diff options
Diffstat (limited to 'benchmark')
-rw-r--r-- | benchmark/fs/readfile-permission-enabled.js | 72 | ||||
-rw-r--r-- | benchmark/permission/permission-fs-deny.js | 19 | ||||
-rw-r--r-- | benchmark/permission/permission-fs-is-granted.js | 50 |
3 files changed, 141 insertions, 0 deletions
diff --git a/benchmark/fs/readfile-permission-enabled.js b/benchmark/fs/readfile-permission-enabled.js new file mode 100644 index 0000000000..3053d5aa08 --- /dev/null +++ b/benchmark/fs/readfile-permission-enabled.js @@ -0,0 +1,72 @@ +// Call fs.readFile with permission system enabled +// over and over again really fast. +// Then see how many times it got called. +'use strict'; + +const path = require('path'); +const common = require('../common.js'); +const fs = require('fs'); +const assert = require('assert'); + +const tmpdir = require('../../test/common/tmpdir'); +tmpdir.refresh(); +const filename = path.resolve(tmpdir.path, + `.removeme-benchmark-garbage-${process.pid}`); + +const bench = common.createBenchmark(main, { + duration: [5], + encoding: ['', 'utf-8'], + len: [1024, 16 * 1024 * 1024], + concurrent: [1, 10], +}, { + flags: ['--experimental-permission', '--allow-fs-read=*', '--allow-fs-write=*'], +}); + +function main({ len, duration, concurrent, encoding }) { + try { + fs.unlinkSync(filename); + } catch { + // Continue regardless of error. + } + let data = Buffer.alloc(len, 'x'); + fs.writeFileSync(filename, data); + data = null; + + let reads = 0; + let benchEnded = false; + bench.start(); + setTimeout(() => { + benchEnded = true; + bench.end(reads); + try { + fs.unlinkSync(filename); + } catch { + // Continue regardless of error. + } + process.exit(0); + }, duration * 1000); + + function read() { + fs.readFile(filename, encoding, afterRead); + } + + function afterRead(er, data) { + if (er) { + if (er.code === 'ENOENT') { + // Only OK if unlinked by the timer from main. + assert.ok(benchEnded); + return; + } + throw er; + } + + if (data.length !== len) + throw new Error('wrong number of bytes returned'); + + reads++; + if (!benchEnded) + read(); + } + + while (concurrent--) read(); +} diff --git a/benchmark/permission/permission-fs-deny.js b/benchmark/permission/permission-fs-deny.js new file mode 100644 index 0000000000..29bbeb27dc --- /dev/null +++ b/benchmark/permission/permission-fs-deny.js @@ -0,0 +1,19 @@ +'use strict'; +const common = require('../common.js'); + +const configs = { + n: [1e5], + concurrent: [1, 10], +}; + +const options = { flags: ['--experimental-permission'] }; + +const bench = common.createBenchmark(main, configs, options); + +async function main(conf) { + bench.start(); + for (let i = 0; i < conf.n; i++) { + process.permission.deny('fs.read', ['/home/example-file-' + i]); + } + bench.end(conf.n); +} diff --git a/benchmark/permission/permission-fs-is-granted.js b/benchmark/permission/permission-fs-is-granted.js new file mode 100644 index 0000000000..062ba19445 --- /dev/null +++ b/benchmark/permission/permission-fs-is-granted.js @@ -0,0 +1,50 @@ +'use strict'; +const common = require('../common.js'); +const fs = require('fs/promises'); +const path = require('path'); + +const configs = { + n: [1e5], + concurrent: [1, 10], +}; + +const rootPath = path.resolve(__dirname, '../../..'); + +const options = { + flags: [ + '--experimental-permission', + `--allow-fs-read=${rootPath}`, + ], +}; + +const bench = common.createBenchmark(main, configs, options); + +const recursivelyDenyFiles = async (dir) => { + const files = await fs.readdir(dir, { withFileTypes: true }); + for (const file of files) { + if (file.isDirectory()) { + await recursivelyDenyFiles(path.join(dir, file.name)); + } else if (file.isFile()) { + process.permission.deny('fs.read', [path.join(dir, file.name)]); + } + } +}; + +async function main(conf) { + const benchmarkDir = path.join(__dirname, '../..'); + // Get all the benchmark files and deny access to it + await recursivelyDenyFiles(benchmarkDir); + + bench.start(); + + for (let i = 0; i < conf.n; i++) { + // Valid file in a sequence of denied files + process.permission.has('fs.read', benchmarkDir + '/valid-file'); + // Denied file + process.permission.has('fs.read', __filename); + // Valid file a granted directory + process.permission.has('fs.read', '/tmp/example'); + } + + bench.end(conf.n); +} |