Skip to content
/ secperf Public

The first benchmarking platform for secure systems.

Notifications You must be signed in to change notification settings

spcl/secperf

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SecPerf

This repository provides two ways to interact with SecPerf:

  1. C++ interface (microbenchmarks via a single binary: crypto_benchmarks)
  2. App interface (orchestration / larger benchmark runs via: spec_entry)

Both are run through the same Docker image. Note that some benchmarks do not map to this yet (specifically, MPI/OSU/UCX/distributed apps, as running MPI with Docker does not work on all setups; DOCA, as the DOCA bench is not freely available on standard Ubuntu image; and memory/GPU/storage benchmarks, which we plan to add).


Quick start

Firstly, clone the repository with all of its submodules:

> git clone --recurse-submodules -j8 https://github.com/spcl/secperf.git

Build Docker image:

> cd secperf
> docker build -t secperf .

C++ interface (microbenchmarks)

To run first build the Docker container:

docker build . -t secperf

Then run with host networking and privileged state:

docker run --rm --privileged --network=host -it secperf bash -c "crypto_benchmarks --benchmark_filter=\".*Hashing.*\""

To run with logging:

docker run --rm --privileged --network=host -v $(pwd):/output -it secperf bash -c "crypto_benchmarks --benchmark_filter=\".*Hashing.*\" --color=no | tee /output/data.log"

App interface (benchmark runner)

Run the container to build the benchmarks (note: the image has no default command, so you must provide one):

> docker run --user $(id -u):$(id -g) -v $(pwd):/app/ secperf spec_entry build_benchmarks

Known issue: For some unknown reason, you have to run the build twice to compile MILC successfully.

To start a test run with very small workload, run the following command:

> docker run --cpuset-cpus="0-63" --cpuset-mems="0" --privileged --network host --user $(id -u):$(id -g) -v $(pwd):/app/ secperf spec_entry test_run

You can also add -s to the command to start the test run with strace:

> docker run --cpuset-cpus="0-63" --cpuset-mems="0" --privileged --network host --user $(id -u):$(id -g) -v $(pwd):/app/ secperf spec_entry test_run -s

To actually collect the results:

> docker run --cpuset-cpus="0-63" --cpuset-mems="0" --privileged --network host --user $(id -u):$(id -g) -v $(pwd):/app/ secperf spec_entry run_benchmarks test

To adjust the benchmarks to build and run, edit the config files:

  • src/python/apps/run_benchmarks/build_config.yaml
  • src/python/apps/run_benchmarks/run_config.yaml

Set the parameters build_all and run_all to true to build and run all benchmarks. Otherwise, set the parameters to false and under each benchmark, set the skip parameter to false to build and run the benchmark. The default is to build and run all benchmarks.

To run the benchmarks with strace, run the following command:

> docker run --cpuset-cpus="0-63" --cpuset-mems="0" --privileged --network host --user $(id -u):$(id -g) -v $(pwd):/app/ secperf spec_entry run_benchmarks_strace test syscalls

About

The first benchmarking platform for secure systems.

Resources

Stars

Watchers

Forks

Packages

No packages published

Contributors 2

  •  
  •