From 77e69ae2d172dce74f4da4cae52bb63e28daa3ae Mon Sep 17 00:00:00 2001 From: Gabriel Oginski Date: Wed, 17 Nov 2021 10:27:00 +0000 Subject: wireguard: add async mode for decryption packets Originally wireguard doesn't support async mode for decryption packets. This patch add async mode for decryption in wireguard. In addition, it contains some performance improvement such as prefetching packet header and reducing the number of current time function calls. Type: improvement Signed-off-by: Gabriel Oginski Change-Id: Ieba6ae0078f3ff140c05b517891afb57232b3b7d --- src/plugins/wireguard/wireguard_noise.h | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) (limited to 'src/plugins/wireguard/wireguard_noise.h') diff --git a/src/plugins/wireguard/wireguard_noise.h b/src/plugins/wireguard/wireguard_noise.h index 33ac189b0c0..e95211b8884 100644 --- a/src/plugins/wireguard/wireguard_noise.h +++ b/src/plugins/wireguard/wireguard_noise.h @@ -196,12 +196,6 @@ noise_remote_encrypt (vlib_main_t * vm, noise_remote_t *, uint64_t * nonce, uint8_t * src, size_t srclen, uint8_t * dst); -enum noise_state_crypt -noise_sync_remote_decrypt (vlib_main_t *vm, vnet_crypto_op_t **crypto_ops, - noise_remote_t *, uint32_t r_idx, uint64_t nonce, - uint8_t *src, size_t srclen, uint8_t *dst, u32 bi, - u8 *iv, f64 time); - static_always_inline noise_keypair_t * wg_get_active_keypair (noise_remote_t *r, uint32_t r_idx) { @@ -264,6 +258,21 @@ error: return ret; } +static_always_inline void +noise_remote_keypair_free (vlib_main_t *vm, noise_remote_t *r, + noise_keypair_t **kp) +{ + noise_local_t *local = noise_local_get (r->r_local_idx); + struct noise_upcall *u = &local->l_upcall; + if (*kp) + { + u->u_index_drop ((*kp)->kp_local_index); + vnet_crypto_key_del (vm, (*kp)->kp_send_index); + vnet_crypto_key_del (vm, (*kp)->kp_recv_index); + clib_mem_free (*kp); + } +} + #endif /* __included_wg_noise_h__ */ /* -- cgit 1.2.3-korg