RFE: improve the internal syscall tables (gperf,CSV) #223
Conversation
Later patches will make use of this new syscall table format instead of the manually maintained tables. The new CSV syscall table was generated with the following command: # ./arch-syscall-validate -c <kernel_source_dir> > syscalls.csv Signed-off-by: Paul Moore <paul@paul-moore.com>
This patch significantly improves the performance of seccomp_syscall_resolve_name since it replaces the expensive strcmp for each syscall in the database, with a lookup table. The complexity for syscall_resolve_num is not changed and it uses the linear search, that is anyway less expensive than seccomp_syscall_resolve_name as it uses an index for comparison instead of doing a string comparison. On my machine, calling 1000 seccomp_syscall_resolve_name_arch and seccomp_syscall_resolve_num_arch over the entire syscalls DB passed from ~0.45 sec to ~0.06s. PM: After talking with Giuseppe I made a number of additional changes, some substantial, the highlights include: * various style tweaks * .gitignore fixes * fixed subject line, tweaked the description * dropped the arch-syscall-validate changes as they were masking other problems * extracted the syscalls.csv and file deletions to other patches to keep this one more focused * fixed the x86, x32, arm, all the MIPS ABIs, s390, and s390x ABIs as the syscall offsets were not properly incorporated into this change * cleaned up the ABI specific headers * cleaned up generate_syscalls_perf.sh and renamed to arch-gperf-generate * fixed problems with automake's file packaging Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Reviewed-by: Tom Hromatka <tom.hromatka@oracle.com> [PM: see notes in the "PM" section above] Signed-off-by: Paul Moore <paul@paul-moore.com>
Since the move to gperf and the automatically generated syscall table in CSV format, these manually maintained tables are no longer needed. Signed-off-by: Paul Moore <paul@paul-moore.com>
|
@giuseppe I hope this looks okay to you. I left your name on the middle/gperf patch as I wanted you to get credit for all your work on this, but if you have a problem with that please let me know. |
|
The cleanup looks really good, @pcmoore . I like the idea of using arch-syscall-validate to generate the csv file. Good call. For all of the patches: |
Thanks for the review.
Yes, this should make updating the syscall tables a trivial task. We'll should be able to do much more frequent stable updates in the v2.5.x branch to catch new syscalls. |
|
Merged at HEAD 4bd8de3. |
|
@pcmoore there are a few changes (like the current PR), that would be nice to have in a release. Is there any plan for cutting a new one? |
|
We track our release progress using milestones, you are most likely interested in v2.5.0: |
This PR is based heavily on the work of @giuseppe and PR #204. I suggest reading through that PR first before looking at these patches.
In addition to splitting the initial monolithic patch into three (add the syscall CSV table, add gperf support, remove the old syscall tables), a number of other changes were made: