This is a re-send from June 14th, 'Session and Object performance patches' Changes: -------- * Don't use sigsetjmp()/siglongjmp() and sigaction() to catch segmentation fault errors * Adjust testcases (skip tests using invalid handles) * Some minor whitespace adjustements
------------------------- This patch set is an attempt at doing better in terms of individual operation performance when the number of open sessions or valid objects in the same process ammounts to a high count. Currently, for almost every API call, opencryptoki needs to go over internal linked-list structures in order to look-up session and objects's internal representation. This effectivelly makes the time taken by each API call to perform session+object lookup an exponential function of the number of open sessions or valid objects. For any number above 5000 it starts to take more than 80% of the cpu time. The proposed solution is un-orthodoxal in the sense of using the data structure's own pointer as handlers, and trying to de-reference those immediately instead of looking them up in a possibly very long loop. The bad part is that applications trying to use invalid handles (both session's or object's) will segfault. Our reasoning is that those applications are buggy to start with and should not be doing this. Having them crashing might as well help in debugging while avoiding masking the root problem for issues happening at higher levels in the stack. Another possible problem is that we MUST guarantee that the handler types are able to carry a valid pointer in the target architecture. For now this seems valid for most Linux/gcc combinations that we care, though. (Added a FIXME to possibly address that in the future) Patch 1 is a testcase used to check the performance of a standard encryption request versus the number of open-sessions, though this measurement is sufficiently generic to be meaningful for every cryptoki operation versus the number of sessions or objects. Patch 2 is mostly clean-up, while 3 tries to use global counters to simplify/optimize session management functions Patches 5-7 are where we are indeed using pointers as sessions and objects handlers. This has been somehow tested with swtok on x64, ppc64 and s390x, and with icatok on s390x, but our testsuite is not complete. Any additional testing (specially memory leakage and token objects) are (specially) welcome. As always, comments, questions, and even flames are welcome. -Klaus global diffstat: testcases/driver/Makefile.am | 4 +- testcases/driver/obj_mgmt.c | 18 +++- testcases/driver/sess_perf.c | 250 ++++++++++++++++++++++++++++++++++++ usr/include/pkcs11/apictl.h | 3 +- usr/lib/pkcs11/api/api_interface.c | 1 + usr/lib/pkcs11/api/apiutil.c | 27 ++--- usr/lib/pkcs11/common/globals.c | 8 +- usr/lib/pkcs11/common/h_extern.h | 11 +- usr/lib/pkcs11/common/host_defs.h | 6 + usr/lib/pkcs11/common/mech_ssl3.c | 12 +- usr/lib/pkcs11/common/new_host.c | 8 +- usr/lib/pkcs11/common/obj_mgr.c | 168 ++++++++++++------------ usr/lib/pkcs11/common/sess_mgr.c | 185 +++++++++----------------- 13 files changed, 457 insertions(+), 244 deletions(-) [PATCH 1/7] Important fixes to the RSA mechanisms [PATCH 2/7] New "sess_perf.c" testcase [PATCH 3/7] Remove duplicate object_mgr_remove_from_map() function [PATCH 4/7] Optimize tracking for Read-Only sessions and login state [PATCH 5/7] Use pointer as session handler in API layer [PATCH 6/7] Use pointer as session handler in common library layer [PATCH 7/7] Use pointer as object handler ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
