diff options
| author | Valerie Bubb Fenwick <Valerie.Fenwick@Oracle.COM> | 2010-08-09 11:56:40 -0700 |
|---|---|---|
| committer | Valerie Bubb Fenwick <Valerie.Fenwick@Oracle.COM> | 2010-08-09 11:56:40 -0700 |
| commit | 699ea13a6873ef2e74fc86120b70e60cd3a70f89 (patch) | |
| tree | b5bc84fb74e63dbeadcf6acd748239fe891fe546 /usr/src | |
| parent | 607999774dbffcdfd9be82f27b225769bf680ff0 (diff) | |
| download | illumos-joyent-699ea13a6873ef2e74fc86120b70e60cd3a70f89.tar.gz | |
6974684 libpkcs11 performance can be improved with less restrictive dlopen() flags
6975112 libpkcs11 shouldn't try to dlclose its own metaslot
Diffstat (limited to 'usr/src')
| -rw-r--r-- | usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c | 7 | ||||
| -rw-r--r-- | usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c | 13 | ||||
| -rw-r--r-- | usr/src/lib/pkcs11/libpkcs11/common/pkcs11Slottable.c | 10 |
3 files changed, 20 insertions, 10 deletions
diff --git a/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c b/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c index 9e19316d72..88f3787aa4 100644 --- a/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c +++ b/usr/src/cmd/cmd-crypto/cryptoadm/adm_uef.c @@ -231,7 +231,12 @@ list_mechlist_for_lib(char *libname, mechlist_t *mlist, (void) strlcpy(libpath, libname, sizeof (libpath)); } - /* Open the provider */ + /* + * Open the provider. Use RTLD_NOW here, as a way to + * catch any providers with incomplete symbols that + * might otherwise cause problems during libpkcs11's + * execution. + */ dldesc = dlopen(libpath, RTLD_NOW); if (dldesc == NULL) { dl_error = dlerror(); diff --git a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c index d0b306c948..b2f06f7da1 100644 --- a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c +++ b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Conf.c @@ -528,13 +528,14 @@ pkcs11_slot_mapping(uentrylist_t *pplist, CK_VOID_PTR pInitArgs) } /* - * Open the provider. Use RTLD_NOW to make sure we - * will not encounter symbol referencing errors later. - * Use RTLD_GROUP to limit the provider to it's own - * symbols, which prevents it from mistakenly accessing - * the framework's C_* functions. + * Open the provider. We assume all of our plugins have + * their symbols properly defined, so the use of RTLD_NOW + * to flush out errors immediately is not necessary. + * + * Note that for proper operation, all plugins must be + * built with direct bindings enabled. */ - dldesc = dlopen(fullpath, RTLD_NOW|RTLD_GROUP); + dldesc = dlopen(fullpath, RTLD_LAZY); /* * If we failed to load it, we will just skip this diff --git a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Slottable.c b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Slottable.c index 5b65fbbded..9dae720e22 100644 --- a/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Slottable.c +++ b/usr/src/lib/pkcs11/libpkcs11/common/pkcs11Slottable.c @@ -18,9 +18,9 @@ * * CDDL HEADER END */ + /* - * Copyright 2009 Sun Microsystems, Inc. All rights reserved. - * Use is subject to license terms. + * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. */ #include <dlfcn.h> @@ -204,7 +204,11 @@ pkcs11_slottable_delete() { (void) cur_slot-> sl_func_list->C_Finalize(NULL); } - (void) dlclose(cur_slot->sl_dldesc); + + /* metaslot won't have a sl_dldesc! */ + if (cur_slot->sl_dldesc != NULL) { + (void) dlclose(cur_slot->sl_dldesc); + } /* * Each provider maintains one disabled |