Re: [PATCH v2] audit: unify audit_filter_{uring(),inode_name(),syscall()}
From: Paul Moore
Date: Mon Oct 17 2022 - 14:26:20 EST
On Thu, Oct 13, 2022 at 7:11 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> On Thu, Oct 6, 2022 at 8:49 PM Ankur Arora <ankur.a.arora@xxxxxxxxxx> wrote:
> >
> > audit_filter_uring(), audit_filter_inode_name() are substantially
> > similar to audit_filter_syscall(). Move the core logic to
> > __audit_filter_op() which can be parametrized for all three.
> >
> > On a Skylakex system, getpid() latency (all results aggregated
> > across 12 boot cycles):
> >
> > Min Mean Median Max pstdev
> > (ns) (ns) (ns) (ns)
> >
> > - 196.63 207.86 206.60 230.98 (+- 3.92%)
> > + 183.73 196.95 192.31 232.49 (+- 6.04%)
> >
> > Performance counter stats for 'bin/getpid' (3 runs) go from:
> > cycles 805.58 ( +- 4.11% )
> > instructions 1654.11 ( +- .05% )
> > IPC 2.06 ( +- 3.39% )
> > branches 430.02 ( +- .05% )
> > branch-misses 1.55 ( +- 7.09% )
> > L1-dcache-loads 440.01 ( +- .09% )
> > L1-dcache-load-misses 9.05 ( +- 74.03% )
> > to:
> > cycles 765.37 ( +- 6.66% )
> > instructions 1677.07 ( +- 0.04% )
> > IPC 2.20 ( +- 5.90% )
> > branches 431.10 ( +- 0.04% )
> > branch-misses 1.60 ( +- 11.25% )
> > L1-dcache-loads 521.04 ( +- 0.05% )
> > L1-dcache-load-misses 6.92 ( +- 77.60% )
> >
> > (Both aggregated over 12 boot cycles.)
> >
> > The increased L1-dcache-loads are due to some intermediate values now
> > coming from the stack.
> >
> > The improvement in cycles is due to a slightly denser loop (the list
> > parameter in the list_for_each_entry_rcu() exit check now comes from
> > a register rather than a constant as before.)
> >
> > Signed-off-by: Ankur Arora <ankur.a.arora@xxxxxxxxxx>
> > ---
> > kernel/auditsc.c | 76 +++++++++++++++++++++++++-----------------------
> > 1 file changed, 39 insertions(+), 37 deletions(-)
>
> Thanks, this looks good to me. I'll queue this up for when the merge
> window closes.
This is also merged into audit/next, thanks!
--
paul-moore.com