[apparmor] [PATCH v3 0/2] apparmor: switch from zlib to zstd
Jon Tourville
jon.tourville at canonical.com
Mon Jul 11 16:36:07 UTC 2022
This changes the algorithm used by apparmor to compress profile data
from zlib to zstd, using the new zstd API introduced in 5.16.
Zstd provides a larger range of compression levels than zlib and
significantly better performance at the default level (for a relatively
small increase in compressed size).
At the default compression levels, zstd's execution time was 16% that
of zlib with a size of 111%. At maximum compression levels, zstd's
execution time was 187% that of zlib with a size of 88%. This gives
users options for either improving performance or decreasing memory
usage over zlib.
Performance testing was done in the kernel against the default set of
profiles loaded by a fresh install of Ubuntu 22.04 desktop.
v3: Patch review changes
- Removed unnecessary labels from apparmorfs min/max functions
v2: Patch review changes
- Reallocate output buffer to the compressed size
- Add sysfs files to expose min/max values for
raw_data_compression_level
More information about the AppArmor
mailing list