-
-
Notifications
You must be signed in to change notification settings - Fork 109
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add simple connection latency, and throughput tests. Run them with different type of services (scripts, socket, via fork-server or not). They print a test run time for comparison - the lower the better. QubesOS/qubes-issues#5740
- Loading branch information
Showing
3 changed files
with
257 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,255 @@ | ||
| # | ||
| # The Qubes OS Project, https://www.qubes-os.org/ | ||
| # | ||
| # Copyright (C) 2025 Marek Marczykowski-Górecki | ||
| # <[email protected]> | ||
| # | ||
| # This library is free software; you can redistribute it and/or | ||
| # modify it under the terms of the GNU General Public | ||
| # License as published by the Free Software Foundation; either | ||
| # version 2 of the License, or (at your option) any later version. | ||
| # | ||
| # This library is distributed in the hope that it will be useful, | ||
| # but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
| # General Public License for more details. | ||
| # | ||
| # You should have received a copy of the GNU General Public | ||
| # License along with this library; if not, see <https://www.gnu.org/licenses/>. | ||
| import asyncio | ||
| import os | ||
| import subprocess | ||
| import sys | ||
| import time | ||
|
|
||
| import qubes.tests | ||
| from qubes.tests import substitute_entry_points | ||
|
|
||
|
|
||
| class TC_00_QrexecPerfMixin: | ||
| def setUp(self: qubes.tests.SystemTestCase): | ||
| super().setUp() | ||
| self.vm1 = self.app.add_new_vm( | ||
| "AppVM", | ||
| name=self.make_vm_name("vm1"), | ||
| label="red", | ||
| ) | ||
| self.vm2 = self.app.add_new_vm( | ||
| "AppVM", | ||
| name=self.make_vm_name("vm2"), | ||
| label="red", | ||
| ) | ||
| self.loop.run_until_complete( | ||
| asyncio.gather( | ||
| self.vm1.create_on_disk(), | ||
| self.vm2.create_on_disk(), | ||
| ) | ||
| ) | ||
| self.loop.run_until_complete( | ||
| asyncio.gather( | ||
| self.vm1.start(), | ||
| self.vm2.start(), | ||
| ) | ||
| ) | ||
| self.iterations = int(os.environ.get("QUBES_TEST_ITERATIONS", "500")) | ||
|
|
||
| def run_latency_calls_from_vm(self): | ||
| start_time = time.clock_gettime(time.CLOCK_MONOTONIC) | ||
| p = self.vm1.run_for_stdio( | ||
| f"set -e;" | ||
| f"for i in $(seq {self.iterations}); do " | ||
| f" out=$(qrexec-client-vm {self.vm2.name} test.Echo);" | ||
| f" test \"$out\" = 'test';" | ||
| f"done" | ||
| ) | ||
| try: | ||
| self.loop.run_until_complete(p) | ||
| except subprocess.CalledProcessError as e: | ||
| self.fail( | ||
| f"test.Echo service failed ({e.returncode}):" | ||
| f" {e.stdout}," | ||
| f" {e.stderr}" | ||
| ) | ||
| end_time = time.clock_gettime(time.CLOCK_MONOTONIC) | ||
| print(f"Run time: {end_time-start_time}s") | ||
|
|
||
| def test_000_simple(self): | ||
| """Measure simple exec-based vm-vm calls latency""" | ||
| self.create_remote_file( | ||
| self.vm2, "/etc/qubes-rpc/test.Echo", "#!/bin/sh\necho test" | ||
| ) | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| with self.qrexec_policy("test.Echo", self.vm1, self.vm2): | ||
| self.run_latency_calls_from_vm() | ||
|
|
||
| def test_010_simple_root(self): | ||
| """Measure simple exec-based vm-vm calls latency, use root to | ||
| bypass qrexec-fork-server""" | ||
| self.create_remote_file( | ||
| self.vm2, "/etc/qubes-rpc/test.Echo", "#!/bin/sh\necho test" | ||
| ) | ||
| with self.qrexec_policy( | ||
| "test.Echo", self.vm1, self.vm2, action="allow user=root" | ||
| ): | ||
| self.run_latency_calls_from_vm() | ||
|
|
||
| def test_020_socket(self): | ||
| """Measure simple socket-based vm-vm calls latency""" | ||
| self.create_remote_file( | ||
| self.vm2, | ||
| "/etc/qubes/rpc-config/test.Echo", | ||
| "skip-service-descriptor=true\n", | ||
| ) | ||
| server_p = self.loop.run_until_complete( | ||
| self.vm2.run( | ||
| "socat UNIX-LISTEN:/etc/qubes-rpc/test.Echo,mode=0666,fork " | ||
| "EXEC:'/bin/echo test'", | ||
| user="root", | ||
| ) | ||
| ) | ||
| self.loop.run_until_complete( | ||
| asyncio.wait_for( | ||
| self.vm2.run_for_stdio( | ||
| "while ! test -e /etc/qubes-rpc/test.Echo; do sleep 0.1; done" | ||
| ), | ||
| timeout=10, | ||
| ) | ||
| ) | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| try: | ||
| with self.qrexec_policy("test.Echo", self.vm1, self.vm2): | ||
| self.run_latency_calls_from_vm() | ||
| finally: | ||
| server_p.terminate() | ||
| self.loop.run_until_complete(server_p.wait()) | ||
|
|
||
| def test_030_socket_root(self): | ||
| """Measure simple socket-based vm-vm calls latency, use root to | ||
| bypass qrexec-fork-server""" | ||
| self.create_remote_file( | ||
| self.vm2, | ||
| "/etc/qubes/rpc-config/test.Echo", | ||
| "skip-service-descriptor=true\n", | ||
| ) | ||
| server_p = self.loop.run_until_complete( | ||
| self.vm2.run( | ||
| "socat UNIX-LISTEN:/etc/qubes-rpc/test.Echo,mode=0666,fork " | ||
| "EXEC:'/bin/echo test'", | ||
| user="root", | ||
| ) | ||
| ) | ||
| self.loop.run_until_complete( | ||
| asyncio.wait_for( | ||
| self.vm2.run_for_stdio( | ||
| "while ! test -e /etc/qubes-rpc/test.Echo; do sleep 0.1; done" | ||
| ), | ||
| timeout=10, | ||
| ) | ||
| ) | ||
| try: | ||
| with self.qrexec_policy( | ||
| "test.Echo", self.vm1, self.vm2, action="allow user=root" | ||
| ): | ||
| self.run_latency_calls_from_vm() | ||
| finally: | ||
| server_p.terminate() | ||
| self.loop.run_until_complete(server_p.wait()) | ||
|
|
||
| def run_throughput_calls_from_vm(self, duplex=False): | ||
| prefix = "" | ||
| if duplex: | ||
| prefix = "head -c 100000000 /dev/zero | " | ||
| start_time = time.clock_gettime(time.CLOCK_MONOTONIC) | ||
| p = self.vm1.run_for_stdio( | ||
| f"set -e;" | ||
| f"for i in $(seq {self.iterations//2}); do " | ||
| f" out=$({prefix}qrexec-client-vm {self.vm2.name} test.Echo " | ||
| f"| wc -c);" | ||
| f' test "$out" = \'100000000\' || {{ echo "failed iteration $i:' | ||
| f" '$out'\"; exit 1; }};" | ||
| f"done" | ||
| ) | ||
| try: | ||
| self.loop.run_until_complete(p) | ||
| except subprocess.CalledProcessError as e: | ||
| self.fail( | ||
| f"test.Echo service failed ({e.returncode}):" | ||
| f" {e.stdout}," | ||
| f" {e.stderr}" | ||
| ) | ||
| end_time = time.clock_gettime(time.CLOCK_MONOTONIC) | ||
| print(f"Run time: {end_time-start_time}s") | ||
|
|
||
| def test_100_simple_data_simplex(self): | ||
| """Measure simple exec-based vm-vm calls throughput""" | ||
| self.create_remote_file( | ||
| self.vm2, | ||
| "/etc/qubes-rpc/test.Echo", | ||
| "#!/bin/sh\nhead -c 100000000 /dev/zero", | ||
| ) | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| with self.qrexec_policy("test.Echo", self.vm1, self.vm2): | ||
| self.run_throughput_calls_from_vm() | ||
|
|
||
| def test_110_simple_data_duplex(self): | ||
| """Measure simple exec-based vm-vm calls throughput""" | ||
| self.create_remote_file(self.vm2, "/etc/qubes-rpc/test.Echo", "#!/bin/sh\ncat") | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| with self.qrexec_policy("test.Echo", self.vm1, self.vm2): | ||
| self.run_throughput_calls_from_vm(duplex=True) | ||
|
|
||
| def test_120_simple_data_duplex_root(self): | ||
| """Measure simple exec-based vm-vm calls throughput""" | ||
| self.create_remote_file(self.vm2, "/etc/qubes-rpc/test.Echo", "#!/bin/sh\ncat") | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| with self.qrexec_policy( | ||
| "test.Echo", self.vm1, self.vm2, action="allow user=root" | ||
| ): | ||
| self.run_throughput_calls_from_vm(duplex=True) | ||
|
|
||
| def test_130_socket_data_duplex(self): | ||
| """Measure simple socket-based vm-vm calls throughput""" | ||
| self.create_remote_file( | ||
| self.vm2, | ||
| "/etc/qubes/rpc-config/test.Echo", | ||
| "skip-service-descriptor=true\n", | ||
| ) | ||
| server_p = self.loop.run_until_complete( | ||
| self.vm2.run( | ||
| "socat UNIX-LISTEN:/etc/qubes-rpc/test.Echo,mode=0666,fork " | ||
| "EXEC:'/bin/cat'", | ||
| user="root", | ||
| ) | ||
| ) | ||
| try: | ||
| self.loop.run_until_complete( | ||
| asyncio.wait_for( | ||
| self.vm2.run_for_stdio( | ||
| "while ! test -e /etc/qubes-rpc/test.Echo; do sleep 0.1; done" | ||
| ), | ||
| timeout=10, | ||
| ) | ||
| ) | ||
| self.loop.run_until_complete(self.wait_for_session(self.vm2)) | ||
| with self.qrexec_policy("test.Echo", self.vm1, self.vm2): | ||
| self.run_throughput_calls_from_vm(duplex=True) | ||
| finally: | ||
| server_p.terminate() | ||
| self.loop.run_until_complete(server_p.wait()) | ||
|
|
||
|
|
||
| def create_testcases_for_templates(): | ||
| return qubes.tests.create_testcases_for_templates( | ||
| "TC_00_QrexecPerf", | ||
| TC_00_QrexecPerfMixin, | ||
| qubes.tests.SystemTestCase, | ||
| module=sys.modules[__name__], | ||
| ) | ||
|
|
||
|
|
||
| def load_tests(loader, tests, pattern): | ||
| tests.addTests(loader.loadTestsFromNames(create_testcases_for_templates())) | ||
| return tests | ||
|
|
||
|
|
||
| qubes.tests.maybe_create_testcases_on_import(create_testcases_for_templates) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters