8308118: Avoid multiarray allocations in AESCrypt.makeSessionKey

[shipilev]

One of our services has a hot path with AES/GCM cipher reuse. The JDK code reinitializes the session key on that path, and JDK-8308105 shows up prominently there.

Fixing JDK-8308105 would take a while, as would likely require multiple patches in VM internals. Meanwhile, we can avoid the multiarray allocations in AESCrypt.makeSessionKey completely, reaping performance benefits. We can go even deeper: replace the multi-array with the flat array and drop expandToSubKey completely.

Example original profile is in the bug.

There are other things we can polish in that code, but experiments show those polishings have rather diminshed returns.

On new benchmark:

Benchmark       Mode  Cnt    Score   Error  Units

## Mac M1

# Before
AESReinit.test  avgt   15   873,842 ± 6,911  ns/op

# After
AESReinit.test  avgt   15   347,632 ± 8,764  ns/op  ; <--- 2.5x faster

## Xeon, c6.8xlarge

# Before
AESReinit.test  avgt   15  1524.307 ± 24.231 ns/op

# After
AESReinit.test  avgt   15   554.727 ± 12.876 ns/op  ; <--- 2.75x faster

## Graviton, m6g.4xlarge

# Before
AESReinit.test  avgt   15  1913.492 ± 23.489 ns/op

# After
AESReinit.test  avgt   15   639.701 ± 5.033  ns/op  ; <--- 2.99x faster

Additional testing:

• Benchmarks
• macos-aarch64-server-release, jdk_security
• linux-x86_64-server-fastdebug, tier1 tier2 tier3

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8308118: Avoid multiarray allocations in AESCrypt.makeSessionKey

Reviewers

• Xue-Lei Andrew Fan (@XueleiFan - Reviewer)
• @schlosna (no known openjdk.org user name / role)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/13996/head:pull/13996
$ git checkout pull/13996

Update a local copy of the PR:
$ git checkout pull/13996
$ git pull https://git.openjdk.org/jdk.git pull/13996/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 13996

View PR using the GUI difftool:
$ git pr show -t 13996

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/13996.diff

Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back shade! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@shipilev The following label will be automatically applied to this pull request:

• security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

[mlbridge]

Webrevs

• 01: Full - Incremental (bb712183)
• 00: Full (7842e0e2)

[shipilev]

@XueleiFan, or anyone else, please take a look?

[XueleiFan]

@XueleiFan, or anyone else, please take a look?

I will have a look, but I may need more time.

[XueleiFan]

Looks good to me. Please make sure the security regression testing passed.

[openjdk]

@shipilev This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8308118: Avoid multiarray allocations in AESCrypt.makeSessionKey

Reviewed-by: xuelei

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 46 new commits pushed to the master branch:

• 6073edf: 8307483: New micros for j.u.c.LockSupport
• 2409448: 8307365: JvmtiStressModule hit SIGSEGV in JvmtiEventControllerPrivate::recompute_thread_enabled
• 950c5df: 8307299: Move more DnD tests to open
• 8bedf2e: 8308292: Problemlist vmTestbase/nsk/jvmti/AttachOnDemand/attach020/TestDescription.java
• 6d4782b: 8307976: (fs) Files.createDirectories(dir) returns dir::toAbsolutePath instead of dir
• f57c783: 8308239: Tighten up accessibility of nested classes in java.lang.invoke
• 64f6681: 8308246: PPC64le build broken after JDK-8304913
• 5763be7: 8307326: Package jdk.internal.classfile.java.lang.constant become obsolete
• c7951cf: 8306304: Fix xlc17 clang warnings in ppc and aix code
• 285c833: 8308043: Deadlock in TestCSLocker.java due to blocking GC while allocating
• ... and 36 more: https://git.openjdk.org/jdk/compare/97b2ca3de76046c6f52d3649d8787feea7b9ac83...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

[schlosna]

I don't think my review counts, but this looks good to me

[shipilev]

Looks good to me. Please make sure the security regression testing passed.

Thanks! By "security regression testing" that you mean jdk_security, or something else?

[XueleiFan]

Looks good to me. Please make sure the security regression testing passed.

Thanks! By "security regression testing" that you mean jdk_security, or something else?

jdk_security or tier2.

[shipilev]

jdk_security or tier2.

Gotcha, I already tested both, see "Additional Testing" section in PR.

[XueleiFan]

jdk_security or tier2.

Gotcha, I already tested both, see "Additional Testing" section in PR.

Thanks!

[shipilev]

Rechecked jdk_security, passes. Thanks!

/integrate

[openjdk]

Going to push as commit 6765761.
Since your change was applied there have been 68 commits pushed to the master branch:

• 97ade57: 8307609: RISC-V: Added support for Extract, Compress, Expand and other nodes for Vector API
• e520cdc: 8308277: RISC-V: Improve vectorization of Match.sqrt() on floats
• 42948c0: 8307865: Invalid is_in_any_VTMS_transition() check in post_dynamic_code_generated_while_holding_locks
• 4a6d6d5: 8308187: jdi/EventSet/resume/resume008 failed with "EventHandler> Unexpected event: ThreadStartEvent in thread resume008-thread0"
• 148df53: 8308010: X509Key and PKCS8Key allows garbage bytes at the end
• d3feedf: 8308192: Error in parsing replay file when staticfield is an array of single dimension
• 02dc95e: 8308370: Fix build failures related to the java.awt.Robot documentation
• 21aa057: 8307779: Relax the java.awt.Robot specification
• 42ecc8a: 8308245: Add -proc:full to describe current default annotation processing policy
• bb24c36: 8279993: Assert that a shared class is not loaded more than once
• ... and 58 more: https://git.openjdk.org/jdk/compare/97b2ca3de76046c6f52d3649d8787feea7b9ac83...master

Your commit was automatically rebased without conflicts.

[openjdk]

@shipilev Pushed as commit 6765761.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.