KFence Memory Safety Error Checking Is Looking Good For Minimal Overhead On Linux 5.12
Of the many new features coming with Linux 5.12 is KFence, short for the Kernel Electric Fence. KFence is a low-overhead memory safety error detector/validator for the kernel with lower expected overhead costs than say the Kernel Address Sanitizer. I just wrapped up some benchmarks looking out for any overhead impact of KFence on Linux 5.12 in its near-final state.
KFence is a memory safety error detector/validator designed for use within production environments and thus is optimized for low overhead. KFence aims to be more efficient than the robust Kernel Address Sanitizer (KASAN) and that it's low overhead enough to be used on production systems where KASAN is generally avoided.
KFence aims to spot out-of-bounds, use-after-free, and invalid-free memory errors within the kernel. KFence is complementary to KASAN and hopes to uncover new bugs only showing up in real production workloads.
The pull request adding KFence to the Linux 5.12 kernel indicated it should have "near zero performance overhead" and so over the weekend I decided to test that overhead claim myself with benchmarks of it disabled and then the default sampling interval of 100 and also trying 500 as just an additional verification run.
The CONFIG_KFENCE option can be enabled with KFence disabled by default at run-time based upon the default sampling interval level. That's what the likes of Ubuntu's mainline kernel PPA is doing where KFence is enabled by default as part of their Linux 5.12+ kernel builds but set to a default value of 0, which disables KFence at run-time. Booting the new kernels then with kfence.sample_interval=100 will activate the KFence at its default sampling interval.
From Linux 5.12 benchmarks I was running on an AMD Ryzen 9 5900X box using a wide variety of benchmarks both synthetic and real-world tests, I didn't encounter any measurable hits to the performance with KFence enabled. There were some minor fluctuations within just a few tests but not enough to be statistically significant.
All of the data from this KFence comparison can be found over on OpenBenchmarking.org.
So at least from this quick testing, it jives with what the developers report in that running with KFence enabled should have near-zero overhead costs. Learn more about KFence and its capabilities via this documentation commit.
KFence is a memory safety error detector/validator designed for use within production environments and thus is optimized for low overhead. KFence aims to be more efficient than the robust Kernel Address Sanitizer (KASAN) and that it's low overhead enough to be used on production systems where KASAN is generally avoided.
KFence aims to spot out-of-bounds, use-after-free, and invalid-free memory errors within the kernel. KFence is complementary to KASAN and hopes to uncover new bugs only showing up in real production workloads.
The pull request adding KFence to the Linux 5.12 kernel indicated it should have "near zero performance overhead" and so over the weekend I decided to test that overhead claim myself with benchmarks of it disabled and then the default sampling interval of 100 and also trying 500 as just an additional verification run.
The CONFIG_KFENCE option can be enabled with KFence disabled by default at run-time based upon the default sampling interval level. That's what the likes of Ubuntu's mainline kernel PPA is doing where KFence is enabled by default as part of their Linux 5.12+ kernel builds but set to a default value of 0, which disables KFence at run-time. Booting the new kernels then with kfence.sample_interval=100 will activate the KFence at its default sampling interval.
From Linux 5.12 benchmarks I was running on an AMD Ryzen 9 5900X box using a wide variety of benchmarks both synthetic and real-world tests, I didn't encounter any measurable hits to the performance with KFence enabled. There were some minor fluctuations within just a few tests but not enough to be statistically significant.
All of the data from this KFence comparison can be found over on OpenBenchmarking.org.
So at least from this quick testing, it jives with what the developers report in that running with KFence enabled should have near-zero overhead costs. Learn more about KFence and its capabilities via this documentation commit.
2 Comments