[systemd-devel] [PATCH 07/12] policy: use the db->entries_hash to access the policy db entries

Djalal Harouni tixxdz at opendz.org
Fri Jun 20 11:12:13 PDT 2014 

On Fri, Jun 20, 2014 at 08:01:04PM +0200, Daniel Mack wrote:
> On 06/20/2014 07:28 PM, Daniel Mack wrote:
> > On 06/20/2014 06:50 PM, Djalal Harouni wrote:
> >> Use the db->entries_hash to access the policy db entries instead of the
> >> db->send_access_hash which is just a cache for send entries.
> 
> Ah, you're purging the other entries in patch #12. Alright then, now it
> makes sense.
Indeed, I've tested it and the cache is cleared.

> Applied both #7 and #9 now.
Thank you Daniel, There is a still another series related to the cache I
just need to test it.

When we update the TALK POLICY of a connection that is already
referenced as a *destination* in the cache we must purge all its entries
from the cache, since permission have been changed! we need to redo the
permission checks.

This should be done in kdbus_policy_set() when we update the TALK policy
but since kdbus_policy_set() can be called by an endpoint as an owner,
not only a connection, I did split the code in a new function...

Anyway I'll test it send it tomorrow.


> 
> 
> Thanks,
> Daniel
> 
> 
> >>
> >> Signed-off-by: Djalal Harouni <tixxdz at opendz.org>
> >> ---
> >>  policy.c | 7 ++++---
> >>  1 file changed, 4 insertions(+), 3 deletions(-)
> >>
> >> diff --git a/policy.c b/policy.c
> >> index bf49f68..79d6fa4 100644
> >> --- a/policy.c
> >> +++ b/policy.c
> >> @@ -373,7 +373,7 @@ static void __kdbus_policy_remove_owner(struct kdbus_policy_db *db,
> >>  	struct hlist_node *tmp;
> >>  	int i;
> >>  
> >> -	hash_for_each_safe(db->send_access_hash, i, tmp, e, hentry)
> >> +	hash_for_each_safe(db->entries_hash, i, tmp, e, hentry)
> > 
> > Hmm, we need to do both, right? If an owner goes away, we need to kill
> > both the entries it created *and* the cached entries it is related to.
> > 
> > Now that I look at the code, I see that we miss an owner assignment for
> > the cache entries. I can fix that up later.
> > 
> >> @@ -482,7 +483,7 @@ int kdbus_policy_set(struct kdbus_policy_db *db,
> >>  	 * At the same time, the lookup mechanism won't find any collisions
> >>  	 * when looking for already exising names.
> >>  	 */
> >> -	hash_for_each_safe(db->send_access_hash, i, tmp, e, hentry)
> >> +	hash_for_each_safe(db->entries_hash, i, tmp, e, hentry)
> >>  		if (e->owner == owner) {
> >>  			struct kdbus_policy_list_entry *l;
> > 
> > This change looks right though.
> > 
> > 
> > 
> > Daniel
> > 
> > 
> > _______________________________________________
> > systemd-devel mailing list
> > systemd-devel at lists.freedesktop.org
> > http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> > 
> 

-- 
Djalal Harouni
http://opendz.org

More information about the systemd-devel mailing list