[llvm-dev] [RFC] Using Intel MPX to harden SafeStack
LeMay, Michael via llvm-dev
llvm-dev at lists.llvm.org
Fri Feb 17 17:27:18 PST 2017
On 2/7/2017 20:02, Kostya Serebryany wrote:
> ...
>
> My understanding is that BNDCU is the cheapest possible instruction,
> just like XOR or ADD,
> so the overhead should be relatively small.
> Still my guesstimate would be >= 5% since stores are very numerous.
> And such overhead will be on top of whatever overhead SafeStack has.
> Do you have any measurements to share?
>
Here are estimated SPECint_base2006 component runtimes for some relevant
test configurations:
Runtime in seconds:
+--------------+---------+---------+---------+-------+
|Benchmark|Unpatched|Unpatched|Patched|MPX|
||Base|SafeStack|SafeStack||
+--------------+---------+---------+---------+-------+
|400.perlbench |430.82|443.07|442.42|456.34 |
+--------------+---------+---------+---------+-------+
|401.bzip2|711.43|716.59|717.35|750.06 |
+--------------+---------+---------+---------+-------+
|403.gcc|333.76|334.11|334.95|336.13 |
+--------------+---------+---------+---------+-------+
|429.mcf|371.48|375.75|373.50|377.93 |
+--------------+---------+---------+---------+-------+
|445.gobmk|677.80|686.12|685.50|702.87 |
+--------------+---------+---------+---------+-------+
|456.hmmer|534.94|533.68|534.37|553.40 |
+--------------+---------+---------+---------+-------+
|458.sjeng|633.69|641.21|641.81|655.94 |
+--------------+---------+---------+---------+-------+
|462.libquantum|362.82|367.00|367.38|382.14 |
+--------------+---------+---------+---------+-------+
|464.h264ref|701.37|682.13|683.41|699.93 |
+--------------+---------+---------+---------+-------+
|471.omnetpp|397.04|407.38|407.33|411.36 |
+--------------+---------+---------+---------+-------+
|473.astar|611.51|610.46|610.19|624.78 |
+--------------+---------+---------+---------+-------+
|483.xalancbmk |291.66|295.61|296.42|298.29 |
+--------------+---------+---------+---------+-------+
|SUM |6058.32|6093.10|6094.62|6249.16|
+--------------+---------+---------+---------+-------+
These runtimes are estimates as benchmark runs for research purposes
built with patched/experimental compilers cannot be benchmark compliant.
Compilation flags that aren't yet fully documented also can not be
compliant.
Percentage changes in runtime relative to Unpatched Base:
+--------------+---------+---------+-----+
|Benchmark|Unpatched|Patched|MPX|
||SafeStack|SafeStack||
+--------------+---------+---------+-----+
|400.perlbench |2.84|2.69|5.93 |
+--------------+---------+---------+-----+
|401.bzip2|0.73|0.83|5.43 |
+--------------+---------+---------+-----+
|403.gcc|0.10|0.36|0.71 |
+--------------+---------+---------+-----+
|429.mcf|1.15|0.54|1.74 |
+--------------+---------+---------+-----+
|445.gobmk|1.23|1.14|3.70 |
+--------------+---------+---------+-----+
|456.hmmer|-0.24|-0.11|3.45 |
+--------------+---------+---------+-----+
|458.sjeng|1.19|1.28|3.51 |
+--------------+---------+---------+-----+
|462.libquantum|1.15|1.26|5.32 |
+--------------+---------+---------+-----+
|464.h264ref|-2.74|-2.56|-0.21|
+--------------+---------+---------+-----+
|471.omnetpp|2.60|2.59|3.61 |
+--------------+---------+---------+-----+
|473.astar|-0.17|-0.21|2.17 |
+--------------+---------+---------+-----+
|483.xalancbmk |1.35|1.63|2.27 |
+--------------+---------+---------+-----+
|SUM |0.57|0.60|3.15 |
+--------------+---------+---------+-----+
These measurements were collected on an Intel NUC6i5SY with an Intel
Core i5-6260U CPU and 32G RAM running Clear Linux 13330. Intel
Hyper-Threading, Intel Turbo Boost, and the LAN were all disabled. I
used SPEC CPU2006 v1.2 and started the Clang/LLVM port from the gcc 4.6
Linux x86 example file included in the SPEC CPU 2006 kit.
Here is the legend for the various test configurations:
- Unpatched Base: Unpatched compiler with SafeStack disabled.This is the
reference configuration.
- Unpatched SafeStack: Unpatched compiler with SafeStack enabled.
- Patched SafeStack: Patched compiler with SafeStack enabled.However,
MPX-based hardening is not enabled in this configuration.This
configuration is intended to show the effect of the Compiler-RT patches
on programs that do not enable MPX-based hardening.
- MPX: Patched compiler with MPX-hardened SafeStack enabled.
The unpatched compiler was built from the following SVN IDs:
- LLVM: 292171 from January 16, 2017
- Clang: 292141 from January 16, 2017
- Compiler-RT: 291346 from January 7, 2017
The patched compiler was built with the current posted versions of my
patches applied on top of the SVN IDs listed above.
The following compiler settings in the SPEC CPU2006 cfg files were used
for each configuration:
COPTIMIZE:
- Unpatched Base: -std=gnu89 -O2 -fno-strict-aliasing -march=skylake
-mtune=skylake
- Unpatched/Patched SafeStack: -std=gnu89 -O2 -fno-strict-aliasing
-march=skylake -mtune=skylake -fsanitize=safe-stack
- MPX: -std=gnu89 -O2 -fno-strict-aliasing -march=skylake -mtune=skylake
-mseparate-stack-seg -fsanitize=safe-stack
CXXOPTIMIZE:
- Unpatched Base: -O2 -fno-strict-aliasing -march=skylake -mtune=skylake
- Unpatched/Patched SafeStack: -O2 -fno-strict-aliasing -march=skylake
-mtune=skylake -fsanitize=safe-stack
- MPX: -O2 -fno-strict-aliasing -march=skylake -mtune=skylake
-mseparate-stack-seg -fsanitize=safe-stack
The FOPTIMIZE settings are irrelevant, since none of the SPECint tests
use Fortran.
Here are measurements of the absolute sizes of the .text sections for
the programs as well as percentage changes in those sizes:
.text section size in bytes:
+--------------+---------+---------+---------+-------+
|Benchmark|Unpatched|Unpatched|Patched|MPX|
||Base|SafeStack|SafeStack||
+--------------+---------+---------+---------+-------+
|400.perlbench |884769|1003041|1003233|1131769|
+--------------+---------+---------+---------+-------+
|401.bzip2|79393|175297|175489|235577 |
+--------------+---------+---------+---------+-------+
|403.gcc|2420209|2545041|2545233|2727913|
+--------------+---------+---------+---------+-------+
|429.mcf|10977|105345|105537|155705 |
+--------------+---------+---------+---------+-------+
|445.gobmk|633953|743585|743777|823993 |
+--------------+---------+---------+---------+-------+
|456.hmmer|258593|358033|358225|432249 |
+--------------+---------+---------+---------+-------+
|458.sjeng|96593|192929|193121|251545 |
+--------------+---------+---------+---------+-------+
|462.libquantum|32441|127065|127257|177545 |
+--------------+---------+---------+---------+-------+
|464.h264ref|539713|638705|638897|736729 |
+--------------+---------+---------+---------+-------+
|471.omnetpp|403521|527345|527537|597801 |
+--------------+---------+---------+---------+-------+
|473.astar|31169|126225|126417|178105 |
+--------------+---------+---------+---------+-------+
|483.xalancbmk |2358241|2725921 |2726113|2936841|
+--------------+---------+---------+---------+-------+
Percentage changes in .text section size relative to Unpatched Base:
+--------------+---------+---------+-------+
|Benchmark|Unpatched|Patched|MPX|
||SafeStack|SafeStack||
+--------------+---------+---------+-------+
|400.perlbench |13.37|13.39|27.92|
+--------------+---------+---------+-------+
|401.bzip2|120.80|121.04|196.72 |
+--------------+---------+---------+-------+
|403.gcc|5.16|5.17|12.71|
+--------------+---------+---------+-------+
|429.mcf|859.69|861.44|1318.47|
+--------------+---------+---------+-------+
|445.gobmk|17.29|17.32|29.98|
+--------------+---------+---------+-------+
|456.hmmer|38.45|38.53|67.15|
+--------------+---------+---------+-------+
|458.sjeng|99.73|99.93|160.42 |
+--------------+---------+---------+-------+
|462.libquantum|291.68|292.27|447.29 |
+--------------+---------+---------+-------+
|464.h264ref|18.34|18.38|36.50|
+--------------+---------+---------+-------+
|471.omnetpp|30.69|30.73|48.15|
+--------------+---------+---------+-------+
|473.astar|304.97|305.59|471.42 |
+--------------+---------+---------+-------+
|483.xalancbmk |15.59|15.60|24.54|
+--------------+---------+---------+-------+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170217/97ffc8cd/attachment.html>
More information about the llvm-dev
mailing list