santad: Allow configuring a static set of rules via configuration profile #846
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pmarkowsky
suggested changes
Jul 13, 2022
tburgin
reviewed
Jul 14, 2022
| @@ -549,6 +560,21 @@ - (void)setRemountUSBMode:(NSArray<NSString *> *)args { | |||
| return args; | |||
| } | |||
|
|
|||
| - (NSDictionary<NSString *, SNTRule *> *)staticRules { | |||
| NSArray *currentRules = self.configState[kStaticRules]; | |||
There was a problem hiding this comment.
We need to make sure this is indeed an NSArray.
| @@ -549,6 +560,21 @@ - (void)setRemountUSBMode:(NSArray<NSString *> *)args { | |||
| return args; | |||
| } | |||
|
|
|||
| - (NSDictionary<NSString *, SNTRule *> *)staticRules { | |||
| NSArray *currentRules = self.configState[kStaticRules]; | |||
| if (currentRules.hash != self.cachedStaticRulesHash) { | |||
There was a problem hiding this comment.
How expensive is this hashing? For a really large set I can see the cost adding up since we need to hash for every exec. Instead of initializing lazily here we should move the parsing closer to when the rules are added to the profile. We could add a new property for the unprocessed rules and KVO observe changes. We could do the parsing there. This method turns into a fast getter for the current set of rules.
|
|
||
| self = [super init]; | ||
| if (self) { | ||
| _identifier = dict[kRuleIdentifier]; |
There was a problem hiding this comment.
Anything we get out of the dictionary we can’t trust. We need to check the types are what we expect.
russellhancox
added a commit
that referenced
this pull request
Jul 14, 2022
In #846 I forgot that is only a count of the entries so if the config changes but the number of rules remains the same we would never update the cache. This PR moves the processing of the raw config into the KVO handler code so it is not at all in the hot-path.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new top-level configuration key
StaticRulesthat allows setting a static set of rules utilized before any rules in the database. This allows for 2 things:Fixes #777 and #285