freebsd-skq/sys/opencrypto
fabient fbc9da5dbe crypto(9) is called from ipsec in CRYPTO_F_CBIFSYNC mode. This is working
fine when a lot of different flows to be ciphered/deciphered are involved.

However, when a software crypto driver is used, there are
situations where we could benefit from making crypto(9) multi threaded:
- a single flow is to be ciphered: only one thread is used to cipher it,
- a single ESP flow is to be deciphered: only one thread is used to
decipher it.

The idea here is to call crypto(9) using a new mode (CRYPTO_F_ASYNC) to
dispatch the crypto jobs on multiple threads, if the underlying crypto
driver is working in synchronous mode.

Another flag is added (CRYPTO_F_ASYNC_KEEPORDER) to make crypto(9)
dispatch the crypto jobs in the order they are received (an additional
queue/thread is used), so that the packets are reinjected in the network
using the same order they were posted.

A new sysctl net.inet.ipsec.async_crypto can be used to activate
this new behavior (disabled by default).

Submitted by:	Emeric Poupon <emeric.poupon@stormshield.eu>
Reviewed by:	ae, jmg, jhb
Differential Revision:    https://reviews.freebsd.org/D10680
Sponsored by:	Stormshield
2017-11-03 10:27:22 +00:00
..
cast.c
cast.h
castsb.h
criov.c Use const with some read-only buffers in opencrypto APIs. 2017-05-09 18:28:42 +00:00
crypto.c crypto(9) is called from ipsec in CRYPTO_F_CBIFSYNC mode. This is working 2017-11-03 10:27:22 +00:00
cryptodeflate.c
cryptodev_if.m
cryptodev.c opencrypto: Loosen restriction on HMAC key sizes 2017-09-26 16:18:10 +00:00
cryptodev.h crypto(9) is called from ipsec in CRYPTO_F_CBIFSYNC mode. This is working 2017-11-03 10:27:22 +00:00
cryptosoft.c Don't leak a session and lock if a GMAC key has an invalid length. 2017-04-05 01:46:41 +00:00
cryptosoft.h
deflate.h
gfmult.c
gfmult.h
gmac.c
gmac.h
rmd160.c
rmd160.h
skipjack.c
skipjack.h
xform_aes_icm.c
xform_aes_xts.c
xform_auth.h
xform_blf.c
xform_cast5.c
xform_cml.c
xform_comp.h
xform_deflate.c
xform_des1.c
xform_des3.c
xform_enc.h
xform_gmac.c
xform_md5.c opencrypto: Use C99 initializers for auth_hash instances 2017-09-26 17:52:52 +00:00
xform_null.c opencrypto: Use C99 initializers for auth_hash instances 2017-09-26 17:52:52 +00:00
xform_rijndael.c
xform_rmd160.c opencrypto: Use C99 initializers for auth_hash instances 2017-09-26 17:52:52 +00:00
xform_sha1.c opencrypto: Use C99 initializers for auth_hash instances 2017-09-26 17:52:52 +00:00
xform_sha2.c opencrypto: Use C99 initializers for auth_hash instances 2017-09-26 17:52:52 +00:00
xform_skipjack.c
xform_userland.h
xform.c
xform.h