#include <vnet/plugin/plugin.h>
#include <vnet/crypto/crypto.h>
#include <crypto_ia32/crypto_ia32.h>
-#include <crypto_ia32/aesni.h>
crypto_ia32_main_t crypto_ia32_main;
{
vnet_crypto_key_t *key = vnet_crypto_get_key (idx);
crypto_ia32_main_t *cm = &crypto_ia32_main;
- aesni_key_data_t *kd;
- switch (key->alg)
- {
- case VNET_CRYPTO_ALG_AES_128_CBC:
- case VNET_CRYPTO_ALG_AES_192_CBC:
- case VNET_CRYPTO_ALG_AES_256_CBC:
- break;
- default:
- return;
- }
+ if (cm->key_fn[key->alg] == 0)
+ return;
if (kop == VNET_CRYPTO_KEY_OP_DEL)
{
if (cm->key_data[idx] == 0)
return;
- clib_memset_u8 (cm->key_data[idx], 0,
- clib_mem_size (cm->key_data[idx]));
- clib_mem_free (cm->key_data[idx]);
+ clib_mem_free_s (cm->key_data[idx]);
cm->key_data[idx] = 0;
return;
}
if (kop == VNET_CRYPTO_KEY_OP_MODIFY && cm->key_data[idx])
{
- clib_memset_u8 (cm->key_data[idx], 0,
- clib_mem_size (cm->key_data[idx]));
- clib_mem_free (cm->key_data[idx]);
+ clib_mem_free_s (cm->key_data[idx]);
}
- kd = cm->key_data[idx] = clib_mem_alloc_aligned (sizeof (aesni_key_data_t),
- CLIB_CACHE_LINE_BYTES);
-
- /* ADD or MODIFY */
- switch (key->alg)
- {
- case VNET_CRYPTO_ALG_AES_128_CBC:
- aes_key_expand (kd->encrypt_key, key->data, AESNI_KEY_128);
- aes_key_expand (kd->decrypt_key, key->data, AESNI_KEY_128);
- aes_key_enc_to_dec (kd->decrypt_key, AESNI_KEY_128);
- break;
- case VNET_CRYPTO_ALG_AES_192_CBC:
- aes_key_expand (kd->encrypt_key, key->data, AESNI_KEY_192);
- aes_key_expand (kd->decrypt_key, key->data, AESNI_KEY_192);
- aes_key_enc_to_dec (kd->decrypt_key, AESNI_KEY_192);
- break;
- case VNET_CRYPTO_ALG_AES_256_CBC:
- aes_key_expand (kd->encrypt_key, key->data, AESNI_KEY_256);
- aes_key_expand (kd->decrypt_key, key->data, AESNI_KEY_256);
- aes_key_enc_to_dec (kd->decrypt_key, AESNI_KEY_256);
- break;
- default:
- break;
- }
- return;
+ cm->key_data[idx] = cm->key_fn[key->alg] (key);
}
clib_error_t *
{
crypto_ia32_main_t *cm = &crypto_ia32_main;
vlib_thread_main_t *tm = vlib_get_thread_main ();
- clib_error_t *error;
+ clib_error_t *error = 0;
- if ((error = vlib_call_init_function (vm, vnet_crypto_init)))
- return error;
+ if (clib_cpu_supports_x86_aes () == 0)
+ return 0;
vec_validate_aligned (cm->per_thread_data, tm->n_vlib_mains - 1,
CLIB_CACHE_LINE_BYTES);
vnet_crypto_register_engine (vm, "ia32", 100,
"Intel IA32 ISA Optimized Crypto");
- if (clib_cpu_supports_x86_aes () &&
- (error = crypto_ia32_aesni_cbc_init (vm)))
+ if (clib_cpu_supports_avx512f ())
+ error = crypto_ia32_aesni_cbc_init_avx512 (vm);
+ else if (clib_cpu_supports_avx2 ())
+ error = crypto_ia32_aesni_cbc_init_avx2 (vm);
+ else
+ error = crypto_ia32_aesni_cbc_init_sse42 (vm);
+
+ if (error)
goto error;
+ if (clib_cpu_supports_pclmulqdq ())
+ {
+ if (clib_cpu_supports_avx512f ())
+ error = crypto_ia32_aesni_gcm_init_avx512 (vm);
+ else if (clib_cpu_supports_avx2 ())
+ error = crypto_ia32_aesni_gcm_init_avx2 (vm);
+ else
+ error = crypto_ia32_aesni_gcm_init_sse42 (vm);
+
+ if (error)
+ goto error;
+ }
+
vnet_crypto_register_key_handler (vm, cm->crypto_engine_index,
crypto_ia32_key_handler);
return error;
}
-VLIB_INIT_FUNCTION (crypto_ia32_init);
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (crypto_ia32_init) =
+{
+ .runs_after = VLIB_INITS ("vnet_crypto_init"),
+};
+/* *INDENT-ON* */
#include <vpp/app/version.h>
/* *INDENT-OFF* */
VLIB_PLUGIN_REGISTER () = {
.version = VPP_BUILD_VER,
- .description = "Intel AESNI Software Crypto Backend Plugin",
+ .description = "Intel IA32 Software Crypto Engine",
};
/* *INDENT-ON* */