Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp229991lqt; Thu, 18 Apr 2024 13:19:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWvmJQ4suJF9q836aUYUF0EO6OYk6HcG/1hB2SixEZqAmLsj2pa3wmtrf3ewnHeVguSDnpz5YUWtheH19KzV1ZRY2sPRqgyJqKMGlBUrg== X-Google-Smtp-Source: AGHT+IF+h0e73NzfN8bY3NBoPDkiGyD/s8rfcqRSK2XJ7kufZZcW6lVqeDARwMC8JdELWmsyJLBD X-Received: by 2002:a17:906:144a:b0:a51:a329:cd7d with SMTP id q10-20020a170906144a00b00a51a329cd7dmr108989ejc.4.1713471586508; Thu, 18 Apr 2024 13:19:46 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713471586; cv=pass; d=google.com; s=arc-20160816; b=JPC3OyP7AAuLGd77LYoyb4wsBut7nrsQBe18PzhYWK9b6WsfJyCYVHzHg+hAbrOuAZ WrMRg9pE0Ox1lF0Mo6TLQ34mKsfCRUR0WnxCHbfy5qJTMXYsBKJ0CYd/k1D1ToaiMfKP Nsc6i5t3IyhNee+lo6SPagD8lpVqNbT1caYyLXjQAceLwGsvjRkNYv0ghqBYxJiO+qFZ eBHvXA1PIcL5U473Hpb5AUmokkmsEk3okUzGp18aSweWLJ0t9e2Cw9w+PFjIGtGM0tAG WkRdhe2FVHN5XaD6m4daBwxov1RrtVKahDyRhFtpileNU8lE/JJyeqrvHv5r4merJo8C ym4w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=U8QBUU5Ysvq0j9xQzigQOcx89V1FF41qSoo2aFaccrc=; fh=eLx/qXTVaTdv5NFTYRLerd5Bm/MkruaEYeZ3R16sdws=; b=ny2jNddxlv9RvZu2N/PV0r7dlbNS/Rvw05jw6DnOHPWJy/72A/UQEf8IPPCfkJhRDJ g+vwwgs89qAFZDNDwEGmH3V3uWO8k1EqVp49i7k6NWZ3adwB6HLFz1OfNBPJMXv7L6bG m3CJpcIvCls4TpwamvsYVPnr9L9R0QXHKl4Xiiv9jgkw21DOAwzUeqKfQLpKgweH6jxS pcGaOJ4PbtuUBfPLv+UOPDUsyaqZTyvjuv6IycXxu6e1aXP0sR6AEltRkrOZme8OixwJ E7JxxcYFBjAiozxAASyw6qS8Ff3HSecc5z7EwL96N12mQdaAhJKiWAysa3B7lSlF1b7Y v2fQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=KAl1TfM0; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-150741-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-150741-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id ji10-20020a170907980a00b00a526fca3ca0si1297274ejc.122.2024.04.18.13.19.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 13:19:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-150741-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=KAl1TfM0; arc=pass (i=1 spf=pass spfdomain=google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-150741-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-150741-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 0B86C1F22964 for ; Thu, 18 Apr 2024 20:19:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 60751184120; Thu, 18 Apr 2024 20:19:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="KAl1TfM0" Received: from mail-yw1-f173.google.com (mail-yw1-f173.google.com [209.85.128.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC2F4181B83 for ; Thu, 18 Apr 2024 20:19:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.173 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713471577; cv=none; b=WO4sCHCR1dOBdC2uGizJf6+LyRRmDVOJEunTLv3LXpo31Vu1NAugZjXVDkLoskPKz0zyftFFwp9Jkg6UhI1u805pfJjflcum6PXsOlrKsmsfFFhLis6uy7v39Piq7L7pNzeW81eSHDmYcEzZqI8B0FIY9ZMPF/TrUTeW2UY/b/I= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713471577; c=relaxed/simple; bh=GHCNVkmiKMtErCRmK707fpfOJuzqtHiTwgHg2mid5x4=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Y93ZuoXovA1KkmgrRUqIbHabYl2b/9Fwy6Byif7A+6VSPYIz2es+hrY6ElS9YjICXtpB2cPPT+JFjDKfL01rbt0kB9b4tkz2ko0WdShoe1IntJHsrGfBjaJQlOs5h8GSMQQDlEulkIb8SEG0Msx+Ox3WBeXEQsL5Po2VLSgdHbQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=KAl1TfM0; arc=none smtp.client-ip=209.85.128.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Received: by mail-yw1-f173.google.com with SMTP id 00721157ae682-61acfd3fd3fso14110327b3.1 for ; Thu, 18 Apr 2024 13:19:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713471575; x=1714076375; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=U8QBUU5Ysvq0j9xQzigQOcx89V1FF41qSoo2aFaccrc=; b=KAl1TfM0+hVEptPYHgQvGm8MXa1sH7JbFJM/VwUV84F5h9iy7FqxkCDNCM99AssSv5 TMhHb5LMw5sK6NVJctbKo+/G0F6ee4W+8WkAqc14EZAILDiT4IZdrlENVf8pVIt2U958 M9MIsjZoDAq2JKI1A5lUfiFcgChPe+Fyt6scaW+hNDdsOftgFaqPZ8H4QNFW19FZiHX3 vciCTxPKFIkozvYZpr5Iy00muX8bqs5DuesBcMKarliMY1FXmJACe9zyJRQk0utCZnJC kISe09Thfegsm5MwVjwhG0dqUDLGXW5F4/87uvAHE9qURS1q3NyGroghtzutW/Uj/zSx Lacw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713471575; x=1714076375; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=U8QBUU5Ysvq0j9xQzigQOcx89V1FF41qSoo2aFaccrc=; b=On4QdFZl0Eusmt7dqpO7ZTZofYLtO2xpTbhtc9eZcXAQtW5sdavs+jFVpZK+jHLHVz Dsehd44OryvBISkEeXU+udlpgcxYWBKEi1i7P3Lot38DXZF2imbFvk9dEDvD6jThrIvu 8EEC55xXxbezRtPf2RXcfE24JhgIJ+v6reKEPUk8KC3ZfWUgBZq0XKFeR9eUDF62unnz qtAURwzVouNai+J2jSgX+6QDEsmXWX5RES0SvyiHwx8FfSdhsEPO2A/+ZW3IPZPPyFWM NrXWAVLEpLdkTnUV+NWKsAhAlxyt60ECvvfilt3miXc8WztER5EY/SJFJnkB2vfhapA5 LmWA== X-Forwarded-Encrypted: i=1; AJvYcCVsVizN1G3QdixpEVga5dYsZ30JBCsVeaHxWtp0Al7QjEaRf1NAK27Peb7gP0FH/LKxyx7P5K2IBP2Wq0JxNZ1/pcjIDA5lQ72986O7 X-Gm-Message-State: AOJu0YwHPRy4I6he4hrVWfkrw5Hh/3SCl9oR0hkf+n1mgRT3bZsT4liW WYlFJbMSnB1eEEOxzF1NRPJdlEf3CHCkW9nJ+6ToBqxKDhNYFhogFO/Th9xA2oec8rrXAWMC2uf ISWAzZQgRQJWQr9GDC0zFuH7cp+Mr/e5V9b/R X-Received: by 2002:a25:bad1:0:b0:dc7:4bab:c390 with SMTP id a17-20020a25bad1000000b00dc74babc390mr3618530ybk.61.1713471574368; Thu, 18 Apr 2024 13:19:34 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240415163527.626541-1-jeffxu@chromium.org> In-Reply-To: From: Suren Baghdasaryan Date: Thu, 18 Apr 2024 13:19:23 -0700 Message-ID: Subject: Re: [PATCH v10 0/5] Introduce mseal To: Jeff Xu Cc: "Liam R. Howlett" , akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, corbet@lwn.net, merimus@google.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Apr 16, 2024 at 12:40=E2=80=AFPM Jeff Xu wrot= e: > > On Tue, Apr 16, 2024 at 8:13=E2=80=AFAM Liam R. Howlett wrote: > > > > * jeffxu@chromium.org [240415 12:35]: > > > From: Jeff Xu > > > > > > This is V10 version, it rebases v9 patch to 6.9.rc3. > > > We also applied and tested mseal() in chrome and chromebook. > > > > > > ------------------------------------------------------------------ > > ... > > > > > MM perf benchmarks > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > > This patch adds a loop in the mprotect/munmap/madvise(DONTNEED) to > > > check the VMAs=E2=80=99 sealing flag, so that no partial update can b= e made, > > > when any segment within the given memory range is sealed. > > > > > > To measure the performance impact of this loop, two tests are develop= ed. > > > [8] > > > > > > The first is measuring the time taken for a particular system call, > > > by using clock_gettime(CLOCK_MONOTONIC). The second is using > > > PERF_COUNT_HW_REF_CPU_CYCLES (exclude user space). Both tests have > > > similar results. > > > > > > The tests have roughly below sequence: > > > for (i =3D 0; i < 1000, i++) > > > create 1000 mappings (1 page per VMA) > > > start the sampling > > > for (j =3D 0; j < 1000, j++) > > > mprotect one mapping > > > stop and save the sample > > > delete 1000 mappings > > > calculates all samples. > > > > > > Thank you for doing this performance testing. > > > > > > > > Below tests are performed on Intel(R) Pentium(R) Gold 7505 @ 2.00GHz, > > > 4G memory, Chromebook. > > > > > > Based on the latest upstream code: > > > The first test (measuring time) > > > syscall__ vmas t t_mseal delta_ns per_vma % > > > munmap__ 1 909 944 35 35 104% > > > munmap__ 2 1398 1502 104 52 107% > > > munmap__ 4 2444 2594 149 37 106% > > > munmap__ 8 4029 4323 293 37 107% > > > munmap__ 16 6647 6935 288 18 104% > > > munmap__ 32 11811 12398 587 18 105% > > > mprotect 1 439 465 26 26 106% > > > mprotect 2 1659 1745 86 43 105% > > > mprotect 4 3747 3889 142 36 104% > > > mprotect 8 6755 6969 215 27 103% > > > mprotect 16 13748 14144 396 25 103% > > > mprotect 32 27827 28969 1142 36 104% > > > madvise_ 1 240 262 22 22 109% > > > madvise_ 2 366 442 76 38 121% > > > madvise_ 4 623 751 128 32 121% > > > madvise_ 8 1110 1324 215 27 119% > > > madvise_ 16 2127 2451 324 20 115% > > > madvise_ 32 4109 4642 534 17 113% > > > > > > The second test (measuring cpu cycle) > > > syscall__ vmas cpu cmseal delta_cpu per_vma % > > > munmap__ 1 1790 1890 100 100 106% > > > munmap__ 2 2819 3033 214 107 108% > > > munmap__ 4 4959 5271 312 78 106% > > > munmap__ 8 8262 8745 483 60 106% > > > munmap__ 16 13099 14116 1017 64 108% > > > munmap__ 32 23221 24785 1565 49 107% > > > mprotect 1 906 967 62 62 107% > > > mprotect 2 3019 3203 184 92 106% > > > mprotect 4 6149 6569 420 105 107% > > > mprotect 8 9978 10524 545 68 105% > > > mprotect 16 20448 21427 979 61 105% > > > mprotect 32 40972 42935 1963 61 105% > > > madvise_ 1 434 497 63 63 115% > > > madvise_ 2 752 899 147 74 120% > > > madvise_ 4 1313 1513 200 50 115% > > > madvise_ 8 2271 2627 356 44 116% > > > madvise_ 16 4312 4883 571 36 113% > > > madvise_ 32 8376 9319 943 29 111% > > > > > > > If I am reading this right, madvise() is affected more than the other > > calls? Is that expected or do we need to have a closer look? > > > The madvise() has a bigger percentage (per_vma %), but it also has a > smaller base value (cpu). Sorry, it's unclear to me what the "vmas" column denotes. Is that how many VMAs were created before timing the syscall? If so, then 32 is the max that you show here while you seem to have tested with 1000 VMAs. What is the overhead with 1000 VMAs? My worry is that if the overhead grows linearly with the number of VMAs then the effects will be quite noticeable on Android where an application with a few thousand VMAs is not so unusual. > > -Jeff