Page MenuHome GnuPG
Create Task
Maniphest T5860

Reducing memory copy overhead in iobuf and estream to increase OCB speed
Closed, ResolvedPublic
Actions

Description

Profiling AES256-OCB encryption and decryption shows that large portion of gnupg program time is spent in memcpy functions. Most of these memory copies are done from iobuf read/write functions and estream es_write_fbf function as can be seen in these "flamegraphs":

perf-test_dec_ocb-before.svg39 KBDownload
perf-test_enc_ocb-before.svg34 KBDownload

Graph for OCB encryption also shows that memory copy from g10/cipher-aead.c:do_hash() takes significant portion of program time.

For CFB/MDC, memory copies have lesser effect as encryption and decryption are slower because of additional SHA1 processing:

perf-test_dec_cfb-before.svg40 KBDownload
perf-test_enc_cfb-before.svg33 KBDownload

Following patches try to minimize these memory copies in iobuf, estream and cipher-aead.c. For estreams, buffering is disabled as input is already provided as large buffers. cipher-aead.c:do_hash is changed to avoid additional memory copy when possible. For iobuf_read and iobuf_write new zerocopy mode of operation is added, that is avoiding coping to internal drain buffer when output/input buffer is large.

0001-Use-iobuf-buffer-size-for-temporary-buffer-size.patch4 KBDownload
0002-g10-plaintext-disable-estream-buffering-in-binary-mo.patch1 KBDownload
0003-g10-decrypt-data-disable-output-estream-buffering-to.patch1 KBDownload
0004-g10-cipher-aead-add-fast-path-for-avoid-memcpy-when-.patch4 KBDownload
0005-iobuf-add-zerocopy-optimization-for-iobuf_read.patch7 KBDownload
0006-iobuf-add-zerocopy-optimization-for-iobuf_write.patch3 KBDownload

Which these patches, memory copy overhead is mostly eliminated as can be seen from these flamegraphs:

perf-test_dec_ocb-after.svg35 KBDownload
perf-test_enc_ocb-after.svg37 KBDownload

perf-test_dec_cfb-after.svg41 KBDownload
perf-test_enc_cfb-after.svg34 KBDownload

Benchmark results on AMD Ryzen 5800X:

                         Before           After
AES256-OCB encryption     1960 MiB/s       5300 MiB/s
AES256-OCB decryption     4040 MiB/s       5350 MiB/s
AES256-CFB encryption      750 MiB/s        760 MiB/s
AES256-CFB decryption     1590 MiB/s       1610 MiB/s

Related Objects
Search...

Event Timeline

jukivili triaged this task as Low priority.Feb 27 2022, 7:12 PM
jukivili created this task.
jukivili created this object in space S1 Public.
gniibe added a subscriber: gniibe.Mar 1 2022, 4:14 AM

Great. No problem for me.

jukivili added a comment.Mar 3 2022, 9:17 PM

New versions of patches 0005 and 0006 - fixes EOF handling issues noticed with compression/decompression:

0005-iobuf-add-zerocopy-optimization-for-iobuf_read.patch8 KBDownload
0006-iobuf-add-zerocopy-optimization-for-iobuf_write.patch4 KBDownload

jukivili added a subscriber: werner.Mar 6 2022, 6:59 PM

Does this look ok to push to master? @werner @gniibe

gniibe added a comment.Mar 7 2022, 9:13 AM

Ack from me for new 0005 and 0006.

Side notes:

  • Please remember that v5 AEAD thing in OpenPGP specification is still in flux.
  • Also, I am considering a set of API for libgcrypt supporting AEAD (so that libgcrypt can ensure correct use of key and iv).
jukivili added a comment.Mar 7 2022, 8:09 PM

I went through my test files and found that --enarmor on zero length input file did no longer work. I made separate patch to fix that issue, which then also needs another approach for handling compress issue noticed earlier:

0007-gpg-fix-enarmor-with-zero-length-source-file.patch2 KBDownload

jukivili closed this task as Resolved.Mar 12 2022, 9:38 AM