<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="text-align: left; text-indent: 0px; line-height: 1.1; margin: 20px 0px 10px; font-family: "IntelOne Text"; font-size: 10pt; color: rgb(0, 0, 0);">
Acked-by: Kai Ji <kai.ji@intel.com></div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Jack Bond-Preston <jack.bond-preston@foss.arm.com><br>
<b>Sent:</b> 07 June 2024 13:47<br>
<b>To:</b> Ji, Kai <kai.ji@intel.com><br>
<b>Cc:</b> dev@dpdk.org <dev@dpdk.org>; Wathsala Vithanage <wathsala.vithanage@arm.com><br>
<b>Subject:</b> [PATCH v4 5/5] crypto/openssl: only set cipher padding once</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">Setting the cipher padding has a noticeable performance footprint,<br>
and it doesn't need to be done for every call to<br>
process_openssl_cipher_{en,de}crypt(). Setting it causes OpenSSL to set<br>
it on every future context re-init. Thus, for every buffer after the<br>
first one, the padding is being set twice.<br>
<br>
Instead, just set the cipher padding once - when configuring the session<br>
parameters - avoiding the unnecessary double setting behaviour. This is<br>
skipped for AEAD ciphers, where disabling padding is not necessary.<br>
<br>
Throughput performance uplift measurements for AES-CBC-128 encrypt on<br>
Ampere Altra Max platform:<br>
1 worker lcore<br>
| buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift |<br>
|-----------------+---------------+--------------------+----------|<br>
| 64 | 2.97 | 3.72 | 25.2% |<br>
| 256 | 8.10 | 9.42 | 16.3% |<br>
| 1024 | 14.22 | 15.18 | 6.8% |<br>
| 2048 | 16.28 | 16.93 | 4.0% |<br>
| 4096 | 17.58 | 17.97 | 2.2% |<br>
<br>
8 worker lcores<br>
| buffer sz (B) | prev (Gbps) | optimised (Gbps) | uplift |<br>
|-----------------+---------------+--------------------+----------|<br>
| 64 | 21.27 | 29.85 | 40.3% |<br>
| 256 | 60.05 | 75.53 | 25.8% |<br>
| 1024 | 110.11 | 121.56 | 10.4% |<br>
| 2048 | 128.05 | 135.40 | 5.7% |<br>
| 4096 | 139.45 | 143.76 | 3.1% |<br>
<br>
Signed-off-by: Jack Bond-Preston <jack.bond-preston@foss.arm.com><br>
Reviewed-by: Wathsala Vithanage <wathsala.vithanage@arm.com><br>
---<br>
drivers/crypto/openssl/rte_openssl_pmd.c | 6 ++----<br>
1 file changed, 2 insertions(+), 4 deletions(-)<br>
<br>
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c<br>
index 7e2e505222..101111e85b 100644<br>
--- a/drivers/crypto/openssl/rte_openssl_pmd.c<br>
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c<br>
@@ -619,6 +619,8 @@ openssl_set_session_cipher_parameters(struct openssl_session *sess,<br>
return -ENOTSUP;<br>
}<br>
<br>
+ EVP_CIPHER_CTX_set_padding(sess->cipher.ctx, 0);<br>
+<br>
return 0;<br>
}<br>
<br>
@@ -1124,8 +1126,6 @@ process_openssl_cipher_encrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,<br>
if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0)<br>
goto process_cipher_encrypt_err;<br>
<br>
- EVP_CIPHER_CTX_set_padding(ctx, 0);<br>
-<br>
if (process_openssl_encryption_update(mbuf_src, offset, &dst,<br>
srclen, ctx, inplace))<br>
goto process_cipher_encrypt_err;<br>
@@ -1174,8 +1174,6 @@ process_openssl_cipher_decrypt(struct rte_mbuf *mbuf_src, uint8_t *dst,<br>
if (EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0)<br>
goto process_cipher_decrypt_err;<br>
<br>
- EVP_CIPHER_CTX_set_padding(ctx, 0);<br>
-<br>
if (process_openssl_decryption_update(mbuf_src, offset, &dst,<br>
srclen, ctx, inplace))<br>
goto process_cipher_decrypt_err;<br>
-- <br>
2.34.1<br>
<br>
</div>
</span></font></div>
</body>
</html>