The AppArmor Performance Impact In 70+ Benchmarks On Linux 5.5 Git
Written by Michael Larabel in Linux Kernel on 31 December 2019 at 08:08 AM EST. 9 Comments
LINUX KERNEL --
With bisecting one of the big regressions in Linux 5.5 and finding the culprit to be an AppArmor change while using Hackbench as one of the most affected tests, I was curious to see what other workloads are impacted big by AppArmor on the current Linux 5.5 Git code. Here are 72 tests with the Threadripper 3970X on Linux 5.5 Git when toggling AppArmor.

These New Year's Eve benchmarks are looking at the performance of Linux 5.5 Git as of two days ago when running out-of-the-box on Ubuntu 19.10 and then booting with apparmor=0 to force AppArmor to be disabled. Thus looking at the overall cost of AppArmor on Linux 5.5 right now as opposed to just the change from the recent regression.

With the AMD Ryzen Threadripper 3970X system, the tests that benefited the most from disabling AppArmor included:

Those are the tests with a measurable difference between toggling AppArmor. The listing of all 72 results including the tests with minimal to no changes can be found via this OpenBenchmarking.org result file.

Of all 72 results overall, AppArmor as enabled by default on the likes of Ubuntu and Debian showed about 5% slower performance on Linux 5.5. When the AppArmor regression is addressed, we'll certainly take this kernel security feature for another spin in 2020.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week