RFR: 8273297: AES/GCM non-AVX512+VAES CPUs suffer after 8267125
Smita Kamath
svkamath at openjdk.java.net
Wed Sep 8 00:26:25 UTC 2021
Performance dropped up to 10% for 1k data after 8267125 for CPUs that do not support the new intrinsic. Tests run were crypto.full.AESGCMBench and crypto.full.AESGCMByteBuffer from the jmh micro benchmarks.
The problem is each instance of GHASH allocates 96 extra longs for the AVX512+VAES intrinsic regardless if the intrinsic is used. This extra table space should be allocated differently so that non-supporting CPUs do not suffer this penalty. This issue also affects non-Intel CPUs too.
-------------
Commit messages:
- Merge master
- JDK 8273297: AES/GCM non AVX512 + VAES CPU's suffer after 8267125
- changes to make sure that ghash_long_swap_mask and counter_mask_addr calls are not duplicated
- Merge branch 'master' of https://git.openjdk.java.net/jdk into aes-gcm
- Moved declaration in vmStructs.cpp to other AESCrypt declarations
- comment update
- rewiew update
- Merge branch 'aes-gcm' of github.com:smita-kamath/jdk into aes-gcm
- changed file property of GaloisCounterMode.java
- Merge branch 'master' of https://git.openjdk.java.net/jdk into aes-gcm
- ... and 10 more: https://git.openjdk.java.net/jdk/compare/d6d6c069...4628dc3a
Changes: https://git.openjdk.java.net/jdk/pull/5402/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=5402&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8273297
Stats: 66 lines in 9 files changed: 18 ins; 2 del; 46 mod
Patch: https://git.openjdk.java.net/jdk/pull/5402.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/5402/head:pull/5402
PR: https://git.openjdk.java.net/jdk/pull/5402
More information about the security-dev
mailing list