[Common] Add synchronization to privilege checking

common::tools::CheckAccess() can be called from multiple threads in the
same time. (This happens in web service apps, which now are running as
separate threads of a single process.)
This commit adds synchronization of the access of this function's static
resources.

[Verification] Code compiles. The code works fine in a single-threaded
app

Change-Id: I4af0715d3605284bf82b2abe207dabe024986d25
Signed-off-by: Pawel Wasowski <p.wasowski2@samsung.com>

diff --git a/src/common/tools.cc b/src/common/tools.cc
index 9e9368e..552af1a 100644 (file)
--- a/src/common/tools.cc
+++ b/src/common/tools.cc
@@ -17,6 +17,7 @@
 #include "common/tools.h"
 
 #include <app_manager.h>
+#include <mutex>
 #include <pkgmgr-info.h>
 #include <privilegemgr/privilege_manager.h>
 #include <sys/stat.h>
@@ -276,6 +277,15 @@ PlatformResult CheckAccess(const std::string& privilege) {
 PlatformResult CheckAccess(const std::vector<std::string>& privileges) {
   ScopeLogger();
 
+  /*
+   * This lock is crucial to avoid concurrent access of static variables in this function and
+   * in AccessControlImpl class.
+   * Concurrent access is likely in web service apps. If multiple are running, each of them is executed in
+   * a thread of the same process.
+   */
+  static std::mutex check_access_mutex;
+  const std::lock_guard<std::mutex> lock{check_access_mutex};
+
   // Local cache of mapped privilege strings. This routine can be called many times, especially
   // during application launch, generating a high overhead of retrieving mapped privileges from
   // the underlying databases. This is especially the case since the same mappings can end up