lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAFLU3KsS40ANOS=t1gPo7_iL=xzHGAbqyXCjHpVZGM5vLYwEZg@mail.gmail.com>
Date:   Thu, 20 Aug 2020 21:04:32 +0200
From:   KP Singh <kpsingh@...gle.com>
To:     James Morris <jmorris@...ei.org>
Cc:     Brendan Jackman <jackmanb@...omium.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        bpf@...r.kernel.org, linux-security-module@...r.kernel.org,
        Paul Renauld <renauld@...gle.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>,
        Paul Turner <pjt@...gle.com>, Jann Horn <jannh@...gle.com>,
        peterz@...radead.org, rafael.j.wysocki@...el.com,
        keescook@...omium.org, thgarnie@...omium.org,
        paul.renauld.epfl@...il.com, Brendan Jackman <jackmanb@...gle.com>
Subject: Re: [RFC] security: replace indirect calls with static calls

On Thu, Aug 20, 2020 at 8:43 PM James Morris <jmorris@...ei.org> wrote:
>
> On Thu, 20 Aug 2020, Brendan Jackman wrote:
>
> > With this implementation, any overhead of the indirect call in the LSM
> > framework is completely mitigated (performance results: [7]). This
> > facilitates the adoption of "bpf" LSM on production machines and also
> > benefits all other LSMs.
>
> This looks like a potentially useful improvement, although I wonder if it
> would be overshadowed by an LSM hook doing real work.
>

Thanks for taking a look!

We can surely look at other examples, but the real goal is to
optimize the case where the "bpf" LSM adds callbacks to every LSM hook
which don't do any real work and cause an avoidable overhead.

This makes it not very practical for data center environments where
one would want a framework that adds a zero base case overhead and
allows the user to decide where to hook / add performance penalties.
(at boot time for other LSMs and at runtime for bpf)

I also think this would be beneficial for LSMs which use a cache for
a faster policy decision (e.g. access vector caching in SELinux).

- KP

> Do you have any more benchmarking beyond eventfd_write() ?
>
>
>
> >
> > [1]: https://lwn.net/ml/linux-kernel/20200710133831.943894387@infradead.org/

[...]

> >
> >  /* Security operations */
> >
>
> --
> James Morris
> <jmorris@...ei.org>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ