| Message ID | 20231129-idmap-fscap-refactor-v1-15-da5a26058a5b@kernel.org (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | fs: use type-safe uid representation for filesystem capabilities | expand |
Hello,
kernel test robot noticed a -3.4% regression of unixbench.score on:
commit: 4d9674015c6c6b0d3dd2013f7fbff6a8648e59dd ("[PATCH 15/16] commoncap: use vfs fscaps interfaces for killpriv checks")
url: https://github.com/intel-lab-lkp/linux/commits/Seth-Forshee-DigitalOcean/mnt_idmapping-split-out-core-vfs-ug-id_t-definitions-into-vfsid-h/20231130-055846
patch link: https://lore.kernel.org/all/20231129-idmap-fscap-refactor-v1-15-da5a26058a5b@kernel.org/
patch subject: [PATCH 15/16] commoncap: use vfs fscaps interfaces for killpriv checks
testcase: unixbench
test machine: 64 threads 2 sockets Intel(R) Xeon(R) Gold 6346 CPU @ 3.10GHz (Ice Lake) with 256G memory
parameters:
runtime: 300s
nr_task: 100%
test: fsbuffer
cpufreq_governor: performance
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202312111506.39e728bf-oliver.sang@intel.com
Details are as below:
-------------------------------------------------------------------------------------------------->
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20231211/202312111506.39e728bf-oliver.sang@intel.com
=========================================================================================
compiler/cpufreq_governor/kconfig/nr_task/rootfs/runtime/tbox_group/test/testcase:
gcc-12/performance/x86_64-rhel-8.3/100%/debian-11.1-x86_64-20220510.cgz/300s/lkp-icl-2sp9/fsbuffer/unixbench
commit:
28b9eedcb5 ("commoncap: remove cap_inode_getsecurity()")
4d9674015c ("commoncap: use vfs fscaps interfaces for killpriv checks")
28b9eedcb59f6969 4d9674015c6c6b0d3dd2013f7fb
---------------- ---------------------------
%stddev %change %stddev
\ | \
442.83 ± 8% +13.6% 503.17 ± 5% perf-c2c.DRAM.local
106496 -3.4% 102870 unixbench.score
8.46e+09 -3.3% 8.181e+09 unixbench.workload
22955 ± 9% -15.1% 19480 ± 8% sched_debug.cfs_rq:/.load.avg
52666 ± 8% -20.2% 42050 ± 6% sched_debug.cfs_rq:/.load.stddev
696.27 ± 10% -22.2% 541.75 ± 9% sched_debug.cpu.curr->pid.stddev
0.15 ± 13% -18.8% 0.12 ± 10% perf-sched.wait_and_delay.avg.ms.__cond_resched.__filemap_get_folio.simple_write_begin.generic_perform_write.generic_file_write_iter
0.23 ± 12% -25.8% 0.17 ± 14% perf-sched.wait_and_delay.avg.ms.exit_to_user_mode_loop.exit_to_user_mode_prepare.irqentry_exit_to_user_mode.asm_sysvec_apic_timer_interrupt
413.00 ± 4% +17.7% 486.00 ± 7% perf-sched.wait_and_delay.count.__cond_resched.__filemap_get_folio.simple_write_begin.generic_perform_write.generic_file_write_iter
0.15 ± 13% -18.8% 0.12 ± 10% perf-sched.wait_time.avg.ms.__cond_resched.__filemap_get_folio.simple_write_begin.generic_perform_write.generic_file_write_iter
0.22 ± 14% -28.2% 0.16 ± 13% perf-sched.wait_time.avg.ms.exit_to_user_mode_loop.exit_to_user_mode_prepare.irqentry_exit_to_user_mode.asm_sysvec_apic_timer_interrupt
3.277e+10 +1.2% 3.316e+10 perf-stat.i.branch-instructions
4.128e+08 -3.2% 3.997e+08 perf-stat.i.cache-references
282058 -4.5% 269378 perf-stat.i.dTLB-load-misses
7803 ± 44% +24.8% 9740 perf-stat.overall.path-length
2.728e+10 ± 44% +21.4% 3.313e+10 perf-stat.ps.branch-instructions
17.86 -1.0 16.83 perf-profile.calltrace.cycles-pp.generic_perform_write.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64
6.26 -0.3 5.93 perf-profile.calltrace.cycles-pp.simple_write_begin.generic_perform_write.generic_file_write_iter.vfs_write.ksys_write
5.75 -0.3 5.43 perf-profile.calltrace.cycles-pp.__filemap_get_folio.simple_write_begin.generic_perform_write.generic_file_write_iter.vfs_write
3.71 -0.2 3.50 perf-profile.calltrace.cycles-pp.copy_page_from_iter_atomic.generic_perform_write.generic_file_write_iter.vfs_write.ksys_write
3.79 -0.2 3.58 perf-profile.calltrace.cycles-pp.entry_SYSCALL_64.write
2.55 -0.2 2.34 perf-profile.calltrace.cycles-pp.simple_write_end.generic_perform_write.generic_file_write_iter.vfs_write.ksys_write
3.11 ± 2% -0.2 2.93 perf-profile.calltrace.cycles-pp.filemap_get_entry.__filemap_get_folio.simple_write_begin.generic_perform_write.generic_file_write_iter
2.34 -0.1 2.20 perf-profile.calltrace.cycles-pp.__fsnotify_parent.vfs_write.ksys_write.do_syscall_64.entry_SYSCALL_64_after_hwframe
2.08 -0.1 1.94 perf-profile.calltrace.cycles-pp.file_update_time.__generic_file_write_iter.generic_file_write_iter.vfs_write.ksys_write
2.74 -0.1 2.62 perf-profile.calltrace.cycles-pp.fault_in_iov_iter_readable.generic_perform_write.generic_file_write_iter.vfs_write.ksys_write
1.70 -0.1 1.59 perf-profile.calltrace.cycles-pp.inode_needs_update_time.file_update_time.__generic_file_write_iter.generic_file_write_iter.vfs_write
1.32 ± 2% -0.1 1.23 perf-profile.calltrace.cycles-pp.xas_load.filemap_get_entry.__filemap_get_folio.simple_write_begin.generic_perform_write
1.20 -0.1 1.11 ± 2% perf-profile.calltrace.cycles-pp.down_write.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64
0.57 ± 3% -0.1 0.52 ± 2% perf-profile.calltrace.cycles-pp.xas_descend.xas_load.filemap_get_entry.__filemap_get_folio.simple_write_begin
0.78 ± 2% -0.0 0.74 perf-profile.calltrace.cycles-pp.up_write.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64
1.01 -0.0 0.96 perf-profile.calltrace.cycles-pp.generic_write_checks.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64
0.75 -0.0 0.71 ± 2% perf-profile.calltrace.cycles-pp.folio_unlock.simple_write_end.generic_perform_write.generic_file_write_iter.vfs_write
0.68 ± 5% +0.1 0.77 perf-profile.calltrace.cycles-pp.xas_descend.xas_load.filemap_get_read_batch.filemap_get_pages.filemap_read
1.72 ± 3% +0.1 1.84 perf-profile.calltrace.cycles-pp.xas_load.filemap_get_read_batch.filemap_get_pages.filemap_read.vfs_read
43.59 +0.3 43.87 perf-profile.calltrace.cycles-pp.entry_SYSCALL_64_after_hwframe.write
42.78 +0.3 43.10 perf-profile.calltrace.cycles-pp.do_syscall_64.entry_SYSCALL_64_after_hwframe.write
40.44 +0.4 40.84 perf-profile.calltrace.cycles-pp.ksys_write.do_syscall_64.entry_SYSCALL_64_after_hwframe.write
38.06 +0.5 38.58 perf-profile.calltrace.cycles-pp.vfs_write.ksys_write.do_syscall_64.entry_SYSCALL_64_after_hwframe.write
0.00 +0.6 0.55 ± 4% perf-profile.calltrace.cycles-pp.xattr_resolve_name.vfs_getxattr_alloc.__vfs_get_fscaps.cap_inode_need_killpriv.security_inode_need_killpriv
28.82 +0.9 29.74 perf-profile.calltrace.cycles-pp.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64.entry_SYSCALL_64_after_hwframe
0.00 +1.5 1.47 perf-profile.calltrace.cycles-pp.strncmp.xattr_permission.vfs_getxattr_alloc.__vfs_get_fscaps.cap_inode_need_killpriv
0.00 +1.8 1.84 perf-profile.calltrace.cycles-pp.xattr_permission.vfs_getxattr_alloc.__vfs_get_fscaps.cap_inode_need_killpriv.security_inode_need_killpriv
6.70 +2.2 8.92 perf-profile.calltrace.cycles-pp.__generic_file_write_iter.generic_file_write_iter.vfs_write.ksys_write.do_syscall_64
3.86 +2.4 6.26 perf-profile.calltrace.cycles-pp.__file_remove_privs.__generic_file_write_iter.generic_file_write_iter.vfs_write.ksys_write
2.37 +2.5 4.90 perf-profile.calltrace.cycles-pp.security_inode_need_killpriv.__file_remove_privs.__generic_file_write_iter.generic_file_write_iter.vfs_write
1.94 +2.6 4.52 perf-profile.calltrace.cycles-pp.cap_inode_need_killpriv.security_inode_need_killpriv.__file_remove_privs.__generic_file_write_iter.generic_file_write_iter
0.00 +3.0 2.98 perf-profile.calltrace.cycles-pp.vfs_getxattr_alloc.__vfs_get_fscaps.cap_inode_need_killpriv.security_inode_need_killpriv.__file_remove_privs
0.00 +4.1 4.08 perf-profile.calltrace.cycles-pp.__vfs_get_fscaps.cap_inode_need_killpriv.security_inode_need_killpriv.__file_remove_privs.__generic_file_write_iter
18.27 -1.0 17.22 perf-profile.children.cycles-pp.generic_perform_write
6.36 -0.3 6.03 perf-profile.children.cycles-pp.simple_write_begin
5.96 -0.3 5.64 perf-profile.children.cycles-pp.__filemap_get_folio
2.71 -0.2 2.49 perf-profile.children.cycles-pp.simple_write_end
3.76 -0.2 3.55 perf-profile.children.cycles-pp.copy_page_from_iter_atomic
3.21 ± 2% -0.2 3.02 perf-profile.children.cycles-pp.filemap_get_entry
2.23 -0.1 2.08 perf-profile.children.cycles-pp.file_update_time
1.90 -0.1 1.77 perf-profile.children.cycles-pp.inode_needs_update_time
2.86 -0.1 2.74 perf-profile.children.cycles-pp.fault_in_iov_iter_readable
4.92 -0.1 4.81 perf-profile.children.cycles-pp.entry_SYSCALL_64
2.44 -0.1 2.33 perf-profile.children.cycles-pp.fault_in_readable
1.31 -0.1 1.21 ± 2% perf-profile.children.cycles-pp.down_write
3.93 -0.1 3.86 perf-profile.children.cycles-pp.entry_SYSRETQ_unsafe_stack
0.55 ± 3% -0.1 0.49 ± 2% perf-profile.children.cycles-pp.folio_mark_dirty
0.85 ± 3% -0.1 0.79 ± 2% perf-profile.children.cycles-pp.up_write
0.56 -0.1 0.50 perf-profile.children.cycles-pp.balance_dirty_pages_ratelimited_flags
0.80 -0.1 0.75 ± 2% perf-profile.children.cycles-pp.folio_unlock
0.58 ± 2% -0.0 0.53 ± 2% perf-profile.children.cycles-pp.w_test
1.16 -0.0 1.11 perf-profile.children.cycles-pp.generic_write_checks
1.12 -0.0 1.07 perf-profile.children.cycles-pp.syscall_enter_from_user_mode
0.54 -0.0 0.50 ± 2% perf-profile.children.cycles-pp.folio_mapping
0.62 ± 2% -0.0 0.59 perf-profile.children.cycles-pp.timestamp_truncate
0.52 -0.0 0.49 ± 2% perf-profile.children.cycles-pp.generic_write_check_limits
0.42 -0.0 0.40 ± 2% perf-profile.children.cycles-pp.folio_wait_stable
0.37 -0.0 0.35 perf-profile.children.cycles-pp.setattr_should_drop_suidgid
0.22 ± 2% -0.0 0.21 ± 3% perf-profile.children.cycles-pp.inode_to_bdi
0.17 ± 2% -0.0 0.15 ± 3% perf-profile.children.cycles-pp.is_bad_inode
0.58 ± 2% +0.1 0.66 ± 4% perf-profile.children.cycles-pp.xattr_resolve_name
0.00 +0.3 0.27 ± 2% perf-profile.children.cycles-pp.kfree
86.62 +0.3 86.93 perf-profile.children.cycles-pp.entry_SYSCALL_64_after_hwframe
85.38 +0.3 85.71 perf-profile.children.cycles-pp.do_syscall_64
40.67 +0.4 41.06 perf-profile.children.cycles-pp.ksys_write
38.45 +0.5 38.96 perf-profile.children.cycles-pp.vfs_write
29.06 +0.9 29.98 perf-profile.children.cycles-pp.generic_file_write_iter
0.00 +1.5 1.54 perf-profile.children.cycles-pp.strncmp
0.00 +2.0 2.00 perf-profile.children.cycles-pp.xattr_permission
6.86 +2.2 9.07 perf-profile.children.cycles-pp.__generic_file_write_iter
4.03 +2.4 6.42 perf-profile.children.cycles-pp.__file_remove_privs
2.49 +2.5 5.00 perf-profile.children.cycles-pp.security_inode_need_killpriv
2.07 +2.6 4.63 perf-profile.children.cycles-pp.cap_inode_need_killpriv
0.00 +3.3 3.26 perf-profile.children.cycles-pp.vfs_getxattr_alloc
0.00 +4.3 4.27 perf-profile.children.cycles-pp.__vfs_get_fscaps
3.70 -0.2 3.49 perf-profile.self.cycles-pp.copy_page_from_iter_atomic
3.91 -0.2 3.72 perf-profile.self.cycles-pp.vfs_write
1.30 -0.1 1.18 perf-profile.self.cycles-pp.simple_write_end
1.23 -0.1 1.12 ± 2% perf-profile.self.cycles-pp.__file_remove_privs
1.86 -0.1 1.75 perf-profile.self.cycles-pp.generic_perform_write
2.37 -0.1 2.26 perf-profile.self.cycles-pp.fault_in_readable
1.83 -0.1 1.73 perf-profile.self.cycles-pp.write
0.90 -0.1 0.81 ± 3% perf-profile.self.cycles-pp.down_write
1.98 -0.1 1.89 perf-profile.self.cycles-pp.__filemap_get_folio
7.88 -0.1 7.80 perf-profile.self.cycles-pp.__fsnotify_parent
3.80 -0.1 3.73 perf-profile.self.cycles-pp.entry_SYSRETQ_unsafe_stack
0.97 -0.1 0.90 ± 2% perf-profile.self.cycles-pp.inode_needs_update_time
0.80 ± 3% -0.1 0.74 ± 2% perf-profile.self.cycles-pp.up_write
0.42 -0.0 0.36 ± 3% perf-profile.self.cycles-pp.security_inode_need_killpriv
0.52 ± 2% -0.0 0.48 ± 2% perf-profile.self.cycles-pp.w_test
0.74 -0.0 0.70 ± 2% perf-profile.self.cycles-pp.folio_unlock
0.96 -0.0 0.91 perf-profile.self.cycles-pp.syscall_enter_from_user_mode
0.71 -0.0 0.67 perf-profile.self.cycles-pp.ksys_write
0.83 -0.0 0.79 perf-profile.self.cycles-pp.generic_file_write_iter
0.38 -0.0 0.35 perf-profile.self.cycles-pp.balance_dirty_pages_ratelimited_flags
0.42 ± 2% -0.0 0.39 ± 3% perf-profile.self.cycles-pp.generic_write_check_limits
0.43 ± 2% -0.0 0.40 ± 2% perf-profile.self.cycles-pp.folio_mapping
0.28 ± 5% -0.0 0.25 ± 2% perf-profile.self.cycles-pp.folio_mark_dirty
1.00 -0.0 0.97 perf-profile.self.cycles-pp.__get_task_ioprio
1.22 -0.0 1.20 perf-profile.self.cycles-pp.entry_SYSCALL_64
0.41 -0.0 0.39 perf-profile.self.cycles-pp.simple_write_begin
0.39 -0.0 0.37 ± 2% perf-profile.self.cycles-pp.fault_in_iov_iter_readable
0.36 ± 5% +0.1 0.42 ± 6% perf-profile.self.cycles-pp.xattr_resolve_name
0.18 ± 3% +0.2 0.36 perf-profile.self.cycles-pp.cap_inode_need_killpriv
0.00 +0.2 0.18 ± 2% perf-profile.self.cycles-pp.kfree
0.00 +0.5 0.48 perf-profile.self.cycles-pp.xattr_permission
0.00 +0.8 0.76 perf-profile.self.cycles-pp.vfs_getxattr_alloc
0.00 +0.8 0.83 perf-profile.self.cycles-pp.__vfs_get_fscaps
0.00 +1.4 1.42 perf-profile.self.cycles-pp.strncmp
Disclaimer:
Results have been estimated based on internal Intel analysis and are provided
for informational purposes only. Any difference in system hardware or software
design or configuration may affect actual performance.
diff --git a/security/commoncap.c b/security/commoncap.c index ced7a3c9685f..15344c86c759 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -295,11 +295,12 @@ int cap_capset(struct cred *new, */ int cap_inode_need_killpriv(struct dentry *dentry) { - struct inode *inode = d_backing_inode(dentry); + struct vfs_caps caps; int error; - error = __vfs_getxattr(dentry, inode, XATTR_NAME_CAPS, NULL, 0); - return error > 0; + /* Use nop_mnt_idmap for no mapping here as mapping is unimportant */ + error= __vfs_get_fscaps(&nop_mnt_idmap, dentry, &caps); + return error == 0; } /** @@ -322,7 +323,7 @@ int cap_inode_killpriv(struct mnt_idmap *idmap, struct dentry *dentry) { int error; - error = __vfs_removexattr(idmap, dentry, XATTR_NAME_CAPS); + error = __vfs_remove_fscaps(idmap, dentry); if (error == -EOPNOTSUPP) error = 0; return error;
Signed-off-by: Seth Forshee (DigitalOcean) <sforshee@kernel.org> --- security/commoncap.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)