lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <A7FFA44F-F7DD-477F-83A6-44AF71D6775E@kernel.org>
Date:   Tue, 07 Nov 2023 15:39:28 -0800
From:   Kees Cook <kees@...nel.org>
To:     Mateusz Guzik <mjguzik@...il.com>,
        Kees Cook <keescook@...omium.org>
CC:     Josh Triplett <josh@...htriplett.org>,
        Eric Biederman <ebiederm@...ssion.com>,
        Alexander Viro <viro@...iv.linux.org.uk>, linux-mm@...ck.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs/exec.c: Add fast path for ENOENT on PATH search before allocating mm



On November 7, 2023 3:08:47 PM PST, Mateusz Guzik <mjguzik@...il.com> wrote:
>On 11/7/23, Kees Cook <keescook@...omium.org> wrote:
>> On Tue, Nov 07, 2023 at 10:23:16PM +0100, Mateusz Guzik wrote:
>>> If the patch which dodges second lookup still somehow appears slower a
>>> flamegraph or other profile would be nice. I can volunteer to take a
>>> look at what's going on provided above measurements will be done and
>>> show funkyness.
>>
>> When I looked at this last, it seemed like all the work done in
>> do_filp_open() (my patch, which moved the lookup earlier) was heavier
>> than the duplicate filename_lookup().
>>
>> What I didn't test was moving the sched_exec() before the mm creation,
>> which Peter confirmed shouldn't be a problem, but I think that might be
>> only a tiny benefit, if at all.
>>
>> If you can do some comparisons, that would be great; it always takes me
>> a fair bit of time to get set up for flame graph generation, etc. :)
>>
>
>So I spawned *one* process executing one statocally linked binary in a
>loop, test case from http://apollo.backplane.com/DFlyMisc/doexec.c .
>
>The profile is definitely not what I expected:
>   5.85%  [kernel]           [k] asm_exc_page_fault
>   5.84%  [kernel]           [k] __pv_queued_spin_lock_slowpath
>[snip]
>
>I'm going to have to recompile with lock profiling, meanwhile
>according to bpftrace
>(bpftrace -e 'kprobe:__pv_queued_spin_lock_slowpath { @[kstack()] = count(); }')
>top hits would be:
>
>@[
>    __pv_queued_spin_lock_slowpath+1
>    _raw_spin_lock+37
>    __schedule+192
>    schedule_idle+38
>    do_idle+366
>    cpu_startup_entry+38
>    start_secondary+282
>    secondary_startup_64_no_verify+381
>]: 181
>@[
>    __pv_queued_spin_lock_slowpath+1
>    _raw_spin_lock_irq+43
>    wait_for_completion+141
>    stop_one_cpu+127
>    sched_exec+165

There's the suspicious sched_exec() I was talking about! :)

I think it needs to be moved, and perhaps _later_ instead of earlier? Hmm...

-Kees

>    bprm_execve+328
>    do_execveat_common.isra.0+429
>    __x64_sys_execve+50
>    do_syscall_64+46
>    entry_SYSCALL_64_after_hwframe+110
>]: 206
>
>I did not see this coming for sure. I'll poke around maybe this weekend.
>

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ