From 68ff86b8c6746de7fd58ad6e674f451c8b676ce6 Mon Sep 17 00:00:00 2001
From: Aaron Kaiser <a_kaiser@posteo.de>
Date: Tue, 25 Feb 2025 17:26:25 +0100
Subject: [PATCH] sync changes from artifact

---
 Cargo.lock     |  1 -
 Cargo.toml     |  2 +-
 src/agent.rs   | 27 ++++++++++++++---------
 src/ed25519.rs | 59 +++++++++++++++++++++++++++++++++++++++++---------
 src/mlkem.rs   |  6 +++++
 src/x25519.rs  |  6 +++++
 6 files changed, 79 insertions(+), 22 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index d245f3d..4edb066 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -26,7 +26,6 @@ checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5"
 [[package]]
 name = "shared_memory_heap"
 version = "0.1.0"
-source = "git+https://gitea.rixxc.de/rixxc/shared_memory_heap.git#7f46573218dc46417608a700a6146950dfea1442"
 dependencies = [
  "libc",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index f5ee67a..f17db80 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -8,4 +8,4 @@ edition = "2021"
 [dependencies]
 anyhow = "1.0.82"
 libc = "0.2.153"
-shared_memory_heap = { git = "https://gitea.rixxc.de/rixxc/shared_memory_heap.git" }
+shared_memory_heap = { path = "../shared_memory_heap" }
diff --git a/src/agent.rs b/src/agent.rs
index 1fabf67..d3d81be 100644
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -1,7 +1,8 @@
 use anyhow::{bail, Result};
 use libc::{
-    c_char, c_void, execve, fork, ftruncate, memfd_create, mmap, perror, syscall, SYS_futex,
-    FUTEX_WAIT, FUTEX_WAKE, MAP_FAILED, MAP_SHARED, PROT_READ, PROT_WRITE,
+    c_char, c_void, close, execve, fcntl, fork, ftruncate, memfd_create, mmap, perror, syscall,
+    SYS_futex, FUTEX_WAIT, FUTEX_WAKE, F_ADD_SEALS, F_SEAL_FUTURE_WRITE, MAP_FAILED, MAP_SHARED,
+    MFD_ALLOW_SEALING, PROT_READ, PROT_WRITE,
 };
 use shared_memory_heap::get_shared_mem_fd;
 use std::{ffi::CString, path::Path, ptr, usize};
@@ -15,7 +16,7 @@ unsafe impl Send for Agent {}
 impl Agent {
     pub(crate) unsafe fn new(agent_path: &Path, keyfile_path: &Path) -> Result<Self> {
         let data_fd = get_shared_mem_fd();
-        let sync_fd = memfd_create("sync\x00".as_ptr() as *const c_char, 0);
+        let sync_fd = memfd_create("sync\x00".as_ptr() as *const c_char, MFD_ALLOW_SEALING);
 
         if sync_fd <= 0 {
             bail!("creating memfd failed");
@@ -35,6 +36,8 @@ impl Agent {
             0,
         ) as *mut usize;
 
+        fcntl(sync_fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE);
+
         if sync_mem == MAP_FAILED as *mut usize {
             bail!("mmap failed");
         }
@@ -46,18 +49,22 @@ impl Agent {
         if child == 0 {
             // child
 
+            close(0);
+            close(1);
+            close(2);
+
             let path = CString::new(agent_path.as_os_str().as_encoded_bytes()).unwrap();
             let data_fd = CString::new(data_fd.to_string()).unwrap();
             let sync_fd = CString::new(sync_fd.to_string()).unwrap();
             let keyfile = CString::new(keyfile_path.as_os_str().as_encoded_bytes()).unwrap();
-            let args = [data_fd.as_ptr(), sync_fd.as_ptr(), keyfile.as_ptr(), ptr::null()];
-
-
-            execve(
-                path.as_ptr() as *const c_char,
-                args.as_ptr(),
+            let args = [
+                data_fd.as_ptr(),
+                sync_fd.as_ptr(),
+                keyfile.as_ptr(),
                 ptr::null(),
-            );
+            ];
+
+            execve(path.as_ptr() as *const c_char, args.as_ptr(), ptr::null());
 
             perror("execve:\x00".as_ptr() as *const c_char);
 
diff --git a/src/ed25519.rs b/src/ed25519.rs
index 4bbcbd4..0b55f58 100644
--- a/src/ed25519.rs
+++ b/src/ed25519.rs
@@ -2,14 +2,25 @@ pub use shared_memory_heap::sharedptr::SharedPtr;
 
 use crate::agent::Agent;
 use std::{
-    ops::Deref, path::Path, sync::{LazyLock, Mutex}
+    ops::Deref,
+    path::Path,
+    sync::{LazyLock, Mutex},
 };
 
-static ED25519AGENT: LazyLock<Mutex<Agent>> = LazyLock::new(|| {
-    let agent_path = std::env::var("ED25519_AGENT_PATH").expect("ED25519_AGENT_PATH environment variable missing");
-    let keyfile_path = std::env::var("ED25519_KEYFILE").expect("Ed25519_KEYFILE environment variable missing");
-    let agent = unsafe { Agent::new(Path::new(&agent_path), Path::new(&keyfile_path)).expect("Agent failed to start") };
-    Mutex::new(agent)
+static ED25519AGENT: LazyLock<Vec<Mutex<Agent>>> = LazyLock::new(|| {
+    let agent_path = std::env::var("ED25519_AGENT_PATH")
+        .expect("ED25519_AGENT_PATH environment variable missing");
+    let keyfile_path =
+        std::env::var("ED25519_KEYFILE").expect("Ed25519_KEYFILE environment variable missing");
+    let mut agents = Vec::with_capacity(5);
+    for _ in 0..5 {
+        let agent = unsafe {
+            Agent::new(Path::new(&agent_path), Path::new(&keyfile_path))
+                .expect("Agent failed to start")
+        };
+        agents.push(Mutex::new(agent));
+    }
+    agents
 });
 
 #[derive(Debug)]
@@ -61,25 +72,53 @@ impl Deref for Ed25519Signature {
 
 pub fn ed25519_keygen() -> (Ed25519PrivKey, Ed25519PubKey) {
     let sk = Ed25519PrivKey(SharedPtr::new(8).unwrap());
-    let pk = Ed25519PubKey(SharedPtr::new(32).unwrap()); 
+    let pk = Ed25519PubKey(SharedPtr::new(32).unwrap());
 
-    let mut agent = ED25519AGENT.lock().unwrap();
+    let mut agent = None;
+    while agent.is_none() {
+        agent = ED25519AGENT
+            .iter()
+            .map(|agent| agent.try_lock())
+            .filter(|agent| agent.is_ok())
+            .next();
+    }
+    let mut agent = agent.unwrap().unwrap();
 
     unsafe {
         agent.perform_ipc_call(0, &[sk.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     (sk, pk)
 }
 
 pub fn ed25519_sign(sk: &Ed25519PrivKey, msg: &SharedPtr) -> Ed25519Signature {
     let sig = Ed25519Signature(SharedPtr::new(64).unwrap());
 
-    let mut agent = ED25519AGENT.lock().unwrap();
+    let mut agent = None;
+    while agent.is_none() {
+        agent = ED25519AGENT
+            .iter()
+            .map(|agent| agent.try_lock())
+            .filter(|agent| agent.is_ok())
+            .next();
+    }
+    let mut agent = agent.unwrap().unwrap();
 
     unsafe {
-        agent.perform_ipc_call(1, &[sk.0.get_offset(), msg.get_offset(), msg.get_size(), sig.0.get_offset()]);
+        agent.perform_ipc_call(
+            1,
+            &[
+                sk.0.get_offset(),
+                msg.get_offset(),
+                msg.get_size(),
+                sig.0.get_offset(),
+            ],
+        );
     }
 
+    drop(agent);
+
     sig
 }
diff --git a/src/mlkem.rs b/src/mlkem.rs
index d5cce7c..9284042 100644
--- a/src/mlkem.rs
+++ b/src/mlkem.rs
@@ -79,6 +79,8 @@ pub fn mlkem_keygen() -> (MLKEMPrivKey, MLKEMPubKey) {
         agent.perform_ipc_call(0, &[sk.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     (sk, pk)
 }
 
@@ -92,6 +94,8 @@ pub fn mlkem_encap(pk: &MLKEMPubKey) -> (MLKEMCiphertext, MLKEMSharedKey) {
         agent.perform_ipc_call(1, &[ct.0.get_offset(), ss.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     (ct, ss)
 }
 
@@ -104,5 +108,7 @@ pub fn mlkem_decap(ct: &MLKEMCiphertext, sk: &MLKEMPrivKey) -> MLKEMSharedKey {
         agent.perform_ipc_call(2, &[ss.0.get_offset(), ct.0.get_offset(), sk.0.get_offset()]);
     }
 
+    drop(agent);
+
     ss
 }
diff --git a/src/x25519.rs b/src/x25519.rs
index 0d2413b..d91e323 100644
--- a/src/x25519.rs
+++ b/src/x25519.rs
@@ -69,6 +69,8 @@ pub fn x25519_keygen() -> (X25519PrivKey, X25519PubKey) {
         agent.perform_ipc_call(0, &[sk.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     (sk, pk)
 }
 
@@ -81,6 +83,8 @@ pub fn x22519_pubkey(sk: &X25519PrivKey) -> X25519PubKey {
         agent.perform_ipc_call(1, &[sk.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     pk
 }
 
@@ -93,5 +97,7 @@ pub fn x25519(sk: &X25519PrivKey, pk: &X25519PubKey) -> X25519SharedKey {
         agent.perform_ipc_call(2, &[out.0.get_offset(), sk.0.get_offset(), pk.0.get_offset()]);
     }
 
+    drop(agent);
+
     out
 }