LTT micro-benchmarks

• Previous message: Karim Yaghmour: "Re: Hooking into Linux using the Linux Trace Toolkit"
• Next in thread: Anil B. Somayaji: "LTT micro-benchmarks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well, since I've been harping on micro-benchmarks, I thought I'd go
ahead and run a few.  The basic news is that the Linux Trace Toolkit
does impose significant overhead on simple operations; however, the
overhead is pretty much in the noise for anything real, at least on my
system.  Each test seemed to indicate a 1 microsecond overhead for
simple operations, roughly.  Of course, this affects fast operations
more than slow ones.  A "null" call (getppid) was 60% slower, and
minimal basic file operations (stat, open, close) were 11-12% slower -
but the overhead was only around 2-3% for fork and execve.  There also
seems to be some significant impact on local communication latency,
but I only ran the fast versions of the tests, so that may need more
work.

Note that these results were for the LTT built-in to the kernel.  I
wanted to test it as a module (both loaded and unloaded), but the
unofficial 2.4.2 patch leaves unresolved symbols with my
configuration.

What does this mean for the LSM project?  I'm not sure.  Ideally, I
think we should shoot for at most a 20% impact on null calls, but
really that's a judgement call - maybe someone should check with the
kernel gurus about what would be acceptable impact.  My main thought
is that if some bit of code is going to be accepted, it should be
minimal, and be thoroughly benchmarked.  I would hate to see a
beautiful design and implementation get rejected because it was too
expensive for people who didn't care about security.

  --Anil


Details on test:
  Performed on a P2/266 w/ 288M RAM  (Intel 440LX, HP Pavilion 8260)
  Debian unstable, booted in single user mode

  2.4.2 vs. 2.4.2 w/ patch-ltt-linux-2.4.2-vanilla-010322
  (needed to make small change to arch/i386/boot/Makefile from 2.4.3
  to fix compile bug)

  identical kernel options, except LTT built in for latter
  (tried to modularize, but module had unresolved symbols)

  tracing was tested, but was not running during tests

  Ran 3 tests each in succession

  edited output from lmbench-2beta1, three runs each
  (removed hostname and clarified kernel version, deleted
  parts that didn't seem to indicate difference, or that weren't
  completely run)

  lmbench options: 196M memory, no disks, no ext. host, fast memory,
  no disk tests


 Processor, Processes - times in microseconds - smaller is better
 ----------------------------------------------------------------
              Mhz null null      open selct sig  sig  fork exec sh  
 Kernel           call  I/O stat clos TCP   inst hndl proc proc proc
 ---------   ---- ---- ---- ---- ---- ----- ---- ---- ---- ---- ----
 2.4.2-LTT   267  1.71 2.44 7.37   10    78 3.86 7.05  553 2959  17K
 2.4.2-LTT   267  1.71 2.44 7.43   10    85 3.86 7.02  552 2989  17K
 2.4.2-LTT   267  1.71 2.48 7.56   10    90 3.85 7.06  557 3012  17K
 2.4.2       267  1.07 1.59 6.58 9.07    56 3.21 6.13  535 2851  17K
 2.4.2       267  1.07 1.59 6.64 9.04    63 3.21 6.13  537 2918  17K
 2.4.2       267  1.07 1.58 6.62 9.00    56 3.21 6.13  539 2924  17K

 *Local* Communication latencies in microseconds - smaller is better
 -------------------------------------------------------------------
             2p/0K  Pipe AF     UDP  RPC/   TCP  RPC/ TCP
 Kernel      ctxsw       UNIX         UDP         TCP conn
 ---------   ----- ----- ---- ----- ----- ----- ----- ----
 2.4.2-LTT   2.440    16   28    85         124        389
 2.4.2-LTT   2.660    18   29    87         127        392
 2.4.2-LTT   1.980    18   29    86         127        399
 2.4.2       1.990    13   22    72         108        361
 2.4.2       2.350    13   22    77         112        376
 2.4.2       2.270    13   23    75         115        379

 *Local* Communication bandwidths in MB/s - bigger is better
 -----------------------------------------------------------
             Pipe AF    TCP  File   Mmap  Bcopy  Bcopy  Mem   Mem
 Kernel           UNIX      reread reread (libc) (hand) read write
 ---------   ---- ---- ---- ------ ------ ------ ------ ---- -----
 2.4.2-LTT   143   80   59    107    223     97     83  223   122
 2.4.2-LTT   143   75   60    106    223     97     83  223   122
 2.4.2-LTT   141   85   57    106    223     97     83  223   122
 2.4.2       147   86   60    107    223     97     83  223   123
 2.4.2       146   85   57    107    223     97     83  223   123
 2.4.2       145   86   54    106    223     97     83  223   123
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)

iEYEARECAAYFAjrb8BcACgkQXOpXEmNZ3ScQhACfagLVqCbnEkPL1RmFcLZsy/XO
K0oAnimpgckSM3/2HVXIPdQjRXz7R+Va
=Vugf
-----END PGP SIGNATURE-----

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Anil B. Somayaji: "LTT micro-benchmarks"
• Previous message: Karim Yaghmour: "Re: Hooking into Linux using the Linux Trace Toolkit"
• Next in thread: Anil B. Somayaji: "LTT micro-benchmarks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 00:28:24 PDT