secbenchdef

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 30, 2024 License: Apache-2.0, MIT Imports: 7 Imported by: 0

Documentation

Overview

Package secbenchdef contains struct definitions for secbench benchmarks. All structs in this package need to be JSON-serializable.

Index

Constants

View Source 
const (
	// NonExistentFD is an FD that is overwhelmingly likely to not exist,
	// because it would mean that the application has opened 2^31-1 FDs.
	// Useful to make sure syscalls involving FDs don't actually
	// do anything serious.
	NonExistentFD = uintptr(0x7fffffff)

	// BadFD can be used as an invalid FD in syscall arguments.
	BadFD = uintptr(0x80000000)
)
View Source 
const (
	// NanosleepZero calls nanosleep(2) to sleep for zero nanoseconds.
	NanosleepZero = SpecialSyscall("NanosleepZero")
	// PPollNonExistent calls ppoll(2) with a non-existent FD and a tiny timeout.
	PPollNonExistent = SpecialSyscall("PPollNonExistent")
	// RTSigreturn calls a system call that stands in the place of `rt_sigreturn(2)`.
	RTSigreturn = SpecialSyscall("RTSigreturn")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Bench 

type Bench struct {
	// Name is the name of the benchmark.
	Name string `json:"name"`
	// Profile represents the syscall pattern profile being benchmarked.
	Profile Profile `json:"profile"`
	// Instructions is the seccomp-bpf program to run the benchmark with.
	Instructions []bpf.Instruction `json:"instructions"`
	// BuildStats contains information on timing and size of the program.
	BuildStats seccomp.BuildStats `json:"buildStats"`
	// AllowRejected can be set to true if some sequences in the application
	// profile are expected to not be allowed.
	// If this is the case, the program's overall performance will not be
	// reported.
	AllowRejected bool `json:"allowRejected"`
}

Bench represents a benchmark to run.

type BenchRunRequest 

type BenchRunRequest struct {
	// Bench is the benchmark being run.
	Bench Bench `json:"bench"`
	// Iterations is the number of iterations to do (b.N).
	Iterations uint64 `json:"iterations"`
	// RandomSeed is the random seed to use to pick sequences.
	RandomSeed int64 `json:"randomSeed"`
	// ActiveSequences[i] is true if Bench.Profile.Sequences[i] should be
	// run.
	ActiveSequences []bool `json:"activeSequences"`
	// InstallFilter is true if the seccomp-bpf filter should be actually
	// installed. Setting this to false allows measuring the filter-less
	// performance, so that it can be subtracted from performance with the
	// filter.
	InstallFilter bool `json:"installFilter"`
}

BenchRunRequest encodes a request sent to the benchmark runner binary.

type BenchRunResponse 

type BenchRunResponse struct {
	// TotalNanos is the number of nanoseconds that the whole run took.
	TotalNanos uint64 `json:"totalNanos"`

	// SequenceMetrics is the per-sequence metrics, mapped by index against
	// the sequences in the Profile.
	SequenceMetrics []SequenceMetrics `json:"sequenceMetrics"`
}

BenchRunResponse encodes a response from the runner binary.

type Profile 

type Profile struct {
	// Arch is the architecture of the application.
	// Should be an AUDIT_ARCH_* value.
	Arch uint32 `json:"arch"`
	// Sequences is a set of weighted syscall sequences.
	// A benchmark with a given Profile will run these sequences
	// picked by weighted random choice.
	Sequences []Sequence `json:"sequences"`
}

Profile represents an application's syscall profile.

type Sequence 

type Sequence struct {
	// Name is the name of the sequence.
	Name string `json:"name"`
	// Weight is the weight of the sequence relative to all others within the
	// same Profile.
	Weight int `json:"weight"`
	// Syscalls is the set of syscalls of the sequence.
	Syscalls []Syscall `json:"syscalls"`
}

Sequence is a syscall sequence that the benchmark will make.

func (Sequence) String 

func (s Sequence) String() string

String returns the name of the Sequence.

type SequenceMetrics 

type SequenceMetrics struct {
	Iterations uint64 `json:"iterations"`
	TotalNanos uint64 `json:"totalNanos"`
}

SequenceMetrics is the per-sequence part of BenchRunResponse.

type SpecialSyscall 

type SpecialSyscall string

SpecialSyscall are syscalls which need special handling. This can be syscalls where the arguments must be valid references to user memory.

func (SpecialSyscall) Call 

func (s SpecialSyscall) Call() (r1 uintptr, r2 uintptr, err error)

Call calls this syscall.

func (SpecialSyscall) Data 

func (s SpecialSyscall) Data(arch uint32) *linux.SeccompData

Data returns the seccomp data for this syscall.

func (SpecialSyscall) Seq 

func (s SpecialSyscall) Seq() []Syscall

Seq returns a one-item slice of the Syscall struct for this special syscall.

func (SpecialSyscall) Sys 

func (s SpecialSyscall) Sys() Syscall

Sys returns the Syscall struct for this special syscall.

type Syscall 

type Syscall struct {
	// Special may be set for syscalls with special handling.
	// If set, this takes precedence over the other fields.
	Special SpecialSyscall `json:"special,omitempty"`
	// Sysno is the syscall number.
	Sysno uintptr `json:"sysno"`
	// Args is the syscall arguments.
	Args [6]uintptr `json:"args"`
}

Syscall is a single syscall within a Sequence.

func Single 

func Single(sysno uintptr, args ...uintptr) []Syscall

Single takes in a single syscall data and returns a one-item Syscall slice.

func Sys 

func Sys(sysno uintptr, args ...uintptr) Syscall

Sys is a helper function to create a Syscall struct.

func (*Syscall) Call 

func (s *Syscall) Call() (r1 uintptr, r2 uintptr, err error)

Call calls the system call.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.