diff mbox series

libselinux: update max node depth

Message ID 20241230135114.41947-1-cgoettsche@seltendoof.de (mailing list archive)
State New
Delegated to: Petr Lautrbach
Headers show
Series libselinux: update max node depth | expand

Commit Message

Christian Göttsche Dec. 30, 2024, 1:51 p.m. UTC
From: Christian Göttsche <cgzones@googlemail.com>

Bump the maximum specification node depth from 3 to 4 based on updated
benchmark on Fedora 41:

    Benchmark 1: /tmp/destdir3/sbin/restorecon -vRn /
      Time (mean ± σ):      1.397 s ±  0.018 s    [User: 0.755 s, System: 0.641 s]
      Range (min … max):    1.353 s …  1.419 s    20 runs

    Benchmark 1: /tmp/destdir4/sbin/restorecon -vRn /
      Time (mean ± σ):      1.376 s ±  0.021 s    [User: 0.737 s, System: 0.637 s]
      Range (min … max):    1.348 s …  1.414 s    20 runs

    Benchmark 1: /tmp/destdir5/sbin/restorecon -vRn /
      Time (mean ± σ):      1.389 s ±  0.021 s    [User: 0.748 s, System: 0.640 s]
      Range (min … max):    1.351 s …  1.420 s    20 runs
---
 libselinux/src/label_file.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

James Carter Jan. 7, 2025, 2:45 p.m. UTC | #1
On Mon, Dec 30, 2024 at 8:51 AM Christian Göttsche
<cgoettsche@seltendoof.de> wrote:
>
> From: Christian Göttsche <cgzones@googlemail.com>
>
> Bump the maximum specification node depth from 3 to 4 based on updated
> benchmark on Fedora 41:
>

I am not sure I understand these numbers.

>     Benchmark 1: /tmp/destdir3/sbin/restorecon -vRn /
>       Time (mean ± σ):      1.397 s ±  0.018 s    [User: 0.755 s, System: 0.641 s]
>       Range (min … max):    1.353 s …  1.419 s    20 runs
>
Is this for depth 3?

>     Benchmark 1: /tmp/destdir4/sbin/restorecon -vRn /
>       Time (mean ± σ):      1.376 s ±  0.021 s    [User: 0.737 s, System: 0.637 s]
>       Range (min … max):    1.348 s …  1.414 s    20 runs
>
Depth 4?

>     Benchmark 1: /tmp/destdir5/sbin/restorecon -vRn /
>       Time (mean ± σ):      1.389 s ±  0.021 s    [User: 0.748 s, System: 0.640 s]
>       Range (min … max):    1.351 s …  1.420 s    20 runs
Depth 5?

I see the comment below talks about more memory, how much more memory
is required for a depth of 4?

Thanks,
Jim

> ---
>  libselinux/src/label_file.h | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
> index 597b756e..41b2a939 100644
> --- a/libselinux/src/label_file.h
> +++ b/libselinux/src/label_file.h
> @@ -105,10 +105,10 @@ struct literal_spec {
>   * Max depth of specification nodes
>   *
>   * Measure before changing:
> - *   - 2  leads to slower lookup
> - *   - >4 require more memory (and allocations) for no performance gain
> + *   <  leads to slower lookup
> + *   >  require more memory (and allocations) for no performance gain
>   */
> -#define SPEC_NODE_MAX_DEPTH 3
> +#define SPEC_NODE_MAX_DEPTH 4
>
>  /* A specification node */
>  struct spec_node {
> --
> 2.45.2
>
>
Christian Göttsche Jan. 7, 2025, 3:07 p.m. UTC | #2
On Tue, 7 Jan 2025 at 15:46, James Carter <jwcart2@gmail.com> wrote:
>
> On Mon, Dec 30, 2024 at 8:51 AM Christian Göttsche
> <cgoettsche@seltendoof.de> wrote:
> >
> > From: Christian Göttsche <cgzones@googlemail.com>
> >
> > Bump the maximum specification node depth from 3 to 4 based on updated
> > benchmark on Fedora 41:
> >
>
> I am not sure I understand these numbers.
>
> >     Benchmark 1: /tmp/destdir3/sbin/restorecon -vRn /
> >       Time (mean ± σ):      1.397 s ±  0.018 s    [User: 0.755 s, System: 0.641 s]
> >       Range (min … max):    1.353 s …  1.419 s    20 runs
> >
> Is this for depth 3?

Yes, I should have made this more clear.

> >     Benchmark 1: /tmp/destdir4/sbin/restorecon -vRn /
> >       Time (mean ± σ):      1.376 s ±  0.021 s    [User: 0.737 s, System: 0.637 s]
> >       Range (min … max):    1.348 s …  1.414 s    20 runs
> >
> Depth 4?
>
> >     Benchmark 1: /tmp/destdir5/sbin/restorecon -vRn /
> >       Time (mean ± σ):      1.389 s ±  0.021 s    [User: 0.748 s, System: 0.640 s]
> >       Range (min … max):    1.351 s …  1.420 s    20 runs
> Depth 5?
>
> I see the comment below talks about more memory, how much more memory
> is required for a depth of 4?

The maximum memory usage for `selabel_lookup -b file -k /usr/bin/bash`
for all three depths is in the range 3800-4000kB, with depth 5
occasionally being at 4060kB.

>
> Thanks,
> Jim
>
> > ---
> >  libselinux/src/label_file.h | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
> > index 597b756e..41b2a939 100644
> > --- a/libselinux/src/label_file.h
> > +++ b/libselinux/src/label_file.h
> > @@ -105,10 +105,10 @@ struct literal_spec {
> >   * Max depth of specification nodes
> >   *
> >   * Measure before changing:
> > - *   - 2  leads to slower lookup
> > - *   - >4 require more memory (and allocations) for no performance gain
> > + *   <  leads to slower lookup
> > + *   >  require more memory (and allocations) for no performance gain
> >   */
> > -#define SPEC_NODE_MAX_DEPTH 3
> > +#define SPEC_NODE_MAX_DEPTH 4
> >
> >  /* A specification node */
> >  struct spec_node {
> > --
> > 2.45.2
> >
> >
diff mbox series

Patch

diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
index 597b756e..41b2a939 100644
--- a/libselinux/src/label_file.h
+++ b/libselinux/src/label_file.h
@@ -105,10 +105,10 @@  struct literal_spec {
  * Max depth of specification nodes
  *
  * Measure before changing:
- *   - 2  leads to slower lookup
- *   - >4 require more memory (and allocations) for no performance gain
+ *   <  leads to slower lookup
+ *   >  require more memory (and allocations) for no performance gain
  */
-#define SPEC_NODE_MAX_DEPTH 3
+#define SPEC_NODE_MAX_DEPTH 4
 
 /* A specification node */
 struct spec_node {