From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3B96945804 for ; Fri, 23 Aug 2024 18:22:05 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 375AF43393; Fri, 23 Aug 2024 18:22:05 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 646A24337A for ; Fri, 23 Aug 2024 18:22:03 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1724430123; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kqrXW0EEh2Nv78A0srGovcfdV4hnMuhL2kuEYV317T8=; b=ggD/uGMl7OqDLir1wRAOIO8XqWSJ3PI++hnm4zqaIkknciIvEWO6IjuRqNP8ePaMMdqYuv qprdfT3igmD/yUEtZnBfK/pF22YivXZh3iotZcW/HWG5Jtb1SFHYGsz9JmG3rf+nNBDwFC LOF49ReujWfPXFn0oLcgfz2X6tzw24w= Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-680-DMt9XkXvM46rKi7PHzyiXQ-1; Fri, 23 Aug 2024 12:21:59 -0400 X-MC-Unique: DMt9XkXvM46rKi7PHzyiXQ-1 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 76DA91955F43; Fri, 23 Aug 2024 16:21:58 +0000 (UTC) Received: from rh.redhat.com (unknown [10.39.193.224]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id D4DE21956053; Fri, 23 Aug 2024 16:21:56 +0000 (UTC) From: Kevin Traynor To: Jack Bond-Preston Cc: Kai Ji , Wathsala Vithanage , dpdk stable Subject: patch 'crypto/openssl: set cipher padding once' has been queued to stable release 21.11.8 Date: Fri, 23 Aug 2024 17:18:13 +0100 Message-ID: <20240823161929.1004778-65-ktraynor@redhat.com> In-Reply-To: <20240823161929.1004778-1-ktraynor@redhat.com> References: <20240823161929.1004778-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.8 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 08/28/24. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/d6048dac1e75d310ad2dc6b89278567c8c925b56 Thanks. Kevin --- >From d6048dac1e75d310ad2dc6b89278567c8c925b56 Mon Sep 17 00:00:00 2001 From: Jack Bond-Preston Date: Wed, 3 Jul 2024 13:45:51 +0000 Subject: [PATCH] crypto/openssl: set cipher padding once [ upstream commit d2bf59017315dc18eb6c9f2d7acd10dfb8d7758e ] Setting the cipher padding has a noticeable performance footprint, and it doesn't need to be done for every call to process_openssl_cipher_{en,de}crypt(). Setting it causes OpenSSL to set it on every future context re-init. Thus, for every buffer after the first one, the padding is being set twice. Instead, just set the cipher padding once - when configuring the session parameters - avoiding the unnecessary double setting behaviour. This is skipped for AEAD ciphers, where disabling padding is not necessary. Throughput performance uplift measurements for AES-CBC-128 encrypt on Ampere Altra Max platform: 1 worker lcore | buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift | |-----------------+---------------+--------------------+----------| | 64 | 2.97 | 3.72 | 25.2% | | 256 | 8.10 | 9.42 | 16.3% | | 1024 | 14.22 | 15.18 | 6.8% | | 2048 | 16.28 | 16.93 | 4.0% | | 4096 | 17.58 | 17.97 | 2.2% | 8 worker lcores | buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift | |-----------------+---------------+--------------------+----------| | 64 | 21.27 | 29.85 | 40.3% | | 256 | 60.05 | 75.53 | 25.8% | | 1024 | 110.11 | 121.56 | 10.4% | | 2048 | 128.05 | 135.40 | 5.7% | | 4096 | 139.45 | 143.76 | 3.1% | Signed-off-by: Jack Bond-Preston Acked-by: Kai Ji Reviewed-by: Wathsala Vithanage --- drivers/crypto/openssl/rte_openssl_pmd.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index a321258980..b82f6939a5 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -615,4 +615,6 @@ openssl_set_session_auth_parameters(struct openssl_session *sess, } + EVP_CIPHER_CTX_set_padding(sess->cipher.ctx, 0); + return 0; } @@ -943,6 +945,4 @@ process_openssl_cipher_encrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, goto process_cipher_encrypt_err; - EVP_CIPHER_CTX_set_padding(ctx, 0); - if (process_openssl_encryption_update(mbuf_src, offset, &dst, srclen, ctx, inplace)) @@ -993,6 +993,4 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, goto process_cipher_decrypt_err; - EVP_CIPHER_CTX_set_padding(ctx, 0); - if (process_openssl_decryption_update(mbuf_src, offset, &dst, srclen, ctx, inplace)) -- 2.46.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2024-08-23 17:18:11.773953151 +0100 +++ 0065-crypto-openssl-set-cipher-padding-once.patch 2024-08-23 17:18:09.738430168 +0100 @@ -1 +1 @@ -From d2bf59017315dc18eb6c9f2d7acd10dfb8d7758e Mon Sep 17 00:00:00 2001 +From d6048dac1e75d310ad2dc6b89278567c8c925b56 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit d2bf59017315dc18eb6c9f2d7acd10dfb8d7758e ] + @@ -36,2 +37,0 @@ -Cc: stable@dpdk.org - @@ -46 +46 @@ -index 7e2e505222..101111e85b 100644 +index a321258980..b82f6939a5 100644 @@ -49 +49 @@ -@@ -620,4 +620,6 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess, +@@ -615,4 +615,6 @@ openssl_set_session_auth_parameters(struct openssl_session *sess, @@ -56 +56 @@ -@@ -1125,6 +1127,4 @@ process_openssl_cipher_encrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, +@@ -943,6 +945,4 @@ process_openssl_cipher_encrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, @@ -63 +63 @@ -@@ -1175,6 +1175,4 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst, +@@ -993,6 +993,4 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,