Re: [PATCH v10 0/5] Introduce mseal

From: Pedro Falcato
Date: Fri Apr 19 2024 - 13:59:50 EST

Next message: Daniel Sneddon: "Re: [PATCH 15/14] x86/gds: Lock GDS mitigation when keylocker feature is present"
Previous message: Serge Semin: "[PATCH v2 6/6] dmaengine: dw: Unify ret-val local variables naming"
In reply to: Suren Baghdasaryan: "Re: [PATCH v10 0/5] Introduce mseal"
Next in thread: Jeff Xu: "Re: [PATCH v10 0/5] Introduce mseal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 19, 2024 at 2:22 AM Jeff Xu <jeffxu@xxxxxxxxxxxx> wrote:
> The overhead is likely to grow linearly with the number of VMA, since
> it takes time to retrieve VMA's metadata.
>
> Let's use one data sample to look at impact:
>
> Test: munmap 1000 memory range, each memory range has 1 VMA
>
> syscall__ vmas t t_mseal delta_ns per_vma %
> munmap__ 1 909 944 35 35 104%
>
> For those 1000 munmap calls, sealing adds 35000 ns in total, or 35 ns per call.

Have you tried to spray around some likely() and unlikely()s? Does
that make a difference? I'm thinking that sealing VMAs will be very
rare, and mprotect/munmapping them is probably a programming error
anyway, so the extra branches in the mprotect/munmap/madvice (etc)
should be a nice target for some branch annotation.

--
Pedro

Next message: Daniel Sneddon: "Re: [PATCH 15/14] x86/gds: Lock GDS mitigation when keylocker feature is present"
Previous message: Serge Semin: "[PATCH v2 6/6] dmaengine: dw: Unify ret-val local variables naming"
In reply to: Suren Baghdasaryan: "Re: [PATCH v10 0/5] Introduce mseal"
Next in thread: Jeff Xu: "Re: [PATCH v10 0/5] Introduce mseal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]