1357741 - make nsCertOverrideService's locking more efficient

Status: RESOLVED FIXED

(Core :: Security: PSM, enhancement)

Description

[Nathan Froyd [:froydnj]]

nsCertOverrideService uses a ReentrantMonitor to protect its inner
state.  However, there's no way for nsCertOverrideService's methods to
be re-entered when calling outside code.  The use of ReentrantMonitor
appears to be compensating for an unclear division of locking
responsibilities, by enabling every method to simply lock the
ReentrantMonitor upon entrance without care for who might have locked it
beforehand.

Using Mutex is cheaper than ReentrantMonitor, and also forces us to
make explicit who's required to do locking, and who needs to do work
with the lock held.

Comment 1

[Nathan Froyd [:froydnj]]

Attachment: make nsCertOverrideService's locking more efficient

Try at least seems to think this patch is OK:

https://treeherder.mozilla.org/#/jobs?repo=try&revision=f180f607141d4e6013caa861be83dca3e1b7ea53

Comment 2

[Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)]

Comment on attachment 8859581 [details] [diff] [review]
make nsCertOverrideService's locking more efficient

Review of attachment 8859581 [details] [diff] [review]:
-----------------------------------------------------------------

LGTM - thanks for writing this.

::: security/manager/ssl/nsCertOverrideService.h
@@ +159,5 @@
>  
>  protected:
>      ~nsCertOverrideService();
>  
> +    mozilla::Mutex mutex;

nit: maybe let's call this mMutex to be consistent with the other member variables

Comment 3

[Pulsebot]

Pushed by nfroyd@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/8228b51bee64
make nsCertOverrideService's locking more efficient; r=keeler

Comment 4

[Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)]

https://hg.mozilla.org/mozilla-central/rev/8228b51bee64