ksi bugfix: request cache size and send timeout issue fixed.

Async service send timeout is not configurable and request cache size is too small to handle large amount of signing requests with small amount of permitted requests per aggregation round. For example user with max_requests = 4 results cache size 5 * max_requests or at least 256. When signing 300 log files cache will be too small resulting several unsigned blocks. When signing 200 log file cache will be adequate, but with rate of 4 signatures per second, it is only possible to sign 4 * 10 blocks before all requests that are not sent out will timeout. Fix for the issue is to make send timeout configurable and make the size of the cache depend on the value of send timeout. New configuration value sig.block.signtimeout="time, s" introduced that defines the time window wherein the block has to be signed. The size of the request cache is increased to 3 * max_requests * sign_timeout or at least 256.
2025-12-16 09:50:40 +01:00 · 2022-08-01 13:46:25 +03:00 · 2022-08-01 13:46:25 +03:00 · 24a3f2dbd9
commit 24a3f2dbd9
parent 8dce9f2dc6
3 changed files with 21 additions and 2 deletions
--- a/runtime/lib_ksils12.c
+++ b/runtime/lib_ksils12.c
@ -710,7 +710,7 @@ static void handle_ksi_config(rsksictx ctx, KSI_AsyncService *as, KSI_Config *co
 			if(res != KSI_OK)
 				reportKSIAPIErr(ctx, NULL, "KSI_AsyncService_setOption(max_request)", res);

-			optValue = 5 * ctx->max_requests;
+			optValue = 3 * ctx->max_requests * ctx->blockSigTimeout;
 			KSI_AsyncService_setOption(as, KSI_ASYNC_OPT_REQUEST_CACHE_SIZE,
 				(void*)optValue);
 		}
@ -892,6 +892,7 @@ rsksiCtxNew(void) {
 	ctx->bKeepTreeHashes = false;
 	ctx->bKeepRecordHashes = true;
 	ctx->max_requests = (1 << 8);
+	ctx->blockSigTimeout = 10;
 	ctx->confInterval = 3600;
 	ctx->tConfRequested = 0;
 	ctx->threadSleepms = 1000;
@ -1979,6 +1980,7 @@ void *signer_thread(void *arg) {
 	rsksictx ctx = (rsksictx) arg;
 	KSI_CTX *ksi_ctx = NULL;
 	KSI_AsyncService *as = NULL;
+	size_t size_t_value = 0;
 	size_t ksiFileCount = 0;
 	int endpoints = 0;
 	bool bSleep = true;
@ -2028,8 +2030,14 @@ void *signer_thread(void *arg) {
 		goto cleanup;
 	}

+	/* Lets use buffer value, as libksi requires size_t. */
+	size_t_value = ctx->max_requests;
 	KSI_AsyncService_setOption(as, KSI_ASYNC_OPT_REQUEST_CACHE_SIZE,
-		(void*) (ctx->max_requests));
+		(void*)size_t_value);
+	size_t_value = ctx->blockSigTimeout;
+	KSI_AsyncService_setOption(as, KSI_ASYNC_OPT_SND_TIMEOUT,
+		(void*)size_t_value);
+

 	ctx->signer_state = SIGNER_STARTED;
 	while (true) {
--- a/runtime/lib_ksils12.h
+++ b/runtime/lib_ksils12.h
@ -94,6 +94,7 @@ struct rsksictx_s {
 	time_t tConfRequested;
 	uint64_t blockLevelLimit;
 	uint32_t blockTimeLimit;
+	uint32_t blockSigTimeout;
 	uint32_t effectiveBlockLevelLimit; /* level limit adjusted by gateway settings */
 	uint32_t threadSleepms;
 	uint8_t syncMode;
@ -204,6 +205,7 @@ struct rsksistatefile {
 #define getIVLenKSI(bh) (hashOutputLengthOctetsKSI((bh)->hashID))
 #define rsksiSetBlockLevelLimit(ctx, limit) ((ctx)->blockLevelLimit = (ctx)->effectiveBlockLevelLimit = limit)
 #define rsksiSetBlockTimeLimit(ctx, limit) ((ctx)->blockTimeLimit = limit)
+#define rsksiSetBlockSigTimeout(ctx, val) ((ctx)->blockSigTimeout = val)
 #define rsksiSetConfInterval(ctx, val) ((ctx)->confInterval = val)
 #define rsksiSetKeepRecordHashes(ctx, val) ((ctx)->bKeepRecordHashes = val)
 #define rsksiSetKeepTreeHashes(ctx, val) ((ctx)->bKeepTreeHashes = val)
--- a/runtime/lmsig_ksi-ls12.c
+++ b/runtime/lmsig_ksi-ls12.c
@ -49,6 +49,7 @@ static struct cnfparamdescr cnfpdescr[] = {
 	{ "sig.aggregator.hmacAlg", eCmdHdlrGetWord, 0 },
 	{ "sig.block.levelLimit", eCmdHdlrSize, CNFPARAM_REQUIRED},
 	{ "sig.block.timeLimit", eCmdHdlrInt, 0},
+	{ "sig.block.signtimeout", eCmdHdlrInt, 0},
 	{ "sig.confinterval", eCmdHdlrInt, 0},
 	{ "sig.keeprecordhashes", eCmdHdlrBinary, 0 },
 	{ "sig.keeptreehashes", eCmdHdlrBinary, 0},
@ -179,6 +180,14 @@ SetCnfParam(void *pT, struct nvlst *lst)
 			}
 		} else if (!strcmp(pblk.descr[i].name, "sig.keeprecordhashes")) {
 			rsksiSetKeepRecordHashes(pThis->ctx, pvals[i].val.d.n);
+		} else if (!strcmp(pblk.descr[i].name, "sig.block.signtimeout")) {
+			if (pvals[i].val.d.n < 0) {
+				LogError(0, RS_RET_ERR, "sig.block.signtimeout "
+					"%llu invalid - signing disabled", pvals[i].val.d.n);
+				pThis->ctx->disabled = true;
+			} else {
+				rsksiSetBlockSigTimeout(pThis->ctx, pvals[i].val.d.n);
+			}
 		} else if(!strcmp(pblk.descr[i].name, "sig.keeptreehashes")) {
 			rsksiSetKeepTreeHashes(pThis->ctx, pvals[i].val.d.n);
 		} else if (!strcmp(pblk.descr[i].name, "sig.syncmode")) {