Closed Bug 305693 Opened 20 years ago Closed 17 years ago

shlibsign generates PQG for every run, slows build

Categories

(NSS :: Tools, defect, P2)

Product:
NSS
Component:
Tools
Version:
3.10
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.2

People

(Reporter: nelson, Assigned: nelson)

References

Details

(Keywords: perf)

Attachments

(1 file)

replace PQGgen with constant PQG params
5.97 KB, patch
rrelyea
: review+
Details | Diff | Splinter Review
For NSS 3.11, shlibsign will run up to 4 times in a single NSS build, and up to 7 times when building both 32-bit and 64-bit for the same platform. Each time it runs, it generates a large prime number, which often takes quite a while, slowing the builds. It was bad enough when we only did one or two shlibsigns per build, but 7 is taking too long. Given that these are DSA signatures, the only prime that is needed is P, part of the PQG parameters. Surely we don't need to generate new PQG parmeters for every shlibsign run. One would think that a single set of PQG params would suffice for all future NSS builds. I can see at least the following two alternatives: a) Use a file of PQG params in nss/cmd/shlibsign/$OBJDIR. If the file doesn't exist, then generate it. If it does exist, use it. This allows us to build at most one set of PQG params per build. b) like a, but either b1) put the file in nss/cmd/shlibsign and check it in, or b2) just compile the PQG params into shlibsign itself. Either way, this obviates prime number finding during builds. Bob, would you be willing to do this?
Priority: -- → P2
Whiteboard: help wanted
Target Milestone: --- → 3.11
QA Contact: jason.m.reid → tools
This is not going to make 3.11.x, so I'm retargetting to 3.12 . IMO, machines are fast enough that the build time isn't a problem, even with 4 libraries to sign, and this is a good candidate for a WONTFIX .
Target Milestone: 3.11 → 3.12
Depends on: 372162
Keywords: perf
I propose to change shlibsign to use these precompiled PQG values. Any objections? Prime: 97:44:1d:cc:0d:39:0d:8d:cb:75:dc:24:25:6f:01:92: a1:11:07:6b:70:ac:73:d7:82:28:df:ab:82:0c:41:0c: 95:b3:3c:3d:ea:8a:e6:44:0a:b8:ab:90:15:41:11:e8: 48:7b:8d:b0:9c:d3:f2:69:66:ff:66:4b:70:2b:bf:fb: d6:68:85:76:1e:34:aa:c5:57:6e:23:02:08:60:6e:fd: 67:76:e1:7c:c8:cb:51:77:cf:b1:3b:00:2e:fa:21:cd: 34:76:75:01:19:fe:f8:5d:43:c5:34:f3:7a:95:dc:c2: 58:07:19:2f:1d:6f:9a:77:7e:55:aa:e7:5a:50:43:d3 Subprime: d8:16:23:34:8a:9e:3a:f5:d9:10:13:35:aa:f3:f3:54: 0b:31:24:f1 Base: 03:3a:ad:fa:3a:0c:ea:0a:4e:43:32:92:bb:87:f1:11: c0:ad:39:38:56:1a:db:23:66:b1:08:da:b6:19:51:42: 93:4f:c3:44:43:a8:05:c1:f8:71:62:6f:3d:e2:ab:6f: d7:80:22:6f:ca:0d:f6:9f:45:27:83:ec:86:0c:da:aa: d6:e0:d0:84:fd:b1:4f:dc:08:cd:68:3a:77:c2:c5:f1: 99:0f:15:1b:6a:8c:3d:18:2b:6f:dc:2b:d8:b5:9b:b8: 2d:57:92:1c:46:27:af:6d:e1:45:cf:0b:3f:fa:07:cc: 14:8e:e7:b8:aa:d5:d1:36:1d:7e:5e:7d:fa:5b:77:1f h: 41:87:47:79:d8:ba:4e:ac:44:4f:6b:d2:16:5e:04:c6: c2:29:93:5e:bd:c7:a9:8f:23:a1:c8:ee:80:64:d5:67: 3c:ba:59:9a:06:0c:cc:29:56:c0:b2:21:e0:5b:52:cd: 84:73:57:fd:d8:c3:5b:13:54:d7:4a:06:86:63:09:a5: b0:59:e2:32:9e:09:a3:9f:49:62:cc:a6:f9:54:d5:b2: c3:08:71:7e:e3:37:50:d6:7b:a7:c2:60:c1:eb:51:32: fa:ad:35:25:17:f0:7f:23:e5:a8:01:52:cf:2f:d9:a9: f6:00:21:15:f1:f7:70:b7:57:8a:d0:59:6a:82:dc:9c SEED: cc:4c:69:74:f6:72:24:68:24:4f:d7:50:11:40:81:ed: 19:3c:8a:25:bc:78:0a:85:82:53:70:20:f6:54:a5:1b: f4:15:cd:ff:c4:88:a7:9d:f3:47:1c:0a:be:10:29:83: b9:0f:4c:df:90:16:83:a2:b3:e3:2e:c1:c2:24:6a:c4: 9d:57:ba:cb:0f:18:75:00:33:46:82:ec:d6:94:77:c3: 4f:4c:58:1c:7f:61:3c:36:d5:2f:a5:66:d8:2f:ce:6e: 8e:20:48:4a:bb:e3:e0:b2:50:33:63:8a:5b:2d:6a:be: 4c:28:81:53:5b:e4:f6:fc:64:06:13:51:eb:4a:91:9c g: 1024 counter: 1496
Assignee: wtc → nelson
Target Milestone: 3.12 → 3.12.2
This seems to do the trick.
Attachment #334823 - Flags: superreview?(julien.pierre.boogz)
Attachment #334823 - Flags: review?(rrelyea)
Julien, please review.
Whiteboard: help wanted
Comment on attachment 334823 [details] [diff] [review] replace PQGgen with constant PQG params r+ can check in as is, though I would like it if shlibsign had an option to generate new PQG on the fly. But not enough to reject the patch as is to get the performance win of pregenerated. (I think a reading from a file is overkill -- especially for a tool that hopefully will start generating SHA-2 MACs soon instead:).
Attachment #334823 - Flags: review?(rrelyea) → review+
Checking in shlibsign.c; new revision: 1.17; previous revision: 1.16
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Attachment #334823 - Flags: superreview?(julien.pierre.boogz)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: