From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 04C144414A;
	Mon,  3 Jun 2024 18:01:49 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 990C542E72;
	Mon,  3 Jun 2024 18:01:31 +0200 (CEST)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mails.dpdk.org (Postfix) with ESMTP id 0DE074067B
 for <dev@dpdk.org>; Mon,  3 Jun 2024 18:01:28 +0200 (CEST)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
 by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id CD55F1063;
 Mon,  3 Jun 2024 09:01:51 -0700 (PDT)
Received: from cesw-amp-gbt-1s-m12830-01.lab.cambridge.arm.com
 (cesw-amp-gbt-1s-m12830-01.lab.cambridge.arm.com [10.7.10.57])
 by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id EF8DE3F64C;
 Mon,  3 Jun 2024 09:01:26 -0700 (PDT)
From: Jack Bond-Preston <jack.bond-preston@foss.arm.com>
To: Kai Ji <kai.ji@intel.com>
Cc: dev@dpdk.org,
	Wathsala Vithanage <wathsala.vithanage@arm.com>
Subject: [PATCH 2/5] crypto/openssl: only init 3DES-CTR key + impl once
Date: Mon,  3 Jun 2024 16:01:16 +0000
Message-Id: <20240603160119.1279476-3-jack.bond-preston@foss.arm.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240603160119.1279476-1-jack.bond-preston@foss.arm.com>
References: <20240603160119.1279476-1-jack.bond-preston@foss.arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Currently the 3DES-CTR cipher context is initialised for every buffer,
setting the cipher implementation and key - even though for every
buffer in the session these values will be the same.

Change to initialising the cipher context once, before any buffers are
processed, instead.

Throughput performance uplift measurements for 3DES-CTR encrypt on
Ampere Altra Max platform:
1 worker lcore
|   buffer sz (B) |   prev (Gbps) |   optimised (Gbps) |   uplift |
|-----------------+---------------+--------------------+----------|
|              64 |          0.16 |               0.21 |    35.3% |
|             256 |          0.20 |               0.22 |     9.4% |
|            1024 |          0.22 |               0.23 |     2.3% |
|            2048 |          0.22 |               0.23 |     0.9% |
|            4096 |          0.22 |               0.23 |     0.9% |

8 worker lcores
|   buffer sz (B) |   prev (Gbps) |   optimised (Gbps) |   uplift |
|-----------------+---------------+--------------------+----------|
|              64 |          1.01 |               1.34 |    32.9% |
|             256 |          1.51 |               1.66 |     9.9% |
|            1024 |          1.72 |               1.77 |     2.6% |
|            2048 |          1.76 |               1.78 |     1.1% |
|            4096 |          1.79 |               1.80 |     0.6% |

Signed-off-by: Jack Bond-Preston <jack.bond-preston@foss.arm.com>
Reviewed-by: Wathsala Vithanage <wathsala.vithanage@arm.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index ca7ed30ec4..175ffda2b9 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -521,6 +521,15 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,
 				sess->cipher.key.length,
 				sess->cipher.key.data) != 0)
 			return -EINVAL;
+
+
+		/* We use 3DES encryption also for decryption.
+		 * IV is not important for 3DES ECB.
+		 */
+		if (EVP_EncryptInit_ex(sess->cipher.ctx, EVP_des_ede3_ecb(),
+				NULL, sess->cipher.key.data,  NULL) != 1)
+			return -EINVAL;
+
 		break;
 
 	case RTE_CRYPTO_CIPHER_DES_CBC:
@@ -1136,8 +1145,7 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,
 /** Process cipher des 3 ctr encryption, decryption algorithm */
 static int
 process_openssl_cipher_des3ctr(struct rte_mbuf *mbuf_src, uint8_t *dst,
-		int offset, uint8_t *iv, uint8_t *key, int srclen,
-		EVP_CIPHER_CTX *ctx)
+		int offset, uint8_t *iv, int srclen, EVP_CIPHER_CTX *ctx)
 {
 	uint8_t ebuf[8], ctr[8];
 	int unused, n;
@@ -1155,12 +1163,6 @@ process_openssl_cipher_des3ctr(struct rte_mbuf *mbuf_src, uint8_t *dst,
 	src = rte_pktmbuf_mtod_offset(m, uint8_t *, offset);
 	l = rte_pktmbuf_data_len(m) - offset;
 
-	/* We use 3DES encryption also for decryption.
-	 * IV is not important for 3DES ecb
-	 */
-	if (EVP_EncryptInit_ex(ctx, EVP_des_ede3_ecb(), NULL, key, NULL) <= 0)
-		goto process_cipher_des3ctr_err;
-
 	memcpy(ctr, iv, 8);
 
 	for (n = 0; n < srclen; n++) {
@@ -1701,8 +1703,7 @@ process_openssl_cipher_op
 					srclen, ctx_copy, inplace);
 	else
 		status = process_openssl_cipher_des3ctr(mbuf_src, dst,
-				op->sym->cipher.data.offset, iv,
-				sess->cipher.key.data, srclen,
+				op->sym->cipher.data.offset, iv, srclen,
 				ctx_copy);
 
 	EVP_CIPHER_CTX_free(ctx_copy);
-- 
2.34.1