Hello, just a small FYI after discussing this with Seth on IRC some days ago:
I did some speed comparisons for the various array types and defining them globally vs. in the function using the OP_TYPE_FILE_OR_NET array from the patch I just sent. The results are: # py3, 10000000 runs 8.30721783638000 [] global 10.27099061012268 [] inside fn 8.67911791801452 () global 8.52981829643249 () inside fn 5.45463919639587 {} global 14.80267071723938 {} inside fn It's not too surprising that defining the array inside the function (which means to rebuild it each time the function is called) is slower, however it's not terribly bad (the times above are from 10 000 000 runs!) An interesting detail is that using (...) inside the function isn't slower than using it outside. (...) arrays are read-only, so python probably caches them after running the function the first time. (...) and [...] keep the original sort order. {...} doesn't care about the order. This seems to improve the lookup speed quite a bit (but also makes building the array slower). If you want to check yourself - my test script is attached. Yes, I know that the definition of the global arrays isn't included in the time measurement - but I'm quite sure this doesn't really change the results ;-) Regards, Christian Boltz -- Wir waren vor einiger Zeit schonmal "soweit fertig". Dann kam Gerald, fand 1000 Sachen Scheisse, hat 500 Sachen nicht begriffen und 250 falsch gemacht. :-)))))) [Ratti in fontlinge-devel]
#!/usr/bin/python3 import time OP_TYPE_FILE_OR_NET_1 = [ # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', ] OP_TYPE_FILE_OR_NET_2 = ( # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', ) OP_TYPE_FILE_OR_NET_3 = { # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', } def op_type_1a(event): """Returns the operation type if known, unkown otherwise""" if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET_1 ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' def op_type_2a(event): """Returns the operation type if known, unkown otherwise""" if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET_2 ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' def op_type_3a(event): """Returns the operation type if known, unkown otherwise""" if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET_3 ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' def op_type_1b(event): """Returns the operation type if known, unkown otherwise""" OP_TYPE_FILE_OR_NET = [ # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', ] if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' def op_type_2b(event): """Returns the operation type if known, unkown otherwise""" OP_TYPE_FILE_OR_NET = ( # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', ) if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' def op_type_3b(event): """Returns the operation type if known, unkown otherwise""" OP_TYPE_FILE_OR_NET = { # Note: op_type() also uses some startswith() checks which are not listed here! 'create', 'post_create', 'bind', 'connect', 'listen', 'accept', 'sendmsg', 'recvmsg', 'getsockname', 'getpeername', 'getsockopt', 'setsockopt', 'socket_create', 'sock_shutdown', 'open', 'truncate', 'mkdir', 'mknod', 'chmod', 'chown', 'rename_src', 'rename_dest', 'unlink', 'rmdir', 'symlink_create', 'link', 'sysctl', 'getattr', 'setattr', 'xattr', } if ( event['operation'].startswith('file_') or event['operation'].startswith('inode_') or event['operation'] in OP_TYPE_FILE_OR_NET ): # file or network event? if event['family'] and event['protocol'] and event['sock_type']: # 'unix' events also use keywords like 'connect', but protocol is 0 and should therefore be filtered out return True elif event['denied_mask']: return True else: raise AppArmorException('unknown file or network event type') else: return 'unknown' dummy_event = { 'operation': 'unlink', 'family': 1, 'protocol': 1, 'sock_type': 1, } start = time.time() for i in range(10000000): op_type_1a(dummy_event) print (time.time() - start) start = time.time() for i in range(10000000): op_type_1b(dummy_event) print (time.time() - start) start = time.time() for i in range(10000000): op_type_2a(dummy_event) print (time.time() - start) start = time.time() for i in range(10000000): op_type_2b(dummy_event) print (time.time() - start) start = time.time() for i in range(10000000): op_type_3a(dummy_event) print (time.time() - start) start = time.time() for i in range(10000000): op_type_3b(dummy_event) print (time.time() - start) # py3, 10000000 runs # 8.307217836380005 [] external # 10.27099061012268 [] inside fn # 8.679117918014526 () external # 8.529818296432495 () inside fn # 5.454639196395874 {} external # 14.80267071723938 {} inside fn
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor