Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add RemoveFabric to AccessControl #16685

Merged
merged 1 commit into from
Mar 26, 2022
Merged

Add RemoveFabric to AccessControl #16685

merged 1 commit into from
Mar 26, 2022

Conversation

mlepage-google
Copy link
Contributor

@mlepage-google mlepage-google commented Mar 25, 2022
edited
Loading

Problem

Access control needs to support removing a fabric, and full factory reset.
Issue #13876

Change overview

Add AccessControl::RemoveFabric.

Call it from ServerFabricDelegate::OnFabricDeletedFromStorage.

Use the "public" API to delete entries for a fabric.

Testing

  • Tested on Linux using chip-all-clusters-app and chip-tool
  • Commissioned app on 3 fabrics
  • With 3, 2, and 2 distinct ACLs
  • Removed second (middle) fabric
  • Verified remaining 5 ACLs (for first and last fabric) correct
  • Even after restarting app

@mlepage-google
Add RemoveFabric to AccessControl
0f5bcfc 
Use the "public" API to delete entries for a fabric.

Tested (on Linux using chip-all-clusters-app and chip-tool) by
commissioning on three fabrics, with 3, 2, and 2 distinct ACLs,
then removing the second (middle) fabric, and verifying that
the remaining 5 ACLs are preserved, even after restart.

Part of issue project-chip#13876 (fabric removal and factory reset)
@boring-cyborg boring-cyborg bot added the app label Mar 25, 2022
@github-actions
Copy link

github-actions bot commented Mar 25, 2022
edited
Loading

PR #16685: Size comparison from c14faeb to 0f5bcfc

Increases (26 builds for cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
platform target config section c14faeb 0f5bcfc change % change
cyw30739 light cyw930739m2evb_01 (read/write) 604466 604562 96 0.0
.app_xip_area 511636 511732 96 0.0
lock cyw930739m2evb_01 (read/write) 562270 562366 96 0.0
.app_xip_area 470968 471064 96 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 574626 574658 32 0.0
.app_xip_area 473676 473708 32 0.0
efr32 lighting-app BRD4161A (read only) 925416 925536 120 0.0
.text 925408 925528 120 0.0
BRD4161A+rpc (read only) 954240 954336 96 0.0
.text 954232 954328 96 0.0
window-app BRD4161A (read only) 854828 854948 120 0.0
.text 854820 854940 120 0.0
esp32 all-clusters-app c3devkit (read only) 965550 965622 72 0.0
(read/write) 1394138 1394170 32 0.0
.flash.rodata 199008 199040 32 0.0
.flash.text 965550 965622 72 0.0
m5stack (read only) 1022039 1022107 68 0.0
(read/write) 461884 461924 40 0.0
.flash.rodata 228504 228544 40 0.0
.flash.text 1016655 1016723 68 0.0
k32w light k32w061+release (read/write) 702984 703080 96 0.0
.text 617740 617836 96 0.0
lock k32w061+release (read/write) 702084 702180 96 0.0
.text 616824 616920 96 0.0
linux all-clusters-app debug (read only) 2487249 2487665 416 0.0
.rodata 212133 212197 64 0.0
.text 2111442 2111794 352 0.0
bridge-app debug+rpc (read only) 1759653 1760037 384 0.0
.rodata 144268 144300 32 0.0
.text 1500149 1500501 352 0.0
chip-tool debug (read only) 1017902 10179061 32 0.0
.rodata 518517 518549 32 0.0
door-lock-app debug (read only) 2011633 2012017 384 0.0
.rodata 180924 180956 32 0.0
.text 1681026 1681378 352 0.0
lighting-app debug+rpc (read only) 2185441 2185809 368 0.0
.rodata 174908 174940 32 0.0
.text 1851490 1851826 336 0.0
ota-provider-app debug (read only) 1952841 1953241 400 0.0
.rodata 166667 166731 64 0.0
.text 1634434 1634770 336 0.0
ota-requestor-app debug (read only) 1980417 1980833 416 0.0
.rodata 162788 162852 64 0.0
.text 1664882 1665234 352 0.0
shell debug (read only) 2436057 2436425 368 0.0
.rodata 209618 209650 32 0.0
.text 2069618 2069954 336 0.0
thermostat-no-ble arm64 (read only) 2268996 2269300 304 0.0
.rodata 139652 139684 32 0.0
.text 1905984 1906256 272 0.0
tv-app debug (read only) 2682465 2682865 400 0.0
.rodata 205579 205643 64 0.0
.text 2302258 2302594 336 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read/write) 2354708 2354804 96 0.0
.text 1317308 1317404 96 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1140887 1140983 96 0.0
rodata 142016 142048 32 0.0
text 781500 781560 60 0.0
p6 all-clusters-app default (read/write) 2496624 2496744 120 0.0
.text 1454888 1455008 120 0.0
light-app default (read/write) 2399016 2399136 120 0.0
.text 1357280 1357400 120 0.0
lock-app default (read/write) 2362552 2362672 120 0.0
.text 1320816 1320936 120 0.0
telink lighting-app tlsr9518adk80d (read/write) 897458 897566 108 0.0
text 634878 634950 72 0.0
Full report (27 builds for cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
platform target config section c14faeb 0f5bcfc change % change
cyw30739 light cyw930739m2evb_01 (read/write) 604466 604562 96 0.0
.app_xip_area 511636 511732 96 0.0
.bss 75576 75576 0 0.0
.data 604 604 0 0.0
.rodata 0 0 0 0.0
.text 0 0 0 0.0
lock cyw930739m2evb_01 (read/write) 562270 562366 96 0.0
.app_xip_area 470968 471064 96 0.0
.bss 74080 74080 0 0.0
.data 568 568 0 0.0
.rodata 0 0 0 0.0
.text 0 0 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 574626 574658 32 0.0
.app_xip_area 473676 473708 32 0.0
.bss 83408 83408 0 0.0
.data 508 508 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A (read only) 925416 925536 120 0.0
(read/write) 128688 128688 0 0.0
.bss 126688 126688 0 0.0
.data 1996 1996 0 0.0
.text 925408 925528 120 0.0
BRD4161A+rpc (read only) 954240 954336 96 0.0
(read/write) 144640 144640 0 0.0
.bss 142464 142464 0 0.0
.data 2176 2176 0 0.0
.text 954232 954328 96 0.0
window-app BRD4161A (read only) 854828 854948 120 0.0
(read/write) 126648 126648 0 0.0
.bss 124776 124776 0 0.0
.data 1872 1872 0 0.0
.text 854820 854940 120 0.0
esp32 all-clusters-app c3devkit (read only) 965550 965622 72 0.0
(read/write) 1394138 1394170 32 0.0
.dram0.bss 61992 61992 0 0.0
.dram0.data 14212 14212 0 0.0
.flash.rodata 199008 199040 32 0.0
.flash.text 965550 965622 72 0.0
.iram0.text 62016 62016 0 0.0
m5stack (read only) 1022039 1022107 68 0.0
(read/write) 461884 461924 40 0.0
.dram0.bss 67520 67520 0 0.0
.dram0.data 34024 34024 0 0.0
.flash.rodata 228504 228544 40 0.0
.flash.text 1016655 1016723 68 0.0
.iram0.text 123107 123107 0 0.0
k32w light k32w061+release (read/write) 702984 703080 96 0.0
.bss 77568 77568 0 0.0
.data 1876 1876 0 0.0
.text 617740 617836 96 0.0
lock k32w061+release (read/write) 702084 702180 96 0.0
.bss 77544 77544 0 0.0
.data 1916 1916 0 0.0
.text 616824 616920 96 0.0
linux all-clusters-app debug (read only) 2487249 2487665 416 0.0
(read/write) 143344 143344 0 0.0
.bss 57408 57408 0 0.0
.data 1280 1280 0 0.0
.data.rel.ro 78920 78920 0 0.0
.dynamic 592 592 0 0.0
.got 4176 4176 0 0.0
.init 27 27 0 0.0
.init_array 936 936 0 0.0
.rodata 212133 212197 64 0.0
.text 2111442 2111794 352 0.0
bridge-app debug+rpc (read only) 1759653 1760037 384 0.0
(read/write) 89552 89552 0 0.0
.bss 44552 44552 0 0.0
.data 1984 1984 0 0.0
.data.rel.ro 37936 37936 0 0.0
.dynamic 592 592 0 0.0
.got 3920 3920 0 0.0
.init 27 27 0 0.0
.init_array 544 544 0 0.0
.rodata 144268 144300 32 0.0
.text 1500149 1500501 352 0.0
chip-tool debug (read only) 1017902 10179061 32 0.0
(read/write) 355688 355688 0 0.0
.bss 22496 22496 0 0.0
.data 1072 1072 0 0.0
.data.rel.ro 326008 326008 0 0.0
.dynamic 608 608 0 0.0
.got 4816 4816 0 0.0
.init 27 27 0 0.0
.init_array 640 640 0 0.0
.rodata 518517 518549 32 0.0
.text 8876101 8876101 0 0.0
chip-tool-ipv6only arm64 (read only) 9809852 9809852 0 0.0
(read/write) 473729 473729 0 0.0
.bss 40769 40769 0 0.0
.data 1144 1144 0 0.0
.data.rel.ro 372656 372656 0 0.0
.dynamic 560 560 0 0.0
.got 55352 55352 0 0.0
.init 24 24 0 0.0
.init_array 192 192 0 0.0
.rodata 493908 493908 0 0.0
.text 8262772 8262772 0 0.0
door-lock-app debug (read only) 2011633 2012017 384 0.0
(read/write) 116896 116896 0 0.0
.bss 47680 47680 0 0.0
.data 992 992 0 0.0
.data.rel.ro 62840 62840 0 0.0
.dynamic 592 592 0 0.0
.got 4120 4120 0 0.0
.init 27 27 0 0.0
.init_array 664 664 0 0.0
.rodata 180924 180956 32 0.0
.text 1681026 1681378 352 0.0
lighting-app debug+rpc (read only) 2185441 2185809 368 0.0
(read/write) 123888 123888 0 0.0
.bss 48960 48960 0 0.0
.data 1472 1472 0 0.0
.data.rel.ro 67928 67928 0 0.0
.dynamic 608 608 0 0.0
.got 4168 4168 0 0.0
.init 27 27 0 0.0
.init_array 744 744 0 0.0
.rodata 174908 174940 32 0.0
.text 1851490 1851826 336 0.0
ota-provider-app debug (read only) 1952841 1953241 400 0.0
(read/write) 112688 112688 0 0.0
.bss 47616 47616 0 0.0
.data 1256 1256 0 0.0
.data.rel.ro 58184 58184 0 0.0
.dynamic 608 608 0 0.0
.got 4376 4376 0 0.0
.init 27 27 0 0.0
.init_array 616 616 0 0.0
.rodata 166667 166731 64 0.0
.text 1634434 1634770 336 0.0
ota-requestor-app debug (read only) 1980417 1980833 416 0.0
(read/write) 115912 115912 0 0.0
.bss 48544 48544 0 0.0
.data 1480 1480 0 0.0
.data.rel.ro 60440 60440 0 0.0
.dynamic 592 592 0 0.0
.got 4184 4184 0 0.0
.init 27 27 0 0.0
.init_array 640 640 0 0.0
.rodata 162788 162852 64 0.0
.text 1664882 1665234 352 0.0
shell debug (read only) 2436057 2436425 368 0.0
(read/write) 147400 147400 0 0.0
.bss 67336 67336 0 0.0
.data 800 800 0 0.0
.data.rel.ro 73568 73568 0 0.0
.dynamic 592 592 0 0.0
.got 4152 4152 0 0.0
.init 27 27 0 0.0
.init_array 920 920 0 0.0
.rodata 209618 209650 32 0.0
.text 2069618 2069954 336 0.0
thermostat-no-ble arm64 (read only) 2268996 2269300 304 0.0
(read/write) 148385 148385 0 0.0
.bss 62833 62833 0 0.0
.data 1040 1040 0 0.0
.data.rel.ro 77000 77000 0 0.0
.dynamic 560 560 0 0.0
.got 4504 4504 0 0.0
.init 24 24 0 0.0
.init_array 360 360 0 0.0
.rodata 139652 139684 32 0.0
.text 1905984 1906256 272 0.0
tv-app debug (read only) 2682465 2682865 400 0.0
(read/write) 247552 247552 0 0.0
.bss 164320 164320 0 0.0
.data 3136 3136 0 0.0
.data.rel.ro 74048 74048 0 0.0
.dynamic 592 592 0 0.0
.got 4552 4552 0 0.0
.init 27 27 0 0.0
.init_array 888 888 0 0.0
.rodata 205579 205643 64 0.0
.text 2302258 2302594 336 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2354708 2354804 96 0.0
.bss 184572 184572 0 0.0
.data 5760 5760 0 0.0
.text 1317308 1317404 96 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1140887 1140983 96 0.0
bss 142500 142500 0 0.0
rodata 142016 142048 32 0.0
text 781500 781560 60 0.0
p6 all-clusters-app default (read/write) 2496624 2496744 120 0.0
.bss 117992 117992 0 0.0
.data 2640 2640 0 0.0
.text 1454888 1455008 120 0.0
light-app default (read/write) 2399016 2399136 120 0.0
.bss 111464 111464 0 0.0
.data 2496 2496 0 0.0
.text 1357280 1357400 120 0.0
lock-app default (read/write) 2362552 2362672 120 0.0
.bss 111208 111208 0 0.0
.data 2456 2456 0 0.0
.text 1320816 1320936 120 0.0
telink lighting-app tlsr9518adk80d (read/write) 897458 897566 108 0.0
bss 87356 87356 0 0.0
noinit 37160 37160 0 0.0
text 634878 634950 72 0.0

@bzbarsky-apple bzbarsky-apple merged commit 4eb825d into project-chip:master Mar 26, 2022
@mlepage-google mlepage-google deleted the access-control-remove-fabric branch March 28, 2022 16:44
@mlepage-google mlepage-google mentioned this pull request Mar 29, 2022
Closed
rochaferraz pushed a commit to rochaferraz/connectedhomeip that referenced this pull request Mar 31, 2022
@mlepage-google @rochaferraz
Add RemoveFabric to AccessControl (project-chip#16685)
37c7b19 
Use the "public" API to delete entries for a fabric.

Tested (on Linux using chip-all-clusters-app and chip-tool) by
commissioning on three fabrics, with 3, 2, and 2 distinct ACLs,
then removing the second (middle) fabric, and verifying that
the remaining 5 ACLs are preserved, even after restart.

Part of issue project-chip#13876 (fabric removal and factory reset)
andrei-menzopol pushed a commit to andrei-menzopol/connectedhomeip that referenced this pull request Apr 14, 2022
@mlepage-google @andrei-menzopol
Add RemoveFabric to AccessControl (project-chip#16685)
77ae4d2 
Use the "public" API to delete entries for a fabric.

Tested (on Linux using chip-all-clusters-app and chip-tool) by
commissioning on three fabrics, with 3, 2, and 2 distinct ACLs,
then removing the second (middle) fabric, and verifying that
the remaining 5 ACLs are preserved, even after restart.

Part of issue project-chip#13876 (fabric removal and factory reset)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anush-apple anush-apple Awaiting requested review from anush-apple

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@carol-apple carol-apple Awaiting requested review from carol-apple

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@Damian-Nordic Damian-Nordic Awaiting requested review from Damian-Nordic

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@harimau-qirex harimau-qirex Awaiting requested review from harimau-qirex

@hawk248 hawk248 Awaiting requested review from hawk248

@holbrookt holbrookt Awaiting requested review from holbrookt

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@isiu-apple isiu-apple Awaiting requested review from isiu-apple

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jmartinez-silabs jmartinez-silabs Awaiting requested review from jmartinez-silabs

@kghost kghost Awaiting requested review from kghost

@kpschoedel kpschoedel Awaiting requested review from kpschoedel

@lazarkov lazarkov Awaiting requested review from lazarkov

@LuDuda LuDuda Awaiting requested review from LuDuda

@lzgrablic02 lzgrablic02 Awaiting requested review from lzgrablic02

@mspang mspang Awaiting requested review from mspang

@robszewczyk robszewczyk Awaiting requested review from robszewczyk

@sagar-apple sagar-apple Awaiting requested review from sagar-apple

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tecimovic tecimovic Awaiting requested review from tecimovic

@turon turon Awaiting requested review from turon

@vijs vijs Awaiting requested review from vijs

@vivien-apple vivien-apple Awaiting requested review from vivien-apple

@wbschiller wbschiller Awaiting requested review from wbschiller

@xylophone21 xylophone21 Awaiting requested review from xylophone21

@yufengwangca yufengwangca Awaiting requested review from yufengwangca

@yunhanw-google yunhanw-google Awaiting requested review from yunhanw-google

@bzbarsky-apple bzbarsky-apple Awaiting requested review from bzbarsky-apple

@msandstedt msandstedt Awaiting requested review from msandstedt

@woody-apple woody-apple Awaiting requested review from woody-apple

Assignees
No one assigned
Labels
app review - approved
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mlepage-google @msandstedt @woody-apple @bzbarsky-apple