Size TLS read buffers based on the size requested.
Like the write half, rather than allocating the maximum size needed and relying on the malloc implementation to pool this sanely, allocate the size the TLS record-layer code believes it needs. As currently arranged, this will cause us to alternate from a small allocation (for the record header) and then an allocation sized to the record itself. Windows is reportedly bad at pooling large allocations, so, *if the server sends us smaller records*, this will avoid hitting the problem cases. If the server sends us size 16k records, the maximum allowed by ther protocol, we simply must buffer up to that amount and will continue to allocate similar sizes as before (although slightly smaller; this CL also fixes small double-counting we did on the allocation sizes). Separately, we'll gather some metrics in Chromium to see what common record sizes are to determine if this optimization is sufficient. This is intended as an easy optimization we can do now, in advance of ongoing work to fix the extra layer of buffering between Chromium and BoringSSL with an in-place decrypt API. Bug: chromium:524258 Change-Id: I233df29df1212154c49fee4285ccc37be12f81dc Reviewed-on: https://boringssl-review.googlesource.com/17329 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin
Adam Langley
parent
5df5be1a4b
commit
3120950b1e
@ -33,26 +33,37 @@ OPENSSL_COMPILE_ASSERT(0xffff <= INT_MAX, uint16_fits_in_int);
|
||||
OPENSSL_COMPILE_ASSERT((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,
|
||||
align_to_a_power_of_two);
|
||||
|
||||
/* setup_buffer initializes |buf| with capacity |cap|, aligned such that data
|
||||
* written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte
|
||||
/* ensure_buffer ensures |buf| has capacity at least |cap|, aligned such that
|
||||
* data written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte
|
||||
* boundary. It returns one on success and zero on error. */
|
||||
static int setup_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {
|
||||
if (buf->buf != NULL || cap > 0xffff) {
|
||||
static int ensure_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {
|
||||
if (cap > 0xffff) {
|
||||
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (buf->cap >= cap) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment. */
|
||||
buf->buf = OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1);
|
||||
if (buf->buf == NULL) {
|
||||
uint8_t *new_buf = OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1);
|
||||
if (new_buf == NULL) {
|
||||
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Arrange the buffer such that the record body is aligned. */
|
||||
buf->offset = (0 - header_len - (uintptr_t)buf->buf) &
|
||||
(SSL3_ALIGN_PAYLOAD - 1);
|
||||
buf->len = 0;
|
||||
/* Offset the buffer such that the record body is aligned. */
|
||||
size_t new_offset =
|
||||
(0 - header_len - (uintptr_t)new_buf) & (SSL3_ALIGN_PAYLOAD - 1);
|
||||
|
||||
if (buf->buf != NULL) {
|
||||
OPENSSL_memcpy(new_buf + new_offset, buf->buf + buf->offset, buf->len);
|
||||
OPENSSL_free(buf->buf);
|
||||
}
|
||||
|
||||
buf->buf = new_buf;
|
||||
buf->offset = new_offset;
|
||||
buf->cap = cap;
|
||||
return 1;
|
||||
}
|
||||
@ -71,30 +82,6 @@ static void clear_buffer(SSL3_BUFFER *buf) {
|
||||
OPENSSL_memset(buf, 0, sizeof(SSL3_BUFFER));
|
||||
}
|
||||
|
||||
OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH <=
|
||||
0xffff,
|
||||
maximum_read_buffer_too_large);
|
||||
|
||||
/* setup_read_buffer initializes the read buffer if not already initialized. It
|
||||
* returns one on success and zero on failure. */
|
||||
static int setup_read_buffer(SSL *ssl) {
|
||||
SSL3_BUFFER *buf = &ssl->s3->read_buffer;
|
||||
|
||||
if (buf->buf != NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
size_t header_len = ssl_record_prefix_len(ssl);
|
||||
size_t cap = SSL3_RT_MAX_ENCRYPTED_LENGTH;
|
||||
if (SSL_is_dtls(ssl)) {
|
||||
cap += DTLS1_RT_HEADER_LENGTH;
|
||||
} else {
|
||||
cap += SSL3_RT_HEADER_LENGTH;
|
||||
}
|
||||
|
||||
return setup_buffer(buf, header_len, cap);
|
||||
}
|
||||
|
||||
uint8_t *ssl_read_buffer(SSL *ssl) {
|
||||
return ssl->s3->read_buffer.buf + ssl->s3->read_buffer.offset;
|
||||
}
|
||||
@ -154,7 +141,16 @@ int ssl_read_buffer_extend_to(SSL *ssl, size_t len) {
|
||||
/* |ssl_read_buffer_extend_to| implicitly discards any consumed data. */
|
||||
ssl_read_buffer_discard(ssl);
|
||||
|
||||
if (!setup_read_buffer(ssl)) {
|
||||
if (SSL_is_dtls(ssl)) {
|
||||
OPENSSL_COMPILE_ASSERT(
|
||||
DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH <= 0xffff,
|
||||
dtls_read_buffer_too_large);
|
||||
|
||||
/* The |len| parameter is ignored in DTLS. */
|
||||
len = DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
|
||||
}
|
||||
|
||||
if (!ensure_buffer(&ssl->s3->read_buffer, ssl_record_prefix_len(ssl), len)) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -225,7 +221,7 @@ int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!setup_buffer(buf, ssl_seal_align_prefix_len(ssl), max_len)) {
|
||||
if (!ensure_buffer(buf, ssl_seal_align_prefix_len(ssl), max_len)) {
|
||||
return 0;
|
||||
}
|
||||
*out_ptr = buf->buf + buf->offset;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user