Hi, Ken -
> > https://bugzilla.redhat.com/show_bug.cgi?id=1065803
> >and http://oss.sgi.com/bugzilla/show_bug.cgi?id=1102
> >and http://oss.sgi.com/pipermail/pcp/2014-November/005989.html
>
> I quickly looked at these issues, but from the info there I don't see a
> smoking gun pointing at pmdaCache ... not sayting it is not implicated,
> just not obvious to me.
The issues appear to be not in overtly buggy uses of the pmdaCache API,
design problems like why and how it is used.
> >IMHO the cache should be used for only long-lasting invariant-preserving
> >things like some instance-domains, instead as a general "lookup table for
> >stuff", with ill-defined scope and lifespan and access control.
>
> I humbly disagree 100%. pmdaCache can be used very effectively to
> support mapping between PCP acceptable instance names and identifiers
> and external names/uuids, etc -- exactly the "lookup table sort of stuff".
Sorry, to some extent I was conflating the __pmHash* stuff in
pmdas/linux_proc, where the case is even more clear-cut. We use
lookup tables of both sorts for much more than externally-visible
API-dicated-persistentish number<->string mappings.
They are used as a place to hang off (via the void* data/private
fields) all kinds of extra stuff, like metric values fetched sometime
in the past, whether they were requested or not (=> leading to
inflated syscall traffic), regardless of whether a future pcp-fetcher
will have access permissions or not (=> leading to security bugs).
That's the problem I'm hoping to fix.
- FChE
|