lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1226523149.3353.23.camel@localhost.localdomain>
Date:	Wed, 12 Nov 2008 15:52:29 -0500
From:	Eric Paris <eparis@...hat.com>
To:	Christoph Hellwig <hch@...radead.org>
Cc:	Alan Cox <alan@...rguk.ukuu.org.uk>, linux-kernel@...r.kernel.org,
	malware-list@...ts.printk.net, viro@...iv.linux.org.uk,
	arjan@...radead.org, greg@...ah.com, tytso@....edu,
	akpm@...ux-foundation.org
Subject: Re: [PATCH =-v3 07/21] fanotify: fastpath to ignore certain in
 core inodes

On Wed, 2008-11-12 at 11:58 -0500, Christoph Hellwig wrote:
> On Wed, Nov 12, 2008 at 04:56:38PM +0000, Alan Cox wrote:
> > Sounds a good way of ruining the performance.
> 
> I don't think you can ruine performance of a system with AV systems
> running even more.  While bloating the inode does cause enormous
> problems in file serving or other extremly metadata intensive workloads.

Kernel Build on a 32 way machine:
Stock kernel: 9 minutes 12 seconds
fanotify no in kernel fastpath: 95 minutes 12 seconds
Only events AV wants with in kernel fastpath: 10 minutes 35 seconds

Now I could probably redo the in kernel cache as some sort of per group
inode hash table of entries which wouldn't have to bloat the inode but
it would be much more expensive in terms of performance.  A lock and an
list if you want to use fanotify is as small as it can be made an is
exactly the same method taken by inotify.

************

I probably should have put this up in the patch description rather than
burried down in the Documentation directory but here it is:

The need for fastpaths (or calling what it really is, an in kernel
cache) has been questioned.  I decided to include a little unscientific data
here.  On a 32 way machine a make -j 32 took about 9 minutes 12 seconds.
With that same machine running having one group and 32 listeners receiving
every fanotify event that the kernel could send to userspace while the 
listeners were responding to accesses as fast as they could (just a very tight get
event, allow loop) it took 95 minutes 12 seconds.  Same process with in kernel
fastpaths/cache results took 19 minutes 5 seconds.  More reasonable event
requirements and a single listener took 10 minutes 35 sec.  So about a 15%
perf hit to do any kind of permission checking to userspace.  Anyway, the need
for fastpaths is quite clear.




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ