Over the years, the complexity of the Linux Security Module (LSM) is keeping increasing, and the count of the authorization hooks is nearly doubled. It is important to provide up-to-date measurement results of LSM for system practitioners so that they can make prudent trade-offs between security and performance. This work evaluates the overhead of LSM for file accesses on Linux v5.3.0. We build a performance evaluation framework for LSM. It has two parts, an extension of LMBench2.5 to evaluate the overhead of file operations for different security modules, and a security module with tunable latency for policy enforcement to study the impact of the latency of policy enforcement on the end-to-end latency of file operations. In our evaluation, we find opening a file would see about 87% (Linux v5.3) performance drop when the kernel is integrated with SELinux hooks (policy enforcement disabled) than without, while the figure was 27% (Linux v2.4.2). We found that performance of the above downgrade is affected by two parts, policy enforcement and hook placement. To further investigate the impact of policy enforcement and hook placement respectively, we build a Policy Testing Module, which reuses hook placements of LSM, while alternating latency of policy enforcement. With this module, we are able to quantitatively estimate the impact of the latency of policy enforcement on the end-to-end latency of file operations by using a multiple linear regression model and count policy authorization frequencies for each syscall. We then discuss and justify the evaluation results with static analysis on our enhanced syscalls' call graphs.
翻译:多年来, Linux 安全模块( LSM) 的复杂程度不断提高, 授权钩的计数也几乎翻了一番。 重要的是为系统从业人员提供LSM的最新测量结果, 以便他们能够在安全和业绩之间作出审慎的多重权衡。 这项工作评估 LSM Linux v5.3. 0 的文件存取权管理费。 我们为 LSM 建立一个绩效评估框架。 它有两个部分: LMBench2.5 的扩展, 用于评估不同安全模块文件运行的路径管理费, 以及一个安全模块, 具有可加金枪鱼的长度, 供政策执行执行使用, 以便研究政策执行的延迟性影响。 我们通过对政策执行的升级和升级分析, 进一步调查政策执行的升级和升级影响。