 |
struct sockaddr_un address;
|
|
|
8520e9 |
socklen_t address_length = sizeof(address);
|
|
|
8520e9 |
|
|
|
8520e9 |
- int connectionfd = accept(socketfd,
|
|
|
8520e9 |
+ int connectionfd = accept(proc_listener_socket,
|
|
|
8520e9 |
(struct sockaddr *) &address,
|
|
|
8520e9 |
&address_length);
|
|
|
8520e9 |
if (connectionfd < 0) {
|
|
|
8520e9 |
@@ -138,6 +149,10 @@ int SocketConnectionHandler(int socketfd, int timeout_secs)
|
|
|
8520e9 |
}
|
|
|
8520e9 |
return FALSE;
|
|
|
8520e9 |
}
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ DbgLog(DL0, "Accepted connection from process: socket: %d",
|
|
|
8520e9 |
+ connectionfd);
|
|
|
8520e9 |
+
|
|
|
8520e9 |
if (write(connectionfd, &socketData, sizeof(socketData)) !=
|
|
|
8520e9 |
sizeof(socketData)) {
|
|
|
8520e9 |
ErrLog("Failed to write socket data, errno 0x%X.", errno);
|
|
|
8520e9 |
@@ -149,8 +164,23 @@ int SocketConnectionHandler(int socketfd, int timeout_secs)
|
|
|
8520e9 |
}
|
|
|
8520e9 |
}
|
|
|
8520e9 |
|
|
|
8520e9 |
-void DetachSocketListener(int socketfd)
|
|
|
8520e9 |
+int init_socket_server()
|
|
|
8520e9 |
{
|
|
|
8520e9 |
- close(socketfd);
|
|
|
8520e9 |
- unlink(SOCKET_FILE_PATH);
|
|
|
8520e9 |
+ proc_listener_socket = create_listener_socket(PROC_SOCKET_FILE_PATH);
|
|
|
8520e9 |
+ if (proc_listener_socket < 0)
|
|
|
8520e9 |
+ return FALSE;
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ DbgLog(DL0, "Socket server started");
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ return TRUE;
|
|
|
8520e9 |
+}
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+int term_socket_server()
|
|
|
8520e9 |
+{
|
|
|
8520e9 |
+ if (proc_listener_socket >= 0)
|
|
|
8520e9 |
+ close_listener_socket(proc_listener_socket, PROC_SOCKET_FILE_PATH);
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ DbgLog(DL0, "Socket server stopped");
|
|
|
8520e9 |
+
|
|
|
8520e9 |
+ return TRUE;
|
|
|
8520e9 |
}
|