Print this page
4912 soft_giant_mutex in pkcs11_softtoken stays held after fork
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c
+++ new/usr/src/lib/pkcs11/pkcs11_softtoken/common/softGeneral.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 + *
25 + * Copyright 2014, OmniTI Computer Consulting, Inc. All rights reserved.
24 26 */
25 27
26 28 #include <strings.h>
27 29 #include <errno.h>
28 30 #include <cryptoutil.h>
29 31 #include <unistd.h> /* for pid_t */
30 32 #include <pthread.h>
31 33 #include <security/cryptoki.h>
32 34 #include "softGlobal.h"
33 35 #include "softSession.h"
34 36 #include "softObject.h"
35 37 #include "softKeystore.h"
36 38 #include "softKeystoreUtil.h"
37 39
38 40 #pragma init(softtoken_init)
39 41 #pragma fini(softtoken_fini)
40 42
41 43 extern soft_session_t token_session; /* for fork handler */
42 44
43 45 static struct CK_FUNCTION_LIST functionList = {
44 46 { 2, 20 }, /* version */
45 47 C_Initialize,
46 48 C_Finalize,
47 49 C_GetInfo,
48 50 C_GetFunctionList,
49 51 C_GetSlotList,
50 52 C_GetSlotInfo,
51 53 C_GetTokenInfo,
52 54 C_GetMechanismList,
53 55 C_GetMechanismInfo,
54 56 C_InitToken,
55 57 C_InitPIN,
56 58 C_SetPIN,
57 59 C_OpenSession,
58 60 C_CloseSession,
59 61 C_CloseAllSessions,
60 62 C_GetSessionInfo,
61 63 C_GetOperationState,
62 64 C_SetOperationState,
63 65 C_Login,
64 66 C_Logout,
65 67 C_CreateObject,
66 68 C_CopyObject,
67 69 C_DestroyObject,
68 70 C_GetObjectSize,
69 71 C_GetAttributeValue,
70 72 C_SetAttributeValue,
71 73 C_FindObjectsInit,
72 74 C_FindObjects,
73 75 C_FindObjectsFinal,
74 76 C_EncryptInit,
75 77 C_Encrypt,
76 78 C_EncryptUpdate,
77 79 C_EncryptFinal,
78 80 C_DecryptInit,
79 81 C_Decrypt,
80 82 C_DecryptUpdate,
81 83 C_DecryptFinal,
82 84 C_DigestInit,
83 85 C_Digest,
84 86 C_DigestUpdate,
85 87 C_DigestKey,
86 88 C_DigestFinal,
87 89 C_SignInit,
88 90 C_Sign,
89 91 C_SignUpdate,
90 92 C_SignFinal,
91 93 C_SignRecoverInit,
92 94 C_SignRecover,
93 95 C_VerifyInit,
94 96 C_Verify,
95 97 C_VerifyUpdate,
96 98 C_VerifyFinal,
97 99 C_VerifyRecoverInit,
98 100 C_VerifyRecover,
99 101 C_DigestEncryptUpdate,
100 102 C_DecryptDigestUpdate,
101 103 C_SignEncryptUpdate,
102 104 C_DecryptVerifyUpdate,
103 105 C_GenerateKey,
104 106 C_GenerateKeyPair,
105 107 C_WrapKey,
106 108 C_UnwrapKey,
107 109 C_DeriveKey,
108 110 C_SeedRandom,
109 111 C_GenerateRandom,
110 112 C_GetFunctionStatus,
111 113 C_CancelFunction,
112 114 C_WaitForSlotEvent
113 115 };
114 116
115 117 boolean_t softtoken_initialized = B_FALSE;
116 118
117 119 static pid_t softtoken_pid = 0;
118 120
119 121 /* This mutex protects soft_session_list, all_sessions_closing */
120 122 pthread_mutex_t soft_sessionlist_mutex;
|
↓ open down ↓ |
87 lines elided |
↑ open up ↑ |
121 123 soft_session_t *soft_session_list = NULL;
122 124
123 125 int all_sessions_closing = 0;
124 126
125 127 slot_t soft_slot;
126 128 obj_to_be_freed_list_t obj_delay_freed;
127 129 ses_to_be_freed_list_t ses_delay_freed;
128 130
129 131 /* protects softtoken_initialized and access to C_Initialize/C_Finalize */
130 132 pthread_mutex_t soft_giant_mutex = PTHREAD_MUTEX_INITIALIZER;
133 +/*
134 + * ONLY SET TO TRUE BY softtoken_fork_prepare().
135 + * ONLY SET TO FALSE BY softtoken_fork_after().
136 + */
137 +boolean_t fork_prepared = B_FALSE;
131 138
132 139 static CK_RV finalize_common(boolean_t force, CK_VOID_PTR pReserved);
133 140 static void softtoken_init();
134 141 static void softtoken_fini();
135 142 static void softtoken_fork_prepare();
136 143 static void softtoken_fork_after();
144 +static void softtoken_fork_after_droplocks(void);
137 145
138 146 CK_RV
139 147 C_Initialize(CK_VOID_PTR pInitArgs)
140 148 {
141 149
142 150 int initialize_pid;
143 151 boolean_t supplied_ok;
144 152 CK_RV rv;
145 153
146 154 /*
147 155 * Get lock to insure only one thread enters this
148 156 * function at a time.
149 157 */
150 158 (void) pthread_mutex_lock(&soft_giant_mutex);
151 159
152 160 initialize_pid = getpid();
153 161
154 162 if (softtoken_initialized) {
155 163 if (initialize_pid == softtoken_pid) {
156 164 /*
157 165 * This process has called C_Initialize already
158 166 */
159 167 (void) pthread_mutex_unlock(&soft_giant_mutex);
160 168 return (CKR_CRYPTOKI_ALREADY_INITIALIZED);
161 169 } else {
162 170 /*
163 171 * A fork has happened and the child is
164 172 * reinitializing. Do a finalize_common to close
165 173 * out any state from the parent, and then
166 174 * continue on.
167 175 */
168 176 (void) finalize_common(B_TRUE, NULL);
169 177 }
170 178 }
171 179
172 180 if (pInitArgs != NULL) {
173 181 CK_C_INITIALIZE_ARGS *initargs1 =
174 182 (CK_C_INITIALIZE_ARGS *) pInitArgs;
175 183
176 184 /* pReserved must be NULL */
177 185 if (initargs1->pReserved != NULL) {
178 186 (void) pthread_mutex_unlock(&soft_giant_mutex);
179 187 return (CKR_ARGUMENTS_BAD);
180 188 }
181 189
182 190 /*
183 191 * ALL supplied function pointers need to have the value
184 192 * either NULL or non-NULL.
185 193 */
186 194 supplied_ok = (initargs1->CreateMutex == NULL &&
187 195 initargs1->DestroyMutex == NULL &&
188 196 initargs1->LockMutex == NULL &&
189 197 initargs1->UnlockMutex == NULL) ||
190 198 (initargs1->CreateMutex != NULL &&
191 199 initargs1->DestroyMutex != NULL &&
192 200 initargs1->LockMutex != NULL &&
193 201 initargs1->UnlockMutex != NULL);
194 202
195 203 if (!supplied_ok) {
196 204 (void) pthread_mutex_unlock(&soft_giant_mutex);
197 205 return (CKR_ARGUMENTS_BAD);
198 206 }
199 207
200 208 /*
201 209 * When the CKF_OS_LOCKING_OK flag isn't set and mutex
202 210 * function pointers are supplied by an application,
203 211 * return an error. We must be able to use our own primitives.
204 212 */
205 213 if (!(initargs1->flags & CKF_OS_LOCKING_OK) &&
206 214 (initargs1->CreateMutex != NULL)) {
207 215 (void) pthread_mutex_unlock(&soft_giant_mutex);
208 216 return (CKR_CANT_LOCK);
209 217 }
210 218 }
211 219
212 220 /* Initialize the session list lock */
213 221 if (pthread_mutex_init(&soft_sessionlist_mutex, NULL) != 0) {
214 222 (void) pthread_mutex_unlock(&soft_giant_mutex);
215 223 return (CKR_CANT_LOCK);
216 224 }
217 225
218 226 /*
219 227 * token object related initialization
220 228 */
221 229 soft_slot.authenticated = 0;
222 230 soft_slot.userpin_change_needed = 0;
223 231 soft_slot.token_object_list = NULL;
224 232 soft_slot.keystore_load_status = KEYSTORE_UNINITIALIZED;
225 233
226 234 if ((rv = soft_init_token_session()) != CKR_OK) {
227 235 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
228 236 (void) pthread_mutex_unlock(&soft_giant_mutex);
229 237 return (rv);
230 238 }
231 239
232 240 /* Initialize the slot lock */
233 241 if (pthread_mutex_init(&soft_slot.slot_mutex, NULL) != 0) {
234 242 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
235 243 (void) soft_destroy_token_session();
236 244 (void) pthread_mutex_unlock(&soft_giant_mutex);
237 245 return (CKR_CANT_LOCK);
238 246 }
239 247
240 248 /* Initialize the keystore lock */
241 249 if (pthread_mutex_init(&soft_slot.keystore_mutex, NULL) != 0) {
242 250 (void) pthread_mutex_destroy(&soft_slot.slot_mutex);
243 251 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
244 252 (void) soft_destroy_token_session();
245 253 (void) pthread_mutex_unlock(&soft_giant_mutex);
246 254 return (CKR_CANT_LOCK);
247 255 }
248 256
249 257 /* Initialize the object_to_be_freed list */
250 258 if (pthread_mutex_init(&obj_delay_freed.obj_to_be_free_mutex, NULL)
251 259 != 0) {
252 260 (void) pthread_mutex_destroy(&soft_slot.keystore_mutex);
253 261 (void) pthread_mutex_destroy(&soft_slot.slot_mutex);
254 262 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
255 263 (void) soft_destroy_token_session();
256 264 (void) pthread_mutex_unlock(&soft_giant_mutex);
257 265 return (CKR_CANT_LOCK);
258 266 }
259 267 obj_delay_freed.count = 0;
260 268 obj_delay_freed.first = NULL;
261 269 obj_delay_freed.last = NULL;
262 270
263 271 if (pthread_mutex_init(&ses_delay_freed.ses_to_be_free_mutex, NULL)
264 272 != 0) {
265 273 (void) pthread_mutex_destroy(
266 274 &obj_delay_freed.obj_to_be_free_mutex);
267 275 (void) pthread_mutex_destroy(&soft_slot.keystore_mutex);
268 276 (void) pthread_mutex_destroy(&soft_slot.slot_mutex);
269 277 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
270 278 (void) soft_destroy_token_session();
271 279 (void) pthread_mutex_unlock(&soft_giant_mutex);
272 280 return (CKR_CANT_LOCK);
273 281 }
274 282 ses_delay_freed.count = 0;
275 283 ses_delay_freed.first = NULL;
276 284 ses_delay_freed.last = NULL;
277 285
278 286 if (rv != CKR_OK) {
279 287 (void) pthread_mutex_destroy(
280 288 &ses_delay_freed.ses_to_be_free_mutex);
281 289 (void) pthread_mutex_destroy(
282 290 &obj_delay_freed.obj_to_be_free_mutex);
283 291 (void) pthread_mutex_destroy(&soft_slot.keystore_mutex);
284 292 (void) pthread_mutex_destroy(&soft_slot.slot_mutex);
285 293 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
286 294 (void) soft_destroy_token_session();
287 295 (void) pthread_mutex_unlock(&soft_giant_mutex);
288 296 return (CKR_FUNCTION_FAILED);
289 297 }
290 298
291 299 softtoken_pid = initialize_pid;
292 300 softtoken_initialized = B_TRUE;
293 301 (void) pthread_mutex_unlock(&soft_giant_mutex);
294 302
295 303 return (CKR_OK);
296 304 }
297 305
298 306 /*
299 307 * C_Finalize is a wrapper around finalize_common. The
300 308 * soft_giant_mutex should be locked by C_Finalize().
301 309 */
302 310 CK_RV
303 311 C_Finalize(CK_VOID_PTR pReserved)
304 312 {
305 313
306 314 CK_RV rv;
307 315
308 316 (void) pthread_mutex_lock(&soft_giant_mutex);
309 317
310 318 rv = finalize_common(B_FALSE, pReserved);
311 319
312 320 (void) pthread_mutex_unlock(&soft_giant_mutex);
313 321
314 322 return (rv);
315 323
316 324 }
317 325
318 326 /*
319 327 * finalize_common() does the work for C_Finalize. soft_giant_mutex
320 328 * must be held before calling this function.
321 329 */
322 330 static CK_RV
323 331 finalize_common(boolean_t force, CK_VOID_PTR pReserved) {
324 332
325 333 CK_RV rv = CKR_OK;
326 334 struct object *delay_free_obj, *tmpo;
327 335 struct session *delay_free_ses, *tmps;
328 336
329 337 if (!softtoken_initialized) {
330 338 return (CKR_CRYPTOKI_NOT_INITIALIZED);
331 339 }
332 340
333 341 /* Check to see if pReseved is NULL */
334 342 if (pReserved != NULL) {
335 343 return (CKR_ARGUMENTS_BAD);
336 344 }
337 345
338 346 (void) pthread_mutex_lock(&soft_sessionlist_mutex);
339 347 /*
340 348 * Set all_sessions_closing flag so any access to any
341 349 * existing sessions will be rejected.
342 350 */
343 351 all_sessions_closing = 1;
344 352 (void) pthread_mutex_unlock(&soft_sessionlist_mutex);
345 353
346 354 /* Delete all the sessions and release the allocated resources */
347 355 rv = soft_delete_all_sessions(force);
348 356
349 357 (void) pthread_mutex_lock(&soft_sessionlist_mutex);
350 358 /* Reset all_sessions_closing flag. */
351 359 all_sessions_closing = 0;
352 360 (void) pthread_mutex_unlock(&soft_sessionlist_mutex);
353 361
354 362 softtoken_initialized = B_FALSE;
355 363 softtoken_pid = 0;
356 364
357 365 pkcs11_close_urandom();
358 366 pkcs11_close_urandom_seed();
359 367 pkcs11_close_random();
360 368
361 369 /* Destroy the session list lock here */
362 370 (void) pthread_mutex_destroy(&soft_sessionlist_mutex);
363 371
364 372 /*
365 373 * Destroy token object related stuffs
366 374 * 1. Clean up the token object list
367 375 * 2. Destroy slot mutex
368 376 * 3. Destroy mutex in token_session
369 377 */
370 378 soft_delete_all_in_core_token_objects(ALL_TOKEN);
371 379 (void) pthread_mutex_destroy(&soft_slot.slot_mutex);
372 380 (void) pthread_mutex_destroy(&soft_slot.keystore_mutex);
373 381 (void) soft_destroy_token_session();
374 382
375 383 /*
376 384 * free all entries in the delay_freed list
377 385 */
378 386 delay_free_obj = obj_delay_freed.first;
379 387 while (delay_free_obj != NULL) {
380 388 tmpo = delay_free_obj->next;
381 389 free(delay_free_obj);
382 390 delay_free_obj = tmpo;
383 391 }
384 392
385 393 soft_slot.keystore_load_status = KEYSTORE_UNINITIALIZED;
386 394 (void) pthread_mutex_destroy(&obj_delay_freed.obj_to_be_free_mutex);
387 395
388 396 delay_free_ses = ses_delay_freed.first;
389 397 while (delay_free_ses != NULL) {
390 398 tmps = delay_free_ses->next;
391 399 free(delay_free_ses);
392 400 delay_free_ses = tmps;
393 401 }
394 402 (void) pthread_mutex_destroy(&ses_delay_freed.ses_to_be_free_mutex);
395 403
396 404 return (rv);
397 405 }
398 406
399 407 static void
400 408 softtoken_init()
401 409 {
402 410 /* Children inherit parent's atfork handlers */
403 411 (void) pthread_atfork(softtoken_fork_prepare,
|
↓ open down ↓ |
257 lines elided |
↑ open up ↑ |
404 412 softtoken_fork_after, softtoken_fork_after);
405 413 }
406 414
407 415 /*
408 416 * softtoken_fini() function required to make sure complete cleanup
409 417 * is done if softtoken is ever unloaded without a C_Finalize() call.
410 418 */
411 419 static void
412 420 softtoken_fini()
413 421 {
414 - (void) pthread_mutex_lock(&soft_giant_mutex);
422 + int rc;
415 423
416 - /* if we're not initilized, do not attempt to finalize */
417 - if (!softtoken_initialized) {
418 - (void) pthread_mutex_unlock(&soft_giant_mutex);
419 - return;
420 - }
424 + rc = pthread_mutex_trylock(&soft_giant_mutex);
425 + /*
426 + * Check to see if it was acquired by softtoken_fork_prepare().
427 + */
428 + if (rc == EBUSY && fork_prepared)
429 + rc = 0;
421 430
422 - (void) finalize_common(B_TRUE, NULL_PTR);
431 + if (rc != 0) {
432 + /*
433 + * I don't know WHAT just happened, but it's pretty bad. Grab
434 + * the lock for real, even if it means deadlocking here.
435 + */
436 + (void) pthread_mutex_lock(&soft_giant_mutex);
437 + } /* Else we acquired the lock and life is good. */
423 438
424 - (void) pthread_mutex_unlock(&soft_giant_mutex);
439 + /* Only finalize if we're initialized. */
440 + if (softtoken_initialized) {
441 + /*
442 + * We also have to DROP all of the other locks that
443 + * softtoken_fork_prepare did IF it was prepared, because
444 + * finalize_common() is going to pick them right back up.
445 + */
446 + if (fork_prepared)
447 + softtoken_fork_after_droplocks();
448 + (void) finalize_common(B_TRUE, NULL_PTR);
449 + /* ASSERT(!softtoken_initialized); */
450 + }
451 +
452 + /*
453 + * If we don't want to drop the lock, we assume softtoken_fork_after()
454 + * will get called.
455 + */
456 + if (!fork_prepared)
457 + (void) pthread_mutex_unlock(&soft_giant_mutex);
425 458 }
426 459
427 460 CK_RV
428 461 C_GetInfo(CK_INFO_PTR pInfo)
429 462 {
430 463 if (!softtoken_initialized)
431 464 return (CKR_CRYPTOKI_NOT_INITIALIZED);
432 465
433 466 if (pInfo == NULL) {
434 467 return (CKR_ARGUMENTS_BAD);
435 468 }
436 469
437 470 /* Provide general information in the provided buffer */
438 471 pInfo->cryptokiVersion.major = CRYPTOKI_VERSION_MAJOR;
439 472 pInfo->cryptokiVersion.minor = CRYPTOKI_VERSION_MINOR;
440 473 (void) strncpy((char *)pInfo->manufacturerID,
441 474 SOFT_MANUFACTURER_ID, 32);
442 475 pInfo->flags = 0;
443 476 (void) strncpy((char *)pInfo->libraryDescription,
444 477 LIBRARY_DESCRIPTION, 32);
445 478 pInfo->libraryVersion.major = LIBRARY_VERSION_MAJOR;
446 479 pInfo->libraryVersion.minor = LIBRARY_VERSION_MINOR;
447 480
448 481 return (CKR_OK);
449 482 }
450 483
451 484 CK_RV
452 485 C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
453 486 {
454 487 if (ppFunctionList == NULL) {
455 488 return (CKR_ARGUMENTS_BAD);
456 489 }
457 490
458 491 *ppFunctionList = &functionList;
459 492
460 493 return (CKR_OK);
461 494 }
462 495
463 496 /*
464 497 * PKCS#11 states that C_GetFunctionStatus should always return
465 498 * CKR_FUNCTION_NOT_PARALLEL
466 499 */
467 500 /*ARGSUSED*/
468 501 CK_RV
469 502 C_GetFunctionStatus(CK_SESSION_HANDLE hSession)
470 503 {
471 504 return (CKR_FUNCTION_NOT_PARALLEL);
472 505 }
473 506
474 507 /*
475 508 * PKCS#11 states that C_CancelFunction should always return
476 509 * CKR_FUNCTION_NOT_PARALLEL
477 510 */
478 511 /*ARGSUSED*/
479 512 CK_RV
480 513 C_CancelFunction(CK_SESSION_HANDLE hSession)
481 514 {
482 515 return (CKR_FUNCTION_NOT_PARALLEL);
483 516 }
484 517
485 518 /*
486 519 * Take out all mutexes before fork.
487 520 *
488 521 * Order:
|
↓ open down ↓ |
54 lines elided |
↑ open up ↑ |
489 522 * 1. soft_giant_mutex
490 523 * 2. soft_sessionlist_mutex
491 524 * 3. soft_slot.slot_mutex
492 525 * 4. soft_slot.keystore_mutex
493 526 * 5. token_session mutexes via soft_acquire_all_session_mutexes()
494 527 * 6. all soft_session_list mutexes via soft_acquire_all_session_mutexes()
495 528 * 7. obj_delay_freed.obj_to_be_free_mutex;
496 529 * 8. ses_delay_freed.ses_to_be_free_mutex
497 530 */
498 531 void
499 -softtoken_fork_prepare()
532 +softtoken_fork_prepare(void)
500 533 {
501 534 (void) pthread_mutex_lock(&soft_giant_mutex);
502 535 if (softtoken_initialized) {
503 536 (void) pthread_mutex_lock(&soft_sessionlist_mutex);
504 537 (void) pthread_mutex_lock(&soft_slot.slot_mutex);
505 538 (void) pthread_mutex_lock(&soft_slot.keystore_mutex);
506 539 soft_acquire_all_session_mutexes(&token_session);
507 540 soft_acquire_all_session_mutexes(soft_session_list);
508 541 (void) pthread_mutex_lock(
509 542 &obj_delay_freed.obj_to_be_free_mutex);
510 543 (void) pthread_mutex_lock(
511 544 &ses_delay_freed.ses_to_be_free_mutex);
512 545 }
546 + fork_prepared = B_TRUE;
513 547 }
514 548
549 +static void
550 +softtoken_fork_after_droplocks(void)
551 +{
552 + /* ASSERT(softtoken_initialized); */
553 + (void) pthread_mutex_unlock(&ses_delay_freed.ses_to_be_free_mutex);
554 + (void) pthread_mutex_unlock(&obj_delay_freed.obj_to_be_free_mutex);
555 + soft_release_all_session_mutexes(soft_session_list);
556 + soft_release_all_session_mutexes(&token_session);
557 + (void) pthread_mutex_unlock(&soft_slot.keystore_mutex);
558 + (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
559 + (void) pthread_mutex_unlock(&soft_sessionlist_mutex);
560 +}
561 +
515 562 /*
516 563 * Release in opposite order to softtoken_fork_prepare().
517 564 * Function is used for parent and child.
518 565 */
519 566 void
520 -softtoken_fork_after()
567 +softtoken_fork_after(void)
521 568 {
522 - if (softtoken_initialized) {
523 - (void) pthread_mutex_unlock(
524 - &ses_delay_freed.ses_to_be_free_mutex);
525 - (void) pthread_mutex_unlock(
526 - &obj_delay_freed.obj_to_be_free_mutex);
527 - soft_release_all_session_mutexes(soft_session_list);
528 - soft_release_all_session_mutexes(&token_session);
529 - (void) pthread_mutex_unlock(&soft_slot.keystore_mutex);
530 - (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
531 - (void) pthread_mutex_unlock(&soft_sessionlist_mutex);
532 - }
569 + if (softtoken_initialized)
570 + softtoken_fork_after_droplocks();
571 + fork_prepared = B_FALSE;
533 572 (void) pthread_mutex_unlock(&soft_giant_mutex);
534 573 }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX