[PATCH v3 1/2] osxkeychain: exclusive lock to serialize execution of operations

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Koji Nakamaru via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Bo Anderson <mail@boanderson.me>, Jeff King <peff@peff.net>,
	"brian m. carlson" <sandals@crustytoothpaste.net>,
	Junio C Hamano <gitster@pobox.com>,
	Koji Nakamaru <koji.nakamaru@gree.net>,
	Koji Nakamaru <koji.nakamaru@gree.net>
Subject: [PATCH v3 1/2] osxkeychain: exclusive lock to serialize execution of operations
Date: Wed, 15 May 2024 19:21:06 +0000	[thread overview]
Message-ID: <3341346c5e6caaad3f222380a82425e1f14b97fa.1715800868.git.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1729.v3.git.1715800868.gitgitgadget@gmail.com>

From: Koji Nakamaru <koji.nakamaru@gree.net>

git passes a credential that has been used successfully to the helpers
to record. If "git-credential-osxkeychain store" commands run in
parallel (with fetch.parallel configuration and/or by running multiple
git commands simultaneously), some of them may exit with the error
"failed to store: -25299". This is because SecItemUpdate() in
add_internet_password() may return errSecDuplicateItem (-25299) in this
situation. Apple's documentation [1] also states as below:

  In macOS, some of the functions of this API block while waiting for
  input from the user (for example, when the user is asked to unlock a
  keychain or give permission to change trust settings). In general, it
  is safe to use this API in threads other than your main thread, but
  avoid calling the functions from multiple operations, work queues, or
  threads concurrently. Instead, serialize function calls or confine
  them to a single thread.

The error has not been noticed before, because the former implementation
ignored the error.

Introduce an exclusive lock to serialize execution of operations.

[1] https://developer.apple.com/documentation/security/certificate_key_and_trust_services/working_with_concurrency

Signed-off-by: Koji Nakamaru <koji.nakamaru@gree.net>
---
 contrib/credential/osxkeychain/git-credential-osxkeychain.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/contrib/credential/osxkeychain/git-credential-osxkeychain.c b/contrib/credential/osxkeychain/git-credential-osxkeychain.c
index 6a40917b1ef..0884db48d0a 100644
--- a/contrib/credential/osxkeychain/git-credential-osxkeychain.c
+++ b/contrib/credential/osxkeychain/git-credential-osxkeychain.c
@@ -414,6 +414,9 @@ int main(int argc, const char **argv)
 	if (!argv[1])
 		die("%s", usage);

+	if (open(argv[0], O_RDONLY | O_EXLOCK) == -1)
+		die("failed to lock %s", argv[0]);
+
 	read_credential();

 	if (!strcmp(argv[1], "get"))
-- 
gitgitgadget

next prev parent reply	other threads:[~2024-05-15 19:21 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-10  8:07 [PATCH] osxkeychain: lock for exclusive execution Koji Nakamaru via GitGitGadget
2024-05-10 15:02 ` Bo Anderson
2024-05-10 20:01   ` Jeff King
2024-05-10 20:33     ` brian m. carlson
2024-05-10 22:07       ` Jeff King
2024-05-10 23:12         ` brian m. carlson
2024-05-10 20:40     ` Junio C Hamano
2024-05-10 22:09       ` Jeff King
2024-05-10 22:50         ` Junio C Hamano
     [not found] ` <C0C8F71D-2A01-4C31-9EB6-AB31FA17C3AB@boanderson.me>
2024-05-10 18:26   ` Koji Nakamaru
2024-05-11 11:55 ` [PATCH v2 0/2] " Koji Nakamaru via GitGitGadget
2024-05-11 11:55   ` [PATCH v2 1/2] " Koji Nakamaru via GitGitGadget
2024-05-12  4:09     ` Junio C Hamano
2024-05-12  6:47       ` Koji Nakamaru
2024-05-11 11:55   ` [PATCH v2 2/2] osxkeychain: state[] seen=1 to skip unnecessary store operations Koji Nakamaru via GitGitGadget
2024-05-12  4:09     ` Junio C Hamano
2024-05-12  7:05       ` Koji Nakamaru
2024-05-15 19:21   ` [PATCH v3 0/2] osxkeychain: lock for exclusive execution Koji Nakamaru via GitGitGadget
2024-05-15 19:21     ` Koji Nakamaru via GitGitGadget [this message]
2024-05-15 19:21     ` [PATCH v3 2/2] osxkeychain: state to skip unnecessary store operations Koji Nakamaru via GitGitGadget
2024-05-15 19:41     ` [PATCH v3 0/2] osxkeychain: lock for exclusive execution Koji Nakamaru

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:6a40917b1e dfblob:0884db48d0 )
 OR (
bs:"[PATCH v3 1/2] osxkeychain: exclusive lock to serialize execution of operations" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3341346c5e6caaad3f222380a82425e1f14b97fa.1715800868.git.gitgitgadget@gmail.com \
    --to=gitgitgadget@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=koji.nakamaru@gree.net \
    --cc=mail@boanderson.me \
    --cc=peff@peff.net \
    --cc=sandals@crustytoothpaste.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).