Skip to content

Refactor/improve performance sqlite db #5472

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 34 commits into
base: main
Choose a base branch
from
Open

Refactor/improve performance sqlite db #5472

wants to merge 34 commits into from
+137 −41

Conversation

multisme
Copy link
Contributor

@multisme multisme commented Jul 31, 2025
edited
Loading

  • Public API changes documented in changelogs (optional)

Signed-off-by: multi [email protected]

Fixes #3697

@multisme multisme requested a review from a team as a code owner July 31, 2025 17:27
@multisme multisme requested review from stefanceriu and removed request for a team July 31, 2025 17:27
@poljar poljar requested review from poljar and removed request for stefanceriu August 1, 2025 07:52
poljar
poljar requested changes Aug 1, 2025
View reviewed changes
Copy link
Contributor

@poljar poljar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not quite there yet I'm afraid.

@codspeed-hq CodSpeed HQ
Copy link

codspeed-hq bot commented Aug 2, 2025
edited
Loading

CodSpeed Performance Report

Merging #5472 will not alter performance

Comparing multisme:refactor/improve_performance_sqlite_db (eca9e89) with main (b6433de)

Summary

✅ 37 untouched benchmarks

@codecov Codecov
Copy link

codecov bot commented Aug 2, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 64.47368% with 27 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.61%. Comparing base (b6433de) to head (eca9e89).
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
crates/matrix-sdk-sqlite/src/crypto_store.rs 38.46% 6 Missing and 2 partials ⚠️
crates/matrix-sdk-sqlite/src/state_store.rs 38.46% 6 Missing and 2 partials ⚠️
crates/matrix-sdk-sqlite/src/event_cache_store.rs 22.22% 6 Missing and 1 partial ⚠️
crates/matrix-sdk-sqlite/src/utils.rs 55.55% 3 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #5472      +/-   ##
==========================================
- Coverage   88.63%   88.61%   -0.02%     
==========================================
  Files         341      341              
  Lines       95138    95191      +53     
  Branches    95138    95191      +53     
==========================================
+ Hits        84322    84354      +32     
- Misses       6628     6650      +22     
+ Partials     4188     4187       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@multisme
Copy link
Contributor Author

multisme commented Aug 2, 2025

Hey I'm unsure about the get_or_create_store_cipher could you point me in the right direction?

poljar
poljar requested changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@poljar poljar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey I'm unsure about the get_or_create_store_cipher could you point me in the right direction?

What about get_or_create_store_cipher() looks reasonable except that the secrets are copied and not zeroized.

You need to either not copy them or you need to zeroize them using the zeroize crate.

multisme added 20 commits August 7, 2025 17:33
@multisme
Add the key logic to the SqliteStoreConfig struct
91438c5
@multisme
Replace the passphrase logic with a key logic in the implementation o…
8b072ec 
…f encrypted store
@multisme
Remove all passphrase mention
a99f0c9
@multisme
Updated changelog
102b4cf
@multisme
Updated the store encryption to use a enum Secret instead of passphrase
65a9bc0
@multisme
Format files
f517587
@multisme
Correct some tests
fd32c5a
@multisme
More reformarting of files
4b7800b
@multisme
Refactorize SqliteStoreConfig::key and SqliteStoreConfig::passphrase …
22e29ac 
…method
@multisme
Revert get_or_create_store_cypher to use
5af4d49
@multisme
Comment the use
59c40c4
@multisme
Update changelog to represent changes
734cd94
@multisme
remove typo
c838f2a
@multisme
correct comment on the crypto store file
de0e85f
@multisme
correct comment on the state store file
f2afd18
@multisme
Update some expect text to make sure they reflect the use of secret i…
a308973 
…nstead of a only a key to encrypt a store
@multisme
Uncomment the config directives and allows test to run faster by usin…
1def8d6 
…f an insecure export function
@multisme
Use of lifetime in order to not clone/copy the data
88aaffc
@multisme
Update matrix-sdk with new lifetimes
4d7dd6c
@multisme
Temporary comment insecure function
587331d
@multisme multisme force-pushed the refactor/improve_performance_sqlite_db branch from 065ec6e to 9718b79 Compare August 7, 2025 20:33
@multisme
Copy link
Contributor Author

multisme commented Aug 8, 2025

@poljar Hey I think I managed the implementation, could you provide me with feedback please?

@multisme multisme requested a review from poljar August 21, 2025 15:22
poljar
poljar requested changes Aug 26, 2025
View reviewed changes
Copy link
Contributor

@poljar poljar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the late reply, I was unavailable the past two weeks. This seems almost good to go.

Though we have a tricky problem with hidden copies of the secret key material.

crates/matrix-sdk-sqlite/CHANGELOG.md
@@ -6,6 +6,14 @@ All notable changes to this project will be documented in this file.

## [Unreleased] - ReleaseDate

### Features
- Implement a new constructrot that allow to open SqliteCryptoStore with a Key
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Implement a new constructrot that allow to open SqliteCryptoStore with a Key
- Implement a new constructor that allows to open the SqliteCryptoStore with a cryptographic key.

crates/matrix-sdk-sqlite/src/lib.rs
Comment on lines +49 to +52
#[zeroize]
Key([u8; 32]),
#[zeroize]
PassPhrase(String),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The enum variants need to be documented.

crates/matrix-sdk-sqlite/src/lib.rs
@@ -43,13 +44,21 @@ pub use self::state_store::{SqliteStateStore, DATABASE_NAME as STATE_STORE_DATAB
#[cfg(test)]
matrix_sdk_test_utils::init_tracing_for_tests!();

#[derive(Clone, Debug, Eq, PartialEq, Zeroize)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should derive ZeroizeOnDrop here so we don't need the manual zeroize() calls.

crates/matrix-sdk-sqlite/src/lib.rs
#[derive(Clone, Debug, Eq, PartialEq, Zeroize)]
pub enum Secret {
#[zeroize]
Key([u8; 32]),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be inside a Box or inside a Zeroizing struct so we avoid unintended copies due to moves being a memcpy call in Rust land. More info here: https://benma.github.io/2020/10/16/rust-zeroize-move.html.

In short, every time you pass the Secret to a function a memcpy call will copy the contents of the array.

If a Box is used, the pointer is instead copied.

crates/matrix-sdk-sqlite/src/lib.rs
#[zeroize]
Key([u8; 32]),
#[zeroize]
PassPhrase(String),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here, this will produce unintended copies, Zeroizing<String> would make sense.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@poljar poljar poljar requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve performance of encrypted sqlite DB
2 participants
@multisme @poljar