Re: [blfs-dev] Ken's tuning experiments, part 2

Thu, 27 Jun 2019 16:47:46 -0700 

On 6/27/19 5:43 PM, Ken Moffat via blfs-dev wrote:

I've now finished the second stage of my "tuning" experiments, and
the results are at http://www.linuxfromscratch.org/~ken/tuning/

As always, projects have scope creep and things don't turn out as
expected.  Specifically, I've been looking at "cheap hardening"
which are flags/defines to do some hardening with (hopefully) only a
low runtime cost.  The current files are:

README.txt - a continuing summary

tuning-1-packages-and notes.txt - the packages I build, and what I
did to get them to build with my CFLAGS/CXXFLAGS.  I've updated the
references to the notes for things I've changed/added.

tuning-2-cheap-hardening.txt - More details about what I did,
comments on how my build (and run) times varied a lot more than I
had expected - to the extent that I do not think they are
particularly useful, and notes on a few packages where I had
issues.

tuning-notes-2.txt - the revised notes, these replace the -1
verison.

desktop-runtime-comparisons.ods - a LO spreadsheet, with run times
for repeated runs of a few simple and quick scripts or compiles.

My conclusion is that I will now be using ALL of the following (at
least in compiled packages where I have made sure they are really
being used, there are other server and 'occasional' packages that I
have not looked at : -D_FORTIFY_SOURCE=2 -fstack-protector-strong
-D_GLIBCXX_ASSERT (the latter only for C++, it affects libstdc++
functions.

I've noted the few exceptions in "tuning-2...", together with the
one package (texinfo) where forcing -D_FORTIFY_SOURCE=2 has
accidentally NOT been tested, and why.

My current estimate is that most things may take 2% or less longer,
but there are outliers.including some of the compiles or testsuites.

For a desktop system on a modern machine, I think this is worth it
(it's what fedora and RH do, and I think Arch and recent debian).
But for a public-facing server it is probably insufficient.
Very interesting. Perhaps when you are done and have well formed opinions suitable for publication, you should add an optimization section (or two) to Chapter 2, Notes on Building Software. 

  -- Bruce


--
http://lists.linuxfromscratch.org/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to