Re: SELinux metadata protection

From: KaiGai Kohei (kaigai@private)
Date: Sun Jan 01 2006 - 22:02:46 PST

Previous message: KaiGai Kohei: "Re: SELinux metadata protection"
In reply to: Serge E. Hallyn: "Re: SELinux metadata protection"
Next in thread: Serge E. Hallyn: "Re: SELinux metadata protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

>>Pay attention to what 'filler' was overwritten in this patch.
>>When LSM is enable, FS's readdir method (dir->f_op->readdir) always calls 
>>'security_file_filldir'
>>for each directory entry instead of original 'filler' given by arguments.
> 
> 
> Yes, I see, and I was being dense and misread it.  So forget what I said
> before.  But please add a good comment above the security_file_filldir
> definition.  Also, the kernel community doesn't like typedefs, so please
> change

OK, I'll modify the definition of 'security_filldir_t'.

> Do you have any performance measurements, say with selinux and with only
> capabilities compiled in, with and without this patch?  I suspect that will
> be one of the most important points of contention if this goes to the
> linux-kernel list.

I collected three performance measurements which includes kernel-build and
two most extreme workload.

o Environment (My desktop PC)
   CPU: Pentium4 2.4GHz (No-HT)
   Mem: 1024MB
   Kernel: 2.6.14.5-selinux / 2.6.14.5-selinux.mp
           (stock 2.6.14.5 + NSA's patch ( + metadata protection patch))
   GLIBC: glibc-2.3.5-10.3

o benchmark.1 - simple iteration of readdir()
     by 'time -p for x in `seq 1 100`; do ls -R linux-2.6.14 > /dev/null; done'
   The followings are avarage and standard deviation of 20 times trial.
   * 2.6.14.5-selinux (without metadata protection)
     real : 9.542 [sec] (std = 0.036)
     user : 6.238 [sec] (std = 0.125)
     sys  : 3.253 [sec] (std = 0.124)

   * 2.6.14.5-selinux.mp (with metadata protection)
     real : 11.920 [sec] (std = 0.015)
     user :  6.293 [sec] (std = 0.111)
     sys  :  5.569 [sec] (std = 0.114)

o benchmark.2 - iteration of resolving filename by attached short program.
   './a.out /lib/modules/2.6.14.5-selinux/build/security/selinux/hooks.c'
   The followings are average and standard diviation of 20 times trial.
   * 2.6.14.5-selinux (without metadata protection)
     Avg: 6.931 [sec] (std = 0.020)
   * 2.6.14.5-selinux.mp (with metadata protection)
     Avg: 8.528 [sec] (std = 0.096)

o benchmark.3 - kernel-build by following commands.
     % tar jxvf linux-2.6.14.5.tar.bz2
     % cd 2.6.14.5
     % make defconfig
     % time -p make -j 2
   * 2.6.14.5-selinux (without metadata protection)
     real: 391.14[sec] (user = 356.06[s], sys = 33.49[s])
   * 2.6.14.5-selinux.mp (with metadata protection)
     real: 406.09[sec] (user = 366.47[s], sys = 36.79[s])

Thanks,
-- 
KaiGai Kohei <kaigai@private>

text/x-csrc attachment: lookup.c

Previous message: KaiGai Kohei: "Re: SELinux metadata protection"
In reply to: Serge E. Hallyn: "Re: SELinux metadata protection"
Next in thread: Serge E. Hallyn: "Re: SELinux metadata protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Sun Jan 01 2006 - 22:03:36 PST