[Cryptech-Commits] [sw/libhal] branch master updated: Lock RPC device after opening it.
git at cryptech.is
git at cryptech.is
Tue Aug 16 22:58:17 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository sw/libhal.
The following commit(s) were added to refs/heads/master by this push:
new 0166b1b Lock RPC device after opening it.
0166b1b is described below
commit 0166b1b370862ab34335af3d5710304dc3546499
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Tue Aug 16 18:52:47 2016 -0400
Lock RPC device after opening it.
Current design of the RPC protocol assumes that there is exactly one
client speaking directly to the HSM via the RPC channel, whether that
single client really is single or is a multiplexing daemon. PKCS #11
mutexes won't help here, so using flock(2) to grab an exclusive
"advisory" lock on the RPC file descriptor is the simplest solution.
---
rpc_serial.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/rpc_serial.c b/rpc_serial.c
index 728bbd8..0e0e6ff 100644
--- a/rpc_serial.c
+++ b/rpc_serial.c
@@ -35,6 +35,7 @@
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
+#include <sys/file.h>
#include <netinet/in.h>
#include <termios.h>
#include <unistd.h>
@@ -66,11 +67,17 @@ hal_error_t hal_serial_init(const char * const device, const uint32_t speed)
struct termios tty;
speed_t termios_speed;
+ /*
+ * Apparently Linux is too cool to need an atomic mechanism for
+ * locking an existing file, so we can't uses O_EXLOCK. Sigh.
+ */
+
fd = open(device, O_RDWR | O_NOCTTY | O_SYNC);
- if (fd == -1) {
- fprintf(stderr, "open %s: ", device);
- return perror(""), HAL_ERROR_RPC_TRANSPORT;
- }
+ if (fd == -1)
+ return perror(device), HAL_ERROR_RPC_TRANSPORT;
+
+ if (flock(fd, LOCK_EX) < 0)
+ return perror(device), HAL_ERROR_RPC_TRANSPORT;
if (tcgetattr (fd, &tty) != 0)
return perror("tcgetattr"), HAL_ERROR_RPC_TRANSPORT;
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Commits
mailing list