NSS should support a hammer shutdown

RESOLVED WONTFIX

Status

RESOLVED WONTFIX
16 years ago
16 years ago

People

(Reporter: kaie, Assigned: wtc)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
This has been discussed in the past, and it was considered to be hard. But I'm
still not convinced it's impossible, and would like to spend some more energy
discussing.

The motivation for the hammer method would be:
  "Independence of memory leaks".

Yes, memory leaks are bad, but I think it's very hard to make software 100% leak
free.

We still suffer from the problem that profile switching at runtime is not possible.


I would like to propose a possible approach and hear your opinion.

Part 1)
=======
NSS has global static data.
This global static data is initialized at the time the application starts.

I suggest NSS should never modify that global static data.
Instead, as part of its init logic, it could copy what's needed.
Either immediately or when it's needed.

When a shutdown is requested, NSS could remove all its copies and return to the
clean environment it had on initial load.

If this results in any global data now being orphan data, I think that's acceptable.


Part 2)
=======
Data still hanging around in memory.

I think the only serious data is private keys.
I don't know whether private keys are actually being kept around in memory, but
in case they are, I'd suggest the following approach:
- keep a list to all memory areas containing private keys
- after doing the shutdown, after the cleanup, if there are still entries, just
zero fill all those blocks, which makes sure we won't crash, but nobody will be
able to use that data

Part 3)
=======
Tokens that are in access.

If we're not doing that yet, the hammer shutdown could iterate over all know
tokens and log them out.

In addition, I'd hope there is a pkcs#11 function that can be used to
unload/reset any present driver?


The question is: By doing all of the above, would that make a hammer shutdown
possible?
(Reporter)

Comment 1

16 years ago
I'm no longer requesting this feature, I understand it's difficult.
Suggesting WONTFIX.
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.