projects / systemd / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60da07e) | patch
core: replace IPAddressAccessItem with struct in_addr_prefix
authorYu Watanabe <watanabe.yu+github@gmail.com>
Fri, 10 Sep 2021 04:58:28 +0000 (13:58 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Tue, 14 Sep 2021 11:30:09 +0000 (20:30 +0900)
commit84ebe6f01381c21b88e37e856956c9c9ee6781d6
treefc82c6bb7bd8a3ac2e28636715c85358960f7b04tree | snapshot
parent60da07ecc7bb318d217810778e430399ab9a2ec7commit | diff
core: replace IPAddressAccessItem with struct in_addr_prefix

Previously, if a unit file which contains n IPAddressAllow/Deny= lines,
then the computational order of parsing the file was O(n^3), as
ip_address_access_reduce(), whose order is O(n^2), is called for each line.

By replacing in_addr_prefix related functions, now the computational
order is O(n log n).

Fixes #20680.
12 files changed:
src/analyze/analyze-security.c diff | blob | history
src/core/bpf-firewall.c diff | blob | history
src/core/cgroup.c diff | blob | history
src/core/cgroup.h diff | blob | history
src/core/dbus-cgroup.c diff | blob | history
src/core/ip-address-access.c [deleted file] blob | history
src/core/ip-address-access.h [deleted file] blob | history
src/core/load-fragment-gperf.gperf.in diff | blob | history
src/core/manager.h diff | blob | history
src/core/meson.build diff | blob | history
src/core/unit.h diff | blob | history
src/test/test-bpf-firewall.c diff | blob | history
https://github.com/systemd/systemd.git