summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/plugins/crypto_openssl/main.c6
-rw-r--r--src/vnet/crypto/crypto.c47
2 files changed, 44 insertions, 9 deletions
diff --git a/src/plugins/crypto_openssl/main.c b/src/plugins/crypto_openssl/main.c
index c1e744fc839..6637e53789c 100644
--- a/src/plugins/crypto_openssl/main.c
+++ b/src/plugins/crypto_openssl/main.c
@@ -106,7 +106,7 @@ openssl_ops_hmac (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
openssl_per_thread_data_t *ptd = vec_elt_at_index (per_thread_data,
vm->thread_index);
HMAC_CTX *ctx = ptd->hmac_ctx;
- u32 i;
+ u32 i, n_fail = 0;
for (i = 0; i < n_ops; i++)
{
vnet_crypto_op_t *op = ops[i];
@@ -121,7 +121,7 @@ openssl_ops_hmac (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
{
if ((memcmp (op->dst, buffer, sz)))
{
- n_ops -= 1;
+ n_fail++;
op->status = VNET_CRYPTO_OP_STATUS_FAIL_BAD_HMAC;
continue;
}
@@ -130,7 +130,7 @@ openssl_ops_hmac (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
clib_memcpy_fast (op->dst, buffer, sz);
op->status = VNET_CRYPTO_OP_STATUS_COMPLETED;
}
- return n_ops;
+ return n_ops - n_fail;
}
#define _(a, b) \
diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c
index ceedc93bbaf..3dcb2ec33bd 100644
--- a/src/vnet/crypto/crypto.c
+++ b/src/vnet/crypto/crypto.c
@@ -19,23 +19,58 @@
vnet_crypto_main_t crypto_main;
+static_always_inline u32
+vnet_crypto_process_ops_call_handler (vlib_main_t * vm,
+ vnet_crypto_main_t * cm,
+ vnet_crypto_op_type_t opt,
+ vnet_crypto_op_t * ops[], u32 n_ops)
+{
+ if (n_ops == 0)
+ return 0;
+
+ if (cm->ops_handlers[opt] == 0)
+ {
+ while (n_ops)
+ {
+ ops[0]->status = VNET_CRYPTO_OP_STATUS_FAIL_NO_HANDLER;
+ ops++;
+ }
+ return 0;
+ }
+
+ return (cm->ops_handlers[opt]) (vm, ops, n_ops);
+}
+
+
u32
vnet_crypto_process_ops (vlib_main_t * vm, vnet_crypto_op_t ops[], u32 n_ops)
{
vnet_crypto_main_t *cm = &crypto_main;
+ const int op_q_size = VLIB_FRAME_SIZE;
+ vnet_crypto_op_t *op_queue[op_q_size];
+ vnet_crypto_op_type_t opt, current_op_type = ~0;
+ u32 n_op_queue = 0;
u32 rv = 0, i;
+ ASSERT (n_ops >= 1);
+
for (i = 0; i < n_ops; i++)
{
- vnet_crypto_op_type_t opt = ops[i].op;
- vnet_crypto_op_t *opp = &ops[i];
+ opt = ops[i].op;
+
+ if (current_op_type != opt || n_op_queue >= op_q_size)
+ {
+ rv += vnet_crypto_process_ops_call_handler (vm, cm, current_op_type,
+ op_queue, n_op_queue);
+ n_op_queue = 0;
+ current_op_type = opt;
+ }
- if (cm->ops_handlers[opt])
- rv += (cm->ops_handlers[opt]) (vm, &opp, 1);
- else
- ops[i].status = VNET_CRYPTO_OP_STATUS_FAIL_NO_HANDLER;
+ op_queue[n_op_queue++] = &ops[i];
}
+ rv += vnet_crypto_process_ops_call_handler (vm, cm, current_op_type,
+ op_queue, n_op_queue);
return rv;
}