kernel.h

cryptlib安全工具包

	SEMAPHORE_INFO semaphoreInfo[ SEMAPHORE_LAST + 8 ];
#ifdef USE_THREADS
	MUTEX_DECLARE_STORAGE( semaphore );
#endif /* USE_THREADS */

	/* The kernel mutexes.  Since mutexes usually aren't scalar values and
	   are declared and accessed via macros that manipulate various fields,
	   we have to declare a pile of them individually rather than using an
	   array of mutexes */
#ifdef USE_THREADS
	MUTEX_DECLARE_STORAGE( mutex1 );
	MUTEX_DECLARE_STORAGE( mutex2 );
	MUTEX_DECLARE_STORAGE( mutex3);
#endif /* USE_THREADS */

	/* The kernel thread data */
#ifdef USE_THREADS
	THREAD_INFO threadInfo;
#endif /* USE_THREADS */

	/* The kernel secure memory list and a lock to protect it */
	MEMLOCK_INFO *allocatedListHead, *allocatedListTail;
#ifdef USE_THREADS
	MUTEX_DECLARE_STORAGE( allocation );
#endif /* USE_THREADS */

	/* A marker for the end of the kernel data, used during init/shutdown */
	int endMarker;
	} KERNEL_DATA;

/* When we start up and shut down the kernel, we need to clear the kernel
   data.  However, the init lock may have been set by an external management
   function, so we can't clear that part of the kernel data.  In addition,
   on shutdown the shutdown level value must stay set so that any threads
   still running will be forced to exit at the earliest possible instance,
   and remain set after the shutdown has completed.  To handle this, we use
   the following macro to clear only the appropriate area of the kernel data
   block */

#define CLEAR_KERNEL_DATA()     \
		assert( &krnlDataBlock.endMarker - \
				&krnlDataBlock.initLevel < sizeof( krnlDataBlock ) ); \
		zeroise( ( void * ) ( &krnlDataBlock.initLevel ), \
				 &krnlDataBlock.endMarker - &krnlDataBlock.initLevel )

/****************************************************************************
*																			*
*								ACL Functions								*
*																			*
****************************************************************************/

/* Prototypes for functions in certm_acl.c */

CHECK_RETVAL \
int preDispatchCheckCertMgmtAccess( const int objectHandle,
									const MESSAGE_TYPE message,
									IN_BUFFER( MESSAGE_CERTMGMT_INFO ) \
									const void *messageDataPtr,
									const int messageValue,
									const void *dummy ) \
									STDC_NONNULL_ARG( ( 3 ) );

/* Prototypes for functions in key_acl.c */

CHECK_RETVAL \
int preDispatchCheckKeysetAccess( const int objectHandle,
								  const MESSAGE_TYPE message,
								  IN_BUFFER( MESSAGE_KEYMGMT_INFO ) \
								  const void *messageDataPtr,
								  const int messageValue,
								  const void *dummy ) \
								  STDC_NONNULL_ARG( ( 3 ) );

/* Prototypes for functions in mech_acl.c */

CHECK_RETVAL \
int preDispatchCheckMechanismWrapAccess( const int objectHandle,
										 const MESSAGE_TYPE message,
										 IN_BUFFER( MECHANISM_WRAP_INFO ) \
										 const void *messageDataPtr,
										 const int messageValue,
										 const void *dummy ) \
										 STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int preDispatchCheckMechanismSignAccess( const int objectHandle,
										 const MESSAGE_TYPE message,
										 IN_BUFFER( MECHANISM_WRAP_INFO ) \
										 const void *messageDataPtr,
										 const int messageValue,
										 const void *dummy ) \
										 STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int preDispatchCheckMechanismDeriveAccess( const int objectHandle,
										   const MESSAGE_TYPE message,
										   IN_BUFFER( MECHANISM_WRAP_INFO ) \
										   const void *messageDataPtr,
										   const int messageValue,
										   const void *dummy ) \
										   STDC_NONNULL_ARG( ( 3 ) );

/* Prototypes for functions in msg_acl.c */

CHECK_RETVAL \
int preDispatchSignalDependentObjects( const int objectHandle,
									   const MESSAGE_TYPE message,
									   const void *messageDataPtr,
									   const int messageValue,
									   const void *dummy );
CHECK_RETVAL \
int preDispatchCheckAttributeAccess( const int objectHandle,
									 const MESSAGE_TYPE message,
									 const void *messageDataPtr,
									 const int messageValue,
									 const void *auxInfo );
CHECK_RETVAL \
int preDispatchCheckCompareParam( const int objectHandle,
								  const MESSAGE_TYPE message,
								  const void *messageDataPtr,
								  const int messageValue,
								  const void *dummy );
CHECK_RETVAL \
int preDispatchCheckCheckParam( const int objectHandle,
								const MESSAGE_TYPE message,
								const void *messageDataPtr,
								const int messageValue,
								const void *dummy );
CHECK_RETVAL \
int preDispatchCheckActionAccess( const int objectHandle,
								  const MESSAGE_TYPE message,
								  const void *messageDataPtr,
								  const int messageValue,
								  const void *dummy );
CHECK_RETVAL \
int preDispatchCheckState( const int objectHandle,
						   const MESSAGE_TYPE message,
						   const void *messageDataPtr,
						   const int messageValue, const void *dummy );
CHECK_RETVAL \
int preDispatchCheckParamHandleOpt( const int objectHandle,
									const MESSAGE_TYPE message,
									const void *messageDataPtr,
									const int messageValue,
									const void *auxInfo );
CHECK_RETVAL \
int preDispatchCheckStateParamHandle( const int objectHandle,
									  const MESSAGE_TYPE message,
									  const void *messageDataPtr,
									  const int messageValue,
									  const void *auxInfo );
CHECK_RETVAL \
int preDispatchCheckExportAccess( const int objectHandle,
								  const MESSAGE_TYPE message,
								  const void *messageDataPtr,
								  const int messageValue,
								  const void *dummy );
CHECK_RETVAL \
int preDispatchCheckData( const int objectHandle,
						  const MESSAGE_TYPE message,
						  IN_BUFFER( MESSAGE_DATA ) \
						  const void *messageDataPtr,
						  const int messageValue,
						  const void *dummy ) \
						  STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int preDispatchCheckCreate( const int objectHandle,
							const MESSAGE_TYPE message,
							IN_BUFFER( MESSAGE_CREATEOBJECT_INFO ) \
							const void *messageDataPtr,
							const int messageValue,
							const void *dummy ) \
							STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int preDispatchCheckUserMgmtAccess( const int objectHandle, 
									const MESSAGE_TYPE message,
									const void *messageDataPtr,
									const int messageValue, 
									const void *dummy );
CHECK_RETVAL \
int preDispatchCheckTrustMgmtAccess( const int objectHandle, 
									 const MESSAGE_TYPE message,
									 const void *messageDataPtr,
									 const int messageValue, 
									 const void *dummy );
CHECK_RETVAL \
int postDispatchMakeObjectExternal( const int dummy,
									const MESSAGE_TYPE message,
									const void *messageDataPtr,
									const int messageValue,
									const void *auxInfo );
CHECK_RETVAL \
int postDispatchForwardToDependentObject( const int objectHandle,
										  const MESSAGE_TYPE message,
										  const void *dummy1,
										  const int messageValue,
										  const void *dummy2 );
CHECK_RETVAL \
int postDispatchUpdateUsageCount( const int objectHandle,
								  const MESSAGE_TYPE message,
								  const void *dummy1,
								  const int messageValue,
								  const void *dummy2 );
CHECK_RETVAL \
int postDispatchChangeState( const int objectHandle,
							 const MESSAGE_TYPE message,
							 const void *dummy1,
							 const int messageValue,
							 const void *dummy2 );
CHECK_RETVAL \
int postDispatchChangeStateOpt( const int objectHandle,
								const MESSAGE_TYPE message,
								const void *dummy1,
								const int messageValue,
								const void *auxInfo );
CHECK_RETVAL \
int postDispatchHandleZeroise( const int objectHandle, 
							   const MESSAGE_TYPE message,
							   const void *dummy1,
							   const int messageValue,
							   const void *dummy2 );

/****************************************************************************
*																			*
*								Kernel Functions							*
*																			*
****************************************************************************/

/* Prototypes for functions in attr_acl.c */

CHECK_RETVAL \
const void *findAttributeACL( const CRYPT_ATTRIBUTE_TYPE attribute,
							  const BOOLEAN isInternalMessage );

/* Prototypes for functions in int_msg.c */

CHECK_RETVAL \
int getPropertyAttribute( const int objectHandle,
						  const CRYPT_ATTRIBUTE_TYPE attribute,
						  OUT_BUFFER_FIXED( sizeof( int ) ) \
						  void *messageDataPtr ) \
						  STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int setPropertyAttribute( const int objectHandle,
						  const CRYPT_ATTRIBUTE_TYPE attribute,
						  IN_BUFFER( sizeof( int ) ) \
						  void *messageDataPtr ) \
						  STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int incRefCount( const int objectHandle, const int dummy1,
				 const void *dummy2, const BOOLEAN dummy3 );
CHECK_RETVAL \
int decRefCount( const int objectHandle, const int dummy1,
				 const void *dummy2, const BOOLEAN isInternal );
CHECK_RETVAL \
int getDependentObject( const int objectHandle, const int targetType,
						OUT_BUFFER_FIXED( sizeof( int ) ) \
						const void *messageDataPtr,
						const BOOLEAN dummy ) \
						STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int setDependentObject( const int objectHandle, const int incReferenceCount,
						IN_BUFFER( sizeof( int ) ) \
						const void *messageDataPtr,
						const BOOLEAN dummy ) \
						STDC_NONNULL_ARG( ( 3 ) );
CHECK_RETVAL \
int cloneObject( const int objectHandle, const int clonedObject,
				 const void *dummy1, const BOOLEAN dummy2 );

/* Prototypes for functions in sendmsg.c */

CHECK_RETVAL \
int checkTargetType( const int objectHandle, const long targets );
CHECK_RETVAL \
int findTargetType( const int originalObjectHandle, const long targets );
CHECK_RETVAL \
int waitForObject( const int objectHandle, 
				   OUT_PTR OBJECT_INFO **objectInfoPtrPtr ) \
				   STDC_NONNULL_ARG( ( 2 ) );

/* Prototypes for functions in objects.c */

void destroyObjectData( const int objectHandle );
int destroyObjects( void );

/* Prototypes for functions in semaphore.c */

void setSemaphore( const SEMAPHORE_TYPE semaphore,
				   const MUTEX_HANDLE object );
void clearSemaphore( const SEMAPHORE_TYPE semaphore );

/* Init/shutdown functions for each kernel module */

CHECK_RETVAL \
int initAllocation( INOUT KERNEL_DATA *krnlDataPtr ) \
					STDC_NONNULL_ARG( ( 1 ) );
void endAllocation( void );
CHECK_RETVAL \
int initAttributeACL( INOUT KERNEL_DATA *krnlDataPtr ) \
					  STDC_NONNULL_ARG( ( 1 ) );
void endAttributeACL( void );
CHECK_RETVAL \
int initCertMgmtACL( INOUT KERNEL_DATA *krnlDataPtr ) \
					 STDC_NONNULL_ARG( ( 1 ) );
void endCertMgmtACL( void );
CHECK_RETVAL \
int initInternalMsgs( INOUT KERNEL_DATA *krnlDataPtr ) \
					  STDC_NONNULL_ARG( ( 1 ) );
void endInternalMsgs( void );
CHECK_RETVAL \
int initKeymgmtACL( INOUT KERNEL_DATA *krnlDataPtr ) \
					STDC_NONNULL_ARG( ( 1 ) );
void endKeymgmtACL( void );
CHECK_RETVAL \
int initMechanismACL( INOUT KERNEL_DATA *krnlDataPtr ) \
					  STDC_NONNULL_ARG( ( 1 ) );
void endMechanismACL( void );
CHECK_RETVAL \
int initMessageACL( INOUT KERNEL_DATA *krnlDataPtr ) \
					STDC_NONNULL_ARG( ( 1 ) );
void endMessageACL( void );
CHECK_RETVAL \
int initObjects( INOUT KERNEL_DATA *krnlDataPtr ) \
				 STDC_NONNULL_ARG( ( 1 ) );
void endObjects( void );
CHECK_RETVAL \
int initObjectAltAccess( INOUT KERNEL_DATA *krnlDataPtr ) \
						 STDC_NONNULL_ARG( ( 1 ) );
void endObjectAltAccess( void );
CHECK_RETVAL \
int initSemaphores( INOUT KERNEL_DATA *krnlDataPtr ) \
					STDC_NONNULL_ARG( ( 1 ) );
void endSemaphores( void );
CHECK_RETVAL \
int initSendMessage( INOUT KERNEL_DATA *krnlDataPtr ) \
					 STDC_NONNULL_ARG( ( 1 ) );
void endSendMessage( void );

#endif /* _KERNEL_DEFINED */