RFR: 8308118: Avoid multiarray allocations in AESCrypt.makeSessionKey
Aleksey Shipilev
shade at openjdk.org
Mon May 15 20:28:50 UTC 2023
One of our services has a hot path with AES/GCM cipher reuse. The JDK code reinitializes the session key on that path, and [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up prominently there. While [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) is being fixed, which would take a while, and would likely require multiple patches, we can work this issue around by avoiding the multiarray allocations in AESCrypt.makeSessionKey.
Example profile is in the bug.
On new benchmark and M1 Mac:
Benchmark Mode Cnt Score Error Units
# Before
AESReinit.test avgt 15 873,842 ± 6,911 ns/op
# After
AESReinit.test avgt 15 533,018 ± 4,048 ns/op
Additional testing:
- [x] Benchmarks
- [x] macos-aarch64-server-release, `jdk_security`
- [ ] linux-x86_64-server-fastdebug, `tier1 tier2`
- [ ] linux-aarch64-server-fastdebug, `tier1 tier2`
-------------
Commit messages:
- Fix
- Fix
Changes: https://git.openjdk.org/jdk/pull/13996/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=13996&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8308118
Stats: 77 lines in 2 files changed: 74 ins; 0 del; 3 mod
Patch: https://git.openjdk.org/jdk/pull/13996.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/13996/head:pull/13996
PR: https://git.openjdk.org/jdk/pull/13996
More information about the security-dev
mailing list