HomePhabricator
Diffusion Comm 70cf45852540

Introduce thread-safety to NotificationsCryptoModule during cuncurrent access
70cf45852540
Actions

Description

Introduce thread-safety to NotificationsCryptoModule during cuncurrent access

Summary: Current implementation of atomic write to notification olm session writes might fail when called from multiple threads due to reasons explained in: https://phab.comm.dev/D8795#inline-56969. This differential aims to mitigate the issue.

Test Plan:

  1. Change notification encryption on the keyserver to encrypt field by field: https://gist.github.com/marcinwasowicz/a18b31f8bee1d56cc50fb71809077dcb
  2. Let notification decryption run concurrently in NSE using dispatch queues:https://gist.github.com/marcinwasowicz/4cca17794123b110134bf393d21e0b14
  3. Ensure that error occur before this diff but notification is correctly decrypted and displayed after this diff.

My logs after applying this diff looked like this:

NotificationService	default	15:44:48.290206+0200	COMM: <NSThread: 0x14541a1c0>{number = 2, name = (null)} started decrypt
NotificationService	default	15:44:48.290256+0200	COMM: <NSThread: 0x145321e10>{number = 3, name = (null)} started decrypt
NotificationService	default	15:44:48.290268+0200	COMM: <NSThread: 0x14541a440>{number = 4, name = (null)} started decrypt
NotificationService	default	15:44:48.290647+0200	Not internal release, disabling SIRL
NotificationService	default	15:44:48.290667+0200	System Keychain Always Supported set via feature flag to disabled
NotificationService	default	15:44:48.290709+0200	Adding securityd connection to pool, total now 1
NotificationService	default	15:44:48.290806+0200	Adding securityd connection to pool, total now 2
NotificationService	default	15:44:48.290946+0200	Adding securityd connection to pool, total now 3
NotificationService	default	15:44:48.291805+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:44:48.291855+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:44:48.291930+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:44:48.292774+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:44:48.292813+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:44:48.292839+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:44:48.293096+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:44:48.293118+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:44:48.293191+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:44:48.293543+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:44:48.293569+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:44:48.293601+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:44:48.294760+0200	COMM: <NSThread: 0x145321e10>{number = 3, name = (null)} ended decrypt
NotificationService	default	15:44:48.295073+0200	COMM: <NSThread: 0x14541a440>{number = 4, name = (null)} ended decrypt
NotificationService	default	15:44:48.295171+0200	COMM: <NSThread: 0x14541a1c0>{number = 2, name = (null)} ended decrypt

All threads successfully decrypt their content and don't run sequentially.

Before applying this diff:

NotificationService	default	15:48:42.754225+0200	COMM: <NSThread: 0x109b20290>{number = 2, name = (null)} started decrypt
NotificationService	default	15:48:42.754256+0200	COMM: <NSThread: 0x12801b240>{number = 3, name = (null)} started decrypt
NotificationService	default	15:48:42.754343+0200	COMM: <NSThread: 0x128304340>{number = 4, name = (null)} started decrypt
NotificationService	default	15:48:42.754865+0200	Not internal release, disabling SIRL
NotificationService	default	15:48:42.754918+0200	System Keychain Always Supported set via feature flag to disabled
NotificationService	default	15:48:42.755006+0200	Adding securityd connection to pool, total now 1
NotificationService	default	15:48:42.755136+0200	Adding securityd connection to pool, total now 2
NotificationService	default	15:48:42.755182+0200	Adding securityd connection to pool, total now 3
NotificationService	default	15:48:42.756612+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:48:42.756647+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:48:42.756706+0200	Requesting app group container lookup; personaid = 1000, type = DEFAULT, name = 76D364EF-0FF9-4233-9BE8-73A0AF6750BE, origin [pid = 132, personaid = 199], proximate [pid = 32, personaid = 199], identifier = <private>, euid = 501, uid = 501, platform = 2
NotificationService	default	15:48:42.758270+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:48:42.758338+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:48:42.758374+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:48:42.759088+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:48:42.759113+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:48:42.759136+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:48:42.760148+0200	Consuming sandbox extension; path = [<private>], key = 0
NotificationService	default	15:48:42.760188+0200	Revoking sandbox extension; key = 0
NotificationService	default	15:48:42.760227+0200	container_create_or_lookup_app_group_path_by_app_group_identifier: success
NotificationService	default	15:48:42.760673+0200	COMM: <NSThread: 0x12801b240>{number = 3, name = (null)} ended decrypt

Only one thread was able to decrypt.

Reviewers: tomek, ashoat, bartek

Reviewed By: tomek, ashoat

Differential Revision: https://phab.comm.dev/D8905

Details

Provenance
marcinAuthored on Aug 22 2023, 2:45 AM
Reviewer
tomek
Differential Revision
D8905: Introduce thread-safety to NotificationsCryptoModule during cuncurrent access
Parents
rCOMMa544318ebcdb: [keyserver] Read calendar query directly from viewer.
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
native/
cpp/
CommonCpp/
Notifications/
BackgroundDataStorage/

rCOMM70cf45852540

View Options

native/cpp/CommonCpp/Notifications/BackgroundDataStorage/NotificationsCryptoModule.cpp

Loading...