diff options
Diffstat (limited to 'src/plugins/crypto_native')
| -rw-r--r-- | src/plugins/crypto_native/aes_cbc.c | 37 | ||||
| -rw-r--r-- | src/plugins/crypto_native/crypto_native.h | 7 | ||||
| -rw-r--r-- | src/plugins/crypto_native/main.c | 18 |
3 files changed, 6 insertions, 56 deletions
diff --git a/src/plugins/crypto_native/aes_cbc.c b/src/plugins/crypto_native/aes_cbc.c index 20b6fd61499..7896c8814b1 100644 --- a/src/plugins/crypto_native/aes_cbc.c +++ b/src/plugins/crypto_native/aes_cbc.c @@ -234,8 +234,6 @@ aes_ops_enc_aes_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops, aes_key_size_t ks) { crypto_native_main_t *cm = &crypto_native_main; - crypto_native_per_thread_data_t *ptd = - vec_elt_at_index (cm->per_thread_data, vm->thread_index); int rounds = AES_KEY_ROUNDS (ks); u8 placeholder[8192]; u32 i, j, count, n_left = n_ops; @@ -269,15 +267,7 @@ more: } else { - u8x16 t; - if (ops[0]->flags & VNET_CRYPTO_OP_FLAG_INIT_IV) - { - t = ptd->cbc_iv[i]; - *(u8x16u *) ops[0]->iv = t; - ptd->cbc_iv[i] = aes_enc_round (t, t); - } - else - t = aes_block_load (ops[0]->iv); + u8x16 t = aes_block_load (ops[0]->iv); #if __VAES__ rq[i] = t; #else @@ -486,27 +476,6 @@ crypto_native_aes_cbc_init_slm (vlib_main_t * vm) #endif { crypto_native_main_t *cm = &crypto_native_main; - crypto_native_per_thread_data_t *ptd; - clib_error_t *err = 0; - int fd; - - if ((fd = open ("/dev/urandom", O_RDONLY)) < 0) - return clib_error_return_unix (0, "failed to open '/dev/urandom'"); - - /* *INDENT-OFF* */ - vec_foreach (ptd, cm->per_thread_data) - { - for (int i = 0; i < 4; i++) - { - if (read(fd, ptd->cbc_iv, sizeof (ptd->cbc_iv)) != - sizeof (ptd->cbc_iv)) - { - err = clib_error_return_unix (0, "'/dev/urandom' read failure"); - goto error; - } - } - } - /* *INDENT-ON* */ #define _(x) \ vnet_crypto_register_ops_handler (vm, cm->crypto_engine_index, \ @@ -519,9 +488,7 @@ crypto_native_aes_cbc_init_slm (vlib_main_t * vm) foreach_aes_cbc_handler_type; #undef _ -error: - close (fd); - return err; + return 0; } /* diff --git a/src/plugins/crypto_native/crypto_native.h b/src/plugins/crypto_native/crypto_native.h index d5c33daa1a6..3bad14ea2df 100644 --- a/src/plugins/crypto_native/crypto_native.h +++ b/src/plugins/crypto_native/crypto_native.h @@ -22,14 +22,7 @@ typedef void *(crypto_native_key_fn_t) (vnet_crypto_key_t * key); typedef struct { - CLIB_CACHE_LINE_ALIGN_MARK (cacheline0); - u8x16 cbc_iv[16]; -} crypto_native_per_thread_data_t; - -typedef struct -{ u32 crypto_engine_index; - crypto_native_per_thread_data_t *per_thread_data; crypto_native_key_fn_t *key_fn[VNET_CRYPTO_N_ALGS]; void **key_data; } crypto_native_main_t; diff --git a/src/plugins/crypto_native/main.c b/src/plugins/crypto_native/main.c index 32bbbb13652..712c333bce9 100644 --- a/src/plugins/crypto_native/main.c +++ b/src/plugins/crypto_native/main.c @@ -63,16 +63,12 @@ clib_error_t * crypto_native_init (vlib_main_t * vm) { crypto_native_main_t *cm = &crypto_native_main; - vlib_thread_main_t *tm = vlib_get_thread_main (); clib_error_t *error = 0; if (clib_cpu_supports_x86_aes () == 0 && clib_cpu_supports_aarch64_aes () == 0) return 0; - vec_validate_aligned (cm->per_thread_data, tm->n_vlib_mains - 1, - CLIB_CACHE_LINE_BYTES); - cm->crypto_engine_index = vnet_crypto_register_engine (vm, "native", 100, "Native ISA Optimized Crypto"); @@ -96,7 +92,7 @@ crypto_native_init (vlib_main_t * vm) error = clib_error_return (0, "No AES CBC implemenation available"); if (error) - goto error; + return error; #if __x86_64__ if (clib_cpu_supports_pclmulqdq ()) @@ -113,7 +109,7 @@ crypto_native_init (vlib_main_t * vm) error = clib_error_return (0, "No AES GCM implemenation available"); if (error) - goto error; + return error; } #endif #if __aarch64__ @@ -123,18 +119,12 @@ crypto_native_init (vlib_main_t * vm) error = clib_error_return (0, "No AES GCM implemenation available"); if (error) - goto error; + return error; #endif vnet_crypto_register_key_handler (vm, cm->crypto_engine_index, crypto_native_key_handler); - - -error: - if (error) - vec_free (cm->per_thread_data); - - return error; + return 0; } /* *INDENT-OFF* */ |