[roll] Roll fuchsia [sestarnix] Optimistically read-lock state for context computations When computing a Security Context (e.g. when labeling a new file on creation, or applying a transition on exec) the computation can be performed with only a read lock on the policy state, so long as a SID already exists for the resulting Security Context. A new SecurityServerBackend::compute_sid() helper is introduced, which implements optimistic computation of the Security Context and lookup of the existing SID, if any, under a read lock, and retries the operation under a write lock if no SID yet exists for the new Context. The helper is able to optimize out the computation in the write-locked path if there was no change in policy since the original read-locked computation. compute_sid() is currently applied to the code paths that parse Security Context from strings, and that compute them for new objects, and may be generalized to apply to other call-sites that generate a SID in follow-ups. Original-Bug: 458313502 Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/1469660 Original-Revision: 13e40d042a1fa5daf223619f3e7835e1ba7ec7ef GitOrigin-RevId: ed85e64a70812962fd32e0a37357eecd8ce38c08 Change-Id: I4439e35e951e8bc4f85df68aa7b048e287a9a9a3
This repository contains Fuchsia's Global Integration manifest files.
All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.
Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance in one of the communication channels documented at get involved.
First install Jiri.
Next run:
$ jiri init $ jiri import minimal https://fuchsia.googlesource.com/integration $ jiri update
Third party projects should have their own subdirectory in ./third_party.