When the audit subsystem is enabled, it can do a lot of get_fs_pwd() calls to get references to fs->pwd and then releasing those references back with path_put() later. That may cause a lot of spinlock contention on a single pwd's dentry lock because of the constant changes to the reference count when there are many processes on the same working directory actively doing open/close system calls. This can cause noticeable performance regresssion when compared with the case where the audit subsystem is turned off especially on systems with a lot of CPUs which is becoming more common these days.
To avoid this kind of performance regression, use the new get_fs_pwd_pool() and put_fs_pwd_pool() APIs to acquire and release a fs->pwd reference. This should greatly reduce the number of path_get() and path_put() calls that are needed. After installing a test kernel with auditing enabled and counters added to track the get_fs_pwd_pool() and put_fs_pwd_pool() calls on a 2-socket 96-core test system and running a parallel kernel build, the counter values for this particular test run were shown below. fs_get_path=307,903 fs_get_pool=56,583,192 fs_put_path=6,209 fs_put_pool=56,885,147 Of the about 57M calls to get_fs_pwd_pool() and put_fs_pwd_pool(), the majority of them are just updating the pwd_refs counters. Only less than 1% of those calls require an actual path_get() and path_put() calls. The difference between fs_get_path and fs_put_path represents the extra pwd references that were still stored in various active task->fs's when the counter values were retrieved. It can be seen that the number of path_get() and path_put() calls are reduced by quite a lot. Signed-off-by: Waiman Long <[email protected]> --- kernel/auditsc.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/kernel/auditsc.c b/kernel/auditsc.c index dd0563a8e0be..af22f8be4d70 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -931,6 +931,9 @@ static inline void audit_free_names(struct audit_context *context) { struct audit_names *n, *next; + if (!context->name_count) + return; /* audit_alloc_name() has not been called */ + list_for_each_entry_safe(n, next, &context->names_list, list) { list_del(&n->list); if (n->name) @@ -939,7 +942,7 @@ static inline void audit_free_names(struct audit_context *context) kfree(n); } context->name_count = 0; - path_put(&context->pwd); + put_fs_pwd_pool(current->fs, &context->pwd); context->pwd.dentry = NULL; context->pwd.mnt = NULL; } @@ -2165,7 +2168,7 @@ static struct audit_names *audit_alloc_name(struct audit_context *context, context->name_count++; if (!context->pwd.dentry) - get_fs_pwd(current->fs, &context->pwd); + get_fs_pwd_pool(current->fs, &context->pwd); return aname; } -- 2.52.0
