From: Willy Tarreau
> Sent: 11 January 2018 22:07
> On Thu, Jan 11, 2018 at 01:28:18PM -0800, Linus Torvalds wrote:
> > The traditional fast system call to test is getppid().
> >
> > write() goes through a lot more code.
>
> Just tried getppid() now, it's relatively similar (slightly slower than
> write(-1) though, maybe that one aborts very early) :
>
> PTI=on : 920ms for 3 million calls
> PTI=off (prctl) : 230ms for 3 million calls
> PTI=off (boot) : 215ms for 3 million calls
>
> The small difference between the last two very likely comes from the few
> instructions avoided thanks to the alternatives when pti=off is used at
> boot.
>
> So yes here it's trivial to tell if it's on or off :-)
A system call with a larger kernel memory footprint, and user
code that touches more pages, might show an even bigger difference
between PTI=on and PTI=off.
David
