Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[22033] Release participant_stateless secure builtin writer history change when authentication has finished (backport #5386) #5394

Open
wants to merge 3 commits into
base: 2.10.x
Choose a base branch
from

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Nov 12, 2024

Description

SecurityManager did not ensure that participant_stateless_secure_writer history changes were released when the remote participant was authenticated, leading to a high resource utilization.
This PR:

  • Decreases the default initial preallocated pool payload sizes experimentally:
    • Participant stateless was 6292 bytes, so it was left to the closest (2^n), 8192.
    • Participant secure volatile was 692, so it was left to 1024.
  • Makes the participant stateless secure writer history to remove the change when participants cryptography succeeds. In this way we ensure that authentication has finished in both sides. This was important because having authorized the remote is not a sufficient condition to remove the change as the remote may require us to resend until it completes the authentication with us.

Addition Notes:

  • A follow up PR will be made to configure the pool from the RTPSParticipantAllocationAttributes.
  • The temporal commit has to be removed after the review has finished.

@Mergifyio backport 3.1.x 3.0.x 2.14.x 2.10.x

Contributor Checklist

  • Commit messages follow the project guidelines.

  • The code follows the style guidelines of this project.

  • Tests that thoroughly check the new feature have been added/Regression tests checking the bug and its fix have been added; the added tests pass locally

  • Any new/modified methods have been properly documented using Doxygen.

  • Any new configuration API has an equivalent XML API (with the corresponding XSD extension)

  • Changes are backport compatible: they do NOT break ABI nor change library core behavior.

  • Changes are API compatible.

  • N/A New feature has been added to the versions.md file (if applicable).

  • N/A New feature has been documented/Current behavior is correctly described in the documentation.

  • Applicable backports have been included in the description.

Reviewer Checklist

  • The PR has a milestone assigned.
  • The title and description correctly express the PR's purpose.
  • Check contributor checklist is correct.
  • If this is a critical bug fix, backports to the critical-only supported branches have been requested.
  • Check CI results: changes do not issue any warning.
  • Check CI results: failing tests are unrelated with the changes.

This is an automatic backport of pull request #5386 done by [Mergify](https://mergify.com).

…when authentication has finished (#5386)

* TMP: REMOVE THIS COMMIT

Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>

* Refs #22033: BB test

Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>

* Refs #22033: Modify secure builtins initial payload size

Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>

* Refs #22033: Fix: release stateless msg payload pool when participant cryptography succeeds

Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>

---------

Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
(cherry picked from commit b414621)
Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
@Mario-DL Mario-DL requested review from Mario-DL and MiguelCompany and removed request for Mario-DL and MiguelCompany November 15, 2024 10:06
Signed-off-by: Mario Dominguez <mariodominguez@eprosima.com>
@Mario-DL Mario-DL requested review from MiguelCompany and removed request for MiguelCompany November 15, 2024 11:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ci-pending PR which CI is running
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants