aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/data.c4
-rw-r--r--src/device.c36
-rw-r--r--src/device.h8
-rw-r--r--src/peer.c4
-rw-r--r--src/receive.c4
-rw-r--r--src/send.c2
-rw-r--r--src/timers.c2
7 files changed, 31 insertions, 29 deletions
diff --git a/src/data.c b/src/data.c
index d993007..f188be5 100644
--- a/src/data.c
+++ b/src/data.c
@@ -304,7 +304,7 @@ int packet_create_data(struct sk_buff_head *queue, struct wireguard_peer *peer)
if (unlikely(!ctx->peer))
goto err_parallel;
atomic_inc(&peer->parallel_encryption_inflight);
- if (unlikely(padata_do_parallel(peer->device->parallel_send, &ctx->padata, choose_cpu(keypair->remote_index)))) {
+ if (unlikely(padata_do_parallel(peer->device->encrypt_pd, &ctx->padata, choose_cpu(keypair->remote_index)))) {
atomic_dec(&peer->parallel_encryption_inflight);
peer_put(ctx->peer);
err_parallel:
@@ -397,7 +397,7 @@ void packet_consume_data(struct sk_buff *skb, struct wireguard_device *wg)
memset(&ctx->padata, 0, sizeof(ctx->padata));
ctx->padata.parallel = begin_parallel_decryption;
ctx->padata.serial = finish_parallel_decryption;
- if (unlikely(padata_do_parallel(wg->parallel_receive, &ctx->padata, choose_cpu(idx)))) {
+ if (unlikely(padata_do_parallel(wg->decrypt_pd, &ctx->padata, choose_cpu(idx)))) {
kmem_cache_free(decryption_ctx_cache, ctx);
goto err_peer;
}
diff --git a/src/device.c b/src/device.c
index 190e6aa..fb87ccd 100644
--- a/src/device.c
+++ b/src/device.c
@@ -233,11 +233,11 @@ static void destruct(struct net_device *dev)
mutex_lock(&wg->device_update_lock);
peer_remove_all(wg);
wg->incoming_port = 0;
- destroy_workqueue(wg->workqueue);
+ destroy_workqueue(wg->handshake_wq);
#ifdef CONFIG_WIREGUARD_PARALLEL
- padata_free(wg->parallel_send);
- padata_free(wg->parallel_receive);
- destroy_workqueue(wg->parallelqueue);
+ padata_free(wg->encrypt_pd);
+ padata_free(wg->decrypt_pd);
+ destroy_workqueue(wg->crypt_wq);
#endif
routing_table_free(&wg->peer_routing_table);
memzero_explicit(&wg->static_identity, sizeof(struct noise_static_identity));
@@ -306,24 +306,24 @@ static int newlink(struct net *src_net, struct net_device *dev, struct nlattr *t
if (!dev->tstats)
goto error_1;
- wg->workqueue = alloc_workqueue("wg-%s", WQ_UNBOUND | WQ_FREEZABLE, 0, dev->name);
- if (!wg->workqueue)
+ wg->handshake_wq = alloc_workqueue("wg-kex-%s", WQ_UNBOUND | WQ_FREEZABLE, 0, dev->name);
+ if (!wg->handshake_wq)
goto error_2;
#ifdef CONFIG_WIREGUARD_PARALLEL
- wg->parallelqueue = alloc_workqueue("wg-crypt-%s", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM, 1, dev->name);
- if (!wg->parallelqueue)
+ wg->crypt_wq = alloc_workqueue("wg-crypt-%s", WQ_CPU_INTENSIVE | WQ_MEM_RECLAIM, 2, dev->name);
+ if (!wg->crypt_wq)
goto error_3;
- wg->parallel_send = padata_alloc_possible(wg->parallelqueue);
- if (!wg->parallel_send)
+ wg->encrypt_pd = padata_alloc_possible(wg->crypt_wq);
+ if (!wg->encrypt_pd)
goto error_4;
- padata_start(wg->parallel_send);
+ padata_start(wg->encrypt_pd);
- wg->parallel_receive = padata_alloc_possible(wg->parallelqueue);
- if (!wg->parallel_receive)
+ wg->decrypt_pd = padata_alloc_possible(wg->crypt_wq);
+ if (!wg->decrypt_pd)
goto error_5;
- padata_start(wg->parallel_receive);
+ padata_start(wg->decrypt_pd);
#endif
ret = cookie_checker_init(&wg->cookie_checker, wg);
@@ -353,14 +353,14 @@ error_7:
cookie_checker_uninit(&wg->cookie_checker);
error_6:
#ifdef CONFIG_WIREGUARD_PARALLEL
- padata_free(wg->parallel_receive);
+ padata_free(wg->decrypt_pd);
error_5:
- padata_free(wg->parallel_send);
+ padata_free(wg->encrypt_pd);
error_4:
- destroy_workqueue(wg->parallelqueue);
+ destroy_workqueue(wg->crypt_wq);
error_3:
#endif
- destroy_workqueue(wg->workqueue);
+ destroy_workqueue(wg->handshake_wq);
error_2:
free_percpu(dev->tstats);
error_1:
diff --git a/src/device.h b/src/device.h
index 855ec27..cdfb5f7 100644
--- a/src/device.h
+++ b/src/device.h
@@ -21,9 +21,7 @@ struct wireguard_device {
u16 incoming_port;
u32 fwmark;
struct net *creating_net;
- struct workqueue_struct *workqueue;
- struct workqueue_struct *parallelqueue;
- struct padata_instance *parallel_send, *parallel_receive;
+ struct workqueue_struct *handshake_wq;
struct noise_static_identity static_identity;
struct sk_buff_head incoming_handshakes;
struct work_struct incoming_handshakes_work;
@@ -37,6 +35,10 @@ struct wireguard_device {
#ifdef CONFIG_PM_SLEEP
struct notifier_block clear_peers_on_suspend;
#endif
+#ifdef CONFIG_WIREGUARD_PARALLEL
+ struct workqueue_struct *crypt_wq;
+ struct padata_instance *encrypt_pd, *decrypt_pd;
+#endif
};
int device_init(void);
diff --git a/src/peer.c b/src/peer.c
index cd093b4..451a676 100644
--- a/src/peer.c
+++ b/src/peer.c
@@ -77,8 +77,8 @@ void peer_remove(struct wireguard_peer *peer)
timers_uninit_peer(peer);
routing_table_remove_by_peer(&peer->device->peer_routing_table, peer);
pubkey_hashtable_remove(&peer->device->peer_hashtable, peer);
- if (peer->device->workqueue)
- flush_workqueue(peer->device->workqueue);
+ if (peer->device->handshake_wq)
+ flush_workqueue(peer->device->handshake_wq);
skb_queue_purge(&peer->tx_packet_queue);
peer_put(peer);
}
diff --git a/src/receive.c b/src/receive.c
index 929d723..06be5f7 100644
--- a/src/receive.c
+++ b/src/receive.c
@@ -179,7 +179,7 @@ void packet_process_queued_handshake_packets(struct work_struct *work)
receive_handshake_packet(wg, skb);
dev_kfree_skb(skb);
if (++num_processed == MAX_BURST_INCOMING_HANDSHAKES) {
- queue_work(wg->workqueue, &wg->incoming_handshakes_work);
+ queue_work(wg->handshake_wq, &wg->incoming_handshakes_work);
return;
}
}
@@ -296,7 +296,7 @@ void packet_receive(struct wireguard_device *wg, struct sk_buff *skb)
}
skb_queue_tail(&wg->incoming_handshakes, skb);
/* Queues up a call to packet_process_queued_handshake_packets(skb): */
- queue_work(wg->workqueue, &wg->incoming_handshakes_work);
+ queue_work(wg->handshake_wq, &wg->incoming_handshakes_work);
break;
case MESSAGE_DATA:
PACKET_CB(skb)->ds = ip_tunnel_get_dsfield(ip_hdr(skb), skb);
diff --git a/src/send.c b/src/send.c
index 6ed660b..a952da7 100644
--- a/src/send.c
+++ b/src/send.c
@@ -56,7 +56,7 @@ void packet_queue_handshake_initiation(struct wireguard_peer *peer)
return;
/* Queues up calling packet_send_queued_handshakes(peer), where we do a peer_put(peer) after: */
- if (!queue_work(peer->device->workqueue, &peer->transmit_handshake_work))
+ if (!queue_work(peer->device->handshake_wq, &peer->transmit_handshake_work))
peer_put(peer); /* If the work was already queued, we want to drop the extra reference */
}
diff --git a/src/timers.c b/src/timers.c
index 4fd9ec8..92c7c78 100644
--- a/src/timers.c
+++ b/src/timers.c
@@ -74,7 +74,7 @@ static void expired_new_handshake(unsigned long ptr)
static void expired_kill_ephemerals(unsigned long ptr)
{
peer_get_from_ptr(ptr);
- if (!queue_work(peer->device->workqueue, &peer->clear_peer_work)) /* Takes our reference. */
+ if (!queue_work(peer->device->handshake_wq, &peer->clear_peer_work)) /* Takes our reference. */
peer_put(peer); /* If the work was already on the queue, we want to drop the extra reference */
}
static void queued_expired_kill_ephemerals(struct work_struct *work)
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.