[Dev] libcynara API
patrick.ohly at intel.com
Tue May 20 15:07:01 GMT 2014
On Tue, 2014-05-20 at 16:32 +0200, Lukasz Wojciechowski wrote:
> W dniu 2014-05-20 16:14, Patrick Ohly pisze:
> > On Tue, 2014-05-20 at 15:44 +0200, Lukasz Wojciechowski wrote:
> >> 3) parallel checks run from multi threads and cancellation of checks are
> >> needed by some but not all usages to cynara check.[Patrick Ohly]. I
> >> think we should provide thread-safe API that meets described
> >> requirements described by Patrick (allowing cancellation and concurrent
> >> checks launching).
> > Just to be sure, this includes all points that I proposed in my initial
> > email regarding thread safety? Casey only said that one can assume that
> > libcynara will be thread-safe, but didn't go into details of what that
> > really means.
> > The points where:
> > 1. cynara_initialize() will complete "quickly" enough such that the
> > delay caused by calling it will not be noticeable to the user.
> > 2. cynara_initialize() can be called multiple times in the same
> > process, either sequentially or concurrently in different
> > threads.
> > 3. cynara_finish() must be called once for each
> > cynara_initialize(). Again it is allowed to call cynara_finish()
> > concurrently in different threads.
> > 4. cynara_check() can be called by different threads concurrently.
> > If a cynara_check() call is running when cynara_finish() gets
> > called, then cynara_check() will return with an ABORTED status.
> I agree to all, except 4b) which I don't understand : " If a
> cynara_check() call is running when cynara_finish() gets called, then
> cynara_check() will return with an ABORTED status. "
> Do You want cynara_finish to abort all cynara_checks run from all
> threads or just one? If one, which one?
Suppose you allow concurrent calls to cynara_finish() and cynara_check()
and one thread is inside cynara_check() for the cynara instance that
another thread is trying to free with cynara_finish().
What should happen in your opinion?
Above is my proposal, with the goal in mind that cynara_finish() should
better be called when the process shuts down even when there are active
checks. It's not absolutely required. Process shutdown could also take
shortcuts and avoid freeing some resources when it cannot do that.
> > 5. cynara_finish() will complete "quickly" and thus is safe to call
> > as part of the cleanup code of a service.
> > Regarding the "needed": it's not absolutely required that you implement
> > this right away. I brought it up now because it might be easier to take
> > these aspects into account while designing Cynara vs. adding it later.
> By "needed" I understand that there is a software for Tizen that wants
> to use cynara but it cannot in current form of API, so we need to
> enhance it.
Concurrent cynara_check() calls are needed in that sense only if one
wants to allow concurrent privilege checks. I don't have a strong
opinion about whether that is needed for Tizen.
I could use a non-thread-safe libcynara when taking extra precautions in
the code calling it. It's more a matter of properly documenting what
works and what doesn't than it is to support advanced functionality.
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.
More information about the Dev