RFR: 8273297: AES/GCM non-AVX512+VAES CPUs suffer after 8267125
Andrew Haley
aph at openjdk.java.net
Mon Sep 13 12:52:52 UTC 2021
On Mon, 13 Sep 2021 12:48:14 GMT, Andrew Haley <aph at openjdk.org> wrote:
>> Performance dropped up to 10% for 1k data after 8267125 for CPUs that do not support the new intrinsic. Tests run were crypto.full.AESGCMBench and crypto.full.AESGCMByteBuffer from the jmh micro benchmarks.
>>
>> The problem is each instance of GHASH allocates 96 extra longs for the AVX512+VAES intrinsic regardless if the intrinsic is used. This extra table space should be allocated differently so that non-supporting CPUs do not suffer this penalty. This issue also affects non-Intel CPUs too.
>
> src/hotspot/share/opto/library_call.cpp line 6796:
>
>> 6794:
>> 6795: Node* avx512_subkeyHtbl = new_array(klass_node, intcon(96), 0);
>> 6796: if (avx512_subkeyHtbl == NULL) return false;
>
> This looks very Intel-specific, but it's in generic code. Please make this constant 96 a symbol and push it into a header file in the x86 back end.
Likewise, the name prefix "avx512_" isn't appropriate for code that will certainly be used by other targets.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5402
More information about the security-dev
mailing list