libopensc: Don't fail to allocate memory when mlock fails

* Print out warning when mlock fails, and continue.
 * The warning required a ctx to be passed in, so that means
   changing a few function signatures.

https://www.opensc-project.org/opensc/ticket/389

src/libopensc/opensc.h

@@ -1147,7 +1147,7 @@ int sc_base64_decode(const char *in, u8 *out, size_t outlen);
  * @param  len  length of the memory buffer
  */
 void sc_mem_clear(void *ptr, size_t len);
-void *sc_mem_alloc_secure(size_t len);
+void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len);
 int sc_mem_reverse(unsigned char *buf, size_t len);
 
 int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize);

src/libopensc/pkcs15-pin.c

@@ -533,7 +533,7 @@ void sc_pkcs15_pincache_add(struct sc_pkcs15_card *p15card, struct sc_pkcs15_obj
 		obj = obj->next;
 	}
 
-	r = sc_pkcs15_allocate_object_content(pin_obj, pin, pinlen);
+	r = sc_pkcs15_allocate_object_content(ctx, pin_obj, pin, pinlen);
 	if (r != SC_SUCCESS)   {
 		sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "Failed to allocate object content");
 		return;

src/libopensc/pkcs15.c

@@ -2033,7 +2033,8 @@ void sc_pkcs15_free_object_content(struct sc_pkcs15_object *obj)
 	obj->content.len = 0;
 }
 
-int sc_pkcs15_allocate_object_content(struct sc_pkcs15_object *obj,
+int sc_pkcs15_allocate_object_content(struct sc_context *ctx,
+		struct sc_pkcs15_object *obj,
 		const unsigned char *value, size_t len)
 {
 	unsigned char *tmp_buf;
@@ -2049,7 +2050,7 @@ int sc_pkcs15_allocate_object_content(struct sc_pkcs15_object *obj,
 	/* Need to pass by temporary variable,
 	 * because 'value' and 'content.value' pointers can be the sames.
 	 */
-	tmp_buf = (unsigned char *)sc_mem_alloc_secure(len);
+	tmp_buf = (unsigned char *)sc_mem_alloc_secure(ctx, len);
 	if (!tmp_buf)
 		return SC_ERROR_OUT_OF_MEMORY;
 

src/libopensc/pkcs15.h

@@ -812,7 +812,7 @@ int sc_pkcs15_make_absolute_path(const sc_path_t *parent, sc_path_t *child);
 void sc_pkcs15_free_object_content(struct sc_pkcs15_object *);
 
 /* Allocate and set object content */
-int sc_pkcs15_allocate_object_content(struct sc_pkcs15_object *,
+int sc_pkcs15_allocate_object_content(struct sc_context *, struct sc_pkcs15_object *,
 		const unsigned char *, size_t);
 
 struct sc_supported_algo_info *sc_pkcs15_get_supported_algo(struct sc_pkcs15_card *,

src/libopensc/sc.c

@@ -698,7 +698,7 @@ int _sc_parse_atr(sc_reader_t *reader)
 	return 0;
 }
 
-void *sc_mem_alloc_secure(size_t len)
+void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len)
 {
     void *pointer;
     
@@ -708,10 +708,8 @@ void *sc_mem_alloc_secure(size_t len)
 #ifdef HAVE_SYS_MMAN_H
     /* TODO Windows support and mprotect too */
     /* Do not swap the memory */
-    if (mlock(pointer, len) == -1) {
-        free(pointer);
-        return NULL;
-    }
+    if (mlock(pointer, len) == -1)
+        sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, pin may be paged to disk");
 #endif
     return pointer;
 }

src/pkcs15init/pkcs15-authentic.c

@@ -580,7 +580,7 @@ authentic_pkcs15_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p
 	sdo->file = file_p_prvkey;
 	sc_log(ctx, "sdo->file:%p", sdo->file);
 
-	rv = sc_pkcs15_allocate_object_content(object, (unsigned char *)sdo, sizeof(struct sc_authentic_sdo));
+	rv = sc_pkcs15_allocate_object_content(ctx, object, (unsigned char *)sdo, sizeof(struct sc_authentic_sdo));
 	LOG_TEST_RET(ctx, rv, "Failed to allocate PrvKey SDO as object content");
 
 	LOG_FUNC_RETURN(ctx, rv);
@@ -644,7 +644,7 @@ authentic_pkcs15_generate_key(struct sc_profile *profile, sc_pkcs15_card_t *p15c
 
 	authentic_free_sdo_data(sdo);
 
-	rv = sc_pkcs15_allocate_object_content(object, pubkey->data.value, pubkey->data.len);
+	rv = sc_pkcs15_allocate_object_content(ctx, object, pubkey->data.value, pubkey->data.len);
 	LOG_TEST_RET(ctx, rv, "Failed to allocate public key as object content");
 
 	LOG_FUNC_RETURN(ctx, rv);

src/pkcs15init/pkcs15-iasecc.c

@@ -1038,7 +1038,7 @@ iasecc_pkcs15_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p15c
 		LOG_TEST_RET(ctx, rv, "Cannot create key slot");
 	}
 	
-	rv = sc_pkcs15_allocate_object_content(object, (unsigned char *)sdo_prvkey, sizeof(struct iasecc_sdo));
+	rv = sc_pkcs15_allocate_object_content(ctx, object, (unsigned char *)sdo_prvkey, sizeof(struct iasecc_sdo));
 	LOG_TEST_RET(ctx, rv, "Failed to allocate PrvKey SDO as object content");
 
 	rv = iasecc_pkcs15_fix_private_key_attributes(profile, p15card, object, (struct iasecc_sdo *)object->content.value);
@@ -1135,7 +1135,7 @@ iasecc_pkcs15_generate_key(struct sc_profile *profile, sc_pkcs15_card_t *p15card
 	LOG_TEST_RET(ctx, rv, "encode private key access rules failed");
 
 	/* SDO PrvKey data replaced by public part of generated key */
-	rv = sc_pkcs15_allocate_object_content(object, pubkey->data.value, pubkey->data.len);
+	rv = sc_pkcs15_allocate_object_content(ctx, object, pubkey->data.value, pubkey->data.len);
 	LOG_TEST_RET(ctx, rv, "Failed to allocate public key as object content");
 
 	iasecc_sdo_free(card, sdo_pubkey);

src/pkcs15init/pkcs15-oberthur-awp.c

@@ -1427,7 +1427,7 @@ awp_update_df_create_prvkey(struct sc_pkcs15_card *p15card, struct sc_profile *p
 		rv = sc_pkcs15_read_certificate(p15card, cert_info, &p15cert);
 		SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "AWP 'update private key' DF failed:  cannot get certificate");
 
-		rv = sc_pkcs15_allocate_object_content(cert_obj, p15cert->data, p15cert->data_len);
+		rv = sc_pkcs15_allocate_object_content(ctx, cert_obj, p15cert->data, p15cert->data_len);
 		SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, rv, "AWP 'update private key' DF failed:  cannot allocate content");
 
 		rv = awp_encode_cert_info(p15card, cert_obj, &icert);