[PATCH 0/2] wireguard-linux-compat: grsecurity compat patches

Mathias Krause minipli at grsecurity.net
Mon Dec 13 16:32:07 UTC 2021

Am 13.12.21 um 15:37 schrieb Jason A. Donenfeld:
> On Mon, Dec 13, 2021 at 3:33 PM Mathias Krause <minipli at grsecurity.net> wrote:
>> yeah, don't worry. We can keep this change downstream in grsec. Dunno if
>> Jason wants to take it as well, his call. It was just a side observation
>> which came out of our need to read and understand the code to provide a
>> workaround for the gcc bug we were hitting.
> I suppose I can load it up in kbench9000 to see if it makes a
> difference. If it doesn't matter much, I'd prefer sticking with the
> formally verified stuff. But if there is a nice speedup, then I guess
> we can revisit more handwavy "obviously this is the same thing"
> arguments.

Had to hack main.c and run.sh a little, but here are some numbers:

root at box:~# ./run.sh
[+] Setting no-turbo to status 1
[+] Setting non-boot CPUs to status 0
[+] Inserting module to run tests
insmod: ERROR: could not insert module kbench9000.ko: Unknown symbol in
[+] Gathering results
                 ever64: 115100 cycles per call
           ever64_out_r: 115080 cycles per call
          ever64_out_rm: 113957 cycles per call
[+] Setting non-boot CPUs to status 1
[+] Setting no-turbo to status 0

Slightly faster.


More information about the WireGuard mailing list