These Linux kernel compile benchmarks have been run on an Celeron-333 UP system with kernel 2.4.19 and RSBAC version 1.2.1. Three runs each of 'make clean && time make bzImage' on the same plain 2.4.19 kernel source tree in single user mode after one untimed run produced the following average times in seconds:
Kernel type | Total time | Kernel/Sys + User | Kernel/Sys time | User/Process time |
Clean kernel | 747.97 | 745.85 | 34.68 | 711.17 |
Maint kernel (no modules) | 753.09 (+0.68%) | 750.94 (+0.67%) | 38.61 (+11.33%) | 712.33 (+0.16%) |
RC + AUTH, no other options | 758.62 (+1.42%) | 756.55 (+1.43%) | 44.89 (+29.44%) | 711.66 (+0.07%) |
RC + AUTH, network support, full log settings, no other options | 765.18 (+2.30%) | 761.47 (+2.08%) | 49.60 (+43.02%) | 711.87 (+0.10%) |
RC + AUTH + ACL, network support, full log settings, no other options | 773.22 (+3.38%) | 769.85 (+3.20%) | 59.12 (+70.47%) | 710.73 (-0.06%) |
Default config: REG, FF, AUTH, RC, ACL, CAP, JAIL, network support, full log settings, but nothing logged | 779.46 (+4.21%) | 777.25 (+4.19%) | 63.28 (+82.47%) | 713.97 (+0.39%) |
All options and models | 820.00 (+9.63%) | 816.97 (+9.52%) | 103.83 (+199.39%) | 713.14 (+0.28%) |
Numbers have not changed much from the previous benchmark. RC and AUTH are now with and without full network and logging options. Since the MS model was doing fine in the last benchmark, it had no extra runs this time.
With all models and options, 1.2.1 was a bit faster now than 1.2.0-pre6 was without MS and JAIL. Less than 10% overhead with all options sounds good enough to me.
These Linux kernel compile benchmarks have been run on an Celeron-333 UP system with kernel 2.4.18 and RSBAC version 1.2.0-pre6. Three runs each of 'make clean && time make bzImage' on the same plain 2.4.18 kernel source tree in single user mode after one untimed run produced the following average times in seconds:
Kernel type | Total time | Kernel/Sys + User | Kernel/Sys time | User/Process time |
Clean kernel | 734.53 | 734.53 | 34.81 | 699.72 |
Maint kernel (no modules) | 738.28 (+0.51%) | 738.28 (+0.51%) | 37.49 (+7.70%) | 700.79 (+0.15%) |
RC + AUTH, network support, no other options | 747.52 (+1.77%) | 747.52 (+1.77%) | 43.59 (+25.22%) | 703.93 (+0.60%) |
AUTH + ACL, network support, no other options | 749.28 (+2.01%) | 749.28 (+2.01%) | 47.34 (+36.00%) | 701.94 (+0.32%) |
Default config: REG, FF, AUTH, RC, ACL, CAP, network support, full log settings, but nothing logged | 767.76 (+4.52%) | 767.76 (+4.52%) | 65.57 (+88.37%) | 702.19 (+0.35%) |
All options and models, except MS | 813.44 (+10.74%) | 813.44 (+10.74%) | 104.53 (+200.28%) | 708.91 (+1.31%) |
Full MS, no other options | 747.49 (+1.76%) | 747.49 (+1.76%) | 44.22 (+27.03%) | 703.27 (+0.51%) |
The significant kernel time increase with more models, compared to the previous v1.1.2 benchmark, is probably related to the distribution of attributes over separate lists for each module, which results in more list lookups. Also, the RC changes from fixed size role and type arrays to lists slow this model down a bit.
In larger setups, the list separation should result in much shorter lists and thus speed things up again. You can see this and the internal list optimizations in the much better MS results, where large lists of scanning results are generated.
These Linux kernel compile benchmarks have been run on an Celeron-333 UP system with kernel 2.4.6 and RSBAC version 1.1.2-pre8. Three runs each of 'time make bzImage' on a 2.4.6 kernel source tree in single user mode after one untimed run produced the following average times in seconds:
Kernel type | Total time | Kernel/Sys + User | Kernel/Sys time | User/Process time |
Clean kernel | 711.75 | 711.74 | 34.83 | 676.91 |
Maint kernel (no modules, no debug code) | 719.09 (+1.03%) | 719.09 (+1.03%) | 41.02 (+17.77%) | 678.07 (+0.17%) |
Maint kernel (no modules) | 719.20 (+1.05%) | 719.19 (+1.05%) | 39.04 (+12.09%) | 680.15 (+0.48%) |
RC + AUTH, no other options | 719.36 (+1.07%) | 719.35 (+1.07%) | 45.41 (+30.38%) | 673.94 (-0.44%) |
AUTH + ACL, no other options | 721.18 (+1.32%) | 721.19 (+1.33%) | 44.56 (+27.94%) | 676.63 (-0.04%) |
Default config: REG, FF, AUTH, RC, ACL modules, all log settings, but nothing logged | 729.33 (+2.47%) | 729.33 (+2.47%) | 52.76 (+51.48%) | 676.57 (-0.05%) |
All options and models, except MS | 763.35 (+7.25%) | 763.07 (+7.21%) | 81.63 (+134.37%) | 681.44 (+0.67%) |
All options and models | 854.69 (+20.08%) | 854.21 (+20.02%) | 169.65 (+387.08%) | 684.56 (+1.13%) |
The significant kernel time increase with all models is mostly due to the MS model with read check enabled, which marks all files ever read as scanned and thus produces a huge amount of attribute objects in large lists. The list handling will be optimized for 1.2.0.
These Linux kernel compile benchmarks have been run on an PIII-866 SMP Mylex Raid-5 system with kernel 2.4.3 and RSBAC version 1.1.1. Three runs each of 'time make bzImage -j 4' produced the following average times:
Kernel type | Total time | Kernel/Sys + User | Kernel/Sys time | User/Process time |
Clean kernel | 348.1s | 347.5s | 33.4s | 314.1s |
RSBAC without modules (maint kernel) | 368.3s (+5.8%) | 368s (+5.9%) | 35.6s (+6.6%) | 332.4s (+5.8%) |
RSBAC with default config: REG, FF, AUTH, RC, ACL modules, full log settings, but nothing logged | 372.6s (+7.0%) | 372.2s (+7.1%) | 36.4s (+9.0%) | 335.8s (+6.9%) |
These Linux kernel compile benchmarks have been run on a SuSE Linux 7.0 Pentium 100 system with kernel 2.2.18 and with RSBAC version 1.1.0. Three benchmark runs each, in single user mode right after boot, produced the following average times:
Kernel type | Total time | Kernel + User | Kernel time | User/Process time |
Clean kernel | 1858s | 1857s | 69s | 1788s |
RSBAC without modules | 1884s (+1.3%) | 1877s (+1.1%) | 82s (+18.8%) | 1795s (+0.4%) |
RSBAC with FF, AUTH, RC, ACL modules | 1967s (+5.9%) | 1959s (+5.5%) | 167s (+142%) | 1792s (+0.2%) |
29-Nov-02, -ao