Re: [PATCH v2] audit: unify audit_filter_{uring(),inode_name(),syscall()}
From: Ankur Arora
Date: Fri Oct 14 2022 - 12:53:45 EST
Paul Moore <paul@xxxxxxxxxxxxxx> writes:
> On Thu, Oct 6, 2022 at 8:49 PM Ankur Arora <ankur.a.arora@xxxxxxxxxx> wrote:
>>
>> audit_filter_uring(), audit_filter_inode_name() are substantially
>> similar to audit_filter_syscall(). Move the core logic to
>> __audit_filter_op() which can be parametrized for all three.
>>
>> On a Skylakex system, getpid() latency (all results aggregated
>> across 12 boot cycles):
>>
>> Min Mean Median Max pstdev
>> (ns) (ns) (ns) (ns)
>>
>> - 196.63 207.86 206.60 230.98 (+- 3.92%)
>> + 183.73 196.95 192.31 232.49 (+- 6.04%)
>>
>> Performance counter stats for 'bin/getpid' (3 runs) go from:
>> cycles 805.58 ( +- 4.11% )
>> instructions 1654.11 ( +- .05% )
>> IPC 2.06 ( +- 3.39% )
>> branches 430.02 ( +- .05% )
>> branch-misses 1.55 ( +- 7.09% )
>> L1-dcache-loads 440.01 ( +- .09% )
>> L1-dcache-load-misses 9.05 ( +- 74.03% )
>> to:
>> cycles 765.37 ( +- 6.66% )
>> instructions 1677.07 ( +- 0.04% )
>> IPC 2.20 ( +- 5.90% )
>> branches 431.10 ( +- 0.04% )
>> branch-misses 1.60 ( +- 11.25% )
>> L1-dcache-loads 521.04 ( +- 0.05% )
>> L1-dcache-load-misses 6.92 ( +- 77.60% )
>>
>> (Both aggregated over 12 boot cycles.)
>>
>> The increased L1-dcache-loads are due to some intermediate values now
>> coming from the stack.
>>
>> The improvement in cycles is due to a slightly denser loop (the list
>> parameter in the list_for_each_entry_rcu() exit check now comes from
>> a register rather than a constant as before.)
>>
>> Signed-off-by: Ankur Arora <ankur.a.arora@xxxxxxxxxx>
>> ---
>> kernel/auditsc.c | 76 +++++++++++++++++++++++++-----------------------
>> 1 file changed, 39 insertions(+), 37 deletions(-)
>
> Thanks, this looks good to me. I'll queue this up for when the merge
> window closes.
Great. Thanks Paul.
--
ankur