From: Jack Bond-Preston <jack.bond-preston@foss.arm.com>
To: Kai Ji <kai.ji@intel.com>
Cc: dev@dpdk.org, Wathsala Vithanage <wathsala.vithanage@arm.com>
Subject: [PATCH v2 5/5] crypto/openssl: only set cipher padding once
Date: Mon, 3 Jun 2024 18:59:39 +0000 [thread overview]
Message-ID: <20240603185939.1312680-6-jack.bond-preston@foss.arm.com> (raw)
In-Reply-To: <20240603185939.1312680-1-jack.bond-preston@foss.arm.com>
Setting the cipher padding has a noticeable performance footprint,
and it doesn't need to be done for every call to
process_openssl_cipher_{en,de}crypt(). Setting it causes OpenSSL to set
it on every future context re-init. Thus, for every buffer after the
first one, the padding is being set twice.
Instead, just set the cipher padding once - when configuring the session
parameters - avoiding the unnecessary double setting behaviour. This is
skipped for AEAD ciphers, where disabling padding is not necessary.
Throughput performance uplift measurements for AES-CBC-128 encrypt on
Ampere Altra Max platform:
1 worker lcore
| buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift |
|-----------------+---------------+--------------------+----------|
| 64 | 2.97 | 3.72 | 25.2% |
| 256 | 8.10 | 9.42 | 16.3% |
| 1024 | 14.22 | 15.18 | 6.8% |
| 2048 | 16.28 | 16.93 | 4.0% |
| 4096 | 17.58 | 17.97 | 2.2% |
8 worker lcores
| buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift |
|-----------------+---------------+--------------------+----------|
| 64 | 21.27 | 29.85 | 40.3% |
| 256 | 60.05 | 75.53 | 25.8% |
| 1024 | 110.11 | 121.56 | 10.4% |
| 2048 | 128.05 | 135.40 | 5.7% |
| 4096 | 139.45 | 143.76 | 3.1% |
Signed-off-by: Jack Bond-Preston <jack.bond-preston@foss.arm.com>
Reviewed-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 743b20c5b0..f0f5082769 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -595,6 +595,8 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,
return -ENOTSUP;
}
+ EVP_CIPHER_CTX_set_padding(sess->cipher.ctx, 0);
+
return 0;
}
@@ -1096,8 +1098,6 @@ process_openssl_cipher_encrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,
if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0)
goto process_cipher_encrypt_err;
- EVP_CIPHER_CTX_set_padding(ctx, 0);
-
if (process_openssl_encryption_update(mbuf_src, offset, &dst,
srclen, ctx, inplace))
goto process_cipher_encrypt_err;
@@ -1146,8 +1146,6 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,
if (EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0)
goto process_cipher_decrypt_err;
- EVP_CIPHER_CTX_set_padding(ctx, 0);
-
if (process_openssl_decryption_update(mbuf_src, offset, &dst,
srclen, ctx, inplace))
goto process_cipher_decrypt_err;
--
2.34.1
next prev parent reply other threads:[~2024-06-03 19:16 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-03 16:01 [PATCH 0/5] OpenSSL PMD Optimisations Jack Bond-Preston
2024-06-03 16:01 ` [PATCH 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-06-03 16:12 ` Jack Bond-Preston
2024-06-03 16:01 ` [PATCH 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-06-03 16:01 ` [PATCH 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-06-03 16:01 ` [PATCH 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-06-03 16:30 ` Jack Bond-Preston
2024-06-03 16:01 ` [PATCH 5/5] crypto/openssl: only set cipher padding once Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 0/5] OpenSSL PMD Optimisations Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-06-03 18:43 ` [PATCH v2 5/5] crypto/openssl: only set cipher padding once Jack Bond-Preston
2024-06-03 18:59 ` [PATCH v2 0/5] OpenSSL PMD Optimisations Jack Bond-Preston
2024-06-03 18:59 ` [PATCH v2 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-06-03 18:59 ` [PATCH v2 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-06-03 18:59 ` [PATCH v2 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-06-03 18:59 ` [PATCH v2 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-06-03 18:59 ` Jack Bond-Preston [this message]
2024-06-06 10:20 ` [PATCH v3 0/5] OpenSSL PMD Optimisations Jack Bond-Preston
2024-06-06 10:20 ` [PATCH v3 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-06-06 10:44 ` [EXTERNAL] " Akhil Goyal
2024-06-06 10:20 ` [PATCH v3 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-06-06 10:20 ` [PATCH v3 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-06-06 10:20 ` [PATCH v3 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-06-06 10:20 ` [PATCH v3 5/5] crypto/openssl: only set cipher padding once Jack Bond-Preston
2024-06-07 12:47 ` [PATCH v4 0/5] OpenSSL PMD Optimisations Jack Bond-Preston
2024-06-07 12:47 ` [PATCH v4 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-07-01 12:55 ` Ji, Kai
2024-07-02 15:39 ` [EXTERNAL] " Akhil Goyal
2024-07-03 10:49 ` Jack Bond-Preston
2024-07-03 13:46 ` Jack Bond-Preston
2024-06-07 12:47 ` [PATCH v4 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-07-01 12:55 ` Ji, Kai
2024-06-07 12:47 ` [PATCH v4 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-07-01 12:56 ` Ji, Kai
2024-06-07 12:47 ` [PATCH v4 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-07-01 12:55 ` Ji, Kai
2024-06-07 12:47 ` [PATCH v4 5/5] crypto/openssl: only set cipher padding once Jack Bond-Preston
2024-07-01 12:56 ` Ji, Kai
2024-06-24 16:14 ` [PATCH 0/5] OpenSSL PMD Optimisations Ji, Kai
2024-07-03 13:45 ` [PATCH v5 " Jack Bond-Preston
2024-07-03 13:45 ` [PATCH v5 1/5] crypto/openssl: fix GCM and CCM thread unsafe ctxs Jack Bond-Preston
2024-07-03 15:20 ` [EXTERNAL] " Akhil Goyal
2024-07-03 13:45 ` [PATCH v5 2/5] crypto/openssl: only init 3DES-CTR key + impl once Jack Bond-Preston
2024-07-03 13:45 ` [PATCH v5 3/5] crypto/openssl: per-qp cipher context clones Jack Bond-Preston
2024-07-03 13:45 ` [PATCH v5 4/5] crypto/openssl: per-qp auth " Jack Bond-Preston
2024-07-03 13:45 ` [PATCH v5 5/5] crypto/openssl: only set cipher padding once Jack Bond-Preston
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240603185939.1312680-6-jack.bond-preston@foss.arm.com \
--to=jack.bond-preston@foss.arm.com \
--cc=dev@dpdk.org \
--cc=kai.ji@intel.com \
--cc=wathsala.vithanage@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).