From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9A3B445561; Wed, 3 Jul 2024 15:46:23 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 12C0C42E0B; Wed, 3 Jul 2024 15:46:12 +0200 (CEST) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mails.dpdk.org (Postfix) with ESMTP id 9A38B40265 for ; Wed, 3 Jul 2024 15:46:09 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 250791007; Wed, 3 Jul 2024 06:46:34 -0700 (PDT) Received: from cesw-amp-gbt-1s-m12830-01.lab.cambridge.arm.com (cesw-amp-gbt-1s-m12830-01.lab.cambridge.arm.com [10.7.10.57]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 942173F762; Wed, 3 Jul 2024 06:46:08 -0700 (PDT) From: Jack Bond-Preston To: Kai Ji Cc: dev@dpdk.org, Wathsala Vithanage Subject: [PATCH v5 2/5] crypto/openssl: only init 3DES-CTR key + impl once Date: Wed, 3 Jul 2024 13:45:48 +0000 Message-Id: <20240703134552.1439633-3-jack.bond-preston@foss.arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240703134552.1439633-1-jack.bond-preston@foss.arm.com> References: <20240603160119.1279476-1-jack.bond-preston@foss.arm.com> <20240703134552.1439633-1-jack.bond-preston@foss.arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Currently the 3DES-CTR cipher context is initialised for every buffer, setting the cipher implementation and key - even though for every buffer in the session these values will be the same. Change to initialising the cipher context once, before any buffers are processed, instead. Throughput performance uplift measurements for 3DES-CTR encrypt on Ampere Altra Max platform: 1 worker lcore | buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift | |-----------------+---------------+--------------------+----------| | 64 | 0.16 | 0.21 | 35.3% | | 256 | 0.20 | 0.22 | 9.4% | | 1024 | 0.22 | 0.23 | 2.3% | | 2048 | 0.22 | 0.23 | 0.9% | | 4096 | 0.22 | 0.23 | 0.9% | 8 worker lcores | buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift | |-----------------+---------------+--------------------+----------| | 64 | 1.01 | 1.34 | 32.9% | | 256 | 1.51 | 1.66 | 9.9% | | 1024 | 1.72 | 1.77 | 2.6% | | 2048 | 1.76 | 1.78 | 1.1% | | 4096 | 1.79 | 1.80 | 0.6% | Signed-off-by: Jack Bond-Preston Acked-by: Kai Ji Reviewed-by: Wathsala Vithanage --- drivers/crypto/openssl/rte_openssl_pmd.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index c661528738..8d3deb1354 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -553,6 +553,15 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess, sess->cipher.key.length, sess->cipher.key.data) != 0) return -EINVAL; + + + /* We use 3DES encryption also for decryption. + * IV is not important for 3DES ECB. + */ + if (EVP_EncryptInit_ex(sess->cipher.ctx, EVP_des_ede3_ecb(), + NULL, sess->cipher.key.data, NULL) != 1) + return -EINVAL; + break; case RTE_CRYPTO_CIPHER_DES_CBC: @@ -1172,8 +1181,7 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, /** Process cipher des 3 ctr encryption, decryption algorithm */ static int process_openssl_cipher_des3ctr(struct rte_mbuf *mbuf_src, uint8_t *dst, - int offset, uint8_t *iv, uint8_t *key, int srclen, - EVP_CIPHER_CTX *ctx) + int offset, uint8_t *iv, int srclen, EVP_CIPHER_CTX *ctx) { uint8_t ebuf[8], ctr[8]; int unused, n; @@ -1191,12 +1199,6 @@ process_openssl_cipher_des3ctr(struct rte_mbuf *mbuf_src, uint8_t *dst, src = rte_pktmbuf_mtod_offset(m, uint8_t *, offset); l = rte_pktmbuf_data_len(m) - offset; - /* We use 3DES encryption also for decryption. - * IV is not important for 3DES ecb - */ - if (EVP_EncryptInit_ex(ctx, EVP_des_ede3_ecb(), NULL, key, NULL) <= 0) - goto process_cipher_des3ctr_err; - memcpy(ctr, iv, 8); for (n = 0; n < srclen; n++) { @@ -1740,8 +1742,7 @@ process_openssl_cipher_op srclen, ctx_copy, inplace); else status = process_openssl_cipher_des3ctr(mbuf_src, dst, - op->sym->cipher.data.offset, iv, - sess->cipher.key.data, srclen, + op->sym->cipher.data.offset, iv, srclen, ctx_copy); EVP_CIPHER_CTX_free(ctx_copy); -- 2.34.1