Landlock flat array domains #9
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
micromaomao
force-pushed
the
landlock-arraydomain
branch
5 times, most recently
from
1d831a4 to
8c79a5c
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
8c79a5c to
e51695f
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
2 times, most recently
from
27ee217 to
a12fcb1
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
7ef6233 to
3856771
Compare
micromaomao
force-pushed
the
landlock-arraydomain-base
branch
from
3a84302 to
86fdfba
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
7 times, most recently
from
b4da11c to
65ac599
Compare
Owner
Author
|
???? didn't know you could bind to zero |
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
65ac599 to
c7a17a0
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
2 times, most recently
from
56b691d to
aa13c57
Compare
micromaomao
force-pushed
the
landlock-arraydomain
branch
3 times, most recently
from
33934ca to
edb052b
Compare
micromaomao
pushed a commit
that referenced
this pull request
Sep 14, 2025
BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainted: G OE 6.17.0-rc2+ #9 NONE Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 Workqueue: smc_hs_wq smc_listen_work [smc] RIP: 0010:smc_ib_is_sg_need_sync+0x9e/0xd0 [smc] ... Call Trace: <TASK> smcr_buf_map_link+0x211/0x2a0 [smc] __smc_buf_create+0x522/0x970 [smc] smc_buf_create+0x3a/0x110 [smc] smc_find_rdma_v2_device_serv+0x18f/0x240 [smc] ? smc_vlan_by_tcpsk+0x7e/0xe0 [smc] smc_listen_find_device+0x1dd/0x2b0 [smc] smc_listen_work+0x30f/0x580 [smc] process_one_work+0x18c/0x340 worker_thread+0x242/0x360 kthread+0xe7/0x220 ret_from_fork+0x13a/0x160 ret_from_fork_asm+0x1a/0x30 </TASK> If the software RoCE device is used, ibdev->dma_device is a null pointer. As a result, the problem occurs. Null pointer detection is added to prevent problems. Fixes: 0ef69e7 ("net/smc: optimize for smc_sndbuf_sync_sg_for_device and smc_rmb_sync_sg_for_cpu") Signed-off-by: Liu Jian <liujian56@huawei.com> Reviewed-by: Guangguan Wang <guangguan.wang@linux.alibaba.com> Reviewed-by: Zhu Yanjun <yanjun.zhu@linux.dev> Reviewed-by: D. Wythe <alibuda@linux.alibaba.com> Link: https://patch.msgid.link/20250828124117.2622624-1-liujian56@huawei.com Signed-off-by: Paolo Abeni <pabeni@redhat.com>
micromaomao
pushed a commit
that referenced
this pull request
Sep 21, 2025
Steven Rostedt reported a crash with "ftrace=function" kernel command line: [ 0.159269] BUG: kernel NULL pointer dereference, address: 000000000000001c [ 0.160254] #PF: supervisor read access in kernel mode [ 0.160975] #PF: error_code(0x0000) - not-present page [ 0.161697] PGD 0 P4D 0 [ 0.162055] Oops: Oops: 0000 [#1] SMP PTI [ 0.162619] CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.17.0-rc2-test-00006-g48d06e78b7cb-dirty #9 PREEMPT(undef) [ 0.164141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 0.165439] RIP: 0010:kmem_cache_alloc_noprof (mm/slub.c:4237) [ 0.166186] Code: 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 49 89 fc 53 48 83 e4 f0 48 83 ec 20 8b 05 c9 b6 7e 01 <44> 8b 77 1c 65 4c 8b 2d b5 ea 20 02 4c 89 6c 24 18 41 89 f5 21 f0 [ 0.168811] RSP: 0000:ffffffffb2e03b30 EFLAGS: 00010086 [ 0.169545] RAX: 0000000001fff33f RBX: 0000000000000000 RCX: 0000000000000000 [ 0.170544] RDX: 0000000000002800 RSI: 0000000000002800 RDI: 0000000000000000 [ 0.171554] RBP: ffffffffb2e03b80 R08: 0000000000000004 R09: ffffffffb2e03c90 [ 0.172549] R10: ffffffffb2e03c90 R11: 0000000000000000 R12: 0000000000000000 [ 0.173544] R13: ffffffffb2e03c90 R14: ffffffffb2e03c90 R15: 0000000000000001 [ 0.174542] FS: 0000000000000000(0000) GS:ffff9d2808114000(0000) knlGS:0000000000000000 [ 0.175684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.176486] CR2: 000000000000001c CR3: 000000007264c001 CR4: 00000000000200b0 [ 0.177483] Call Trace: [ 0.177828] <TASK> [ 0.178123] mas_alloc_nodes (lib/maple_tree.c:176 (discriminator 2) lib/maple_tree.c:1255 (discriminator 2)) [ 0.178692] mas_store_gfp (lib/maple_tree.c:5468) [ 0.179223] execmem_cache_add_locked (mm/execmem.c:207) [ 0.179870] execmem_alloc (mm/execmem.c:213 mm/execmem.c:313 mm/execmem.c:335 mm/execmem.c:475) [ 0.180397] ? ftrace_caller (arch/x86/kernel/ftrace_64.S:169) [ 0.180922] ? __pfx_ftrace_caller (arch/x86/kernel/ftrace_64.S:158) [ 0.181517] execmem_alloc_rw (mm/execmem.c:487) [ 0.182052] arch_ftrace_update_trampoline (arch/x86/kernel/ftrace.c:266 arch/x86/kernel/ftrace.c:344 arch/x86/kernel/ftrace.c:474) [ 0.182778] ? ftrace_caller_op_ptr (arch/x86/kernel/ftrace_64.S:182) [ 0.183388] ftrace_update_trampoline (kernel/trace/ftrace.c:7947) [ 0.184024] __register_ftrace_function (kernel/trace/ftrace.c:368) [ 0.184682] ftrace_startup (kernel/trace/ftrace.c:3048) [ 0.185205] ? __pfx_function_trace_call (kernel/trace/trace_functions.c:210) [ 0.185877] register_ftrace_function_nolock (kernel/trace/ftrace.c:8717) [ 0.186595] register_ftrace_function (kernel/trace/ftrace.c:8745) [ 0.187254] ? __pfx_function_trace_call (kernel/trace/trace_functions.c:210) [ 0.187924] function_trace_init (kernel/trace/trace_functions.c:170) [ 0.188499] tracing_set_tracer (kernel/trace/trace.c:5916 kernel/trace/trace.c:6349) [ 0.189088] register_tracer (kernel/trace/trace.c:2391) [ 0.189642] early_trace_init (kernel/trace/trace.c:11075 kernel/trace/trace.c:11149) [ 0.190204] start_kernel (init/main.c:970) [ 0.190732] x86_64_start_reservations (arch/x86/kernel/head64.c:307) [ 0.191381] x86_64_start_kernel (??:?) [ 0.191955] common_startup_64 (arch/x86/kernel/head_64.S:419) [ 0.192534] </TASK> [ 0.192839] Modules linked in: [ 0.193267] CR2: 000000000000001c [ 0.193730] ---[ end trace 0000000000000000 ]--- The crash happens because on x86 ftrace allocations from execmem require maple tree to be initialized. Move maple tree initialization that depends only on slab availability earlier in boot so that it will happen right after mm_core_init(). Link: https://lkml.kernel.org/r/20250824130759.1732736-1-rppt@kernel.org Fixes: 5d79c2b ("x86/ftrace: enable EXECMEM_ROX_CACHE for ftrace allocations") Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org> Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> Closes: https://lore.kernel.org/all/20250820184743.0302a8b5@gandalf.local.home/ Reviewed-by: Masami Hiramatsu (Google) <mhiramat@kernel.org> Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> Cc: Borislav Betkov <bp@alien8.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleinxer <tglx@linutronix.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
We need to reduce the limit from U32_MAX as we use u32 for various landlock_domain_index or landlock_layer indices. On Mon, 2 Jun 2025 at 21:50:05 +0200, Mickaël Salaün wrote [1]: > Correct. We can either use u64 or reduce the maximum number of rules. > I think LANDLOCK_MAX_NUM_RULES set to U16_MAX would be much more than > the worse practical case. Even if one buggy policy tries to add one > rule per network port, that will be OK. We could even reasonably test > this limit. We'll need to backport this change but I'm OK with that. Note that a limit of 2^24 still leaves us with more than enough room even for u32 indices, but for future-proofing and given agreement with Mickaël, setting this to U16_MAX here. Link: https://lore.kernel.org/all/20250602.uBai6ge5maiw@digikod.net/ [1] Signed-off-by: Tingmao Wang <m@maowtm.org>
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
edb052b to
fd8a4cb
Compare
micromaomao
force-pushed
the
landlock-arraydomain-base
branch
from
aeceeda to
54f9baf
Compare
Owner
Author
|
@copilot Do whatever you can to improve the performance of this hashmap+array based domain further. |
|
@micromaomao I've opened a new pull request, #17, to work on those changes. Once the pull request is ready, I'll request review from you. |
Copilot finished reviewing on behalf of
micromaomao
November 30, 2025 19:35
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 16 out of 16 changed files in this pull request and generated 12 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| return err; | ||
|
|
||
| child->num_net_indices = | ||
| roundup_pow_of_two(child->num_net_indices); |
There was a problem hiding this comment.
Potential overflow in roundup_pow_of_two(). Similar to the fs_indices case, roundup_pow_of_two() is undefined for input value 0. While the logic should ensure non-zero values, an explicit check would make the code more robust. Consider adding validation or using max(1u, child->num_net_indices).
Suggested change
| roundup_pow_of_two(child->num_net_indices); | |
| roundup_pow_of_two(max(1u, child->num_net_indices)); |
| ), | ||
|
|
||
| TP_printk( | ||
| "indices_arr=%p num_indices=%u hash_bits=%u, key=%lx collisions_followed=%u", |
There was a problem hiding this comment.
[nitpick] Inconsistent spacing in tracepoint format string. The TP_printk format string has inconsistent spacing around the comma after hash_bits=%u. There's a comma followed by a space before key=%lx, but all other fields are separated by spaces only. Consider using consistent spacing: either hash_bits=%u key=%lx or hash_bits=%u, key=%lx, collisions_followed=%u for all fields.
Suggested change
| "indices_arr=%p num_indices=%u hash_bits=%u, key=%lx collisions_followed=%u", | |
| "indices_arr=%p num_indices=%u hash_bits=%u key=%lx collisions_followed=%u", |
| * the zero value of @elem_type is not "empty", the caller must set all | ||
| * the slots to empty before using the table. | ||
| * @trace_find: A function that traces the number of collisions | ||
| * followed during a find operation, given paramemters: |
There was a problem hiding this comment.
Spelling error in comment. The word "paramemters" is misspelled and should be "parameters".
Suggested change
| * followed during a find operation, given paramemters: | |
| * followed during a find operation, given parameters: |
Comment on lines
+101
to
+103
| if (WARN_ON_ONCE((uintptr_t *)(fs_indices + num_fs_indices) - | ||
| domain->rules > | ||
| domain->len_rules)) |
There was a problem hiding this comment.
[nitpick] Unnecessary pointer arithmetic check. The condition checks if (uintptr_t *)(fs_indices + num_fs_indices) - domain->rules > domain->len_rules, but fs_indices is already obtained from dom_fs_indices(domain) which performs pointer arithmetic on domain->rules. The check would be more clear and consistent if it used the offset macros like _dom_fs_indices_offset() directly, or if it compared byte offsets rather than mixing pointer arithmetic with array indexing. Consider simplifying this bounds check to use consistent units.
Suggested change
| if (WARN_ON_ONCE((uintptr_t *)(fs_indices + num_fs_indices) - | |
| domain->rules > | |
| domain->len_rules)) | |
| if (WARN_ON_ONCE((fs_indices - domain->rules) + num_fs_indices > domain->len_rules)) |
Comment on lines
+339
to
+345
| * @trace_find: A function that traces the number of collisions | ||
| * followed during a find operation, given paramemters: | ||
| * const @elem_type *table, | ||
| * h_index_t table_size, | ||
| * int hash_bits, | ||
| * const @elem_type *elem_to_find, | ||
| * h_index_t *collisions_followed. |
There was a problem hiding this comment.
[nitpick] Missing documentation for the @trace_find parameter. While the comment describes what the trace function should do, it doesn't explain its purpose or when it's called. Consider adding a brief explanation that this is invoked after each find operation for performance monitoring/debugging via tracepoints.
| __entry->indices_arr = indices_arr; | ||
| __entry->num_indices = num_indices; | ||
| __entry->hash_bits = hash_bits; | ||
| __entry->key = *(uintptr_t *)elem_to_find; |
There was a problem hiding this comment.
Unsafe type cast in tracepoint. Line 39 casts elem_to_find (a const struct landlock_domain_index*) directly to uintptr_t* and dereferences it. This assumes that the first field of landlock_domain_index is the key, but this is fragile. If the struct layout changes, this will silently break. Use elem_to_find->key.data instead for type-safe access to the key field.
Suggested change
| __entry->key = *(uintptr_t *)elem_to_find; | |
| __entry->key = elem_to_find->key.data; |
| err = merge_domain(parent, new_dom, ruleset, false); | ||
| if (err) { | ||
| /* new_dom can contain invalid landlock_object references. */ | ||
| kfree(new_dom); |
There was a problem hiding this comment.
Potential memory leak on error path. If landlock_alloc_domain() succeeds but merge_domain() fails at line 602-607, the code frees new_dom with kfree() directly rather than calling the proper cleanup function. This bypasses the cleanup that would be done by free_domain(), potentially leaking the work_free allocation and not properly handling the landlock_object references. The comment on line 604 acknowledges invalid references, but the work_free struct allocated on line 78-79 will still leak. Consider using landlock_put_domain() instead, or at minimum also call kfree(new_dom->work_free) before freeing new_dom.
Suggested change
| kfree(new_dom); | |
| landlock_put_domain(new_dom); |
| */ | ||
| u32 next_collision; | ||
| /** | ||
| * @layer_index: The index of the first landlock_layer corresponding |
There was a problem hiding this comment.
Outdated comment reference. The comment references @layer_index but the actual field name in the struct is @layer_start. This appears to be a leftover from refactoring. The comment should be updated to match the actual field name.
Suggested change
| * @layer_index: The index of the first landlock_layer corresponding | |
| * @layer_start: The index of the first landlock_layer corresponding |
Comment on lines
+322
to
+346
| /** | ||
| * DEFINE_COALESCED_HASH_TABLE - Define a set of functions to mainpulate a | ||
| * coalesced hash table holding elements of type @elem_type. | ||
| * | ||
| * @elem_type: The type of the elements. | ||
| * @table_func_prefix: The prefix to use for the functions. | ||
| * @key_member: The name of a member in @elem_type that contains the key | ||
| * (to compare for equality). | ||
| * @next_collision_member: The name of a member in @elem_type that is used | ||
| * to store the index of the next collision in a collision chain. | ||
| * @hash_expr: An expression that computes the hash of an element, given | ||
| * const @elem_type *elem, h_index_t table_size and int hash_bits. If | ||
| * this function is evaluated, table_size is always positive. | ||
| * @is_empty_expr: An expression that evaluates to true if the element is | ||
| * empty (i.e. not used). Empty elements are not returned by find. If | ||
| * the zero value of @elem_type is not "empty", the caller must set all | ||
| * the slots to empty before using the table. | ||
| * @trace_find: A function that traces the number of collisions | ||
| * followed during a find operation, given paramemters: | ||
| * const @elem_type *table, | ||
| * h_index_t table_size, | ||
| * int hash_bits, | ||
| * const @elem_type *elem_to_find, | ||
| * h_index_t *collisions_followed. | ||
| */ |
There was a problem hiding this comment.
[nitpick] Inconsistent comment format. The comment on line 322 starts with /** (kernel-doc style) but is not documenting a function/struct, it's an internal comment for the macro definition. Use the standard /* comment style instead of kernel-doc style for non-API documentation.
security/landlock/Makefile
Outdated
|
|
||
| landlock-y := setup.o syscalls.o object.o ruleset.o \ | ||
| cred.o task.o fs.o | ||
| cred.o task.o trace.o fs.o |
There was a problem hiding this comment.
Build configuration error: domain.o is missing from the build. The file domain.c contains critical functions like landlock_alloc_domain(), landlock_put_domain(), landlock_put_domain_deferred(), landlock_domain_merge_ruleset(), and landlock_unmask_layers() which are called from multiple files including cred.c, fs.c, syscalls.c, and task.c. However, domain.o is not listed in landlock-y or any conditional build line. This will cause linking errors. Add domain.o to the landlock-y list on line 3-4.
Suggested change
| cred.o task.o trace.o fs.o | |
| cred.o task.o trace.o fs.o domain.o |
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
fd8a4cb to
30a910d
Compare
This implements the structure proposed in in [1], using a flat array to store the rules and eventually using hashing to find rules. The array is stored in the domain struct itself to avoid extra pointer indirection and make all the rule data as cache-local as possible. The non-array part of the domain struct is also kept reasonably small. This works well for a small (10 or 20 rules) ruleset, which is the common case for Landlock users, and still has reasonable performance for large ones. This will eventually make landlock_rule/landlock_ruleset only needed for unmerged rulesets, and thus it doesn't have to store multiple layers etc. create_rule and insert_rule would also hopefully become much simpler. Different to the original proposal, the number of layers for each rule is now deducted from the layer index of the next offset. In order to simplify logic, a special "terminating index" is placed after each of the two index arrays, which will contain a layer_index = num_layers. On reflection, using the name "layer" to refer to individual struct landlock_layers is very confusing especially with names like num_layers - the next version should probably find a better name for it. Link: https://lore.kernel.org/all/20250526.quec3Dohsheu@digikod.net/ [1] Signed-off-by: Tingmao Wang <m@maowtm.org>
This commit introduces utility functions for handling a (generic) compact coalesced hash table, which we will use in the next commit. I decided to make it generic for now but we can make it landlock-specific if we want. This should include a randomized unit test - I will add this in the next version. Signed-off-by: Tingmao Wang <m@maowtm.org>
This implements a function to search for matching rules using the newly defined coalesced hashtable, and define convinience macros for fs and net respectively, as well as a macro to iterate over the layers of the rule. Signed-off-by: Tingmao Wang <m@maowtm.org>
This algorithm is a slight alteration of the one on Wikipedia at the time of writing [1]. The difference is that when we are trying to insert into a slot that is already being used (whether by an element that doesn't actually belong there, and is just in a collision chain of a different hash, or whether it is the head of a chain and thus has the correct hash), we move the existing element away and insert the new element in its place. The result is that if there is some element in the hash table with a certain hash, the slot corresponding to that hash will always be the slot that starts the collision chain for that hash. In order words, chains won't "mix" and if we detect that the hash of the element at the slot we're targeting is not correct, we know that the hash table does not contain the hash we want. [1]: https://en.wikipedia.org/w/index.php?title=Coalesced_hashing&oldid=1214362866 This patch seems to have hit a checkpatch false positive: ERROR: need consistent spacing around '*' (ctx:WxV) torvalds#281: FILE: security/landlock/coalesced_hash.h:349: + elem_type *table, h_index_t table_size) \ ^ ERROR: need consistent spacing around '*' (ctx:WxV) torvalds#288: FILE: security/landlock/coalesced_hash.h:356: + struct h_insert_scratch *scratch, const elem_type *elem) \ ^ Since this is kinda a niche use-case, I will make a report only after this series gets out of RFC (and if they still show up). Signed-off-by: Tingmao Wang <m@maowtm.org>
This implements a 3-stage merge, generic over the type of rules (so that it can be repeated for fs and net). It contains a small refactor to re-use the rbtree search code in ruleset.c. 3 passes are needed because, aside from calculating the size of the arrays to allocate, we also need to first populate the index table before we can write out the layers sequentially, as the index will not be written in-order. Doing it this way means that one rule's layers ends where the next rule's layers start. Signed-off-by: Tingmao Wang <m@maowtm.org>
We will eventually need a deferred free just like we currently have for the ruleset, so we define it here as well. To minimize the size of the domain struct before the rules array, we separately allocate the work_struct (which is currently 72 bytes) and just keep a pointer in the domain. This patch triggers another (false positive?) checkpatch warning: ERROR: trailing statements should be on next line torvalds#177: FILE: security/landlock/domain.h:197: DEFINE_FREE(landlock_put_domain, struct landlock_domain *, + if (!IS_ERR_OR_NULL(_T)) landlock_put_domain(_T)) Signed-off-by: Tingmao Wang <m@maowtm.org>
Implement the equivalent of landlock_merge_ruleset, but using the new domain structure. The logic in inherit_domain and landlock_domain_merge_ruleset c.f. inherit_ruleset and merge_ruleset. Once we replace the existing landlock_restrict_self code to use this those two functions can then be removed. Signed-off-by: Tingmao Wang <m@maowtm.org>
- Replace domain in landlock_cred with landlock_domain. - Replace landlock_merge_ruleset with landlock_domain_merge_ruleset. - Pull landlock_put_hierarchy out of domain.h. This allows domain.h to not depend on audit.h, as audit.h -> cred.h will need to depend on domain.h instead of ruleset.h after changing it to use the new domain struct. - Update uses of landlock_ruleset-domains to landlock_domain checkpath seems to not like the `layer_mask_t (*const layer_masks)[]` argument: WARNING: function definition argument 'layer_mask_t' should also have an identifier name torvalds#171: FILE: security/landlock/domain.h:397: +bool landlock_unmask_layers(const struct landlock_found_rule rule, WARNING: function definition argument 'layer_mask_t' should also have an identifier name torvalds#176: FILE: security/landlock/domain.h:402: +access_mask_t Signed-off-by: Tingmao Wang <m@maowtm.org>
Signed-off-by: Tingmao Wang <m@maowtm.org>
[1] introduces a check which doesn't seem fully correct / necessary, and breaks the build for a further commit in this series. This patch replaces it with just a signedness check. Cc: Tahera Fahimi <fahimitahera@gmail.com> Link: https://lore.kernel.org/all/5f7ad85243b78427242275b93481cfc7c127764b.1725494372.git.fahimitahera@gmail.com/ [1] Signed-off-by: Tingmao Wang <m@maowtm.org>
micromaomao
force-pushed
the
landlock-arraydomain
branch
from
30a910d to
d07afd9
Compare
The current hash uses a division to compute the mod, which can be slow and
also unnecessarily loses entropy (since ideally we want to use the most
significant bits of the hash):
./include/linux/hash.h:
78 return val * GOLDEN_RATIO_64 >> (64 - bits);
0x0000000000000956 <+118>: 49 0f af c3 imul %r11,%rax
security/landlock/domain.h:
178 DEFINE_COALESCED_HASH_TABLE(struct landlock_domain_index, dom_hash, key,
0x000000000000095a <+122>: 48 c1 e8 20 shr $0x20,%rax
0x000000000000095e <+126>: f7 f6 div %esi
0x0000000000000960 <+128>: 89 d0 mov %edx,%eax
0x0000000000000962 <+130>: 49 89 c5 mov %rax,%r13
This commits introduces a hash_bits parameter to the hash table, and use a
folding hash instead of mod to constrain the value to table_size.
Benchmark comparison:
> ./parse-bpftrace.py typical-workload-{orig,arraydomain-{hashtable-modhash,hashtable-hashbits}}.log
landlock_overhead: avg = 34 34 34
median = 35 34 34
landlock_hook: avg = 878 875 856
median = 854 850 831
open_syscall: avg = 2517 2532 2485
median = 2457 2471 2425
Signed-off-by: Tingmao Wang <m@maowtm.org>
Need to also make empty slots works properly. Signed-off-by: Tingmao Wang <m@maowtm.org>
Signed-off-by: Tingmao Wang <m@maowtm.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.