Re: Authz perf regression 1.9 -> 1.10

On 12.09.2019 10:44, Sam Toliman wrote:
> > How do you propose that the parser should know, in advance, which parts
> > of the authz and groups files it can discard unless it parses all of
> them?
>
> By this point
> <https://github.com/apache/subversion/blob/6fb211a2f84c9fe69025e16bc564d2f8dc343249/subversion/svnserve/serve.c#L4261>
> b->client_info->tunnel_user is properly set only in the tunnel mode. I
> think it can be passed to the svn_authz__parse(), which should become
> slightly more intelligent passing stream and tunnel_user to specific
> callbacks for the [groups] and the [aliases] sections. By default
> there are no discovered groups. Surfing the group section parser
> should skip all users except tunnel_user and already discovered
> groups, otherwise add such group with relevant data to the set of
> discovered. Same for aliases.
> Thus we will have parsed only groups related to a particular user and
> svn_authz__parse() won't need to to expand all irrelevant groups
> <https://github.com/apache/subversion/blob/f91051c82d38a732b546a84f4ead491514e81010/subversion/libsvn_repos/authz_parse.c#L1417>
> (~3500k in my case)

You have more than 3 million groups?

> and expand every acl (~100 in my case) applying access rules to all
> irrelevant users
> <https://github.com/apache/subversion/blob/f91051c82d38a732b546a84f4ead491514e81010/subversion/libsvn_repos/authz_parse.c#L1452>
> (~35k in my case).
>
> Please correct me if I am naive somewhere.

The best thing you can do is prepare a patch, with tests, that
implements your suggestions. Considering of course that correctness is
more important than performance. :)

-- Brane
Received on 2019-09-12 12:33:17 CEST