/src/openssl/crypto/property/property.c
Line | Count | Source |
1 | | /* |
2 | | * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. |
4 | | * |
5 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
6 | | * this file except in compliance with the License. You can obtain a copy |
7 | | * in the file LICENSE in the source distribution or at |
8 | | * https://www.openssl.org/source/license.html |
9 | | */ |
10 | | |
11 | | #include <string.h> |
12 | | #include <stdio.h> |
13 | | #include <stdarg.h> |
14 | | #include <openssl/crypto.h> |
15 | | #include <openssl/provider.h> |
16 | | #include "internal/property.h" |
17 | | #include "internal/provider.h" |
18 | | #include "internal/tsan_assist.h" |
19 | | #include "internal/threads_common.h" |
20 | | #include "internal/list.h" |
21 | | #include "internal/time.h" |
22 | | #include <openssl/lhash.h> |
23 | | #include <openssl/rand.h> |
24 | | #include <openssl/trace.h> |
25 | | #include "crypto/sparse_array.h" |
26 | | #include "property_local.h" |
27 | | #include "crypto/context.h" |
28 | | |
29 | | /* |
30 | | * The shard count was determined through performance testing with the evp_fetch |
31 | | * tool on an Intel Xeon Gold 6248R CPU @ 3.00GHz. Testing showed that 4 shards |
32 | | * delivered the best performance for 16 or |
33 | | * more threads, and close to best performance at below 16 threads. |
34 | | */ |
35 | | #ifndef NUM_SHARDS_BITS |
36 | 174k | #define NUM_SHARDS_BITS 2 |
37 | | #endif |
38 | 88.4k | #define NUM_SHARDS (1 << NUM_SHARDS_BITS) |
39 | | |
40 | | #ifndef MAX_CACHE_LINES_BITS |
41 | 85.5k | #define MAX_CACHE_LINES_BITS 3 |
42 | | #endif |
43 | 85.5k | #define MAX_CACHE_LINES (1 << MAX_CACHE_LINES_BITS) |
44 | | |
45 | | typedef struct { |
46 | | void *method; |
47 | | int (*up_ref)(void *); |
48 | | void (*free)(void *); |
49 | | } METHOD; |
50 | | |
51 | | typedef struct { |
52 | | const OSSL_PROVIDER *provider; |
53 | | OSSL_PROPERTY_LIST *properties; |
54 | | METHOD method; |
55 | | } IMPLEMENTATION; |
56 | | |
57 | | DEFINE_STACK_OF(IMPLEMENTATION) |
58 | | |
59 | | typedef struct query_st { |
60 | | struct query_st *next; /* list pointer for lookup table */ |
61 | | void *saptr; /* pointer to our owning STORED_ALGORITHM */ |
62 | | int nid; /* nid of this query */ |
63 | | int archived; /* Mark entry as no longer findable */ |
64 | | OSSL_PROVIDER *prov; /*provider this belongs to */ |
65 | | char *prop_query; /* query string */ |
66 | | METHOD method; /* METHOD for this query */ |
67 | | } QUERY; |
68 | | |
69 | | typedef struct { |
70 | | int nid; |
71 | | STACK_OF(IMPLEMENTATION) *impls; |
72 | | } ALGORITHM; |
73 | | |
74 | | typedef struct { |
75 | | SPARSE_ARRAY_OF(ALGORITHM) * algs; |
76 | | |
77 | | QUERY *cache_lists[MAX_CACHE_LINES]; |
78 | | QUERY *archive; |
79 | | |
80 | | /* |
81 | | * Lock to protect each shard of |algs| from concurrent writing, |
82 | | * when individual implementations or queries are inserted. This is used |
83 | | * by the appropriate functions here. |
84 | | */ |
85 | | CRYPTO_RWLOCK *lock; |
86 | | CRYPTO_RWLOCK *alock; |
87 | | |
88 | | /* query cache specific values */ |
89 | | |
90 | | } STORED_ALGORITHMS; |
91 | | |
92 | | static int ossl_method_store_atomic_insert_to_list(STORED_ALGORITHMS *sa, QUERY *new); |
93 | | static int ossl_method_store_atomic_archive(STORED_ALGORITHMS *sa, QUERY *old); |
94 | | static QUERY *ossl_method_store_atomic_find_in_list(STORED_ALGORITHMS *sa, int nid, |
95 | | OSSL_PROVIDER *prov, const char *prop_query); |
96 | | static void ossl_cache_lists_flush(STORED_ALGORITHMS *sa); |
97 | | static void ossl_cache_lists_free(STORED_ALGORITHMS *sa); |
98 | | static void ossl_method_store_atomic_clean_archive(STORED_ALGORITHMS *sa); |
99 | | |
100 | | struct ossl_method_store_st { |
101 | | OSSL_LIB_CTX *ctx; |
102 | | STORED_ALGORITHMS *algs; |
103 | | /* |
104 | | * Lock to reserve the whole store. This is used when fetching a set |
105 | | * of algorithms, via these functions, found in crypto/core_fetch.c: |
106 | | * ossl_method_construct_reserve_store() |
107 | | * ossl_method_construct_unreserve_store() |
108 | | */ |
109 | | CRYPTO_RWLOCK *biglock; |
110 | | }; |
111 | | |
112 | | DEFINE_SPARSE_ARRAY_OF(ALGORITHM); |
113 | | |
114 | | DEFINE_STACK_OF(ALGORITHM) |
115 | | |
116 | | typedef struct ossl_global_properties_st { |
117 | | OSSL_PROPERTY_LIST *list; |
118 | | #ifndef FIPS_MODULE |
119 | | unsigned int no_mirrored : 1; |
120 | | #endif |
121 | | } OSSL_GLOBAL_PROPERTIES; |
122 | | |
123 | 88.1k | #define stored_algs_shard(store, nid) (&(store)->algs[(nid) & (NUM_SHARDS - 1)]) |
124 | | |
125 | | static void ossl_method_cache_flush_alg(STORED_ALGORITHMS *sa, |
126 | | ALGORITHM *alg); |
127 | | static void ossl_method_cache_flush(STORED_ALGORITHMS *sa, int nid); |
128 | | |
129 | | static ossl_inline QUERY *QUERY_new(size_t prop_query_len) |
130 | 170 | { |
131 | | /* |
132 | | * allocate a new QUERY with the associated property query buffer |
133 | | * immediately following it |
134 | | */ |
135 | 170 | QUERY *new = OPENSSL_malloc(sizeof(QUERY) + prop_query_len + 1); |
136 | 170 | if (new != NULL) |
137 | 170 | new->prop_query = (char *)(new + 1); |
138 | 170 | return new; |
139 | 170 | } |
140 | | |
141 | | static ossl_inline void QUERY_free(QUERY *q) |
142 | 0 | { |
143 | | /* |
144 | | * because we allocate the QUERY with its property query string |
145 | | * as one contiguous chunk, this frees both |
146 | | */ |
147 | 0 | OPENSSL_free(q); |
148 | 0 | } |
149 | | |
150 | | /* Global properties are stored per library context */ |
151 | | void ossl_ctx_global_properties_free(void *vglobp) |
152 | 0 | { |
153 | 0 | OSSL_GLOBAL_PROPERTIES *globp = vglobp; |
154 | |
|
155 | 0 | if (globp != NULL) { |
156 | 0 | ossl_property_free(globp->list); |
157 | 0 | OPENSSL_free(globp); |
158 | 0 | } |
159 | 0 | } |
160 | | |
161 | | void *ossl_ctx_global_properties_new(OSSL_LIB_CTX *ctx) |
162 | 16 | { |
163 | 16 | return OPENSSL_zalloc(sizeof(OSSL_GLOBAL_PROPERTIES)); |
164 | 16 | } |
165 | | |
166 | | OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OSSL_LIB_CTX *libctx, |
167 | | ossl_unused int loadconfig) |
168 | 85 | { |
169 | 85 | OSSL_GLOBAL_PROPERTIES *globp; |
170 | | |
171 | 85 | #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_AUTOLOAD_CONFIG) |
172 | 85 | if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL)) |
173 | 0 | return NULL; |
174 | 85 | #endif |
175 | 85 | globp = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES); |
176 | | |
177 | 85 | return globp != NULL ? &globp->list : NULL; |
178 | 85 | } |
179 | | |
180 | | #ifndef FIPS_MODULE |
181 | | int ossl_global_properties_no_mirrored(OSSL_LIB_CTX *libctx) |
182 | 0 | { |
183 | 0 | OSSL_GLOBAL_PROPERTIES *globp |
184 | 0 | = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES); |
185 | |
|
186 | 0 | return globp != NULL && globp->no_mirrored ? 1 : 0; |
187 | 0 | } |
188 | | |
189 | | void ossl_global_properties_stop_mirroring(OSSL_LIB_CTX *libctx) |
190 | 0 | { |
191 | 0 | OSSL_GLOBAL_PROPERTIES *globp |
192 | 0 | = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES); |
193 | |
|
194 | 0 | if (globp != NULL) |
195 | 0 | globp->no_mirrored = 1; |
196 | 0 | } |
197 | | #endif |
198 | | |
199 | | static int ossl_method_up_ref(METHOD *method) |
200 | 88.1k | { |
201 | 88.1k | return (*method->up_ref)(method->method); |
202 | 88.1k | } |
203 | | |
204 | | static void ossl_method_free(METHOD *method) |
205 | 0 | { |
206 | 0 | (*method->free)(method->method); |
207 | 0 | } |
208 | | |
209 | | static __owur int ossl_property_read_lock(STORED_ALGORITHMS *p) |
210 | 85 | { |
211 | 85 | return p != NULL ? CRYPTO_THREAD_read_lock(p->lock) : 0; |
212 | 85 | } |
213 | | |
214 | | static __owur int ossl_property_write_lock(STORED_ALGORITHMS *p) |
215 | 2.64k | { |
216 | 2.64k | return p != NULL ? CRYPTO_THREAD_write_lock(p->lock) : 0; |
217 | 2.64k | } |
218 | | |
219 | | static int ossl_property_unlock(STORED_ALGORITHMS *p) |
220 | 2.72k | { |
221 | 2.72k | return p != 0 ? CRYPTO_THREAD_unlock(p->lock) : 0; |
222 | 2.72k | } |
223 | | |
224 | | static void impl_free(IMPLEMENTATION *impl) |
225 | 0 | { |
226 | 0 | if (impl != NULL) { |
227 | 0 | ossl_method_free(&impl->method); |
228 | 0 | OPENSSL_free(impl); |
229 | 0 | } |
230 | 0 | } |
231 | | |
232 | | static ossl_inline void impl_cache_free_unlinked(QUERY *elem) |
233 | 0 | { |
234 | 0 | if (elem != NULL) { |
235 | 0 | ossl_method_free(&elem->method); |
236 | 0 | QUERY_free(elem); |
237 | 0 | } |
238 | 0 | } |
239 | | |
240 | | static void impl_cache_flush_alg(ALGORITHM *alg, STORED_ALGORITHMS *sa) |
241 | 0 | { |
242 | 0 | QUERY *q; |
243 | 0 | int i; |
244 | | |
245 | | /* |
246 | | * Instead of iterating over the hashtable with the |
247 | | * ossl_ht_foreach_until function, we just traverse the |
248 | | * linked list, as it much faster this way, as we avoid having |
249 | | * to visit lots of potentially empty nodes |
250 | | */ |
251 | 0 | for (i = 0; i < MAX_CACHE_LINES; i++) { |
252 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[i], (void **)&q, sa->alock)) |
253 | 0 | return; |
254 | 0 | while (q != NULL) { |
255 | 0 | if (q->nid == alg->nid) |
256 | 0 | ossl_method_store_atomic_archive(sa, q); |
257 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&q->next, (void **)&q, sa->alock)) |
258 | 0 | return; |
259 | 0 | } |
260 | 0 | } |
261 | 0 | } |
262 | | |
263 | | static void alg_cleanup(ossl_uintmax_t idx, ALGORITHM *a, void *arg) |
264 | 0 | { |
265 | 0 | STORED_ALGORITHMS *sa = arg; |
266 | |
|
267 | 0 | if (a != NULL) { |
268 | 0 | sk_IMPLEMENTATION_pop_free(a->impls, &impl_free); |
269 | 0 | OPENSSL_free(a); |
270 | 0 | } |
271 | 0 | if (sa != NULL) |
272 | 0 | ossl_sa_ALGORITHM_set(sa->algs, idx, NULL); |
273 | 0 | } |
274 | | |
275 | | static void stored_algs_free(STORED_ALGORITHMS *sa) |
276 | 0 | { |
277 | 0 | if (sa == NULL) |
278 | 0 | return; |
279 | | |
280 | 0 | for (int i = 0; i < NUM_SHARDS; ++i) { |
281 | 0 | ossl_sa_ALGORITHM_doall_arg(sa[i].algs, &alg_cleanup, &sa[i]); |
282 | 0 | ossl_sa_ALGORITHM_free(sa[i].algs); |
283 | 0 | ossl_cache_lists_free(&sa[i]); |
284 | 0 | CRYPTO_THREAD_lock_free(sa[i].lock); |
285 | 0 | CRYPTO_THREAD_lock_free(sa[i].alock); |
286 | 0 | } |
287 | |
|
288 | 0 | OPENSSL_free(sa); |
289 | 0 | } |
290 | | |
291 | | static STORED_ALGORITHMS *stored_algs_new(OSSL_LIB_CTX *ctx) |
292 | 64 | { |
293 | 64 | STORED_ALGORITHMS *ret; |
294 | | |
295 | 64 | ret = OPENSSL_calloc(NUM_SHARDS, sizeof(STORED_ALGORITHMS)); |
296 | 64 | if (ret == NULL) |
297 | 0 | return NULL; |
298 | | |
299 | 320 | for (int i = 0; i < NUM_SHARDS; ++i) { |
300 | 256 | ret[i].algs = ossl_sa_ALGORITHM_new(); |
301 | 256 | if (ret[i].algs == NULL) |
302 | 0 | goto err; |
303 | | |
304 | 256 | ret[i].lock = CRYPTO_THREAD_lock_new(); |
305 | 256 | if (ret[i].lock == NULL) |
306 | 0 | goto err; |
307 | 256 | ret[i].alock = CRYPTO_THREAD_lock_new(); |
308 | 256 | if (ret[i].alock == NULL) |
309 | 0 | goto err; |
310 | 256 | } |
311 | | |
312 | 64 | return ret; |
313 | | |
314 | 0 | err: |
315 | 0 | stored_algs_free(ret); |
316 | |
|
317 | 0 | return NULL; |
318 | 64 | } |
319 | | |
320 | | /* |
321 | | * The OSSL_LIB_CTX param here allows access to underlying property data needed |
322 | | * for computation |
323 | | */ |
324 | | OSSL_METHOD_STORE *ossl_method_store_new(OSSL_LIB_CTX *ctx) |
325 | 64 | { |
326 | 64 | OSSL_METHOD_STORE *res; |
327 | | |
328 | 64 | res = OPENSSL_zalloc(sizeof(*res)); |
329 | 64 | if (res != NULL) { |
330 | 64 | res->ctx = ctx; |
331 | 64 | if ((res->algs = stored_algs_new(ctx)) == NULL |
332 | 64 | || (res->biglock = CRYPTO_THREAD_lock_new()) == NULL) { |
333 | 0 | ossl_method_store_free(res); |
334 | 0 | return NULL; |
335 | 0 | } |
336 | 64 | } |
337 | 64 | return res; |
338 | 64 | } |
339 | | |
340 | | void ossl_method_store_free(OSSL_METHOD_STORE *store) |
341 | 0 | { |
342 | 0 | if (store == NULL) |
343 | 0 | return; |
344 | | |
345 | 0 | stored_algs_free(store->algs); |
346 | 0 | CRYPTO_THREAD_lock_free(store->biglock); |
347 | 0 | OPENSSL_free(store); |
348 | 0 | } |
349 | | |
350 | | int ossl_method_lock_store(OSSL_METHOD_STORE *store) |
351 | 85 | { |
352 | 85 | return store != NULL ? CRYPTO_THREAD_write_lock(store->biglock) : 0; |
353 | 85 | } |
354 | | |
355 | | int ossl_method_unlock_store(OSSL_METHOD_STORE *store) |
356 | 85 | { |
357 | 85 | return store != NULL ? CRYPTO_THREAD_unlock(store->biglock) : 0; |
358 | 85 | } |
359 | | |
360 | | static ALGORITHM *ossl_method_store_retrieve(STORED_ALGORITHMS *sa, int nid) |
361 | 5.36k | { |
362 | 5.36k | return ossl_sa_ALGORITHM_get(sa->algs, nid); |
363 | 5.36k | } |
364 | | |
365 | | static int ossl_method_store_insert(STORED_ALGORITHMS *sa, ALGORITHM *alg) |
366 | 2.64k | { |
367 | 2.64k | return ossl_sa_ALGORITHM_set(sa->algs, alg->nid, alg); |
368 | 2.64k | } |
369 | | |
370 | | /** |
371 | | * @brief Adds a method to the specified method store. |
372 | | * |
373 | | * This function adds a new method to the provided method store, associating it |
374 | | * with a specified id, properties, and provider. The method is stored with |
375 | | * reference count and destruction callbacks. |
376 | | * |
377 | | * @param store Pointer to the OSSL_METHOD_STORE where the method will be added. |
378 | | * Must be non-null. |
379 | | * @param prov Pointer to the OSSL_PROVIDER for the provider of the method. |
380 | | * Must be non-null. |
381 | | * @param nid (identifier) associated with the method, must be > 0 |
382 | | * @param properties String containing properties of the method. |
383 | | * @param method Pointer to the method to be added. |
384 | | * @param method_up_ref Function pointer for incrementing the method ref count. |
385 | | * @param method_destruct Function pointer for destroying the method. |
386 | | * |
387 | | * @return 1 if the method is successfully added, 0 on failure. |
388 | | * |
389 | | * If tracing is enabled, a message is printed indicating that the method is |
390 | | * being added to the method store. |
391 | | * |
392 | | * NOTE: The nid parameter here is _not_ a nid in the sense of the NID_* macros. |
393 | | * It is an internal unique identifier. |
394 | | */ |
395 | | int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov, |
396 | | int nid, const char *properties, void *method, |
397 | | int (*method_up_ref)(void *), |
398 | | void (*method_destruct)(void *)) |
399 | 2.64k | { |
400 | 2.64k | STORED_ALGORITHMS *sa; |
401 | 2.64k | ALGORITHM *alg = NULL; |
402 | 2.64k | IMPLEMENTATION *impl; |
403 | 2.64k | int ret = 0; |
404 | 2.64k | int i; |
405 | | |
406 | 2.64k | if (nid <= 0 || method == NULL || store == NULL) |
407 | 0 | return 0; |
408 | | |
409 | 2.64k | if (properties == NULL) |
410 | 0 | properties = ""; |
411 | | |
412 | 2.64k | if (!ossl_assert(prov != NULL)) |
413 | 0 | return 0; |
414 | | |
415 | | /* Create new entry */ |
416 | 2.64k | impl = OPENSSL_malloc(sizeof(*impl)); |
417 | 2.64k | if (impl == NULL) |
418 | 0 | return 0; |
419 | 2.64k | impl->method.method = method; |
420 | 2.64k | impl->method.up_ref = method_up_ref; |
421 | 2.64k | impl->method.free = method_destruct; |
422 | 2.64k | if (!ossl_method_up_ref(&impl->method)) { |
423 | 0 | OPENSSL_free(impl); |
424 | 0 | return 0; |
425 | 0 | } |
426 | 2.64k | impl->provider = prov; |
427 | | |
428 | 2.64k | sa = stored_algs_shard(store, nid); |
429 | | |
430 | | /* Insert into the hash table if required */ |
431 | 2.64k | if (!ossl_property_write_lock(sa)) { |
432 | 0 | impl_free(impl); |
433 | 0 | return 0; |
434 | 0 | } |
435 | | |
436 | | /* |
437 | | * Flush the alg cache of any implementation that already exists |
438 | | * for this id. |
439 | | * This is done to ensure that on the next lookup we go through the |
440 | | * provider comparison in ossl_method_store_fetch. If we don't do this |
441 | | * then this new method won't be given a chance to get selected. |
442 | | * NOTE: This doesn't actually remove the method from the backing store |
443 | | * It just ensures that we query the backing store when (re)-adding a |
444 | | * method to the algorithm cache, in case the one selected by the next |
445 | | * query selects a different implementation |
446 | | */ |
447 | 2.64k | ossl_method_cache_flush(sa, nid); |
448 | | |
449 | | /* |
450 | | * Parse the properties associated with this method, and convert it to a |
451 | | * property list stored against the implementation for later comparison |
452 | | * during fetch operations |
453 | | */ |
454 | 2.64k | if ((impl->properties = ossl_prop_defn_get(store->ctx, properties)) == NULL) { |
455 | 16 | impl->properties = ossl_parse_property(store->ctx, properties); |
456 | 16 | if (impl->properties == NULL) |
457 | 0 | goto err; |
458 | 16 | if (!ossl_prop_defn_set(store->ctx, properties, &impl->properties)) { |
459 | 0 | ossl_property_free(impl->properties); |
460 | 0 | impl->properties = NULL; |
461 | 0 | goto err; |
462 | 0 | } |
463 | 16 | } |
464 | | |
465 | | /* |
466 | | * Check if we have an algorithm cache already for this nid. If so use |
467 | | * it, otherwise, create it, and insert it into the store |
468 | | */ |
469 | 2.64k | alg = ossl_method_store_retrieve(sa, nid); |
470 | 2.64k | if (alg == NULL) { |
471 | 2.64k | if ((alg = OPENSSL_zalloc(sizeof(*alg))) == NULL |
472 | 2.64k | || (alg->impls = sk_IMPLEMENTATION_new_null()) == NULL) |
473 | 0 | goto err; |
474 | 2.64k | alg->nid = nid; |
475 | 2.64k | if (!ossl_method_store_insert(sa, alg)) |
476 | 0 | goto err; |
477 | 2.64k | OSSL_TRACE2(QUERY, "Inserted an alg with nid %d into the stored algorithms %p\n", |
478 | 2.64k | nid, (void *)sa); |
479 | 2.64k | } |
480 | | |
481 | | /* Push onto stack if there isn't one there already */ |
482 | 2.64k | for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) { |
483 | 0 | const IMPLEMENTATION *tmpimpl = sk_IMPLEMENTATION_value(alg->impls, i); |
484 | |
|
485 | 0 | if (tmpimpl->provider == impl->provider |
486 | 0 | && tmpimpl->properties == impl->properties) |
487 | 0 | break; |
488 | 0 | } |
489 | | |
490 | 2.64k | if (i == sk_IMPLEMENTATION_num(alg->impls) |
491 | 2.64k | && sk_IMPLEMENTATION_push(alg->impls, impl)) { |
492 | 2.64k | ret = 1; |
493 | 2.64k | #ifndef FIPS_MODULE |
494 | 2.64k | OSSL_TRACE_BEGIN(QUERY) |
495 | 0 | { |
496 | 0 | BIO_printf(trc_out, "Adding to method store " |
497 | 0 | "nid: %d\nproperties: %s\nprovider: %s\n", |
498 | 0 | nid, properties, |
499 | 0 | ossl_provider_name(prov) == NULL ? "none" : ossl_provider_name(prov)); |
500 | 0 | } |
501 | 2.64k | OSSL_TRACE_END(QUERY); |
502 | 2.64k | #endif |
503 | 2.64k | } |
504 | 2.64k | ossl_property_unlock(sa); |
505 | 2.64k | if (ret == 0) |
506 | 0 | impl_free(impl); |
507 | 2.64k | return ret; |
508 | | |
509 | 0 | err: |
510 | 0 | ossl_property_unlock(sa); |
511 | 0 | alg_cleanup(0, alg, NULL); |
512 | 0 | impl_free(impl); |
513 | 0 | return 0; |
514 | 2.64k | } |
515 | | |
516 | | int ossl_method_store_remove(OSSL_METHOD_STORE *store, int nid, |
517 | | const void *method) |
518 | 0 | { |
519 | 0 | ALGORITHM *alg = NULL; |
520 | 0 | STORED_ALGORITHMS *sa; |
521 | 0 | int i; |
522 | |
|
523 | 0 | if (nid <= 0 || method == NULL || store == NULL) |
524 | 0 | return 0; |
525 | | |
526 | 0 | sa = stored_algs_shard(store, nid); |
527 | 0 | if (!ossl_property_write_lock(sa)) |
528 | 0 | return 0; |
529 | 0 | ossl_method_cache_flush(sa, nid); |
530 | 0 | ossl_method_store_atomic_clean_archive(sa); |
531 | 0 | alg = ossl_method_store_retrieve(sa, nid); |
532 | 0 | if (alg == NULL) { |
533 | 0 | ossl_property_unlock(sa); |
534 | 0 | return 0; |
535 | 0 | } |
536 | | |
537 | | /* |
538 | | * A sorting find then a delete could be faster but these stacks should be |
539 | | * relatively small, so we avoid the overhead. Sorting could also surprise |
540 | | * users when result orderings change (even though they are not guaranteed). |
541 | | */ |
542 | 0 | for (i = 0; i < sk_IMPLEMENTATION_num(alg->impls); i++) { |
543 | 0 | IMPLEMENTATION *impl = sk_IMPLEMENTATION_value(alg->impls, i); |
544 | |
|
545 | 0 | if (impl->method.method == method) { |
546 | 0 | impl_free(impl); |
547 | 0 | (void)sk_IMPLEMENTATION_delete(alg->impls, i); |
548 | 0 | ossl_property_unlock(sa); |
549 | 0 | return 1; |
550 | 0 | } |
551 | 0 | } |
552 | 0 | ossl_property_unlock(sa); |
553 | 0 | return 0; |
554 | 0 | } |
555 | | |
556 | | struct alg_cleanup_by_provider_data_st { |
557 | | STORED_ALGORITHMS *sa; |
558 | | const OSSL_PROVIDER *prov; |
559 | | }; |
560 | | |
561 | | /** |
562 | | * @brief Cleans up implementations of an algorithm associated with a provider. |
563 | | * |
564 | | * This function removes all implementations of a specified algorithm that are |
565 | | * associated with a given provider. The function walks through the stack of |
566 | | * implementations backwards to handle deletions without affecting indexing. |
567 | | * |
568 | | * @param idx Index of the algorithm (unused in this function). |
569 | | * @param alg Pointer to the ALGORITHM structure containing the implementations. |
570 | | * @param arg Pointer to the data containing the provider information. |
571 | | * |
572 | | * If tracing is enabled, messages are printed indicating the removal of each |
573 | | * implementation and its properties. If any implementation is removed, the |
574 | | * associated cache is flushed. |
575 | | */ |
576 | | static void |
577 | | alg_cleanup_by_provider(ossl_uintmax_t idx, ALGORITHM *alg, void *arg) |
578 | 0 | { |
579 | 0 | struct alg_cleanup_by_provider_data_st *data = arg; |
580 | 0 | int i, count; |
581 | | |
582 | | /* |
583 | | * We walk the stack backwards, to avoid having to deal with stack shifts |
584 | | * caused by deletion |
585 | | */ |
586 | 0 | for (count = 0, i = sk_IMPLEMENTATION_num(alg->impls); i-- > 0;) { |
587 | 0 | IMPLEMENTATION *impl = sk_IMPLEMENTATION_value(alg->impls, i); |
588 | |
|
589 | 0 | if (impl->provider == data->prov) { |
590 | 0 | #ifndef FIPS_MODULE |
591 | 0 | OSSL_TRACE_BEGIN(QUERY) |
592 | 0 | { |
593 | 0 | char buf[512]; |
594 | 0 | size_t size; |
595 | |
|
596 | 0 | size = ossl_property_list_to_string(NULL, impl->properties, buf, |
597 | 0 | sizeof(buf)); |
598 | 0 | BIO_printf(trc_out, "Removing implementation from " |
599 | 0 | "query cache\nproperties %s\nprovider %s\n", |
600 | 0 | size == 0 ? "none" : buf, |
601 | 0 | ossl_provider_name(impl->provider) == NULL ? "none" : ossl_provider_name(impl->provider)); |
602 | 0 | } |
603 | 0 | OSSL_TRACE_END(QUERY); |
604 | 0 | #endif |
605 | |
|
606 | 0 | (void)sk_IMPLEMENTATION_delete(alg->impls, i); |
607 | 0 | count++; |
608 | 0 | impl_free(impl); |
609 | 0 | } |
610 | 0 | } |
611 | | |
612 | | /* |
613 | | * If we removed any implementation, we also clear the whole associated |
614 | | * cache, 'cause that's the sensible thing to do. |
615 | | * There's no point flushing the cache entries where we didn't remove |
616 | | * any implementation, though. |
617 | | */ |
618 | 0 | if (count > 0) |
619 | 0 | ossl_method_cache_flush_alg(data->sa, alg); |
620 | 0 | } |
621 | | |
622 | | int ossl_method_store_remove_all_provided(OSSL_METHOD_STORE *store, |
623 | | const OSSL_PROVIDER *prov) |
624 | 0 | { |
625 | 0 | struct alg_cleanup_by_provider_data_st data; |
626 | |
|
627 | 0 | for (int k = 0; k < NUM_SHARDS; ++k) { |
628 | 0 | STORED_ALGORITHMS *sa = &store->algs[k]; |
629 | |
|
630 | 0 | if (!ossl_property_write_lock(sa)) |
631 | 0 | return 0; |
632 | 0 | data.prov = prov; |
633 | 0 | data.sa = sa; |
634 | 0 | ossl_sa_ALGORITHM_doall_arg(sa->algs, &alg_cleanup_by_provider, &data); |
635 | 0 | ossl_method_store_atomic_clean_archive(sa); |
636 | 0 | ossl_property_unlock(sa); |
637 | 0 | } |
638 | 0 | return 1; |
639 | 0 | } |
640 | | |
641 | | static void alg_do_one(ALGORITHM *alg, IMPLEMENTATION *impl, |
642 | | void (*fn)(int id, void *method, void *fnarg), |
643 | | void *fnarg) |
644 | 0 | { |
645 | 0 | fn(alg->nid, impl->method.method, fnarg); |
646 | 0 | } |
647 | | |
648 | | static void alg_copy(ossl_uintmax_t idx, ALGORITHM *alg, void *arg) |
649 | 0 | { |
650 | 0 | STACK_OF(ALGORITHM) *newalg = arg; |
651 | |
|
652 | 0 | alg = OPENSSL_memdup(alg, sizeof(ALGORITHM)); |
653 | 0 | if (alg == NULL) |
654 | 0 | return; |
655 | | |
656 | 0 | alg->impls = sk_IMPLEMENTATION_dup(alg->impls); |
657 | |
|
658 | 0 | (void)sk_ALGORITHM_push(newalg, alg); |
659 | 0 | } |
660 | | |
661 | | static void del_tmpalg(ALGORITHM *alg) |
662 | 0 | { |
663 | 0 | sk_IMPLEMENTATION_free(alg->impls); |
664 | 0 | OPENSSL_free(alg); |
665 | 0 | } |
666 | | |
667 | | void ossl_method_store_do_all(OSSL_METHOD_STORE *store, |
668 | | void (*fn)(int id, void *method, void *fnarg), |
669 | | void *fnarg) |
670 | 0 | { |
671 | 0 | int i, j; |
672 | 0 | int numalgs, numimps; |
673 | 0 | STACK_OF(ALGORITHM) *tmpalgs; |
674 | 0 | ALGORITHM *alg; |
675 | |
|
676 | 0 | if (store == NULL) |
677 | 0 | return; |
678 | | |
679 | 0 | for (int k = 0; k < NUM_SHARDS; ++k) { |
680 | 0 | STORED_ALGORITHMS *sa = &store->algs[k]; |
681 | |
|
682 | 0 | if (!ossl_property_read_lock(sa)) |
683 | 0 | return; |
684 | | |
685 | 0 | tmpalgs = sk_ALGORITHM_new_reserve(NULL, |
686 | 0 | (int)ossl_sa_ALGORITHM_num(sa->algs)); |
687 | 0 | if (tmpalgs == NULL) { |
688 | 0 | ossl_property_unlock(sa); |
689 | 0 | return; |
690 | 0 | } |
691 | | |
692 | 0 | ossl_sa_ALGORITHM_doall_arg(sa->algs, alg_copy, tmpalgs); |
693 | 0 | ossl_property_unlock(sa); |
694 | 0 | numalgs = sk_ALGORITHM_num(tmpalgs); |
695 | 0 | for (i = 0; i < numalgs; i++) { |
696 | 0 | alg = sk_ALGORITHM_value(tmpalgs, i); |
697 | 0 | numimps = sk_IMPLEMENTATION_num(alg->impls); |
698 | 0 | for (j = 0; j < numimps; j++) |
699 | 0 | alg_do_one(alg, sk_IMPLEMENTATION_value(alg->impls, j), fn, fnarg); |
700 | 0 | } |
701 | 0 | sk_ALGORITHM_pop_free(tmpalgs, del_tmpalg); |
702 | 0 | } |
703 | 0 | } |
704 | | |
705 | | /** |
706 | | * @brief Fetches a method from the method store matching the given properties. |
707 | | * |
708 | | * This function searches the method store for an implementation of a specified |
709 | | * method, identified by its id (nid), and matching the given property query. If |
710 | | * successful, it returns the method and its associated provider. |
711 | | * |
712 | | * @param store Pointer to the OSSL_METHOD_STORE from which to fetch the method. |
713 | | * Must be non-null. |
714 | | * @param nid (identifier) of the method to be fetched. Must be > 0 |
715 | | * @param prop_query String containing the property query to match against. |
716 | | * @param prov_rw Pointer to the OSSL_PROVIDER to restrict the search to, or |
717 | | * to receive the matched provider. |
718 | | * @param method Pointer to receive the fetched method. Must be non-null. |
719 | | * |
720 | | * @return 1 if the method is successfully fetched, 0 on failure. |
721 | | * |
722 | | * If tracing is enabled, a message is printed indicating the property query and |
723 | | * the resolved provider. |
724 | | * |
725 | | * NOTE: The nid parameter here is _not_ a NID in the sense of the NID_* macros. |
726 | | * It is a unique internal identifier value. |
727 | | */ |
728 | | int ossl_method_store_fetch(OSSL_METHOD_STORE *store, |
729 | | int nid, const char *prop_query, |
730 | | const OSSL_PROVIDER **prov_rw, void **method) |
731 | 85 | { |
732 | 85 | OSSL_PROPERTY_LIST **plp; |
733 | 85 | ALGORITHM *alg; |
734 | 85 | IMPLEMENTATION *impl, *best_impl = NULL; |
735 | 85 | OSSL_PROPERTY_LIST *pq = NULL, *p2 = NULL; |
736 | 85 | const OSSL_PROVIDER *prov = prov_rw != NULL ? *prov_rw : NULL; |
737 | 85 | int ret = 0; |
738 | 85 | int j, best = -1, score, optional; |
739 | 85 | STORED_ALGORITHMS *sa; |
740 | | |
741 | 85 | if (nid <= 0 || method == NULL || store == NULL) |
742 | 0 | return 0; |
743 | | |
744 | 85 | #if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_AUTOLOAD_CONFIG) |
745 | 85 | if (ossl_lib_ctx_is_default(store->ctx) |
746 | 85 | && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL)) |
747 | 0 | return 0; |
748 | 85 | #endif |
749 | | |
750 | 85 | sa = stored_algs_shard(store, nid); |
751 | | |
752 | | /* This only needs to be a read lock, because the query won't create anything */ |
753 | 85 | if (!ossl_property_read_lock(sa)) |
754 | 0 | return 0; |
755 | | |
756 | 85 | OSSL_TRACE2(QUERY, "Retrieving by nid %d from stored algorithms %p\n", |
757 | 85 | nid, (void *)sa); |
758 | 85 | alg = ossl_method_store_retrieve(sa, nid); |
759 | 85 | if (alg == NULL) { |
760 | 0 | ossl_property_unlock(sa); |
761 | 0 | OSSL_TRACE2(QUERY, "Failed to retrieve by nid %d from stored algorithms %p\n", |
762 | 0 | nid, (void *)sa); |
763 | 0 | return 0; |
764 | 0 | } |
765 | 85 | OSSL_TRACE2(QUERY, "Retrieved by nid %d from stored algorithms %p\n", |
766 | 85 | nid, (void *)sa); |
767 | | |
768 | | /* |
769 | | * If a property query string is provided, convert it to an |
770 | | * OSSL_PROPERTY_LIST structure |
771 | | */ |
772 | 85 | if (prop_query != NULL) |
773 | 85 | p2 = pq = ossl_parse_query(store->ctx, prop_query, 0); |
774 | | |
775 | | /* |
776 | | * If the library context has default properties specified |
777 | | * then merge those with the properties passed to this function |
778 | | */ |
779 | 85 | plp = ossl_ctx_global_properties(store->ctx, 0); |
780 | 85 | if (plp != NULL && *plp != NULL) { |
781 | 0 | if (pq == NULL) { |
782 | 0 | pq = *plp; |
783 | 0 | } else { |
784 | 0 | p2 = ossl_property_merge(pq, *plp); |
785 | 0 | ossl_property_free(pq); |
786 | 0 | if (p2 == NULL) |
787 | 0 | goto fin; |
788 | 0 | pq = p2; |
789 | 0 | } |
790 | 0 | } |
791 | | |
792 | | /* |
793 | | * Search for a provider that provides this implementation. |
794 | | * If the requested provider is NULL, then any provider will do, |
795 | | * otherwise we should try to find the one that matches the requested |
796 | | * provider. Note that providers are given implicit preference via the |
797 | | * ordering of the implementation stack |
798 | | */ |
799 | 85 | if (pq == NULL) { |
800 | 0 | for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) { |
801 | 0 | impl = sk_IMPLEMENTATION_value(alg->impls, j); |
802 | 0 | if (impl != NULL |
803 | 0 | && (prov == NULL || impl->provider == prov)) { |
804 | 0 | best_impl = impl; |
805 | 0 | ret = 1; |
806 | 0 | break; |
807 | 0 | } |
808 | 0 | } |
809 | 0 | goto fin; |
810 | 0 | } |
811 | | |
812 | | /* |
813 | | * If there are optional properties specified |
814 | | * then run the search again, and select the provider that matches the |
815 | | * most options |
816 | | */ |
817 | 85 | optional = ossl_property_has_optional(pq); |
818 | 85 | for (j = 0; j < sk_IMPLEMENTATION_num(alg->impls); j++) { |
819 | 85 | impl = sk_IMPLEMENTATION_value(alg->impls, j); |
820 | 85 | if (impl != NULL |
821 | 85 | && (prov == NULL || impl->provider == prov)) { |
822 | 85 | score = ossl_property_match_count(pq, impl->properties); |
823 | 85 | if (score > best) { |
824 | 85 | best_impl = impl; |
825 | 85 | best = score; |
826 | 85 | ret = 1; |
827 | 85 | if (!optional) |
828 | 85 | goto fin; |
829 | 85 | } |
830 | 85 | } |
831 | 85 | } |
832 | 85 | fin: |
833 | 85 | if (ret && ossl_method_up_ref(&best_impl->method)) { |
834 | 85 | *method = best_impl->method.method; |
835 | 85 | if (prov_rw != NULL) |
836 | 85 | *prov_rw = best_impl->provider; |
837 | 85 | } else { |
838 | 0 | ret = 0; |
839 | 0 | } |
840 | | |
841 | 85 | #ifndef FIPS_MODULE |
842 | 85 | OSSL_TRACE_BEGIN(QUERY) |
843 | 0 | { |
844 | 0 | char buf[512]; |
845 | 0 | size_t size; |
846 | |
|
847 | 0 | size = ossl_property_list_to_string(NULL, pq, buf, 512); |
848 | 0 | BIO_printf(trc_out, "method store query with properties %s " |
849 | 0 | "resolves to provider %s\n", |
850 | 0 | size == 0 ? "none" : buf, |
851 | 0 | best_impl == NULL ? "none" : ossl_provider_name(best_impl->provider)); |
852 | 0 | } |
853 | 85 | OSSL_TRACE_END(QUERY); |
854 | 85 | #endif |
855 | | |
856 | 85 | ossl_property_unlock(sa); |
857 | 85 | ossl_property_free(p2); |
858 | 85 | return ret; |
859 | 85 | } |
860 | | |
861 | | static void ossl_method_cache_flush_alg(STORED_ALGORITHMS *sa, |
862 | | ALGORITHM *alg) |
863 | 0 | { |
864 | 0 | impl_cache_flush_alg(alg, sa); |
865 | 0 | } |
866 | | |
867 | | static void ossl_method_cache_flush(STORED_ALGORITHMS *sa, int nid) |
868 | 2.64k | { |
869 | 2.64k | ALGORITHM *alg = ossl_method_store_retrieve(sa, nid); |
870 | | |
871 | 2.64k | if (alg != NULL) |
872 | 0 | ossl_method_cache_flush_alg(sa, alg); |
873 | 2.64k | } |
874 | | |
875 | | static void ossl_cache_lists_flush(STORED_ALGORITHMS *sa) |
876 | 0 | { |
877 | 0 | int i; |
878 | 0 | QUERY *idx, *idxn; |
879 | |
|
880 | 0 | for (i = 0; i < MAX_CACHE_LINES; i++) { |
881 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[i], (void **)&idx, sa->alock)) |
882 | 0 | break; |
883 | 0 | while (idx != NULL) { |
884 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
885 | 0 | break; |
886 | 0 | ossl_method_store_atomic_archive(sa, idx); |
887 | 0 | idx = idxn; |
888 | 0 | } |
889 | 0 | } |
890 | 0 | } |
891 | | |
892 | | static void ossl_cache_lists_free(STORED_ALGORITHMS *sa) |
893 | 0 | { |
894 | 0 | int i; |
895 | 0 | QUERY *idx, *idxn; |
896 | |
|
897 | 0 | for (i = 0; i < MAX_CACHE_LINES; i++) { |
898 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[i], (void **)&idx, sa->alock)) |
899 | 0 | return; |
900 | 0 | while (idx != NULL) { |
901 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
902 | 0 | return; |
903 | 0 | impl_cache_free_unlinked(idx); |
904 | 0 | idx = idxn; |
905 | 0 | } |
906 | 0 | } |
907 | | |
908 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->archive, (void **)&idx, sa->alock)) |
909 | 0 | return; |
910 | 0 | while (idx != NULL) { |
911 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
912 | 0 | return; |
913 | 0 | impl_cache_free_unlinked(idx); |
914 | 0 | idx = idxn; |
915 | 0 | } |
916 | 0 | } |
917 | | |
918 | | int ossl_method_store_cache_flush_all(OSSL_METHOD_STORE *store) |
919 | 0 | { |
920 | 0 | for (int i = 0; i < NUM_SHARDS; ++i) { |
921 | 0 | STORED_ALGORITHMS *sa = &store->algs[i]; |
922 | |
|
923 | 0 | if (!ossl_property_write_lock(sa)) |
924 | 0 | return 0; |
925 | 0 | ossl_cache_lists_flush(sa); |
926 | 0 | ossl_method_store_atomic_clean_archive(sa); |
927 | 0 | ossl_property_unlock(sa); |
928 | 0 | } |
929 | | |
930 | 0 | return 1; |
931 | 0 | } |
932 | | |
933 | | static ossl_inline int ossl_method_store_cache_get_atomic(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, |
934 | | int nid, const char *prop_query, STORED_ALGORITHMS *sa, void **method) |
935 | 85.3k | { |
936 | 85.3k | QUERY *r = NULL; |
937 | 85.3k | int res = 0; |
938 | | |
939 | 85.3k | r = ossl_method_store_atomic_find_in_list(sa, nid, prov, prop_query); |
940 | | |
941 | 85.3k | if (r != NULL && ossl_method_up_ref(&r->method)) { |
942 | 85.2k | *method = r->method.method; |
943 | 85.2k | res = 1; |
944 | 85.2k | } |
945 | | |
946 | 85.3k | return res; |
947 | 85.3k | } |
948 | | |
949 | | int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, |
950 | | int nid, const char *prop_query, void **method) |
951 | 85.3k | { |
952 | 85.3k | int ret; |
953 | 85.3k | STORED_ALGORITHMS *sa; |
954 | | |
955 | 85.3k | if (nid <= 0 || store == NULL || prop_query == NULL) |
956 | 0 | return 0; |
957 | | |
958 | 85.3k | sa = stored_algs_shard(store, nid); |
959 | | |
960 | | /* |
961 | | * Do an atomic linked list walk to search for our entry |
962 | | */ |
963 | 85.3k | ret = ossl_method_store_cache_get_atomic(store, prov, nid, prop_query, sa, |
964 | 85.3k | method); |
965 | | |
966 | 85.3k | return ret; |
967 | 85.3k | } |
968 | | |
969 | | static int ossl_method_store_atomic_archive(STORED_ALGORITHMS *sa, QUERY *old) |
970 | 0 | { |
971 | 0 | if (!CRYPTO_atomic_store_int(&old->archived, 1, sa->alock)) |
972 | 0 | return 0; |
973 | 0 | return 1; |
974 | 0 | } |
975 | | |
976 | | static ossl_inline int ossl_method_store_put_in_archive(STORED_ALGORITHMS *sa, QUERY *old) |
977 | 0 | { |
978 | | /* |
979 | | * point the item we're removing's next pointer to the top of the archive list |
980 | | * Note: We're writing to the old->next here which is shared, so that's suspicious, but |
981 | | * because we've already removed old from the cache_list in ossl_method_store_clean_archive |
982 | | * this is safe for the following reasons: |
983 | | * 1) the clean path is done under a write lock, so sa->archive is guaranteed stable |
984 | | * 2) any concurrent reader (ie ossl_method_store_cache_set|get, if visiting the old node |
985 | | * while we're moving it, will either read the true next value (pointing to the next element |
986 | | * in the cache_list), or the one we write here (the next list in the archive) |
987 | | * |
988 | | * Reading the true next value is fine, as that's the normal traversal anyway. |
989 | | * Reading the next pointer as pointing into the archive list is not great, but in the worst |
990 | | * case this results in a transient failed cache lookup, which just means a temporary slow path |
991 | | * retrieval of an algorithm. |
992 | | */ |
993 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->archive, (void **)&old->next, sa->alock)) |
994 | 0 | return 0; |
995 | | /* |
996 | | * And update the head of the archive list to be our new entry |
997 | | */ |
998 | 0 | if (!CRYPTO_atomic_store_ptr((void **)&sa->archive, (void **)&old, sa->alock)) |
999 | 0 | return 0; |
1000 | 0 | return 1; |
1001 | 0 | } |
1002 | | |
1003 | | /* |
1004 | | * Migrate archived items to the archive list. Must be done with the property write |
1005 | | * lock held |
1006 | | */ |
1007 | | static void ossl_method_store_atomic_clean_archive(STORED_ALGORITHMS *sa) |
1008 | 0 | { |
1009 | 0 | QUERY *idx, *idxn, *tmp; |
1010 | 0 | int archived; |
1011 | 0 | int i; |
1012 | 0 | int lock_failed; |
1013 | | |
1014 | | /* |
1015 | | * For each of our linked lists |
1016 | | */ |
1017 | 0 | for (i = 0; i < MAX_CACHE_LINES; i++) { |
1018 | 0 | restart_list: |
1019 | | /* |
1020 | | * Get the head of the list |
1021 | | */ |
1022 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[i], (void **)&idx, sa->alock)) |
1023 | 0 | continue; |
1024 | | /* |
1025 | | * If its NULL, the list is currently empty, move on to the next one |
1026 | | */ |
1027 | 0 | if (idx == NULL) |
1028 | 0 | continue; |
1029 | | /* |
1030 | | * Get its archived value |
1031 | | */ |
1032 | 0 | if (!CRYPTO_atomic_load_int(&idx->archived, &archived, sa->alock)) |
1033 | 0 | continue; |
1034 | | /* |
1035 | | * Also fetch its next pointer to idxn |
1036 | | */ |
1037 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
1038 | 0 | continue; |
1039 | | /* |
1040 | | * If its been archived, we want to move it to the archive list |
1041 | | */ |
1042 | 0 | if (archived == 1) { |
1043 | | /* |
1044 | | * We know this is the current list head we're working with |
1045 | | * so store the next pointer to be the new list head |
1046 | | */ |
1047 | 0 | if (!CRYPTO_atomic_cmp_exch_ptr((void **)&sa->cache_lists[i], (void **)&idx, idxn, sa->alock, |
1048 | 0 | &lock_failed)) { |
1049 | 0 | if (lock_failed) |
1050 | 0 | continue; |
1051 | 0 | else |
1052 | 0 | goto restart_list; |
1053 | 0 | } |
1054 | | |
1055 | 0 | if (!ossl_method_store_put_in_archive(sa, idx)) |
1056 | 0 | continue; |
1057 | 0 | goto restart_list; |
1058 | 0 | } |
1059 | | |
1060 | | /* |
1061 | | * At this point our state is: |
1062 | | * idx - points to an element in cache_lists[i] |
1063 | | * idxn points to the next entry (i.e. idx->next) |
1064 | | */ |
1065 | 0 | while (idx != NULL) { |
1066 | | /* |
1067 | | * We know idx isn't archived, so we start looking at idxn |
1068 | | */ |
1069 | 0 | if (idxn != NULL) { |
1070 | | /* |
1071 | | * if its not NULL, see if its archived |
1072 | | */ |
1073 | 0 | if (!CRYPTO_atomic_load_int(&idxn->archived, &archived, sa->alock)) |
1074 | 0 | break; |
1075 | | /* |
1076 | | * If it is, remove it |
1077 | | */ |
1078 | 0 | if (archived == 1) { |
1079 | | /* |
1080 | | * Start by making idx skip idxn in the list |
1081 | | * First load the expected next value of idx->next |
1082 | | */ |
1083 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&tmp, sa->alock)) |
1084 | 0 | break; |
1085 | | |
1086 | | /* |
1087 | | * Now compare the value of idx->next to what we just loaded to tmp above |
1088 | | * if they match, we can safely update idx->next to skip the idxn entry |
1089 | | * by pointing idx->next to idxn->next. |
1090 | | * If the comparison fails, then we need to start the list traversal over again. |
1091 | | * Note: This should never happen, as once an item is in the list, this is the |
1092 | | * only path in which an in-list item has its next pointer mutated, and this |
1093 | | * occurs under a write lock, but we should be safe here |
1094 | | */ |
1095 | 0 | if (!CRYPTO_atomic_cmp_exch_ptr((void **)&idx->next, |
1096 | 0 | (void **)&tmp, (void *)idxn->next, |
1097 | 0 | sa->alock, &lock_failed)) { |
1098 | 0 | if (lock_failed) |
1099 | 0 | break; |
1100 | | /* |
1101 | | * The list was mutated while we were trying to mutate it |
1102 | | * Normally we would just use the reloaded value of tmp here to re-attempt |
1103 | | * the removal, but since idx was changed underneath us, we don't know where |
1104 | | * we are in the list anymore. Its safer to just restart the whole traversal |
1105 | | */ |
1106 | 0 | goto restart_list; |
1107 | 0 | } |
1108 | | |
1109 | 0 | if (!ossl_method_store_put_in_archive(sa, idxn)) |
1110 | 0 | break; |
1111 | | |
1112 | | /* |
1113 | | * Idx just got a new next pointer above, so just update idxn, so we are sure that idx |
1114 | | * still isn't archived |
1115 | | */ |
1116 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
1117 | 0 | break; |
1118 | 0 | } else { |
1119 | | /* |
1120 | | * idxn wasn't archived, so we need to advance both pointers here |
1121 | | */ |
1122 | 0 | idx = idxn; |
1123 | 0 | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idxn, sa->alock)) |
1124 | 0 | break; |
1125 | 0 | } |
1126 | 0 | } else { |
1127 | | /* |
1128 | | * idxn is NULL, that means we're at the end of the list. |
1129 | | * Just advance idx to idxn and the loop will break on the next iteration |
1130 | | */ |
1131 | 0 | idx = idxn; |
1132 | 0 | } |
1133 | 0 | } |
1134 | 0 | } |
1135 | 0 | } |
1136 | | |
1137 | | static QUERY *ossl_method_store_atomic_find_in_list(STORED_ALGORITHMS *sa, int nid, |
1138 | | OSSL_PROVIDER *prov, const char *prop_query) |
1139 | 85.4k | { |
1140 | 85.4k | int nididx = (nid >> NUM_SHARDS_BITS) & (MAX_CACHE_LINES - 1); |
1141 | 85.4k | int archived; |
1142 | 85.4k | QUERY *idx; |
1143 | 85.4k | QUERY *ret = NULL; |
1144 | | |
1145 | 85.4k | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[nididx], (void **)&idx, sa->alock)) |
1146 | 0 | goto out; |
1147 | | |
1148 | 109k | while (idx != NULL) { |
1149 | 108k | if (!CRYPTO_atomic_load_int(&idx->archived, &archived, sa->alock)) |
1150 | 0 | goto out; |
1151 | 108k | if (archived == 0 && idx->nid == nid && idx->prov == prov |
1152 | 85.2k | && (strcmp(idx->prop_query, prop_query) == 0)) { |
1153 | 85.2k | ret = idx; |
1154 | 85.2k | break; |
1155 | 85.2k | } |
1156 | 23.5k | if (!CRYPTO_atomic_load_ptr((void **)&idx->next, (void **)&idx, sa->alock)) |
1157 | 0 | goto out; |
1158 | 23.5k | } |
1159 | 85.4k | out: |
1160 | 85.4k | return ret; |
1161 | 85.4k | } |
1162 | | |
1163 | | static int ossl_method_store_atomic_insert_to_list(STORED_ALGORITHMS *sa, QUERY *new) |
1164 | 170 | { |
1165 | 170 | int nid = (new->nid >> NUM_SHARDS_BITS) & (MAX_CACHE_LINES - 1); |
1166 | 170 | QUERY *headptr; |
1167 | 170 | int ret = 0; |
1168 | 170 | int lock_failed; |
1169 | | |
1170 | 170 | if (!CRYPTO_atomic_load_ptr((void **)&sa->cache_lists[nid], (void **)&headptr, sa->alock)) |
1171 | 0 | goto out; |
1172 | 170 | try_again: |
1173 | 170 | if (!CRYPTO_atomic_store_ptr((void **)&new->next, (void **)&headptr, sa->alock)) |
1174 | 0 | goto out; |
1175 | 170 | if (!CRYPTO_atomic_cmp_exch_ptr((void **)&sa->cache_lists[nid], (void **)&headptr, new, sa->alock, |
1176 | 170 | &lock_failed)) { |
1177 | 0 | if (lock_failed == 1) |
1178 | 0 | goto out; |
1179 | 0 | goto try_again; |
1180 | 0 | } |
1181 | 170 | ret = 1; |
1182 | 170 | out: |
1183 | 170 | return ret; |
1184 | 170 | } |
1185 | | |
1186 | | static ossl_inline int ossl_method_store_cache_set_atomic(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, |
1187 | | int nid, const char *prop_query, STORED_ALGORITHMS *sa, void *method, |
1188 | | int (*method_up_ref)(void *), |
1189 | | void (*method_destruct)(void *)) |
1190 | 85 | { |
1191 | 85 | QUERY *p = NULL; |
1192 | 85 | int res = 1; |
1193 | 85 | int skip_providerless = 0; |
1194 | | |
1195 | 85 | if (method == NULL) { |
1196 | 0 | p = ossl_method_store_atomic_find_in_list(sa, nid, prov, prop_query); |
1197 | 0 | if (p != NULL) |
1198 | 0 | ossl_method_store_atomic_archive(sa, p); |
1199 | 0 | goto end; |
1200 | 0 | } |
1201 | | |
1202 | 85 | p = ossl_method_store_atomic_find_in_list(sa, nid, prov, prop_query); |
1203 | 85 | if (p != NULL) { |
1204 | 0 | ossl_method_store_atomic_archive(sa, p); |
1205 | 0 | p = ossl_method_store_atomic_find_in_list(sa, nid, NULL, prop_query); |
1206 | | /* |
1207 | | * Note: We want to preserve previous behavior here. Namely, if we load multiple |
1208 | | * providers we don't want to change the algorithm implementation we return if we've |
1209 | | * already potentially returned one from another provider. So if an alg exists for |
1210 | | * a given nid/prop query with a NULL provider, don't replace the one we have. |
1211 | | * Instead, let the oldest one win |
1212 | | */ |
1213 | 0 | if (p != NULL) |
1214 | 0 | skip_providerless = 1; |
1215 | 0 | } |
1216 | 85 | p = QUERY_new(strlen(prop_query)); |
1217 | 85 | if (p != NULL) { |
1218 | 85 | TSAN_BENIGN(p, "Unpublished value is safe on subsequent read"); |
1219 | 85 | p->saptr = sa; |
1220 | 85 | p->nid = nid; |
1221 | 85 | p->prov = prov; |
1222 | 85 | p->archived = 0; |
1223 | 85 | strcpy(p->prop_query, prop_query); |
1224 | 85 | p->method.method = method; |
1225 | 85 | p->method.up_ref = method_up_ref; |
1226 | 85 | p->method.free = method_destruct; |
1227 | 85 | if (!ossl_method_up_ref(&p->method)) |
1228 | 0 | goto err; |
1229 | | |
1230 | 85 | if (!ossl_method_store_atomic_insert_to_list(sa, p)) { |
1231 | 0 | ossl_method_free(&p->method); |
1232 | 0 | goto err; |
1233 | 0 | } |
1234 | | |
1235 | 85 | if (skip_providerless == 0) { |
1236 | | /* |
1237 | | * We also want to add this method into the cache against a key computed _only_ |
1238 | | * from nid and property query. This lets us match in the event someone does a lookup |
1239 | | * against a NULL provider (i.e. the "any provided alg will do" match |
1240 | | */ |
1241 | 85 | p = QUERY_new(strlen(prop_query)); |
1242 | 85 | if (p == NULL) |
1243 | 0 | goto err; |
1244 | 85 | TSAN_BENIGN(p, "Unpublished value is safe on subsequent read"); |
1245 | 85 | p->saptr = sa; |
1246 | 85 | p->nid = nid; |
1247 | 85 | p->prov = NULL; |
1248 | 85 | p->archived = 0; |
1249 | 85 | strcpy(p->prop_query, prop_query); |
1250 | 85 | p->method.method = method; |
1251 | 85 | p->method.up_ref = method_up_ref; |
1252 | 85 | p->method.free = method_destruct; |
1253 | 85 | if (!ossl_method_up_ref(&p->method)) |
1254 | 0 | goto err; |
1255 | 85 | if (!ossl_method_store_atomic_insert_to_list(sa, p)) { |
1256 | 0 | ossl_method_free(&p->method); |
1257 | 0 | goto err; |
1258 | 0 | } |
1259 | 85 | } |
1260 | 85 | goto end; |
1261 | 85 | } |
1262 | 0 | err: |
1263 | 0 | res = 0; |
1264 | 0 | QUERY_free(p); |
1265 | 85 | end: |
1266 | 85 | return res; |
1267 | 0 | } |
1268 | | |
1269 | | int ossl_method_store_cache_set(OSSL_METHOD_STORE *store, OSSL_PROVIDER *prov, |
1270 | | int nid, const char *prop_query, void *method, |
1271 | | int (*method_up_ref)(void *), |
1272 | | void (*method_destruct)(void *)) |
1273 | 85 | { |
1274 | 85 | STORED_ALGORITHMS *sa; |
1275 | 85 | int res = 1; |
1276 | | |
1277 | 85 | if (nid <= 0 || store == NULL || prop_query == NULL) |
1278 | 0 | return 0; |
1279 | | |
1280 | 85 | if (!ossl_assert(prov != NULL)) |
1281 | 0 | return 0; |
1282 | | |
1283 | 85 | sa = stored_algs_shard(store, nid); |
1284 | | |
1285 | | /* |
1286 | | * Do an atomic insert into the appropriate cache linked list |
1287 | | */ |
1288 | 85 | res = ossl_method_store_cache_set_atomic(store, prov, nid, prop_query, sa, method, |
1289 | 85 | method_up_ref, method_destruct); |
1290 | | |
1291 | 85 | return res; |
1292 | 85 | } |