From: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> Per idea of Janne Peltonen, do not allocate/free crypto contexts for each operation, providing significant speed increase. Each thread on startup allocates hmac+cipher contexts pair for each crypto session. Then they are initialized on demand, when session is first executed using this thread.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> --- /** Email created from pull request 342 (lumag:openssl-ctx) ** https://github.com/Linaro/odp/pull/342 ** Patch: https://github.com/Linaro/odp/pull/342.patch ** Base sha: 49ebafae0edebbc750742d8874ad0a7588286dea ** Merge commit sha: a7b33af3346ca9716c2d6d2f9f7952377cedeebf **/ platform/linux-generic/include/odp_internal.h | 2 + platform/linux-generic/odp_crypto.c | 277 +++++++++++++++++--------- platform/linux-generic/odp_init.c | 13 ++ 3 files changed, 201 insertions(+), 91 deletions(-) diff --git a/platform/linux-generic/include/odp_internal.h b/platform/linux-generic/include/odp_internal.h index 54f95b8b3..4fd721449 100644 --- a/platform/linux-generic/include/odp_internal.h +++ b/platform/linux-generic/include/odp_internal.h @@ -110,6 +110,8 @@ int odp_queue_term_global(void); int odp_crypto_init_global(void); int odp_crypto_term_global(void); +int _odp_crypto_init_local(void); +int _odp_crypto_term_local(void); int odp_timer_init_global(const odp_init_t *params); int odp_timer_term_global(void); diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 3b110c191..8bef7a859 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -9,7 +9,6 @@ #include <odp_posix_extensions.h> #include <odp/api/crypto.h> #include <odp_internal.h> -#include <odp/api/atomic.h> #include <odp/api/spinlock.h> #include <odp/api/sync.h> #include <odp/api/debug.h> @@ -20,6 +19,7 @@ #include <odp/api/random.h> #include <odp/api/plat/packet_inlines.h> #include <odp_packet_internal.h> +#include <odp_bitset.h> #include <string.h> #include <stdlib.h> @@ -129,6 +129,8 @@ struct odp_crypto_generic_session_t { }; crypto_func_t func; } auth; + + unsigned idx; }; typedef struct odp_crypto_global_s odp_crypto_global_t; @@ -137,15 +139,56 @@ struct odp_crypto_global_s { odp_spinlock_t lock; odp_crypto_generic_session_t *free; odp_crypto_generic_session_t sessions[MAX_SESSIONS]; + + /* These bitfields are cleared at alloc_session() + * together with the rest of data */ + bitset_t hmac_valid[ODP_THREAD_COUNT_MAX] + [(MAX_SESSIONS + ATOM_BITSET_SIZE - 1) / ATOM_BITSET_SIZE]; + bitset_t cipher_valid[ODP_THREAD_COUNT_MAX] + [(MAX_SESSIONS + ATOM_BITSET_SIZE - 1) / ATOM_BITSET_SIZE]; + bitset_t mac_cipher_valid[ODP_THREAD_COUNT_MAX] + [(MAX_SESSIONS + ATOM_BITSET_SIZE - 1) / ATOM_BITSET_SIZE]; + odp_ticketlock_t openssl_lock[0]; }; static odp_crypto_global_t *global; +typedef struct crypto_local_t { + HMAC_CTX *hmac_ctx[MAX_SESSIONS]; + EVP_CIPHER_CTX *cipher_ctx[MAX_SESSIONS]; + EVP_CIPHER_CTX *mac_cipher_ctx[MAX_SESSIONS]; + bitset_t *hmac_valid; + bitset_t *cipher_valid; + bitset_t *mac_cipher_valid; +} crypto_local_t; + +static __thread crypto_local_t local; + +typedef enum { KIND_HMAC, KIND_CIPHER, KIND_MAC_CIPHER } crypto_kind_t; + +static inline int crypto_should_init(odp_crypto_generic_session_t *session, + crypto_kind_t kind) +{ + bitset_t *ptr = kind == KIND_HMAC ? local.hmac_valid : + kind == KIND_CIPHER ? local.cipher_valid : + local.mac_cipher_valid; + bitset_t *cv = ptr + (session->idx / ATOM_BITSET_SIZE); + bitset_t cur = atom_bitset_load(cv, __ATOMIC_ACQUIRE); + + if (bitset_is_set(cur, session->idx % ATOM_BITSET_SIZE)) + return false; + + atom_bitset_set(cv, session->idx % ATOM_BITSET_SIZE, __ATOMIC_RELEASE); + + return true; +} + static odp_crypto_generic_session_t *alloc_session(void) { odp_crypto_generic_session_t *session = NULL; + unsigned i; odp_spinlock_lock(&global->lock); session = global->free; @@ -155,6 +198,19 @@ odp_crypto_generic_session_t *alloc_session(void) } odp_spinlock_unlock(&global->lock); + session->idx = session - global->sessions; + + for (i = 0; i < ODP_THREAD_COUNT_MAX; i++) { + bitset_t *cv; + + cv = global->hmac_valid[i] + (session->idx / ATOM_BITSET_SIZE); + atom_bitset_clr(cv, session->idx % ATOM_BITSET_SIZE, __ATOMIC_ACQ_REL); + cv = global->cipher_valid[i] + (session->idx / ATOM_BITSET_SIZE); + atom_bitset_clr(cv, session->idx % ATOM_BITSET_SIZE, __ATOMIC_ACQ_REL); + cv = global->mac_cipher_valid[i] + (session->idx / ATOM_BITSET_SIZE); + atom_bitset_clr(cv, session->idx % ATOM_BITSET_SIZE, __ATOMIC_ACQ_REL); + } + return session; } @@ -175,24 +231,51 @@ null_crypto_routine(odp_packet_t pkt ODP_UNUSED, return ODP_CRYPTO_ALG_ERR_NONE; } +/* Mimic new OpenSSL 1.1.y API */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L +static HMAC_CTX *HMAC_CTX_new(void) +{ + HMAC_CTX *ctx = malloc(sizeof(*ctx)); + + HMAC_CTX_init(ctx); + return ctx; +} + +static void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + free(ctx); +} +#endif + static -void packet_hmac_calculate(HMAC_CTX *ctx, - odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) +void packet_hmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) { + HMAC_CTX *ctx = local.hmac_ctx[session->idx]; uint32_t offset = param->auth_range.offset; uint32_t len = param->auth_range.length; ODP_ASSERT(offset + len <= odp_packet_len(pkt)); - HMAC_Init_ex(ctx, - session->auth.key, - session->auth.key_length, - session->auth.evp_md, - NULL); + if (crypto_should_init(session, KIND_HMAC)) { + HMAC_Init_ex(ctx, + session->auth.key, + session->auth.key_length, + session->auth.evp_md, + NULL); + } else { + /* Reinitialize HMAC calculation without resetting the key */ + HMAC_Init_ex(ctx, + NULL, + 0, + NULL, + NULL); + } + /* Hash it */ while (len > 0) { uint32_t seglen = 0; /* GCC */ void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); @@ -206,36 +289,6 @@ void packet_hmac_calculate(HMAC_CTX *ctx, HMAC_Final(ctx, hash, NULL); } -#if OPENSSL_VERSION_NUMBER < 0x10100000L -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX ctx; - - /* Hash it */ - HMAC_CTX_init(&ctx); - packet_hmac_calculate(&ctx, pkt, param, session, hash); - HMAC_CTX_cleanup(&ctx); -} -#else -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX *ctx; - - /* Hash it */ - ctx = HMAC_CTX_new(); - packet_hmac_calculate(ctx, pkt, param, session, hash); - HMAC_CTX_free(ctx); -} -#endif - static odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, @@ -430,7 +483,7 @@ odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; void *iv_ptr; int ret; @@ -442,16 +495,15 @@ odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); + if (crypto_should_init(session, false)) { + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_encrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -461,7 +513,7 @@ odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; void *iv_ptr; int ret; @@ -473,16 +525,15 @@ odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); + if (crypto_should_init(session, KIND_CIPHER)) { + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_decrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -519,7 +570,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; const uint8_t *aad_head = param->aad_ptr; uint32_t aad_len = session->p.auth_aad_len; void *iv_ptr; @@ -535,13 +586,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session, KIND_CIPHER)) { + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -555,8 +607,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -566,7 +616,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.cipher_ctx[session->idx]; const uint8_t *aad_head = param->aad_ptr; uint32_t aad_len = session->p.auth_aad_len; int dummy_len = 0; @@ -582,13 +632,14 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session, KIND_CIPHER)) { + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); odp_packet_copy_to_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); @@ -602,8 +653,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, ret = internal_decrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : ODP_CRYPTO_ALG_ERR_NONE; } @@ -635,7 +684,7 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.mac_cipher_ctx[session->idx]; void *iv_ptr; uint8_t block[EVP_MAX_MD_SIZE]; int ret; @@ -648,13 +697,14 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, - session->auth.key, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session, KIND_MAC_CIPHER)) { + EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_aad(ctx, pkt, param); @@ -663,8 +713,6 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -674,7 +722,7 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.mac_cipher_ctx[session->idx]; void *iv_ptr; uint8_t block[EVP_MAX_MD_SIZE]; int ret; @@ -687,13 +735,14 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, - session->auth.key, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session, KIND_MAC_CIPHER)) { + EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); odp_packet_copy_to_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); @@ -704,8 +753,6 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, ret = internal_aad(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : ODP_CRYPTO_ALG_ERR_NONE; } @@ -1216,6 +1263,54 @@ int odp_crypto_term_global(void) return rc; } +int _odp_crypto_init_local(void) +{ + unsigned i; + int id; + + memset(&local, 0, sizeof(local)); + + for (i = 0; i < MAX_SESSIONS; i++) { + local.hmac_ctx[i] = HMAC_CTX_new(); + local.cipher_ctx[i] = EVP_CIPHER_CTX_new(); + local.mac_cipher_ctx[i] = EVP_CIPHER_CTX_new(); + + if (local.hmac_ctx[i] == NULL || + local.cipher_ctx[i] == NULL || + local.mac_cipher_ctx[i] == NULL) { + _odp_crypto_term_local(); + return -1; + } + } + + /* Clear local valid bits */ + id = odp_thread_id(); + local.hmac_valid = global->hmac_valid[id]; + local.cipher_valid = global->cipher_valid[id]; + local.mac_cipher_valid = global->mac_cipher_valid[id]; + memset(local.hmac_valid, 0, sizeof(global->hmac_valid[0])); + memset(local.cipher_valid, 0, sizeof(global->cipher_valid[0])); + memset(local.mac_cipher_valid, 0, sizeof(global->mac_cipher_valid[0])); + + return 0; +} + +int _odp_crypto_term_local(void) +{ + unsigned i; + + for (i = 0; i < MAX_SESSIONS; i++) { + if (local.hmac_ctx[i] != NULL) + HMAC_CTX_free(local.hmac_ctx[i]); + if (local.cipher_ctx[i] != NULL) + EVP_CIPHER_CTX_free(local.cipher_ctx[i]); + if (local.mac_cipher_ctx[i] != NULL) + EVP_CIPHER_CTX_free(local.mac_cipher_ctx[i]); + } + + return 0; +} + odp_random_kind_t odp_random_max_kind(void) { return ODP_RANDOM_CRYPTO; diff --git a/platform/linux-generic/odp_init.c b/platform/linux-generic/odp_init.c index bff8303ee..bbcbd8dd3 100644 --- a/platform/linux-generic/odp_init.c +++ b/platform/linux-generic/odp_init.c @@ -327,6 +327,12 @@ int odp_init_local(odp_instance_t instance, odp_thread_type_t thr_type) } stage = PKTIO_INIT; + if (_odp_crypto_init_local()) { + ODP_ERR("ODP crypto local init failed.\n"); + goto init_fail; + } + stage = CRYPTO_INIT; + if (odp_pool_init_local()) { ODP_ERR("ODP pool local init failed.\n"); goto init_fail; @@ -379,6 +385,13 @@ int _odp_term_local(enum init_stage stage) } /* Fall through */ + case CRYPTO_INIT: + if (_odp_crypto_term_local()) { + ODP_ERR("ODP crypto local term failed.\n"); + rc = -1; + } + /* Fall through */ + case POOL_INIT: if (odp_pool_term_local()) { ODP_ERR("ODP buffer pool local term failed.\n");