Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp711764lqt; Fri, 19 Apr 2024 08:15:20 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVL7aF5YYn6DGHyBqRdx6AP80Z4HHuWIPVq61369xkTFPXFzYW9UTesLyb/AqCxk2Mw+OgaBgfx4S6Eq8eLEevIGSuAZTS/2sIUWhJN7A== X-Google-Smtp-Source: AGHT+IFK5P+fTdHsMzRyIlkzKtvidZ0QQH1zXwFT4rdQy/bjsWolkYya9bVMSxW2OtC0k+seXWV7 X-Received: by 2002:a05:6a21:9189:b0:1ac:663f:9efd with SMTP id tp9-20020a056a21918900b001ac663f9efdmr1145307pzb.19.1713539720392; Fri, 19 Apr 2024 08:15:20 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713539720; cv=pass; d=google.com; s=arc-20160816; b=O5gvyfnGmu8JEddJOtclmEdVbgT0ncU95HK0dd5GkgxPIyVkXEVeP1r1rCZAYyOcU6 8WDPhQnRYMWP/mFwiUzPPs3BkrZM9EMVvbm4EoqBGziBbwzy3FHDZ4YNaH7w7BTG/toA 2m0+fqS7JicN7Fl2QRu7YPE/V0RYfQnRLdDC/Nx7cuEe7MPigaQtfMyueb5TfHdNrG7I X6qRzalwwH/roKZGYjKo7XZHTtOUb51FgBc3JqZx+QSOVbMI5yLvp6lmwQQK+BAytAwi QAR74py20DUfXf6iGm6VTxdPVOYdkn5dsUmUKJRTmcR082N/cHmDd2ajSw1tk4QJGO9Q 9j+A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=HEgNKLbZoEckSudwAQVqNp3+oLRHBSm8rIiQDAC0My0=; fh=cchjhQr3Rhg2RR5FUZv6auKBitMzbWhbz1jl14FMZGs=; b=HUGCFTmgD3NgjP3ycMddl91yrT6Juz5xf+H6GAzSu/oQ3XDxgpedbP17aeNwj5Pxqi 2yLu9/iCV3UKvSWYTfAenwXxfaQYIwNSou5Ai3C8YTjJ3t0qLKb+O2FSIQqoj3mai4Og xKFCA6IPkouhvnSppRz56e+3x+oVfH5tTLgzYUUgDhL9yI/W6z1nfIUcFBMEowu452nz /tlv+jCbVLbSc2ofquzmVfB/aowLUtbAUkPzxb8wfx3z4Ndsnf3oAH0dFZN/fGdQa6Hi UR2MnvAyxshjMav0BJIJhdNMa8+b8RC4G46UDNMkZKHTbOtjGfKe7xMKJmXlZzgOpwKp T4Pw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=AWy+8c1v; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-151644-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151644-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id q19-20020a056a00085300b006eae33e2aa5si3460552pfk.401.2024.04.19.08.15.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 08:15:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-151644-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=AWy+8c1v; arc=pass (i=1 spf=pass spfdomain=chromium.org dkim=pass dkdomain=chromium.org dmarc=pass fromdomain=chromium.org); spf=pass (google.com: domain of linux-kernel+bounces-151644-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151644-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 200C6B22448 for ; Fri, 19 Apr 2024 15:15:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 51FD912F5A3; Fri, 19 Apr 2024 15:15:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="AWy+8c1v" Received: from mail-oi1-f174.google.com (mail-oi1-f174.google.com [209.85.167.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A872112F394 for ; Fri, 19 Apr 2024 15:15:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.174 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713539712; cv=none; b=d8l83aBO0nue8ftGPpNj6vAgymMrPwXsxMm49L+gwIz0wrLPiZbYh+wf2ICt2hc7bKn1FCmFIohm0p2WfroOf7yVRtiEjagWomuwVL2T7BQkmbCAAYaLXGdAZkkWPi8FQReX+1OOpXFbhyp/SuPscB9tB+ewSSzvOX1XGZE3B5c= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713539712; c=relaxed/simple; bh=9BwsgmRoellsSlnwHRY/L+avdeLAFGbR+E+vni+Rffk=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=VcIi0jHxPIEHRrynm0nhNXFIqaREU5p1Winke5OKTYBLh6iBJF4xtsJ7vSdnjzfGZZTVdReEYUZro6p7OmWqKeAM4Vgk88i+YyqfXuEkMQfsQ1UqXA2uGQ1RRYGg53VXFrJpVs5B0MYw0ZMIMF1UQ9ZZ6xF49X0P0+zYGCaWBT8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org; spf=pass smtp.mailfrom=chromium.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b=AWy+8c1v; arc=none smtp.client-ip=209.85.167.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-oi1-f174.google.com with SMTP id 5614622812f47-3c70a55988dso1218785b6e.0 for ; Fri, 19 Apr 2024 08:15:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1713539710; x=1714144510; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=HEgNKLbZoEckSudwAQVqNp3+oLRHBSm8rIiQDAC0My0=; b=AWy+8c1vr5cirJwdzs5hWZ8G0ld/TGgYfqUACuxQQX9Ap2ZG701JEGnZ5cnHfPa/Pw 0FMkrwRpYUePBA3cyBHMppwspu7i/avbUH5GXdLQ3iC3kIKw2DZxAX9wO2b0LcXn5WnE LCl0YULWzvwfv/EHTymQJKxOXnTCrPR2Evf60= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713539710; x=1714144510; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HEgNKLbZoEckSudwAQVqNp3+oLRHBSm8rIiQDAC0My0=; b=BF7mtC+ojv0UEcPoYouPJVkEWkkee0Jh4f+p9/ugMLIw8CR7e7ApE38uebEg46GXnt 5mHzyKt4FfhlBHyvp7K0iX3TpYoE/dAxH+GOpeSgr/URYbN08l+qx6YCULwZCMF5ZZ9Y /IdfeSIG1F3RATh11D4RCNLA0gHL0Epu2vJJGv7Bq9Q1jK+UXW402T3UeIUvuf5cNmOH pvGFEIbmFSVet3fk7eLQ0CBs746fxMfkOOexNEOwjuWdHOmFgpaPQXInoDNkADFFhYPx u4BqCT8bzQJDqC7tRoHJpVRXUcOC73cqVDL9Ti5jamHVUh+yyBBR0BoDes9e9ctPHYFC QPyg== X-Forwarded-Encrypted: i=1; AJvYcCWbUXoZm2Jcfs3iWz9kpG5jSOkgMuCP7b1deOx/BMYqhhQElD4A+JO64VNwbN5tMVa+vRfrK09DcM00b1bs9uj7tD6hReYx2ueOdJsM X-Gm-Message-State: AOJu0Yyi+666SQrsh4WvqSre6zcCjq83oDkpHTE4Afy4e/7TK/16hhO7 kLAjaip+M83myuI2JjN1mCSv6OFqOF68qG7U+YxqdGRs6clB4zOYAWg5IcYUaIEVQvCYSOzoLjO UJd6/gBLHMPQBeBHtfRmJJI6kBXtR51CUzSfZ X-Received: by 2002:a05:6870:1d0a:b0:233:abab:6d6c with SMTP id pa10-20020a0568701d0a00b00233abab6d6cmr2926542oab.7.1713539709864; Fri, 19 Apr 2024 08:15:09 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240415163527.626541-1-jeffxu@chromium.org> In-Reply-To: From: Jeff Xu Date: Fri, 19 Apr 2024 08:14:58 -0700 Message-ID: Subject: Re: [PATCH v10 0/5] Introduce mseal To: Suren Baghdasaryan Cc: "Liam R. Howlett" , akpm@linux-foundation.org, keescook@chromium.org, jannh@google.com, sroettger@google.com, willy@infradead.org, gregkh@linuxfoundation.org, torvalds@linux-foundation.org, usama.anjum@collabora.com, corbet@lwn.net, merimus@google.com, rdunlap@infradead.org, jeffxu@google.com, jorgelo@chromium.org, groeck@chromium.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, pedro.falcato@gmail.com, dave.hansen@intel.com, linux-hardening@vger.kernel.org, deraadt@openbsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Apr 19, 2024 at 7:57=E2=80=AFAM Suren Baghdasaryan wrote: > > On Thu, Apr 18, 2024 at 6:22=E2=80=AFPM Jeff Xu wro= te: > > > > On Thu, Apr 18, 2024 at 1:19=E2=80=AFPM Suren Baghdasaryan wrote: > > > > > > On Tue, Apr 16, 2024 at 12:40=E2=80=AFPM Jeff Xu wrote: > > > > > > > > On Tue, Apr 16, 2024 at 8:13=E2=80=AFAM Liam R. Howlett wrote: > > > > > > > > > > * jeffxu@chromium.org [240415 12:35]: > > > > > > From: Jeff Xu > > > > > > > > > > > > This is V10 version, it rebases v9 patch to 6.9.rc3. > > > > > > We also applied and tested mseal() in chrome and chromebook. > > > > > > > > > > > > ---------------------------------------------------------------= --- > > > > > ... > > > > > > > > > > > MM perf benchmarks > > > > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > > > > > This patch adds a loop in the mprotect/munmap/madvise(DONTNEED)= to > > > > > > check the VMAs=E2=80=99 sealing flag, so that no partial update= can be made, > > > > > > when any segment within the given memory range is sealed. > > > > > > > > > > > > To measure the performance impact of this loop, two tests are d= eveloped. > > > > > > [8] > > > > > > > > > > > > The first is measuring the time taken for a particular system c= all, > > > > > > by using clock_gettime(CLOCK_MONOTONIC). The second is using > > > > > > PERF_COUNT_HW_REF_CPU_CYCLES (exclude user space). Both tests h= ave > > > > > > similar results. > > > > > > > > > > > > The tests have roughly below sequence: > > > > > > for (i =3D 0; i < 1000, i++) > > > > > > create 1000 mappings (1 page per VMA) > > > > > > start the sampling > > > > > > for (j =3D 0; j < 1000, j++) > > > > > > mprotect one mapping > > > > > > stop and save the sample > > > > > > delete 1000 mappings > > > > > > calculates all samples. > > > > > > > > > > > > > > > Thank you for doing this performance testing. > > > > > > > > > > > > > > > > > Below tests are performed on Intel(R) Pentium(R) Gold 7505 @ 2.= 00GHz, > > > > > > 4G memory, Chromebook. > > > > > > > > > > > > Based on the latest upstream code: > > > > > > The first test (measuring time) > > > > > > syscall__ vmas t t_mseal delta_ns per_vma % > > > > > > munmap__ 1 909 944 35 35 104% > > > > > > munmap__ 2 1398 1502 104 52 107% > > > > > > munmap__ 4 2444 2594 149 37 106% > > > > > > munmap__ 8 4029 4323 293 37 107% > > > > > > munmap__ 16 6647 6935 288 18 104% > > > > > > munmap__ 32 11811 12398 587 18 105% > > > > > > mprotect 1 439 465 26 26 106% > > > > > > mprotect 2 1659 1745 86 43 105% > > > > > > mprotect 4 3747 3889 142 36 104% > > > > > > mprotect 8 6755 6969 215 27 103% > > > > > > mprotect 16 13748 14144 396 25 103% > > > > > > mprotect 32 27827 28969 1142 36 104% > > > > > > madvise_ 1 240 262 22 22 109% > > > > > > madvise_ 2 366 442 76 38 121% > > > > > > madvise_ 4 623 751 128 32 121% > > > > > > madvise_ 8 1110 1324 215 27 119% > > > > > > madvise_ 16 2127 2451 324 20 115% > > > > > > madvise_ 32 4109 4642 534 17 113% > > > > > > > > > > > > The second test (measuring cpu cycle) > > > > > > syscall__ vmas cpu cmseal delta_cpu per_vma % > > > > > > munmap__ 1 1790 1890 100 100 106% > > > > > > munmap__ 2 2819 3033 214 107 108% > > > > > > munmap__ 4 4959 5271 312 78 106% > > > > > > munmap__ 8 8262 8745 483 60 106% > > > > > > munmap__ 16 13099 14116 1017 64 108% > > > > > > munmap__ 32 23221 24785 1565 49 107% > > > > > > mprotect 1 906 967 62 62 107% > > > > > > mprotect 2 3019 3203 184 92 106% > > > > > > mprotect 4 6149 6569 420 105 107% > > > > > > mprotect 8 9978 10524 545 68 105% > > > > > > mprotect 16 20448 21427 979 61 105% > > > > > > mprotect 32 40972 42935 1963 61 105% > > > > > > madvise_ 1 434 497 63 63 115% > > > > > > madvise_ 2 752 899 147 74 120% > > > > > > madvise_ 4 1313 1513 200 50 115% > > > > > > madvise_ 8 2271 2627 356 44 116% > > > > > > madvise_ 16 4312 4883 571 36 113% > > > > > > madvise_ 32 8376 9319 943 29 111% > > > > > > > > > > > > > > > > If I am reading this right, madvise() is affected more than the o= ther > > > > > calls? Is that expected or do we need to have a closer look? > > > > > > > > > The madvise() has a bigger percentage (per_vma %), but it also has = a > > > > smaller base value (cpu). > > > > > > Sorry, it's unclear to me what the "vmas" column denotes. Is that how > > > many VMAs were created before timing the syscall? If so, then 32 is > > > the max that you show here while you seem to have tested with 1000 > > > VMAs. What is the overhead with 1000 VMAs? > > > > The vmas column is the number of VMA used in one call. > > > > For example: for 32 and mprotect(ptr,size), the memory range used in > > mprotect has 32 VMAs. > > Ok, so the 32 here denotes how many VMAs one mprotect() call spans? > Yes. > > > > It also matters how many memory ranges are in-use at the time of the > > test, This is where 1000 comes in. The test creates 1000 memory > > ranges, each memory range has 32 vmas, then calls mprotect on the 1000 > > memory range. (the pseudocode was included in the original email) > > So, if each range has 32 vmas and you have 1000 ranges then you are > creating 32000 vmas? Sorry, your pseudocode does not clarify that. My > current understanding is this: > > for (i =3D 0; i < 1000, i++) > mmap N*1000 areas (N=3D[1-32]) > start the sampling > for (j =3D 0; j < 1000, j++) > mprotect N areas with one syscall > stop and save the sample > munmap N*1000 areas > calculates all samples. > > Is that correct? > Yes, There will be 32000 VMA in the system. The pseudocode is correct in concept. The test implementation is slightly different, it uses mprotect to split the memory and make sure the VMAs doesn't merge. For detail, the reference [8] of the original email link to the test code. -Jeff