Benchmarking The Performance Overhead To The Linux Kernel Runtime Guard

Written by Michael Larabel in Software on 2 March 2020 at 03:54 PM EST.

Following recent discussions about Openwall's Linux Kernel Runtime Guard (LKRG) and the Whonix spin on LKRG for Debian systems and more, here are some benchmarks showing the performance overhead to this run-time integrity checking of the Linux kernel that aims to fend off security vulnerability exploits.

Based on Openwall's LKRG, the Whonix LKRG packages make it very easy to deploy this run-time guard as a DKMS module to existing Debian/ubuntu Linux systems and more. Interestingly though the Whonix page mentions, "No benchmarks have yet been performed, but it appears the performance penalty is around 2.5% for fully enabled LKRG." So, of course, I tested it out for myself.

In this article are benchmarks of a stock Ubuntu installation with its default kernel compared to the performance when installing the LKRG module from the Whonix repository. The LKRG module was running with all of its default settings.

This round of LKRG Linux kernel testing was done with an Intel Core i9 9900KS desktop running an Ubuntu 20.04 snapshot and using the Linux 5.4 Ubuntu kernel. Via the Phoronix Test Suite a wide range of benchmarks were carried out in being curious about the performance overhead to this out-of-tree Linux kernel security feature.

Related Articles