From 7dbc8ebe54f4ddb83e337be152e9b8405f52e577 Mon Sep 17 00:00:00 2001
From: Aloys Augustin <aloaugus@cisco.com>
Date: Mon, 2 Aug 2021 17:42:23 +0200
Subject: quic: do not update crypto keys from workers

The vnet_crypto_key_add should only be called from the main thread.
This patch works around this limitation by allocating one key per worker
and updating it on the fly everytime we need to do a crypto operation.

This solution is far from ideal, but quicly has a strong assumption that
it can use a key immediately after determining it, so making the key
creation asynchronous is not a possibility.

Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: I19fc5814195156003c36a73bb616738ba9d828f7
Type: fix
---
 src/plugins/quic/quic.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src/plugins/quic/quic.h')

diff --git a/src/plugins/quic/quic.h b/src/plugins/quic/quic.h
index 901bdbc39b2..2c5a21c01a4 100644
--- a/src/plugins/quic/quic.h
+++ b/src/plugins/quic/quic.h
@@ -263,8 +263,7 @@ typedef struct quic_main_
   u32 connection_timeout;
 
   u8 vnet_crypto_enabled;
-
-  clib_rwlock_t crypto_keys_quic_rw_lock;
+  u32 *per_thread_crypto_key_indices;
 } quic_main_t;
 
 #endif /* __included_quic_h__ */
-- 
cgit 1.2.3-korg