Index: crypto/nss_util.cc |
diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc |
index 04080ed3afc41245e4fce341f88cf9280e20bf2d..3ecedf63a48fd51aa73652fdb0725a0e42c46fec 100644 |
--- a/crypto/nss_util.cc |
+++ b/crypto/nss_util.cc |
@@ -24,6 +24,7 @@ |
#include <vector> |
#include "base/debug/alias.h" |
+#include "base/debug/stack_trace.h" |
#include "base/environment.h" |
#include "base/file_util.h" |
#include "base/files/file_path.h" |
@@ -34,6 +35,7 @@ |
#include "base/metrics/histogram.h" |
#include "base/native_library.h" |
#include "base/strings/stringprintf.h" |
+#include "base/threading/thread_checker.h" |
#include "base/threading/thread_restrictions.h" |
#include "build/build_config.h" |
@@ -217,6 +219,8 @@ class NSSInitSingleton { |
public: |
#if defined(OS_CHROMEOS) |
void OpenPersistentNSSDB() { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
if (!chromeos_user_logged_in_) { |
// GetDefaultConfigDirectory causes us to do blocking IO on UI thread. |
// Temporarily allow it until we fix http://crbug.com/70119 |
@@ -233,6 +237,8 @@ class NSSInitSingleton { |
} |
void EnableTPMTokenForNSS() { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
// If this gets set, then we'll use the TPM for certs with |
// private keys, otherwise we'll fall back to the software |
// implementation. |
@@ -242,6 +248,8 @@ class NSSInitSingleton { |
bool InitializeTPMToken(const std::string& token_name, |
int token_slot_id, |
const std::string& user_pin) { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
// If EnableTPMTokenForNSS hasn't been called, return false. |
if (!tpm_token_enabled_for_nss_) |
return false; |
@@ -281,6 +289,12 @@ class NSSInitSingleton { |
} |
void GetTPMTokenInfo(std::string* token_name, std::string* user_pin) { |
+ // TODO(mattm): Change to DCHECK when callers have been fixed. |
+ if (!thread_checker_.CalledOnValidThread()) { |
+ DVLOG(1) << "Called on wrong thread.\n" |
+ << base::debug::StackTrace().ToString(); |
+ } |
+ |
if (!tpm_token_enabled_for_nss_) { |
LOG(ERROR) << "GetTPMTokenInfo called before TPM Token is ready."; |
return; |
@@ -292,6 +306,12 @@ class NSSInitSingleton { |
} |
bool IsTPMTokenReady() { |
+ // TODO(mattm): Change to DCHECK when callers have been fixed. |
+ if (!thread_checker_.CalledOnValidThread()) { |
+ DVLOG(1) << "Called on wrong thread.\n" |
+ << base::debug::StackTrace().ToString(); |
+ } |
+ |
return tpm_slot_ != NULL; |
} |
@@ -299,6 +319,8 @@ class NSSInitSingleton { |
// id as an int. This should be safe since this is only used with chaps, which |
// we also control. |
PK11SlotInfo* GetTPMSlotForId(CK_SLOT_ID slot_id) { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
if (!chaps_module_) |
return NULL; |
@@ -316,6 +338,8 @@ class NSSInitSingleton { |
bool OpenTestNSSDB() { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
if (test_slot_) |
return true; |
if (!g_test_nss_db_dir.Get().CreateUniqueTempDir()) |
@@ -325,6 +349,8 @@ class NSSInitSingleton { |
} |
void CloseTestNSSDB() { |
+ DCHECK(thread_checker_.CalledOnValidThread()); |
+ |
if (!test_slot_) |
return; |
SECStatus status = SECMOD_CloseUserDB(test_slot_); |
@@ -336,6 +362,12 @@ class NSSInitSingleton { |
} |
PK11SlotInfo* GetPublicNSSKeySlot() { |
+ // TODO(mattm): Change to DCHECK when callers have been fixed. |
+ if (!thread_checker_.CalledOnValidThread()) { |
+ DVLOG(1) << "Called on wrong thread.\n" |
+ << base::debug::StackTrace().ToString(); |
+ } |
+ |
if (test_slot_) |
return PK11_ReferenceSlot(test_slot_); |
if (software_slot_) |
@@ -344,6 +376,12 @@ class NSSInitSingleton { |
} |
PK11SlotInfo* GetPrivateNSSKeySlot() { |
+ // TODO(mattm): Change to DCHECK when callers have been fixed. |
+ if (!thread_checker_.CalledOnValidThread()) { |
+ DVLOG(1) << "Called on wrong thread.\n" |
+ << base::debug::StackTrace().ToString(); |
+ } |
+ |
if (test_slot_) |
return PK11_ReferenceSlot(test_slot_); |
@@ -389,6 +427,11 @@ class NSSInitSingleton { |
root_(NULL), |
chromeos_user_logged_in_(false) { |
base::TimeTicks start_time = base::TimeTicks::Now(); |
+ |
+ // It's safe to construct on any thread, since LazyInstance will prevent any |
+ // other threads from accessing until the constructor is done. |
+ thread_checker_.DetachFromThread(); |
+ |
EnsureNSPRInit(); |
// We *must* have NSS >= 3.14.3. |
@@ -598,6 +641,8 @@ class NSSInitSingleton { |
// is fixed, we will no longer need the lock. |
base::Lock write_lock_; |
#endif // defined(USE_NSS) |
+ |
+ base::ThreadChecker thread_checker_; |
}; |
// static |