2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A * Add an object to the session's object list. 2N/A * This function will acquire the lock on the session, and release 2N/A * that lock after adding the object to the session's object list. 2N/A /* Acquire the session lock. */ 2N/A /* Insert the new object in front of session's object list. */ 2N/A /* Release the session lock. */ 2N/A * Clean up and release the storage allocated to the object. 2N/A * The function is called either with the object lock being held 2N/A * (by caller kms_delete_object()), or there is no object lock 2N/A * yet (by kms_build_XXX_object() during creating an object). 2N/A * Free the storage allocated to a secret key object. 2N/A * Free the storage allocated to the extra attribute list. 2N/A * Create a new object. Copy the attributes that can be modified 2N/A * (in the boolean attribute mask field and extra attribute list) 2N/A * from the old object to the new object. 2N/A * The caller of this function holds the lock on the old object. 2N/A /* Allocate new object. */ 2N/A * Copy the attribute_info struct from the old 2N/A * object to a new attribute_info struct, and add 2N/A * that new struct to the extra attribute list 2N/A * of the new object. 2N/A /* done with copying all information that can be modified */ 2N/A * Copy the rest of the object. 2N/A * Certain fields that are not appropriate for coping will be 2N/A /* copy key related information */ 2N/A /* should never be this case */ 2N/A * Copy the attributes (in the boolean attribute mask field and 2N/A * extra attribute list) from the new object back to the original 2N/A * object. Also, clean up and release all the storage in the extra 2N/A * attribute list of the original object. 2N/A * The caller of this function holds the lock on the old object. 2N/A * Create a new object struct. If it is a session object, add the object to 2N/A * the session's object list. If it is a token object, add it to the slot's 2N/A * token object list. The caller does not hold the slot lock. 2N/A /* Cannot create a token object with a READ-ONLY session */ 2N/A * If the KMS supports object creation, create the object 2N/A * in the KMS. Otherwise, create the object in the library. 2N/A /* Get the CKA_PRIVATE value of this object. */ 2N/A /* Set the PRIVATE_BOOL_ON and TOKEN_BOOL_ON attributes */ 2N/A /* Add the new object to the slot's token object list. */ 2N/A /* Add the new object to the session's object list. */ 2N/A /* Type casting the address of an object struct to an object handle. */ 2N/A * Remove an object from the session's object list. 2N/A * The caller of this function holds the session lock. 2N/A * Remove the object from the session's object list. 2N/A /* Object is the first one in the list. */ 2N/A /* Object is the only one in the list. */ 2N/A /* Object is not the first one in the list. */ 2N/A /* Object is in the middle of the list. */ 2N/A /* Object is the last one in the list. */ 2N/A * This function adds the to-be-freed session object to a linked list. 2N/A * When the number of objects queued in the linked list reaches the 2N/A * maximum threshold MAX_OBJ_TO_BE_FREED, it will free the first 2N/A * object (FIFO) in the list. 2N/A /* Add the newly deleted object at the end of the list */ 2N/A * Free the first object in the list only if 2N/A * the total count reaches maximum threshold. 2N/A /* Acquire the lock on the object. */ 2N/A * Make sure another thread hasn't freed the object. 2N/A * The deletion of an object must be blocked when the object 2N/A * reference count is not zero. This means if any object related 2N/A * operation starts prior to the delete object operation gets in, 2N/A * the object deleting thread must wait for the non-deleting 2N/A * operation to be completed before it can proceed the delete 2N/A * Unless we are being forced to shut everything down, this only 2N/A * happens if the library's _fini() is running not if someone 2N/A * explicitly called C_Finalize(). 2N/A * We set the OBJECT_REFCNT_WAITING flag before we put 2N/A * this deleting thread in a wait state, so other non-deleting 2N/A * operation thread will signal to wake it up only when 2N/A * the object reference count becomes zero and this flag 2N/A /* Mark object as no longer valid. */ 2N/A * Delete a session object: 2N/A * - Remove the object from the session's object list. 2N/A * - Release the storage allocated to the object. 2N/A * The boolean argument ses_lock_held is used to indicate that whether 2N/A * the caller holds the session lock or not. 2N/A * - When called by kms_delete_all_objects_in_session() or 2N/A * kms_delete_pri_objects_in_slot() -- ses_lock_held = TRUE. 2N/A * The boolean argument wrapper_only is used to indicate that whether 2N/A * the caller only wants to clean up the object wrapper from the library and 2N/A * needs not to make an call to KMS. 2N/A * - This argument only applies to the object created in the provider level. 2N/A * - When called by kms_cleanup_pri_objects_in_slot(), wrapper_only is TRUE. 2N/A * - When called by C_DestroyObject(), wrapper_only is FALSE. 2N/A * - When called by kms_delete_all_objects_in_session(), the value of 2N/A * wrapper_only depends on its caller. 2N/A * Check to see if the caller holds the lock on the session. 2N/A * If not, we need to acquire that lock in order to proceed. 2N/A /* Acquire the session lock. */ 2N/A /* Remove the object from the session's object list first. */ 2N/A * Delete all the objects in a session. The caller holds the lock 2N/A * on the session. If the wrapper_only argument is TRUE, the caller only 2N/A * want to clean up object wrappers in the library. 2N/A /* Delete all the objects in the session. */ 2N/A * allocate space for storing results if the currently 2N/A * allocated space is not enough 2N/A /* there are some search requirement */ 2N/A * Look through template and see if it explicitly specifies 2N/A * whether we need to look for token objects and also to see 2N/A * if a specific label was specified. 2N/A /* Acquire the slot lock */ 2N/A * Make sure the object list is current. 2N/A /* no search criteria, just record the object */ 2N/A * If the caller specified a label but it was not found, 2N/A * query the KMS to see if it exists there but is not in the 2N/A * If we DID find the object, add it to the 2N/A * slot token object list and label list. 2N/A * If all went well, add it to the head of 2N/A * the token object list. 2N/A * This just means the wrong label was used 2N/A * and the key really doesn't exist in the 2N/A * Go through all objects in each session. 2N/A * Acquire individual session lock for the session 2N/A /* no search criteria, just record the object */ 2N/A * Initialize the context for C_FindObjects() calls 2N/A /* Make sure all attributes in template are valid */ 2N/A /* prepare the find context */ 2N/A /* store the find_context in the session */ 2N/A /* a sanity check to make sure the obj is still valid */ 2N/A * Add an token object to the token object list in slot. 2N/A * This function will acquire the lock on the slot, and release 2N/A * that lock after adding the object to the slot's token object list. 2N/A /* Acquire the slot lock. */ 2N/A /* Insert the new object in front of slot's token object list. */ 2N/A /* Release the slot lock. */ 2N/A * Remove an token object from the slot's token object list. 2N/A * This routine is called by kms_delete_token_object(). 2N/A * The caller of this function hold the slot lock. 2N/A /* Object is the first one in the list */ 2N/A /* Object is the only one in the list. */ 2N/A /* Object is not the first one in the list. */ 2N/A /* Object is in the middle of the list. */ 2N/A /* Object is the last one in the list. */ 2N/A * Delete a token object: 2N/A * - Remove the object from the slot's token object list. 2N/A * - Release the storage allocated to the object. 2N/A * The boolean argument slot_lock_held is used to indicate that whether 2N/A * the caller holds the slot lock or not. When the caller does not hold 2N/A * the slot lock, this function will acquire that lock in order to proceed, 2N/A * and also release that lock before returning to caller. 2N/A * The boolean argument wrapper_only is used to indicate that whether 2N/A * the caller only wants to the object wrapper from library. 2N/A /* Delete from KMS */ 2N/A /* Remove the object from the slot's token object list first. */ 2N/A /* Release the slot lock if the call doesn't hold the lock. */ 2N/A * Clean up private object wrappers in this slot. The caller holds the slot 2N/A * Delete every private token object from 2N/A * the slot token object list. 2N/A * The first TRUE boolean argument indicates that the caller 2N/A * hold the slot lock. The second TRUE boolean argument 2N/A * indicates that the caller just wants to clean up the object 2N/A * wrapper from the library only. 2N/A * Walk through all the sessions in this slot and delete every 2N/A /* Delete all the objects in the session. */ 2N/A * The FALSE boolean argument indicates that the 2N/A * caller does not hold the session lock. The TRUE 2N/A * boolean argument indicates that the caller just 2N/A * want to clean upt the object wrapper from the 2N/A * Get the object size in bytes for the objects created in the library.