lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20210107145143.7438-1-laniel_francis@privacyrequired.com>
Date:   Thu,  7 Jan 2021 15:51:42 +0100
From:   laniel_francis@...vacyrequired.com
To:     linux-kernel@...r.kernel.org
Cc:     akpm@...ux-foundation.org,
        Francis Laniel <laniel_francis@...vacyrequired.com>
Subject: [RFC PATCH 0/1] Create header for fortified string functions.

From: Francis Laniel <laniel_francis@...vacyrequired.com>

Hi.


First, I do hope you are fine and the same for your relatives.

In a recent mail about the merge of a new fortified string function, Linus
Torvalds suggested the creation of a dedicated header file for these functions:
https://marc.info/?l=linux-mm-commits&m=160810366111244
This will make the code cleaner and also improve compile time for people who do
not set CONFIG_FORTIFY_SOURCE.

So, this patch creates fortify-string.h which is a new header which contains
all the fortified versions of functions declared in string.h.
Since code was moved, I might as well correct the warnings raised by
checkpatch.pl.

I benchmarked the code compilation with and without CONFIG_FORTIFY_SOURCE.
To do this, I compiled 10 times a x86_64_defconfig'ured kernel using make -j4
and cleaning after each compilation.
These compilations were first done without CONFIG_FORTIFY_SOURCE defined,
then with this option defined.
The results were collected using the time bash builtin and are the following
(in seconds, rounded to 10^-3):
|     |   min   |   max   |   mean  | std. dev. |  median | 99th percentile |
| --- | ------- | ------- | ------- | --------- | ------- | --------------- |
| w/o | 524.488 | 526.982 | 525.111 |   0.722   | 524.901 |     526.848     |
|  w/ | 529.502 | 531.795 | 529.939 |   0.671   | 529.783 |     531.633     |
First, the results are quite stable as shown by the standard deviation
(less than 1 second).
On average, compile time without CONFIG_FORTIFY_SOURCE is 0.919% faster.
For the median case, compiling without setting this option is  0.930% faster.
Finally, with the 99th percentile, not using CONFIG_FORTIFY_SOURCE is 0.908%
faster.

Globally, using a different header seems to provide a roughly 1% faster compile
time for people who do not set CONFIG_FORTIFY_SOURCE.
This is not a huge gain... but still a gain!
Especially on compilation which is an operation kernel developers do a lot.

So, I await your opinions and reviews on this patch.


Best regards.

Francis Laniel (1):
  string.h: Move fortified functions definitions in a dedicated header.

 include/linux/fortify-string.h | 302 +++++++++++++++++++++++++++++++++
 include/linux/string.h         | 282 +-----------------------------
 2 files changed, 303 insertions(+), 281 deletions(-)
 create mode 100644 include/linux/fortify-string.h

-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ