From patchwork Mon Dec 18 23:00:17 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 122326 Delivered-To: patch@linaro.org Received: by 10.140.22.227 with SMTP id 90csp3424757qgn; Mon, 18 Dec 2017 15:02:03 -0800 (PST) X-Google-Smtp-Source: ACJfBosi8KSELzqsa0PTfmq05pYsVaQd1V2WINsxrqfJjXjEjcC5t5F0AMw+rbwFntiExuXZitjQ X-Received: by 10.55.10.7 with SMTP id 7mr2100921qkk.198.1513638123719; Mon, 18 Dec 2017 15:02:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513638123; cv=none; d=google.com; s=arc-20160816; b=GkOQDfZYe+Kj0u3bIAj0uoGs0SKkljpwOzqc3yfgLt7vdtHPFVYwtOg81XSp93Ol/L Gh1mTvSIvLX+FJVi+En4s/7vVbSLQlc+Uoia4jxMAiA9QPxvqEyDXGUpFYgjmZoAZqvU 94PI4Zqn0FI9gSFhvzfug7i15qrg7TrcKij53OYMquGX9hLXIHxkYFg8KPHlHVqTClRv rn10NeV6u4KMLgj8CWkMPWBC+ocdBnNCO3xldG+JMsrKMhMYYnG9EbdBlHBs6dnrXxgO +4MxdMmZgLjQVs/+mD175YoEJ0z9DmWxaUl0pjKmxLU2pjinUnTLpB8QPNrw6rpEYrnF yXdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=5/UK7EaZqhskX5goM5xT3+BWzrPVXeb1KiE+pG3/bh8=; b=NEQOK17iTtpd4+75if49d+790KR/w18efV7huAAJ5SEgfvUFSEY37Q3j5Tra938xVR HkrUwwwUd4vuvCHHSzEJWRt5yZgpJCptEJQ2WxwUM3pseArk+UPvsIEYhX0mMF6lgu9R ROxs8w5G5ao6rJ6k/bhngVjdd7OsPcY5Tzx1S5aQLMlHYSanzFP5mCrRbwiFTZ5N9Fan sh89RGMByo6YANYEc4H4w5IeG9QR7kdgUIw8eai66sh5qqsIykRhsqCyY3jvWquHhjbO EhkCyl1T2joDtBYHktXgG2gqQtOVz7CBwi7u1dy26YS1/cg69uISc2gYlxuNpf7lWHdi 9LYg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id p25si8383216qki.168.2017.12.18.15.02.02; Mon, 18 Dec 2017 15:02:03 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id E183C608CC; Mon, 18 Dec 2017 23:02:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id B2C616085F; Mon, 18 Dec 2017 23:00:38 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 1591E608BB; Mon, 18 Dec 2017 23:00:28 +0000 (UTC) Received: from forward105j.mail.yandex.net (forward105j.mail.yandex.net [5.45.198.248]) by lists.linaro.org (Postfix) with ESMTPS id C4D67607E5 for ; Mon, 18 Dec 2017 23:00:22 +0000 (UTC) Received: from mxback2g.mail.yandex.net (mxback2g.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:163]) by forward105j.mail.yandex.net (Yandex) with ESMTP id 12E02183A8B for ; Tue, 19 Dec 2017 02:00:21 +0300 (MSK) Received: from smtp4j.mail.yandex.net (smtp4j.mail.yandex.net [2a02:6b8:0:1619::15:6]) by mxback2g.mail.yandex.net (nwsmtp/Yandex) with ESMTP id fOawtQCq3B-0LN0ambr; Tue, 19 Dec 2017 02:00:21 +0300 Received: by smtp4j.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id velBgine2q-0KuiW8p3; Tue, 19 Dec 2017 02:00:20 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 19 Dec 2017 02:00:17 +0300 Message-Id: <1513638017-25830-4-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513638017-25830-1-git-send-email-odpbot@yandex.ru> References: <1513638017-25830-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 344 Subject: [lng-odp] [PATCH API-NEXT v5 3/3] linux-gen: crypto: significant speedup of all operations X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Per idea of Janne Peltonen, do not allocate/free crypto contexts for each operation, providing significant speed increase. Each thread on startup allocates hmac+cipher contexts pair for each crypto session. Then they are initialized on demand, when session is first executed using this thread. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 344 (lumag:openssl-ctx-api-next) ** https://github.com/Linaro/odp/pull/344 ** Patch: https://github.com/Linaro/odp/pull/344.patch ** Base sha: 0588040068a50d0d15a641d091fce23214b15594 ** Merge commit sha: a28e00c125888084599e44e6d7927e7ca78a0560 **/ platform/linux-generic/include/odp_internal.h | 2 + platform/linux-generic/odp_crypto.c | 246 ++++++++++++++++---------- platform/linux-generic/odp_init.c | 13 ++ 3 files changed, 171 insertions(+), 90 deletions(-) diff --git a/platform/linux-generic/include/odp_internal.h b/platform/linux-generic/include/odp_internal.h index d01b4f155..7ce8d351b 100644 --- a/platform/linux-generic/include/odp_internal.h +++ b/platform/linux-generic/include/odp_internal.h @@ -113,6 +113,8 @@ int odp_queue_term_global(void); int odp_crypto_init_global(void); int odp_crypto_term_global(void); +int _odp_crypto_init_local(void); +int _odp_crypto_term_local(void); int odp_timer_init_global(const odp_init_t *params); int odp_timer_term_global(void); diff --git a/platform/linux-generic/odp_crypto.c b/platform/linux-generic/odp_crypto.c index 811d3fc03..1b51d73c8 100644 --- a/platform/linux-generic/odp_crypto.c +++ b/platform/linux-generic/odp_crypto.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include @@ -99,6 +100,9 @@ odp_crypto_alg_err_t (*crypto_func_t)(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session); +typedef odp_atomic_u32_t crypto_valid; +#define CV_BITS 32 + /** * Per crypto session data structure */ @@ -129,8 +133,32 @@ struct odp_crypto_generic_session_t { }; crypto_func_t func; } auth; + + /* These bitfields are cleared at odp_crypto_session_destroy() + * together with the rest of data */ + crypto_valid cipher_valid[(ODP_THREAD_COUNT_MAX + CV_BITS - 1) / + CV_BITS]; + crypto_valid hmac_valid[(ODP_THREAD_COUNT_MAX + CV_BITS - 1) / + CV_BITS]; + unsigned idx; }; +/* Use _mm versions, because they are always inlined */ +static int crypto_should_init(crypto_valid *ptr, unsigned int id) +{ + unsigned int mask = 1 << (id % CV_BITS); + crypto_valid *cv = ptr + (id / CV_BITS); + uint32_t cur = _odp_atomic_u32_load_mm(ptr, _ODP_MEMMODEL_ACQ); + + + while (!_odp_atomic_u32_cmp_xchg_strong_mm(cv, &cur, cur | mask, + _ODP_MEMMODEL_RLS, + _ODP_MEMMODEL_ACQ)) + ; + + return !(cur & mask); +} + typedef struct odp_crypto_global_s odp_crypto_global_t; struct odp_crypto_global_s { @@ -142,6 +170,16 @@ struct odp_crypto_global_s { static odp_crypto_global_t *global; +typedef struct crypto_local_t { + struct { + HMAC_CTX *hmac; + EVP_CIPHER_CTX *cipher; + } ctx[MAX_SESSIONS]; + int id; +} crypto_local_t; + +static __thread crypto_local_t local; + static odp_crypto_generic_session_t *alloc_session(void) { @@ -155,6 +193,8 @@ odp_crypto_generic_session_t *alloc_session(void) } odp_spinlock_unlock(&global->lock); + session->idx = (session - global->sessions) / sizeof(*session); + return session; } @@ -175,24 +215,51 @@ null_crypto_routine(odp_packet_t pkt ODP_UNUSED, return ODP_CRYPTO_ALG_ERR_NONE; } +/* Mimic new OpenSSL 1.1.y API */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L +static HMAC_CTX *HMAC_CTX_new(void) +{ + HMAC_CTX *ctx = malloc(sizeof(*ctx)); + + HMAC_CTX_init(ctx); + return ctx; +} + +static void HMAC_CTX_free(HMAC_CTX *ctx) +{ + HMAC_CTX_cleanup(ctx); + free(ctx); +} +#endif + static -void packet_hmac_calculate(HMAC_CTX *ctx, - odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) +void packet_hmac(odp_packet_t pkt, + const odp_crypto_packet_op_param_t *param, + odp_crypto_generic_session_t *session, + uint8_t *hash) { + HMAC_CTX *ctx = local.ctx[session->idx].hmac; uint32_t offset = param->auth_range.offset; uint32_t len = param->auth_range.length; ODP_ASSERT(offset + len <= odp_packet_len(pkt)); - HMAC_Init_ex(ctx, - session->auth.key, - session->auth.key_length, - session->auth.evp_md, - NULL); + if (crypto_should_init(session->hmac_valid, local.id)) { + HMAC_Init_ex(ctx, + session->auth.key, + session->auth.key_length, + session->auth.evp_md, + NULL); + } else { + /* Reinitialize HMAC calculation without resetting the key */ + HMAC_Init_ex(ctx, + NULL, + 0, + NULL, + NULL); + } + /* Hash it */ while (len > 0) { uint32_t seglen = 0; /* GCC */ void *mapaddr = odp_packet_offset(pkt, offset, &seglen, NULL); @@ -206,36 +273,6 @@ void packet_hmac_calculate(HMAC_CTX *ctx, HMAC_Final(ctx, hash, NULL); } -#if OPENSSL_VERSION_NUMBER < 0x10100000L -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX ctx; - - /* Hash it */ - HMAC_CTX_init(&ctx); - packet_hmac_calculate(&ctx, pkt, param, session, hash); - HMAC_CTX_cleanup(&ctx); -} -#else -static -void packet_hmac(odp_packet_t pkt, - const odp_crypto_packet_op_param_t *param, - odp_crypto_generic_session_t *session, - uint8_t *hash) -{ - HMAC_CTX *ctx; - - /* Hash it */ - ctx = HMAC_CTX_new(); - packet_hmac_calculate(ctx, pkt, param, session, hash); - HMAC_CTX_free(ctx); -} -#endif - static odp_crypto_alg_err_t auth_gen(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, @@ -430,7 +467,7 @@ odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; void *iv_ptr; int ret; @@ -442,16 +479,15 @@ odp_crypto_alg_err_t cipher_encrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_encrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -461,7 +497,7 @@ odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; void *iv_ptr; int ret; @@ -473,16 +509,15 @@ odp_crypto_alg_err_t cipher_decrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_decrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -519,7 +554,7 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = session->p.auth_aad_len; void *iv_ptr; @@ -535,13 +570,14 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_EncryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); /* Authenticate header data (if any) without encrypting them */ if (aad_len > 0) @@ -555,8 +591,6 @@ odp_crypto_alg_err_t aes_gcm_encrypt(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -566,7 +600,7 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; const uint8_t *aad_head = param->aad.ptr; uint32_t aad_len = session->p.auth_aad_len; int dummy_len = 0; @@ -582,13 +616,14 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, - session->cipher.key_data, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_DecryptInit_ex(ctx, session->cipher.evp_cipher, NULL, + session->cipher.key_data, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); odp_packet_copy_to_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); @@ -602,8 +637,6 @@ odp_crypto_alg_err_t aes_gcm_decrypt(odp_packet_t pkt, ret = internal_decrypt(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : ODP_CRYPTO_ALG_ERR_NONE; } @@ -635,7 +668,7 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; void *iv_ptr; uint8_t block[EVP_MAX_MD_SIZE]; int ret; @@ -648,13 +681,14 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Encrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, - session->auth.key, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_EncryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); ret = internal_aad(ctx, pkt, param); @@ -663,8 +697,6 @@ odp_crypto_alg_err_t aes_gmac_gen(odp_packet_t pkt, odp_packet_copy_from_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_DATA_SIZE : ODP_CRYPTO_ALG_ERR_NONE; } @@ -674,7 +706,7 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, const odp_crypto_packet_op_param_t *param, odp_crypto_generic_session_t *session) { - EVP_CIPHER_CTX *ctx; + EVP_CIPHER_CTX *ctx = local.ctx[session->idx].cipher; void *iv_ptr; uint8_t block[EVP_MAX_MD_SIZE]; int ret; @@ -687,13 +719,14 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, return ODP_CRYPTO_ALG_ERR_IV_INVALID; /* Decrypt it */ - ctx = EVP_CIPHER_CTX_new(); - EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, - session->auth.key, NULL); - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, - session->p.iv.length, NULL); + if (crypto_should_init(session->cipher_valid, local.id)) { + EVP_DecryptInit_ex(ctx, session->auth.evp_cipher, NULL, + session->auth.key, NULL); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, + session->p.iv.length, NULL); + EVP_CIPHER_CTX_set_padding(ctx, 0); + } EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv_ptr); - EVP_CIPHER_CTX_set_padding(ctx, 0); odp_packet_copy_to_mem(pkt, param->hash_result_offset, session->p.auth_digest_len, block); @@ -704,8 +737,6 @@ odp_crypto_alg_err_t aes_gmac_check(odp_packet_t pkt, ret = internal_aad(ctx, pkt, param); - EVP_CIPHER_CTX_free(ctx); - return ret <= 0 ? ODP_CRYPTO_ALG_ERR_ICV_CHECK : ODP_CRYPTO_ALG_ERR_NONE; } @@ -1213,6 +1244,41 @@ int odp_crypto_term_global(void) return rc; } +int _odp_crypto_init_local(void) +{ + unsigned i; + + memset(&local, 0, sizeof(local)); + + for (i = 0; i < MAX_SESSIONS; i++) { + local.ctx[i].hmac = HMAC_CTX_new(); + local.ctx[i].cipher = EVP_CIPHER_CTX_new(); + + if (local.ctx[i].hmac == NULL || local.ctx[i].cipher == NULL) { + _odp_crypto_term_local(); + return -1; + } + } + + local.id = odp_thread_id(); + + return 0; +} + +int _odp_crypto_term_local(void) +{ + unsigned i; + + for (i = 0; i < MAX_SESSIONS; i++) { + if (local.ctx[i].hmac != NULL) + HMAC_CTX_free(local.ctx[i].hmac); + if (local.ctx[i].cipher != NULL) + EVP_CIPHER_CTX_free(local.ctx[i].cipher); + } + + return 0; +} + odp_random_kind_t odp_random_max_kind(void) { return ODP_RANDOM_CRYPTO; diff --git a/platform/linux-generic/odp_init.c b/platform/linux-generic/odp_init.c index 1412c03a0..eb74437b2 100644 --- a/platform/linux-generic/odp_init.c +++ b/platform/linux-generic/odp_init.c @@ -418,6 +418,12 @@ int odp_init_local(odp_instance_t instance, odp_thread_type_t thr_type) } stage = PKTIO_INIT; + if (_odp_crypto_init_local()) { + ODP_ERR("ODP crypto local init failed.\n"); + goto init_fail; + } + stage = CRYPTO_INIT; + if (odp_pool_init_local()) { ODP_ERR("ODP pool local init failed.\n"); goto init_fail; @@ -470,6 +476,13 @@ int _odp_term_local(enum init_stage stage) } /* Fall through */ + case CRYPTO_INIT: + if (_odp_crypto_term_local()) { + ODP_ERR("ODP crypto local term failed.\n"); + rc = -1; + } + /* Fall through */ + case POOL_INIT: if (odp_pool_term_local()) { ODP_ERR("ODP buffer pool local term failed.\n");