[Bug 2033422] Re: openssl: backport to jammy "clear method store / query cache confusion"

[Adrien Nader]

** Description changed:

+ === SRU information ===
+ 
+ [Impact]
+ Severely degraded performance for concurrent operations compared to openssl 1.1. The performance is so degraded that some workloads fail due to timeouts or insufficient resources (noone magically has 5 times more machines). As a consequence, a number of people use openssl 1.1 instead and do not get security updates.
+ 
+ [Test plan]
+ Rafael Lopez has shared a simple benchmarks and results in #2009544 . I have tested this on a raspberry pi 4 with 8GB of memory and obtained speedups at least as high.
+ 
+ [Where problems could occur]
+ The change is spread over several patches which touch the internals of openssl. Upstream has code review in place and the patches have first appeared in openssl 3.0.4 iirc and therefore in kinetic which was released a year ago and we have not seen issues crop up.
+ 
+ === Original description ===
+ 
  This is about SRU'ing to Jammy the patches at
  https://github.com/openssl/openssl/pull/18151#issuecomment-1118535602 .
  They're purely performance but their impact is large. They have been
  released as part of openssl 3.0.4 (they're among the first after 3.0.3)
  which has been included in Kinetic.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2033422

Title:
  openssl: backport to jammy "clear method store / query cache
  confusion"

Status in openssl package in Ubuntu:
  New
Status in openssl source package in Jammy:
  In Progress
Status in openssl source package in Lunar:
  Fix Released

Bug description:
  === SRU information ===

  [Impact]
  Severely degraded performance for concurrent operations compared to openssl 1.1. The performance is so degraded that some workloads fail due to timeouts or insufficient resources (noone magically has 5 times more machines). As a consequence, a number of people use openssl 1.1 instead and do not get security updates.

  [Test plan]
  Rafael Lopez has shared a simple benchmarks and results in #2009544 . I have tested this on a raspberry pi 4 with 8GB of memory and obtained speedups at least as high.

  [Where problems could occur]
  The change is spread over several patches which touch the internals of openssl. Upstream has code review in place and the patches have first appeared in openssl 3.0.4 iirc and therefore in kinetic which was released a year ago and we have not seen issues crop up.

  === Original description ===

  This is about SRU'ing to Jammy the patches at
  https://github.com/openssl/openssl/pull/18151#issuecomment-1118535602
  . They're purely performance but their impact is large. They have been
  released as part of openssl 3.0.4 (they're among the first after
  3.0.3) which has been included in Kinetic.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2033422/+subscriptions