On Thu, 2020-02-06 at 03:56 -0800, Kees Cook wrote: > On Wed, Feb 05, 2020 at 05:17:11PM -0800, Andy Lutomirski wrote: > > On Wed, Feb 5, 2020 at 2:39 PM Kristen Carlson Accardi > > <kristen@xxxxxxxxxxxxxxx> wrote: > > > At boot time, find all the function sections that have separate > > > .text > > > sections, shuffle them, and then copy them to new locations. > > > Adjust > > > any relocations accordingly. > > > > > > + sort(base, num_syms, sizeof(int), kallsyms_cmp, > > > kallsyms_swp); > > > > Hah, here's a huge bottleneck. Unless you are severely > > memory-constrained, never do a sort with an expensive swap function > > like this. Instead allocate an array of indices that starts out as > > [0, 1, 2, ...]. Sort *that* where the swap function just swaps the > > indices. Then use the sorted list of indices to permute the actual > > data. The result is exactly one expensive swap per item instead of > > one expensive swap per swap. > > I think there are few places where memory-vs-speed need to be > examined. > I remain surprised about how much memory the entire series already > uses > (58MB in my local tests), but I suspect this is likely dominated by > the > two factors: a full copy of the decompressed kernel, and that the > "allocator" in the image doesn't really implement free(): > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/linux/decompress/mm.h#n55 > Yes - that was a huge issue (that free() doesn't actually...). Having to do the copy really caused me to need to bump up the boot heap. Thankfully, this is a readily solvable problem. I think there's a temptation to focus too hard on the boot latency. While I measured this on a reasonably fast system, we aren't talking minutes of latency here, just a second or a second and a half. I know there are those who sweat the milliseconds on booting vms, but I expect they might just turn this feature off anyway. That said, there are absolutely a lot of great ideas for improving things here that I am excited to try should people be interested enough in this feature for me to take it to the next stage.