Closed Bug 1328821 Opened 9 years ago Closed 9 years ago

hash completion request for v4 should not depend on table freshness

Categories

(Toolkit :: Safe Browsing, defect, P2)

Product:
Toolkit
Component:
Safe Browsing
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla54
Tracking Flags:
Tracking Status
firefox54 --- fixed

People

(Reporter: dlee, Assigned: dlee)

References

Details

(Whiteboard: #sbv4-m5)

Attachments

(1 file)

Bug 1328821 - hash completion request for v4 should not depend on table freshness.
59 bytes, text/x-review-board-request
francois
: review+
Details
Right now when Classifier matches a completion, table freshness is used to decide if this completion is out of date or not, the reason we are doing that is because we don't have a TTL for caching. As for V4, positive caching and negative caching is introduced[1] so we should not use table freshness as TTL. [1] https://developers.google.com/safe-browsing/v4/caching
Attachment #8823980 - Flags: review?(hchang)
Comment on attachment 8823980 [details] Bug 1328821 - hash completion request for v4 should not depend on table freshness. https://reviewboard.mozilla.org/r/102464/#review103712 Looks pretty good to me! Ideally I'd like to combine "freshness" and "positive/negative" cache as one concept. However, per offline discussion with Dimi and Thomas, combining freshness and positive/negative cache is not a trivial work and I don't see any immediate benefit from it. So just leave freshness and positive/negative cache split apart. ::: toolkit/components/url-classifier/Classifier.cpp:486 (Diff revision 2) > - int64_t age; > - bool found = mTableFreshness.Get(cache->TableName(), &age); > - if (!found) { > - age = 24 * 60 * 60; // just a large number > - } else { > - int64_t now = (PR_Now() / PR_USEC_PER_SEC); > + // For V2, there is no TTL for caching, so we use table freshness to > + // decide if matching a completion should trigger a gethash request or not. > + // For V4, this is done by Positive Caching & Negative Caching mechanism. > + bool confirmed = false; > + if (fromCache) { > + cache->IsHashEntryConfirmed(lookupHash, mTableFreshness, Is there any reason or concern that we can't merge |IsHashEntryConfirmed| to |Has|? It seems to me |fromCache| is just an intermediary info that Classifier does not need to know. Why don't we have |Has| return |confirmed| directly? One of the reasons might be to reduce the number of arguments we have to pass to |Has|. (otherwise we have pass mTableFreshness and aFreshnessGuarantee to |Has|) Anyways both works for me just would like to know if I am understanding correctly :) ::: toolkit/components/url-classifier/LookupCache.cpp:463 (Diff revision 2) > + bool* aConfirmed) > +{ > + int64_t age; > + bool found = aTableFreshness.Get(mTableName, &age); > + if (!found) { > + age = 24 * 60 * 60; // just a large number It seems to be copied from the old code, but what do you think of using just UINT_MAX or return false here?
Attachment #8823980 - Flags: review?(hchang) → review+
Thanks for review! (In reply to Henry Chang [:henry][:hchang] from comment #3) > > ::: toolkit/components/url-classifier/Classifier.cpp:486 > (Diff revision 2) > > - int64_t age; > > - bool found = mTableFreshness.Get(cache->TableName(), &age); > > - if (!found) { > > - age = 24 * 60 * 60; // just a large number > > - } else { > > - int64_t now = (PR_Now() / PR_USEC_PER_SEC); > > + // For V2, there is no TTL for caching, so we use table freshness to > > + // decide if matching a completion should trigger a gethash request or not. > > + // For V4, this is done by Positive Caching & Negative Caching mechanism. > > + bool confirmed = false; > > + if (fromCache) { > > + cache->IsHashEntryConfirmed(lookupHash, mTableFreshness, > > Is there any reason or concern that we can't merge |IsHashEntryConfirmed| to > |Has|? It seems to me |fromCache| is just an intermediary info that > Classifier does not need to know. Why don't we have > |Has| return |confirmed| directly? > > One of the reasons might be to reduce the number of arguments we have to > pass to |Has|. (otherwise we have pass mTableFreshness and > aFreshnessGuarantee to |Has|) > > Anyways both works for me just would like to know if I am understanding > correctly :) > You are right, the reason I add "IsHashEntryConfirmed" is too reduce the number of arguments passed to |Has|. Another reason is that we have testcase to test |Has| and i don't want to make |Has| to have "expiration" logic in it. > ::: toolkit/components/url-classifier/LookupCache.cpp:463 > (Diff revision 2) > > + bool* aConfirmed) > > +{ > > + int64_t age; > > + bool found = aTableFreshness.Get(mTableName, &age); > > + if (!found) { > > + age = 24 * 60 * 60; // just a large number > > It seems to be copied from the old code, but what do you think of using just > UINT_MAX or return false here? I'll set UINT_MAX, thanks for suggestion.
No longer blocks: safebrowsingv4
Priority: -- → P2
Comment on attachment 8823980 [details] Bug 1328821 - hash completion request for v4 should not depend on table freshness. https://reviewboard.mozilla.org/r/102464/#review105036 Looks good. Just a few small things before giving you an r+. Feel free to remove the "for reviewer only" bits too in your next revision. ::: toolkit/components/url-classifier/LookupCache.h:73 (Diff revision 3) > > nsCString mTableName; > > uint32_t mPartialHashLength; > + > + // True if the lookup result is confirmed as an unsafe url. I would suggest "True as long as this lookup hasn't expired" ::: toolkit/components/url-classifier/LookupCache.cpp:460 (Diff revision 3) > +LookupCacheV2::IsHashEntryConfirmed(const Completion& aEntry, > + const TableFreshnessMap& aTableFreshness, > + uint32_t aFreshnessGuarantee, > + bool* aConfirmed) > +{ > + int64_t age; Let's add a comment to be explicit: int64_t age; // in seconds ::: toolkit/components/url-classifier/LookupCache.cpp:468 (Diff revision 3) > + *aConfirmed = false; > + } else { > + int64_t now = (PR_Now() / PR_USEC_PER_SEC); > + > + // Considered completion as unsafe if its table is up-to-date. > + *aConfirmed = (now - age) < aFreshnessGuarantee; Let's put an assert here which ensures that `age <= now`. ::: toolkit/components/url-classifier/LookupCacheV4.cpp:105 (Diff revision 3) > uint32_t prefix = aCompletion.ToUint32(); > LOG(("Probe in V4 %s: %X, found %d, complete %d", mTableName.get(), > - prefix, *aHas, *aComplete)); > + prefix, *aHas, length == COMPLETE_SIZE)); > } > > + // Note. !!! We could add `// TODO : Bug 1311935 - Implement v4 caching` in here too. ::: toolkit/components/url-classifier/LookupCacheV4.cpp:155 (Diff revision 3) > + uint32_t aFreshnessGuarantee, > + bool* aConfirmed) > +{ > + // TODO : Bug 1311935 - Implement v4 caching > + > + *aConfirmed = false; Maybe we should return `true` until this is implemented? It would prevent us sending any extra gethash requests. ::: toolkit/components/url-classifier/nsUrlClassifierDBService.cpp:1007 (Diff revision 3) > if (NS_SUCCEEDED(rv)) { > mPendingCompletions++; > } > } else { > // For tables with no hash completer, a complete hash match is > // good enough, we'll consider it fresh, even if it hasn't been updated Let's use the word "valid" instead of "fresh" since we're no longer relying on table freshness. ::: toolkit/components/url-classifier/nsUrlClassifierDBService.cpp:1008 (Diff revision 3) > mPendingCompletions++; > } > } else { > // For tables with no hash completer, a complete hash match is > // good enough, we'll consider it fresh, even if it hasn't been updated > // in 45 minutes. We may as well remove the hard-coded "45 minutes" here and say "even if it hasn't been updated in a long time".
Attachment #8823980 - Flags: review?(francois) → review-
Comment on attachment 8823980 [details] Bug 1328821 - hash completion request for v4 should not depend on table freshness. https://reviewboard.mozilla.org/r/102464/#review105822
Attachment #8823980 - Flags: review?(francois) → review+
Let's wait until bug 1331534 has landed before landing this completion fixed. That will ensure that regardless of caching, we won't be honouring V4 matches.
Depends on: 1331534
Keywords: checkin-needed
Pushed by ihsiao@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/5561d7805979 hash completion request for v4 should not depend on table freshness. r=francois,henry
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/5561d7805979
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox54: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: