Rmove operation of enumerating each ecc algorithm to query whether it is supported in ecc init interface. Use a global state array to save the supporting status of each ecc algorithm. And query this global state array in each ecc sub-algorithm task interface. This can reduce CPU overhead for querying.
And move the device query operation of ecc from allocating session to process level initialization. This can reduce the operation number of device queries in the same process.
Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- src/uadk_ec.c | 42 +++++++++++++++++++------------- src/uadk_ecx.c | 16 +++++++++++-- src/uadk_pkey.c | 64 +++++++++++++++++++++++++++++++------------------ src/uadk_pkey.h | 11 ++++++++- src/uadk_sm2.c | 8 ++++++- 5 files changed, 98 insertions(+), 43 deletions(-)
diff --git a/src/uadk_ec.c b/src/uadk_ec.c index 30e298e..33ffc26 100644 --- a/src/uadk_ec.c +++ b/src/uadk_ec.c @@ -197,16 +197,11 @@ static handle_t ecc_alloc_sess(const EC_KEY *eckey, char *alg) struct sched_params sch_p = {0}; struct wd_ecc_sess_setup sp; struct wd_ecc_curve param; - struct uacce_dev *dev; const EC_GROUP *group; const BIGNUM *order; int ret, key_bits; handle_t sess;
- dev = wd_get_accel_dev(alg); - if (!dev) - return 0; - init_dtb_param(¶m, buff, 0, UADK_ECC_MAX_KEY_BYTES, UADK_ECC_CV_PARAM_NUM);
@@ -215,29 +210,24 @@ static handle_t ecc_alloc_sess(const EC_KEY *eckey, char *alg) group = EC_KEY_get0_group(eckey); ret = set_sess_setup_cv(group, &sp.cv); if (ret) - goto free_dev; + return (handle_t)0;
order = EC_GROUP_get0_order(group); if (!order) - goto free_dev; + return (handle_t)0;
key_bits = BN_num_bits(order); sp.alg = alg; sp.key_bits = get_smallest_hw_keybits(key_bits); sp.rand.cb = uadk_ecc_get_rand; sp.rand.usr = (void *)order; - sch_p.numa_id = dev->numa_id; + sch_p.numa_id = uadk_e_ecc_get_numa_id(); sp.sched_param = &sch_p; sess = wd_ecc_alloc_sess(&sp); if (!sess) fprintf(stderr, "failed to alloc ecc sess\n");
- free(dev); return sess; - -free_dev: - free(dev); - return (handle_t)0; }
static int check_ecc_bit_useful(const int bits) @@ -486,6 +476,10 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, if (ret) goto do_soft;
+ ret = uadk_e_ecc_get_support_state(ECDSA_SUPPORT); + if (!ret) + goto do_soft; + ret = uadk_init_ecc(); if (ret) goto do_soft; @@ -675,6 +669,10 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dlen, if (ret) goto do_soft;
+ ret = uadk_e_ecc_get_support_state(ECDSA_SUPPORT); + if (!ret) + goto do_soft; + ret = uadk_init_ecc(); if (ret) goto do_soft; @@ -953,6 +951,10 @@ static int sm2_generate_key(EC_KEY *eckey) if (!ret) goto do_soft;
+ ret = uadk_e_ecc_get_support_state(SM2_SUPPORT); + if (!ret) + goto do_soft; + ret = uadk_init_ecc(); if (ret) goto do_soft; @@ -1180,6 +1182,10 @@ static int ecdh_generate_key(EC_KEY *ecdh) if (!ret) goto do_soft;
+ ret = uadk_e_ecc_get_support_state(ECDH_SUPPORT); + if (!ret) + goto do_soft; + ret = uadk_init_ecc(); if (ret) goto do_soft; @@ -1285,6 +1291,10 @@ static int ecdh_compute_key(unsigned char **out, size_t *outlen, if (!ret) goto do_soft;
+ ret = uadk_e_ecc_get_support_state(ECDH_SUPPORT); + if (!ret) + goto do_soft; + ret = uadk_init_ecc(); if (ret) goto do_soft; @@ -1332,7 +1342,7 @@ do_soft:
static void ec_key_meth_set_ecdsa(EC_KEY_METHOD *meth) { - if (!uadk_support_algorithm("ecdsa")) + if (!uadk_e_ecc_get_support_state(ECDSA_SUPPORT)) return;
EC_KEY_METHOD_set_sign(meth, @@ -1346,8 +1356,8 @@ static void ec_key_meth_set_ecdsa(EC_KEY_METHOD *meth)
static void ec_key_meth_set_ecdh(EC_KEY_METHOD *meth) { - if (!uadk_support_algorithm("ecdh") && - !uadk_support_algorithm("sm2")) + if (!uadk_e_ecc_get_support_state(ECDH_SUPPORT) && + !uadk_e_ecc_get_support_state(SM2_SUPPORT)) return;
EC_KEY_METHOD_set_keygen(meth, ecc_generate_key); diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c index 4dd5a4c..2824a0d 100644 --- a/src/uadk_ecx.c +++ b/src/uadk_ecx.c @@ -77,6 +77,12 @@ static int x25519_init(EVP_PKEY_CTX *ctx) struct ecx_ctx *x25519_ctx; int ret;
+ ret = uadk_e_ecc_get_support_state(X25519_SUPPORT); + if (!ret) { + fprintf(stderr, "x25519 is not supported\n"); + return UADK_E_FAIL; + } + ret = uadk_init_ecc(); if (ret) { fprintf(stderr, "failed to uadk_init_ecc, ret = %d\n", ret); @@ -128,6 +134,12 @@ static int x448_init(EVP_PKEY_CTX *ctx) struct ecx_ctx *x448_ctx; int ret;
+ ret = uadk_e_ecc_get_support_state(X448_SUPPORT); + if (!ret) { + fprintf(stderr, "x448 is not supported\n"); + return UADK_E_FAIL; + } + ret = uadk_init_ecc(); if (ret) { fprintf(stderr, "failed to do uadk_init_ecc, ret = %d\n", ret); @@ -804,7 +816,7 @@ int uadk_x25519_create_pmeth(struct uadk_pkey_meth *pkey_meth)
EVP_PKEY_meth_copy(meth, openssl_meth);
- if (!uadk_support_algorithm("x25519")) { + if (!uadk_e_ecc_get_support_state(X25519_SUPPORT)) { pkey_meth->x25519 = meth; return UADK_E_SUCCESS; } @@ -845,7 +857,7 @@ int uadk_x448_create_pmeth(struct uadk_pkey_meth *pkey_meth)
EVP_PKEY_meth_copy(meth, openssl_meth);
- if (!uadk_support_algorithm("x448")) { + if (!uadk_e_ecc_get_support_state(X448_SUPPORT)) { pkey_meth->x448 = meth; return UADK_E_SUCCESS; } diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c index 7b7a345..8532b88 100644 --- a/src/uadk_pkey.c +++ b/src/uadk_pkey.c @@ -27,6 +27,9 @@ #define CTX_SYNC 0 #define CTX_NUM 2 #define GET_RAND_MAX_CNT 100 +#define SUPPORT 1 + +static int g_ecc_support_state[ECC_TYPE];
static int pkey_nids[] = { EVP_PKEY_EC, @@ -42,13 +45,13 @@ struct ecc_sched {
struct ecc_res_config { struct ecc_sched sched; - int numa_id; };
/* ECC global hardware resource is saved here */ struct ecc_res { struct wd_ctx_config *ctx_res; int pid; + int numa_id; pthread_spinlock_t lock; } ecc_res;
@@ -136,12 +139,21 @@ struct ecc_res_config ecc_res_config = { .h_sched_ctx = 0, }, }, - .numa_id = 0, };
int uadk_e_ecc_get_numa_id(void) { - return ecc_res_config.numa_id; + return ecc_res.numa_id; +} + +int uadk_e_ecc_get_support_state(int alg_tag) +{ + return g_ecc_support_state[alg_tag]; +} + +static void uadk_e_ecc_set_support_state(int alg_tag, int value) +{ + g_ecc_support_state[alg_tag] = value; }
static int uadk_e_ecc_env_poll(void *ctx) @@ -229,27 +241,17 @@ free_cfg: return ret; }
-static int uadk_wd_ecc_init(struct ecc_res_config *config) +static int uadk_wd_ecc_init(struct ecc_res_config *config, struct uacce_dev *dev) { struct wd_sched *sched = &config->sched.wd_sched; - struct uacce_dev *dev; int ret;
- /* The ctx is no difference for sm2/ecdsa/ecdh/x25519/x448 */ - dev = wd_get_accel_dev("ecdsa"); - if (!dev) - return -ENOMEM; - - config->numa_id = dev->numa_id; - ret = uadk_e_is_env_enabled("ecc"); if (ret) ret = uadk_e_wd_ecc_env_init(dev); else ret = uadk_e_wd_ecc_general_init(dev, sched);
- free(dev); - return ret; }
@@ -273,6 +275,7 @@ static void uadk_wd_ecc_uninit(void) ecc_res.ctx_res = NULL; } ecc_res.pid = 0; + ecc_res.numa_id = 0; }
int uadk_ecc_crypto(handle_t sess, struct wd_ecc_req *req, void *usr) @@ -508,15 +511,9 @@ bool uadk_support_algorithm(const char *alg)
int uadk_init_ecc(void) { + struct uacce_dev *dev; int ret;
- if (!uadk_support_algorithm("sm2") && - !uadk_support_algorithm("ecdsa") && - !uadk_support_algorithm("ecdh") && - !uadk_support_algorithm("x25519") && - !uadk_support_algorithm("x448")) - return -EINVAL; - if (ecc_res.pid != getpid()) { pthread_spin_lock(&ecc_res.lock); if (ecc_res.pid == getpid()) { @@ -524,20 +521,31 @@ int uadk_init_ecc(void) return 0; }
- ret = uadk_wd_ecc_init(&ecc_res_config); + /* Find an ecc device, no difference for sm2/ecdsa/ecdh/x25519/x448 */ + dev = wd_get_accel_dev("ecdsa"); + if (!dev) { + pthread_spin_unlock(&ecc_res.lock); + fprintf(stderr, "failed to get device for ecc\n"); + return -ENOMEM; + } + + ret = uadk_wd_ecc_init(&ecc_res_config, dev); if (ret) { fprintf(stderr, "failed to init ec(%d).\n", ret); goto err_unlock; }
+ ecc_res.numa_id = dev->numa_id; ecc_res.pid = getpid(); pthread_spin_unlock(&ecc_res.lock); + free(dev); }
return 0;
err_unlock: pthread_spin_unlock(&ecc_res.lock); + free(dev); return ret; }
@@ -627,7 +635,17 @@ void uadk_e_ecc_lock_init(void)
int uadk_e_bind_ecc(ENGINE *e) { - int ret; + static const char * const ecc_alg[] = {"sm2", "ecdsa", "ecdh", "x25519", "x448"}; + int i, size, ret; + bool sp; + + /* Enumerate ecc algs to check whether it is supported and set tags */ + size = ARRAY_SIZE(ecc_alg); + for (i = 0; i < size; i++) { + sp = uadk_support_algorithm(*(ecc_alg + i)); + if (sp) + uadk_e_ecc_set_support_state(i, SUPPORT); + }
ret = uadk_ecc_bind_pmeth(e); if (!ret) { diff --git a/src/uadk_pkey.h b/src/uadk_pkey.h index 6d1cc77..d35bb37 100644 --- a/src/uadk_pkey.h +++ b/src/uadk_pkey.h @@ -38,6 +38,15 @@ #define GET_MS_BYTE(n) ((n) >> 8) #define GET_LS_BYTE(n) ((n) & 0xFF) #define DGST_SHIFT_NUM(n) (8 - ((n) & 0x7)) +#define ECC_TYPE 5 + +enum { + SM2_SUPPORT, + ECDSA_SUPPORT, + ECDH_SUPPORT, + X25519_SUPPORT, + X448_SUPPORT +};
struct uadk_pkey_meth { EVP_PKEY_METHOD *sm2; @@ -74,6 +83,6 @@ int uadk_x25519_create_pmeth(struct uadk_pkey_meth *pkey_meth); void uadk_x25519_delete_pmeth(struct uadk_pkey_meth *pkey_meth); int uadk_bind_ec(ENGINE *e); int uadk_e_ecc_get_numa_id(void); - +int uadk_e_ecc_get_support_state(int alg_tag);
#endif diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index c5555a9..14f879f 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -1153,6 +1153,12 @@ static int sm2_init(EVP_PKEY_CTX *ctx)
memset(smctx, 0, sizeof(*smctx));
+ ret = uadk_e_ecc_get_support_state(SM2_SUPPORT); + if (!ret) { + fprintf(stderr, "sm2 is not supported\n"); + return 0; + } + ret = uadk_init_ecc(); if (ret) { fprintf(stderr, "failed to uadk_init_ecc, ret = %d\n", ret); @@ -1592,7 +1598,7 @@ int uadk_sm2_create_pmeth(struct uadk_pkey_meth *pkey_meth) openssl_meth = get_openssl_pkey_meth(EVP_PKEY_SM2); EVP_PKEY_meth_copy(meth, openssl_meth);
- if (!uadk_support_algorithm("sm2")) { + if (!uadk_e_ecc_get_support_state(SM2_SUPPORT)) { pkey_meth->sm2 = meth; return 1; }