Add CryptoMB private key provider to contrib.

[ipuustin]

Commit Message:

Intel's IPP (Integrated Performance Primitives) crypto library has support for multi-buffer crypto operations. Briefly, multi-buffer
cryptography is implemented with AVX-512 instructions using a SIMD (single instruction, multiple data) mechanism. Up to eight RSA or ECDSA operations are gathered together into a buffer and processed at the same time, providing potentially improved performance. The AVX-512 instructions are available on recently launched 3rd generation Xeon Scalable server processors (Ice Lake server) processors.

This commit adds a private key provider to accelerate RSA and ECDSA crypto operations on recent Intel Xeon processors. Every worker thread has a queue of up-to-eight crypto operations. When the queue is full or when the timer is triggered, the queue is processed and all the pending handshakes are notified.

The potential performance benefit depends on many factors: the size of the cpuset Envoy is running on, incoming traffic pattern, encryption type (RSA or ECDSA), and key size. In my own testing I saw the biggest performance increase when long RSA keys were used on an Envoy running in a fairly limited environment serving lots of new incoming TLS requests. For more details, see this Intel whitepaper which contains some more information about the AVX-512 instructions and potential performance increase: https://www.intel.com/content/www/us/en/architecture-and-technology/crypto-acceleration-in-xeon-scalable-processors-wp.html

Additional Description:

One new dependency is introduced: Intel’s ipp-crypto library. Currently the PR is using a development version of ipp-crypto because BoringSSL support is not yet part of any release. The ipp-crypto team has indicated that BoringSSL version will be included in future ipp-crypto releases.

Basic tests are provided, and a fake library interface is included for testing on systems without the required AVX-512 instruction set.

Risk Level: Medium (TLS security feature, not enabled by default)
Testing: Unit tests
Docs Changes: API interface is documented
Release Notes: Added CryptoMB private key provider to contrib.
Platform Specific Features: Requires Intel 3rd generation Xeon Scalable server processor for the AVX-512 IFMA instruction set.
Fixes: #15871

[repokitteh-read-only]

CC @envoyproxy/dependency-shepherds: Your approval is needed for changes made to (bazel/.*repos.*\.bzl)|(bazel/dependency_imports\.bzl)|(api/bazel/.*\.bzl)|(.*/requirements\.txt)|(.*\.patch).

🐱

Caused by: #17826 was opened by ipuustin.

see: more, trace.

[ipuustin]

Merged main branch to solve conflicts.

[ggreenway]

This looks good overall.

Still trying to figure out some details of how contrib/ works with regards to changes in core (dependencies, docs, etc). Sorry for the delays.

/wait

[ggreenway]

Can this rule be moved into the BUILD file in your extension directory?

[ipuustin]

My bazel skills are somewhat limited, so please tell if I'm not understanding everything here, but is the idea that only the envoy_cmake rule would be moved? The source URL would still be in bazel/repository_locations.bzl and the python build rule in bazel/repositories.bzl? I was trying to see what the other contrib extensions are doing, and it seems that at least sqlparser BUILD file is in bazel/external directory.

[ggreenway]

We don't want core docs to link to contrib extensions. However, I would encourage you to put a README.md in contrib/cryptomb.

[ipuustin]

Hmm, is this rule only for new contrib extensions? It seems to me that core docs are linking to old contrib extensions such as mysql and squash. Or is it just that the .rst files are located within the docs directory, but the document TOC tree isn't linking to it? The contrib google doc says:

contrib/ extensions will have a new top level documentation section categorized by extension type. Extensions with documentation will put their documentation in that section. This will make it easy for users to see what extra extensions are available in the envoy-contrib images.

However, I don't seem to find that section, so maybe it's not there yet. Maybe in the interim just remove the docs and add them in another PR when the contrib doc section is there?

[ggreenway]

I think that's because those filters existed before we had contrib, so their docs are still in core docs. That should get cleaned up at some point. But new contrib extensions shouldn't add core docs.

[ipuustin]

Ok, I reverted the docs change. I think we can re-add the docs when the contrib doc section is there.

[ipuustin]

@agl @davidben Hi Adam and David! Do you think it would be possible to expose ec_random_nonzero_scalar(), ec_scalar_to_bytes() and the related EC_SCALAR data type in BoringSSL public API? They are required if you want to calculate ECDSA ephemeral keys the way BoringSSL does it.

[agl]

I don't think we're likely to do that because we keep eyeing whether we can put a version-skew coupling around the FIPS module.

(And it goes without saying that copy-pasting bits of internal headers is invalid and this change cannot land while doing that.)

[ipuustin]

In this case, do you think there could be some other way how BoringSSL could provide access to this functionality? It seems to me that the only non-trivial function needed for this is bn_rand_range_words() and the functions it calls. I would love to use ready-made functions rather than implementing it myself. OpenSSL has library access to ECDSA ephemeral key generation, and I think I can't be the only person needing this.

[ggreenway]

The ARM build is broken. It took me awhile to find the actual error in the logs, but it is:

clang-11: error: the clang compiler does not support '-march=icelake-server'

I don't understand why the ipp-crypto library is being built in this case, because the dependency on it is selecting for linux-x86_64, and this is ARM64 here.

If you can't figure out why this is being built either, try to find some help on slack in the bazel or envoy-dev channels.

/wait

[ggreenway]

But the doc fix looks good; thanks for taking care of that.

[ipuustin]

/retest

[repokitteh-read-only]

Retrying Azure Pipelines:
Retried failed jobs in: envoy-presubmit

🐱

Caused by: a #17826 (comment) was created by @ipuustin.

see: more, trace.

[ipuustin]

The ARM build is broken. It took me awhile to find the actual error in the logs, but it is:

clang-11: error: the clang compiler does not support '-march=icelake-server'

I don't understand why the ipp-crypto library is being built in this case, because the dependency on it is selecting for linux-x86_64, and this is ARM64 here.

If you can't figure out why this is being built either, try to find some help on slack in the bazel or envoy-dev channels.

/wait

So it turned out that do_ci.sh script is building //contrib/... for coverage tests (see https://github.com/envoyproxy/envoy/blob/main/ci/do_ci.sh#L193). That includes all targets in the contrib tree, including ipp-crypto library. It's now "fixed" by removing ipp-crypto from :all target for all but linux_x86_64 platform. A more future-proof fix might be to modify CI so that it builds only the Envoy-internal bazel targets for coverage in the contrib tree. This however would require bit more design (Would we do it by tagging targets to be outside of automatic build? Or have a denylist? Or have a /contrib/bazel/ directory for all targets not to be built as part of :all?) and should probably be a separate PR.

[ipuustin]

@ggreenway: Please take another look. Do you think the bazel fixes for coverage targets are now right?

[ggreenway]

This all LGTM, but I want a bazel expert to sign off on the bazel changes.

cc @lizan @wrowe. Can either of you take a look at just the bazel changes here?

[ggreenway]

/assign-from @envoyproxy/dependency-shepherds

[repokitteh-read-only]

@envoyproxy/dependency-shepherds assignee is @moderation

🐱

Caused by: a #17826 (comment) was created by @ggreenway.

see: more, trace.

[moderation]

/lgtm deps