Re: [INFO] ratio of const vs dynamic usercopy

[Kees Cook]

On Tue, Sep 20, 2016 at 7:19 AM, Josh Poimboeuf <jpoim...@redhat.com> wrote:
> On Mon, Sep 19, 2016 at 09:58:39PM -0700, Kees Cook wrote:
>> Hi,
>>
>> Al had asked me a couple weeks back what the ratio of const vs dynamic
>> usercopying was. With Josh's cleanup and my fix-up to only call the
>> hardened usercopy when non-const, I can actually gather these statistics
>> on a build. It's a bit of a hack (see attached patch that should not go
>> into the tree), but with my not-very-defconfig, it's rougly 2 to 1 const
>> vs dynamic.  However, this doesn't take into account the frequency at
>> _runtime_, which maybe could be discovered via perf comparing copy*user()
>> calls to __check_object_size() calls, but I didn't try that. Does someone
>> have perf setup to check this?
>
> Maybe do something like this with your patch?
>
>   trace-cmd record -p function -l __check_object_size -l 
> __skip_check_object_size [command you want to benchmark]
>   trace-cmd report

trace-cmd seemed to break for me (lost one of the CPU buffers?), so I
just did this manually:

# echo __skip_check_object_size > set_ftrace_filter
# echo __check_object_size >> set_ftrace_filter
# echo 1 > function_profile_enabled
... build the kernel 5 times ...

Out of trace_stat/function* I get:

  Function                               Hit    Time            Avg
         s^2
  --------                               ---    ----            ---
         ---
  __check_object_size                7692563    593308.5 us     0.077
us        1104414 us
  __skip_check_object_size           3832439    254356.3 us     0.066
us        205958.2 us
  Function                               Hit    Time            Avg
         s^2
  --------                               ---    ----            ---
         ---
  __check_object_size                7474288    564353.9 us     0.075
us        1282606 us
  __skip_check_object_size           3809103    261658.7 us     0.068
us        192132.0 us
  Function                               Hit    Time            Avg
         s^2
  --------                               ---    ----            ---
         ---
  __check_object_size                7472437    573517.2 us     0.076
us        4566908 us
  __skip_check_object_size           3883037    251919.3 us     0.064
us        3780134 us
  Function                               Hit    Time            Avg
         s^2
  --------                               ---    ----            ---
         ---
  __check_object_size                7882525    581605.9 us     0.073
us        51814941 us
  __skip_check_object_size           4061014    277332.0 us     0.068
us        5237258 us

So, together:

30521813 dynamic calls and 15585593 const calls, or almost exactly 2
to 1 dynamic to const. (And the dynamic calls seem to add 0.00875us
average overhead vs const.)

-Kees

-- 
Kees Cook
Nexus Security