Last Comment Bug 252702 - NSS needs to handle better token insertion and removal.
: NSS needs to handle better token insertion and removal.
Status: RESOLVED FIXED
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.9
: All All
: P2 enhancement (vote)
: 3.9.3
Assigned To: Robert Relyea
: Bishakha Banerjee
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-07-22 16:59 PDT by Robert Relyea
Modified: 2004-09-27 16:48 PDT (History)
3 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Add functions to wait for new token events and update new slots on the fly. (315.26 KB, patch)
2004-07-22 18:20 PDT, Robert Relyea
no flags Details | Diff | Splinter Review
Really the" Add functions to wait for new token events and update new slots on the fly." patch (36.75 KB, patch)
2004-07-22 18:24 PDT, Robert Relyea
nelson: review-
Details | Diff | Splinter Review
Address Nelson's review comments. (315.26 KB, patch)
2004-07-29 00:48 PDT, Robert Relyea
no flags Details | Diff | Splinter Review
Oops wrong patch, Let's try this again... (36.75 KB, patch)
2004-07-29 00:56 PDT, Robert Relyea
no flags Details | Diff | Splinter Review
This *should* be the correct patch... (48.92 KB, patch)
2004-07-29 00:58 PDT, Robert Relyea
nelson: review+
Details | Diff | Splinter Review

Description Robert Relyea 2004-07-22 16:59:30 PDT
Currently NSS handles token insertion and removals by polling. PKCS #11 supplies
and interface for us to get token events. NSS needs a function give applications
access to this server.

PKCS 2.20 also allows for the slotlist to grow as new slots are dynamically
added. NSS needs a way to grow it's slotlist on the fly as well.
Comment 1 Robert Relyea 2004-07-22 18:20:31 PDT
Created attachment 154054 [details] [diff] [review]
Add functions to wait for new token events and update new slots on the fly.

This code adds new several new functions:

SECMOD_WaitForAnyTokenEvent - waits for a token insertion or removal using the
PKCS#11 C_WaitForSlotEvent() call. If the module does not support the call, a
polling method is invoked. This varies from the previous attempt and defining
an API for this function in that The previous call waited for a single slot,
not on a whole module. The new interface is more efficient, and matches the
PKCS #11 interface better.

SECMOD_CancelWait() - cancels a pending wait. The only way to do this in PKCS
#11 is to call Finalize, so this function should really only be used while
shutting down (though it does re-init the module).

SECMOD_UpdateSlotList() - applications can call this function whenever the
application feels new slots may have been added. SECMOD_WaitForAnyTokenEvent
automatically calls SECMOD_UpdateSlotList whenever it gets a slot id that it
doesn't recognize.

This patch adds a new element to a public data structure (evControlMask). It
also adds the requirement that applications need to get the moduleList ReadLock
when examining the slots[] array directly. This is only necessary if the
application calls SECMOD_UpdateSlotList or SECMOD_WaitForAnyTokenEvent, so
existing apps do not have an issue.
Comment 2 Robert Relyea 2004-07-22 18:24:34 PDT
Created attachment 154055 [details] [diff] [review]
Really the" Add functions to wait for new token events and update new slots on the fly." patch

The other was from another tree... the refactoring patch
Comment 3 Robert Relyea 2004-07-26 16:26:13 PDT
Comment on attachment 154055 [details] [diff] [review]
Really the" Add functions to wait for new token events and update new slots on the fly." patch

Changing review from wan-teh (going on vacation) to nelson (returning from
vaction).
Comment 4 Nelson Bolyard (seldom reads bugmail) 2004-07-27 18:32:04 PDT
Comment on attachment 154055 [details] [diff] [review]
Really the" Add functions to wait for new token events and update new slots on the fly." patch

I gave Bob a written  set of review feedback.
Comment 5 Robert Relyea 2004-07-29 00:48:39 PDT
Created attachment 154630 [details] [diff] [review]
Address Nelson's review comments.

The major change is adding locking around trust domain access to the token list
and the token iterator. The PKCS #11 module list reader/writer locks have also
been converted to use the NSS reader/writer lock support.
Comment 6 Robert Relyea 2004-07-29 00:56:12 PDT
Created attachment 154631 [details] [diff] [review]
Oops wrong patch, Let's try this again...
Comment 7 Robert Relyea 2004-07-29 00:58:22 PDT
Created attachment 154632 [details] [diff] [review]
This *should* be the correct patch...

It's time to go home... bob needs to get some sleep before he touches anymore C
code...
Comment 8 Robert Relyea 2004-07-29 01:00:40 PDT
Comment on attachment 154632 [details] [diff] [review]
This *should* be the correct patch...

OK, this is the one that needs to be reviewed.
Comment 9 Robert Relyea 2004-07-29 15:54:29 PDT
Checkin log for NSS 3.9

Checking in nss/nss.def;
/cvsroot/mozilla/security/nss/lib/nss/nss.def,v  <--  nss.def
new revision: 1.128.4.2; previous revision: 1.128.4.1
done
Checking in pk11wrap/pk11err.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11err.c,v  <--  pk11err.c
new revision: 1.1.276.1; previous revision: 1.1
done
Checking in pk11wrap/pk11list.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11list.c,v  <--  pk11list.c
new revision: 1.3.238.1; previous revision: 1.3
done
Checking in pk11wrap/pk11load.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11load.c,v  <--  pk11load.c
new revision: 1.9.16.1; previous revision: 1.9
done
Checking in pk11wrap/pk11pars.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pars.c,v  <--  pk11pars.c
new revision: 1.14.16.1; previous revision: 1.14
done
Checking in pk11wrap/pk11util.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11util.c,v  <--  pk11util.c
new revision: 1.41.16.1; previous revision: 1.41
done
Checking in pk11wrap/secmod.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmod.h,v  <--  secmod.h
new revision: 1.17.16.1; previous revision: 1.17
done
Checking in pk11wrap/secmodi.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v  <--  secmodi.h
new revision: 1.14.16.2; previous revision: 1.14.16.1
done
Checking in pk11wrap/secmodt.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodt.h,v  <--  secmodt.h
new revision: 1.20.16.2; previous revision: 1.20.16.1
done
Checking in pk11wrap/secmodti.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodti.h,v  <--  secmodti.h
new revision: 1.16.16.2; previous revision: 1.16.16.1
done
Checking in pki/pki3hack.c;
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v  <--  pki3hack.c
new revision: 1.79.14.2; previous revision: 1.79.14.1
done
Checking in pki/pki3hack.h;
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.h,v  <--  pki3hack.h
new revision: 1.15.16.2; previous revision: 1.15.16.1
done
Checking in pki/pkit.h;
/cvsroot/mozilla/security/nss/lib/pki/pkit.h,v  <--  pkit.h
new revision: 1.13.98.1; previous revision: 1.13
done
Checking in pki/trustdomain.c;
/cvsroot/mozilla/security/nss/lib/pki/trustdomain.c,v  <--  trustdomain.c
new revision: 1.48.38.1; previous revision: 1.48
done
Checking in util/secerr.h;
/cvsroot/mozilla/security/nss/lib/util/secerr.h,v  <--  secerr.h
new revision: 1.12.16.2; previous revision: 1.12.16.1
done
Comment 10 Robert Relyea 2004-07-29 16:39:20 PDT
Checkin log to tip:

Checking in nss/nss.def;
/cvsroot/mozilla/security/nss/lib/nss/nss.def,v  <--  nss.def
new revision: 1.133; previous revision: 1.132
done
Checking in pk11wrap/pk11err.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11err.c,v  <--  pk11err.c
new revision: 1.3; previous revision: 1.2
done
Checking in pk11wrap/pk11list.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11list.c,v  <--  pk11list.c
new revision: 1.6; previous revision: 1.5
done
Checking in pk11wrap/pk11load.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11load.c,v  <--  pk11load.c
new revision: 1.14; previous revision: 1.13
done
Checking in pk11wrap/pk11pars.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11pars.c,v  <--  pk11pars.c
new revision: 1.17; previous revision: 1.16
done
Checking in pk11wrap/pk11util.c;
/cvsroot/mozilla/security/nss/lib/pk11wrap/pk11util.c,v  <--  pk11util.c
new revision: 1.44; previous revision: 1.43
done
Checking in pk11wrap/secmod.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmod.h,v  <--  secmod.h
new revision: 1.20; previous revision: 1.19
done
Checking in pk11wrap/secmodi.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodi.h,v  <--  secmodi.h
new revision: 1.19; previous revision: 1.18
done
Checking in pk11wrap/secmodt.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodt.h,v  <--  secmodt.h
new revision: 1.24; previous revision: 1.23
done
Checking in pk11wrap/secmodti.h;
/cvsroot/mozilla/security/nss/lib/pk11wrap/secmodti.h,v  <--  secmodti.h
new revision: 1.20; previous revision: 1.19
done
Checking in pki/pki3hack.c;
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.c,v  <--  pki3hack.c
new revision: 1.83; previous revision: 1.82
done
Checking in pki/pki3hack.h;
/cvsroot/mozilla/security/nss/lib/pki/pki3hack.h,v  <--  pki3hack.h
new revision: 1.18; previous revision: 1.17
done
Checking in pki/pkit.h;
/cvsroot/mozilla/security/nss/lib/pki/pkit.h,v  <--  pkit.h
new revision: 1.16; previous revision: 1.15
done
Checking in pki/trustdomain.c;
/cvsroot/mozilla/security/nss/lib/pki/trustdomain.c,v  <--  trustdomain.c
new revision: 1.50; previous revision: 1.49
done
Checking in util/secerr.h;
/cvsroot/mozilla/security/nss/lib/util/secerr.h,v  <--  secerr.h
new revision: 1.16; previous revision: 1.15
done
Comment 11 Nelson Bolyard (seldom reads bugmail) 2004-07-29 19:50:42 PDT
Comment on attachment 154632 [details] [diff] [review]
This *should* be the correct patch...

I gave Bob verbal r=nelson before the checkins.

Note You need to log in before you can comment on or make changes to this bug.