<!-- Kamailio Pull Request Template -->

<!--
IMPORTANT:
  - for detailed contributing guidelines, read:
    https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md
  - pull requests must be done to master branch, unless they are backports
    of fixes from master branch to a stable branch
  - backports to stable branches must be done with 'git cherry-pick -x ...'
  - code is contributed under BSD for core and main components (tm, sl, auth, 
tls)
  - code is contributed GPLv2 or a compatible license for the other components
  - GPL code is contributed with OpenSSL licensing exception
-->

#### Pre-Submission Checklist
<!-- Go over all points below, and after creating the PR, tick all the 
checkboxes that apply -->
<!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines 
from above-->
<!-- If you're unsure about any of these, don't hesitate to ask on sr-dev 
mailing list -->
- [X] Commit message has the format required by CONTRIBUTING guide
- [X] Commits are split per component (core, individual modules, libs, utils, 
...)
- [X] Each component has a single commit (if not, squash them into one commit)
- [X] Code is formatted with `clang-format` using the config file 
`.clang-format`
  from source code folder
- [X] No commits to README files for modules (changes must be done to docbook 
files
  in `doc/` subfolder, the README file is autogenerated)

#### Type Of Change
- [X] Small bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds new functionality)
- [ ] Breaking change (fix or feature that would change existing functionality)

#### Checklist:
<!-- Go over all points below, and after creating the PR, tick the checkboxes 
that apply -->
- [ ] PR should be backported to stable branches
- [X] Tested changes locally
- [ ] Related to issue #XXXX (replace XXXX with an open issue number)

#### Description
<!-- Describe your changes in detail -->

This commit targets the locks safety in scope of processing of address, trusted 
and domain tables of permissions module.
It doesn't change existing functionality, but improves existing module to be 
race safe.

This commit introduces the usage of:
- hash-bucket level locks
- upper level locks for the tables themselves

Locks of different levels do not have any contradiction, and fit each other 
well because:
- upper level locks guarantee that concurrent reloads don't hit the re-init of 
tables at the same time
- hash-bucket level locks guarantee that at a time of manipulation the content 
there is no chance for t hings like: iterator invalidation, pointer corruption 
etc.
- locks are used in the precedence of: 1. First upper level lock; 2. Secondly 
hash-buckets level locks;

This commit improves the structures organization and from using linked lists 
(that were considered as hash tables, but indeed were not) re-organizes them 
into real hash tables, which handle hash buckets (using previously existed 
linked lists).
This is true for trusted, address and domain tables. As they are the most 
vulnerable.

This commit deprecates workarounds done previously to make the reload-delta 
dependent on hardcoded time values in the source code. See `0039c50`.

Reason of the change: gives a race-free usage of tables regardless the amount 
of data inserted into tables and regardless how many competitive reloads are 
pending at a time (e.g. 2-3 RPC commands sent at a time to reload same tables).

Other improvements:
- use hash indexes for a quicker lookup in buckets
- improve the mechanism of duplicate entries detection
(use the source ip, ruri pattern, from pattern and the protocol to detect 
existing similar entries)
- more safety checks in functions manipulating hash tables
(like checking NULL pointers, empty patterns for matching purposes etc.)
- align return values in trusted/hash implementations so that return values are 
everywhere considered in the similar way
(everything != 0 is considered as failure, 0 is considered as fine)
- split tables allocation and initialization
- add destruction handlers for tables instead of manually handling entries 
freeing
- some other minor improvements (see more details in commit bodies themselves)

You can view, comment on, or merge this pull request online at:

  https://github.com/kamailio/kamailio/pull/4787

-- Commit Summary --

  * permissions: remove the permissions reload rework
  * permissions: hash header, remove dangling declarations
  * permissions: support locked tables
  * permissions: module rework to support locks
  * permissions: introduce trusted table maintenance lock
  * permissions: take a local snapshot of the current table
  * permissions: suppress only exact duplicate DB rows
  * permissions: remove unsed hash functions
  * permissions: add address hash table handling
  * permissions: add domain hash table handling
  * permissions: integrate address hash table in hash code
  * permissions: integrate domain hash table in hash code
  * permissions: integrate address hash tables
  * permissions: integrate domain hash tables
  * permissions: add address tables upper lock
  * permissions: add domain tables upper lock
  * permissions: remove legacy address/domain table API
  * permissions: format into required clang format

-- File Changes --

    M src/modules/permissions/address.c (283)
    M src/modules/permissions/address.h (6)
    M src/modules/permissions/hash.c (1526)
    M src/modules/permissions/hash.h (205)
    M src/modules/permissions/rpc.c (24)
    M src/modules/permissions/trusted.c (275)
    M src/modules/permissions/trusted.h (12)

-- Patch Links --

https://github.com/kamailio/kamailio/pull/4787.patch
https://github.com/kamailio/kamailio/pull/4787.diff

-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/pull/4787
You are receiving this because you are subscribed to this thread.

Message ID: <kamailio/kamailio/pull/[email protected]>
_______________________________________________
Kamailio - Development Mailing List -- [email protected]
To unsubscribe send an email to [email protected]
Important: keep the mailing list in the recipients, do not reply only to the 
sender!

Reply via email to