From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758565AbcLBAML (ORCPT ); Thu, 1 Dec 2016 19:12:11 -0500 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:55206 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758404AbcLBAMJ (ORCPT ); Thu, 1 Dec 2016 19:12:09 -0500 Date: Fri, 2 Dec 2016 01:09:04 +0100 From: Florian Westphal To: Paul Moore Cc: Florian Westphal , linux-kernel@vger.kernel.org, linux-audit@redhat.com, Eric Paris Subject: Re: [PATCH] audit: remove the audit freelist Message-ID: <20161202000904.GA31010@breakpoint.cc> References: <1479215774-29810-1-git-send-email-fw@strlen.de> <20161201014455.GD26507@breakpoint.cc> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Paul Moore wrote: > On Wed, Nov 30, 2016 at 8:44 PM, Florian Westphal wrote: > > Paul Moore wrote: > >> On Tue, Nov 15, 2016 at 8:16 AM, Florian Westphal wrote: > >> > allows better debugging as freeing audit buffers now always honors slub > >> > debug hooks (e.g. object poisoning) and leak checker can detect the > >> > free operation. > >> > > >> > Removal also results in a small speedup (using > >> > single rule 'iptables -A INPUT -i lo -j AUDIT --type drop'): > >> > > >> > super_netperf 4 -H 127.0.0.1 -l 360 -t UDP_RR -- -R 1 -m 64 > >> > Before: > >> > 294953 > >> > After: > >> > 298013 > >> > > >> > (alloc/free no longer serializes on spinlock, allocator can use percpu > >> > pool). > >> > > >> > Signed-off-by: Florian Westphal > >> > --- > >> > kernel/audit.c | 53 ++++++++--------------------------------------------- > >> > 1 file changed, 8 insertions(+), 45 deletions(-) > >> > >> Sorry for the delay, I was hoping to have some time to play around > >> with this and offer a more meaningful comment ... I've often wondered > >> about converting audit_buffer, and audit_context for that matter, over > >> to their own kmem_cache; have you considered that? Or was this > >> proposed due to simplicity? > > > > Not sure I understand, you could still convert it on top of this. > > (Although audit_buffer is just 24 bytes after this patch so it will > > come from 32byte kmalloc slab). > > I'm not arguing against this patch, partly just musing out loud, > partly just seeing if you had experimented with creating a > audit_buffer specific kmem_cache (I'm guessing the answer here is > "no"). If we do convert to a kmem_cache this patch would be the > obvious first step. It does convert to a kmem_cache, indirectly. kmalloc() uses builtin_constant_size() magic to resolve the kmalloc to kmem_cache_alloc, using the precreated kmalloc_caches[] in slab_common.c .