New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
runtime: Use a limited multi-threaded Tokio runtime in SGX #5214
Conversation
Codecov Report
@@ Coverage Diff @@
## master #5214 +/- ##
==========================================
- Coverage 61.41% 61.33% -0.09%
==========================================
Files 512 512
Lines 54243 54243
==========================================
- Hits 33316 33269 -47
- Misses 16706 16750 +44
- Partials 4221 4224 +3 see 19 files with indirect coverage changes Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
6a5f409
to
4813cb9
Compare
894aa9e
to
5e96949
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NIce, works as expected 👍
Tested on an SGX instance and can confirm, that the ephemeral secret replication deadlock problem, which occured if all key managers were restarted at the same time, is now gone.
writer: W, | ||
) -> Result< | ||
( | ||
tokio::sync::OwnedMutexGuard<MultiplexedSession>, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a big fan of returning a guard, especially not in public methods.
I would maybe refactor/rename demuxer to track and purge sessions only (get_or_create
, remove
, reset
).
update multiplexed session (close
) and then do all this stuff in the dispatcher.
let frame:Frame = cbor::from_slice(&request)?;
let session = self.sessions.get_or_create_session(frame.session);
session.lock_owned().await
let message = session.process_data(frame.payload, writer).await?;
...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You would still need to keep the locked session as you need to also process the response, but actual RPC dispatch can only happen in the dispatcher.
5e96949
to
ed71909
Compare
ed71909
to
bb20e69
Compare
@@ -170,10 +170,13 @@ pub struct Dispatcher { | |||
impl Dispatcher { | |||
#[cfg(target_env = "sgx")] | |||
fn new_tokio_runtime() -> tokio::runtime::Runtime { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the future we could move this to future.rs
, call it from start_runtime
and pass it to dispatcher and protocol constructors.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, that's a good idea, yeah this part needs some refactoring.
No description provided.