Confirmed users
307
edits
SecurityEngineering/NSS Startup and Shutdown in Gecko: Difference between revisions
SecurityEngineering/NSS Startup and Shutdown in Gecko (view source)
Revision as of 21:13, 31 December 2015
, 31 December 2015→The Desired Setup: add more about NSS resources and leaks
(add best scenario section) |
(→The Desired Setup: add more about NSS resources and leaks) |
||
| Line 15: | Line 15: | ||
=== The Desired Setup === | === The Desired Setup === | ||
NSS should be initialized exactly once and shut down exactly once. Code that uses it should only be able to run after NSS is guaranteed to be initialized. While such code is running, it should prevent NSS from being shut down out from under it. Once NSS has been shut down (upon notification that the entire process is shutting down), all methods that would use NSS should check for this and return an error. | NSS should be initialized exactly once and shut down exactly once. Code that uses it should only be able to run after NSS is guaranteed to be initialized. While such code is running, it should prevent NSS from being shut down out from under it. When NSS is about to be shut down, all NSS resources held by the platform should be released. Any NSS resource leaks as detected by NSS_Shutdown should be fatal in debug builds. Once NSS has been shut down (upon notification that the entire process is shutting down), all methods that would use NSS should check for this and return an error. | ||
Writing new code that correctly deals with these restrictions should be easy. | Writing new code that correctly deals with these restrictions should be easy. | ||