From d6e8fe6819d33de823e93bd83cdeec0f11617809 Mon Sep 17 00:00:00 2001 From: "rsleevi@chromium.org" Date: Wed, 3 Oct 2012 05:46:45 +0000 Subject: Force crypto::AppleKeychain access to be guarded by a Big Global Lock Apple removed the Big Global Lock guarding the Security.framework API, but there are a number of thread-unsafe places in the API. Additionally, it seems that OS X 10.8.2 has introduced some deadlock potential, so force calls to be serialized behind a Chrome-supplied Big Global Lock until it's safe to do otherwise. BUG=151707 TEST=See bug Review URL: https://chromiumcodereview.appspot.com/11016004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159839 0039d316-1c4b-4281-b951-d872f2087c98 --- crypto/apple_keychain_mac.mm | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'crypto') diff --git a/crypto/apple_keychain_mac.mm b/crypto/apple_keychain_mac.mm index 545be19..240c320 100644 --- a/crypto/apple_keychain_mac.mm +++ b/crypto/apple_keychain_mac.mm @@ -6,6 +6,9 @@ #import +#include "base/synchronization/lock.h" +#include "crypto/mac_security_services_lock.h" + namespace crypto { AppleKeychain::AppleKeychain() {} @@ -19,6 +22,7 @@ OSStatus AppleKeychain::ItemCopyAttributesAndData( SecKeychainAttributeList** attrList, UInt32* length, void** outData) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainItemCopyAttributesAndData(itemRef, info, itemClass, attrList, length, outData); } @@ -28,6 +32,7 @@ OSStatus AppleKeychain::ItemModifyAttributesAndData( const SecKeychainAttributeList* attrList, UInt32 length, const void* data) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainItemModifyAttributesAndData(itemRef, attrList, length, data); } @@ -35,10 +40,12 @@ OSStatus AppleKeychain::ItemModifyAttributesAndData( OSStatus AppleKeychain::ItemFreeAttributesAndData( SecKeychainAttributeList* attrList, void* data) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainItemFreeAttributesAndData(attrList, data); } OSStatus AppleKeychain::ItemDelete(SecKeychainItemRef itemRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainItemDelete(itemRef); } @@ -47,12 +54,14 @@ OSStatus AppleKeychain::SearchCreateFromAttributes( SecItemClass itemClass, const SecKeychainAttributeList* attrList, SecKeychainSearchRef* searchRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainSearchCreateFromAttributes(keychainOrArray, itemClass, attrList, searchRef); } OSStatus AppleKeychain::SearchCopyNext(SecKeychainSearchRef searchRef, SecKeychainItemRef* itemRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainSearchCopyNext(searchRef, itemRef); } @@ -72,6 +81,7 @@ OSStatus AppleKeychain::AddInternetPassword( UInt32 passwordLength, const void* passwordData, SecKeychainItemRef* itemRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainAddInternetPassword(keychain, serverNameLength, serverName, securityDomainLength, securityDomain, @@ -90,6 +100,7 @@ OSStatus AppleKeychain::FindGenericPassword(CFTypeRef keychainOrArray, UInt32* passwordLength, void** passwordData, SecKeychainItemRef* itemRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainFindGenericPassword(keychainOrArray, serviceNameLength, serviceName, @@ -102,6 +113,7 @@ OSStatus AppleKeychain::FindGenericPassword(CFTypeRef keychainOrArray, OSStatus AppleKeychain::ItemFreeContent(SecKeychainAttributeList* attrList, void* data) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainItemFreeContent(attrList, data); } @@ -113,6 +125,7 @@ OSStatus AppleKeychain::AddGenericPassword(SecKeychainRef keychain, UInt32 passwordLength, const void* passwordData, SecKeychainItemRef* itemRef) const { + base::AutoLock lock(GetMacSecurityServicesLock()); return SecKeychainAddGenericPassword(keychain, serviceNameLength, serviceName, -- cgit v1.1