refactor: MORE optimization by using constants instead of dyn alloc...

.cargo/config.toml

@@ -7,7 +7,7 @@ RAR_CFG_PATH = "/etc/security/rootasrole.json"
 RAR_CFG_DATA_PATH = "/etc/security/rootasrole.json"
 RAR_BIN_PATH = "/usr/bin"
 RAR_CFG_IMMUTABLE = "true"
-RAR_TIMEOUT_TYPE = "PPID"
+RAR_TIMEOUT_TYPE = "ppid"
 RAR_TIMEOUT_DURATION = "00:05:00"
 RAR_TIMEOUT_MAX_USAGE = ""
 RAR_PATH_DEFAULT = "delete"

Cargo.toml

@@ -91,6 +91,7 @@ const_format = "0.2"
 hex = "0.4"
 bon = "3.5.1"
 serde_json_borrow = "0.7.1"
+konst = "0.3.16"
 
 [dev-dependencies]
 log = "0.4"

rar-common/Cargo.toml

@@ -28,6 +28,7 @@ syslog = "7.0"
 env_logger = "0.11"
 bon = { version = "3.3.2", features = ["experimental-overwritable"] }
 cbor4ii = { version = "1.0.0", features = ["serde", "serde1", "use_std"] }
+konst = "0.3.16"
 
 [dev-dependencies]
 log = "0.4"

rar-common/src/database/options.rs

@@ -1,10 +1,11 @@
 use std::collections::HashMap;
-use std::env;
 use std::{borrow::Borrow, cell::RefCell, rc::Rc};
+use std::{env, result::Result};
 
 use bon::{bon, builder, Builder};
 use chrono::Duration;
 
+use konst::eq_str;
 use linked_hash_set::LinkedHashSet;
 
 #[cfg(feature = "pcre2")]
@@ -496,6 +497,92 @@ fn check_wildcarded(_wildcarded: &EnvKey, _s: &String) -> bool {
     true
 }
 
+#[derive(Debug, PartialEq)]
+pub struct ConstParseError(pub &'static str);
+use std::fmt::{self, Display};
+
+impl Display for ConstParseError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        f.write_fmt(format_args!(
+            "Failed to parse the const {} defined in .cargo/config.toml",
+            self.0
+        ))
+    }
+}
+
+impl ConstParseError {
+    const fn panic(&self) -> ! {
+        panic!("failed to parse a const")
+    }
+}
+
+impl PathBehavior {
+    pub const fn try_parse(input: &str) -> std::result::Result<PathBehavior, ConstParseError> {
+        match input {
+            _ if eq_str(input, "delete") => Ok(PathBehavior::Delete),
+            _ if eq_str(input, "keep_safe") => Ok(PathBehavior::KeepSafe),
+            _ if eq_str(input, "keep_unsafe") => Ok(PathBehavior::KeepUnsafe),
+            _ if eq_str(input, "inherit") => Ok(PathBehavior::Inherit),
+            _ => ConstParseError("PathBehavior").panic(),
+        }
+    }
+}
+
+impl EnvBehavior {
+    pub const fn try_parse(input: &str) -> std::result::Result<EnvBehavior, ConstParseError> {
+        match input {
+            _ if eq_str(input, "delete") => Ok(EnvBehavior::Delete),
+            _ if eq_str(input, "keep") => Ok(EnvBehavior::Keep),
+            _ if eq_str(input, "inherit") => Ok(EnvBehavior::Inherit),
+            _ => ConstParseError("EnvBehavior").panic(),
+        }
+    }
+}
+
+impl SPrivileged {
+    pub const fn try_parse(input: &str) -> std::result::Result<SPrivileged, ConstParseError> {
+        match input {
+            _ if eq_str(input, "user") => Ok(SPrivileged::User),
+            _ if eq_str(input, "inherit") => Ok(SPrivileged::Inherit),
+            _ if eq_str(input, "privileged") => Ok(SPrivileged::Privileged),
+            _ => ConstParseError("SPrivileged").panic(),
+        }
+    }
+}
+
+impl TimestampType {
+    pub const fn try_parse(input: &str) -> std::result::Result<TimestampType, ConstParseError> {
+        match input {
+            _ if eq_str(input, "ppid") => Ok(TimestampType::PPID),
+            _ if eq_str(input, "tty") => Ok(TimestampType::TTY),
+            _ if eq_str(input, "uid") => Ok(TimestampType::UID),
+            _ => ConstParseError("TimestampType").panic(),
+        }
+    }
+}
+
+impl SBounding {
+    pub const fn try_parse(input: &str) -> std::result::Result<SBounding, ConstParseError> {
+        match input {
+            _ if eq_str(input, "strict") => Ok(SBounding::Strict),
+            _ if eq_str(input, "inherit") => Ok(SBounding::Inherit),
+            _ if eq_str(input, "ignore") => Ok(SBounding::Ignore),
+            _ => ConstParseError("SBounding").panic(),
+        }
+    }
+}
+
+impl SAuthentication {
+    pub const fn try_parse(input: &str) -> std::result::Result<SAuthentication, ConstParseError> {
+        match input {
+            _ if eq_str(input, "perform") => Ok(SAuthentication::Perform),
+            _ if eq_str(input, "inherit") => Ok(SAuthentication::Inherit),
+            _ if eq_str(input, "skip") => Ok(SAuthentication::Skip),
+            _ => ConstParseError("SAuthentication").panic(),
+        }
+    }
+}
+
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct OptStack {
     pub(crate) stack: [Option<Rc<RefCell<Opt>>>; 5],

src/sr/finder/cmd.rs

@@ -119,6 +119,7 @@ fn match_command_line(
     result
 }
 
+#[inline(always)]
 pub fn evaluate_command_match(
     env_path: &[&str],
     cmd_path: &PathBuf,

src/sr/finder/mod.rs

@@ -124,7 +124,7 @@ impl BestExecSettings {
             return Err("No matching role found".into());
         }
         result.env = opt_stack
-            .calc_temp_env(&opt_stack.calc_override_behavior(), &cli.opt_filter)
+            .calc_temp_env(opt_stack.calc_override_behavior(), &cli.opt_filter)
             .calc_final_env(env_vars, env_path, cred)?;
         result.auth = opt_stack.calc_authentication();
         result.bounding = opt_stack.calc_bounding();