Subject: Re: VIA ACE patch
To: None <email@example.com>
From: Miles Nordin <carton@Ivy.NET>
Date: 01/12/2007 14:14:10
Content-Type: text/plain; charset=US-ASCII
>>>>> "ddk" == Daniel de Kok <firstname.lastname@example.org> writes:
ddk> I have mostly completed my port of the OpenBSD VIA ACE code,
ddk> and I have attached a patch. This area is pretty new to me, so
ddk> please be gentle.
Do you know what it does exactly? ex., ``It accelerates AES in
FAST_IPSEC and in cgd''?
AIUI, one of Padlock's virtues was that it could be used from
userspace with no syscall overhead, so unlike PCI ``crypto
accelerators'' it is reasonable to use it from OpenSSL to accelerate
the symmetric AES crypto in apache https or ssh/sshd, while for the
PCI accelerators it's only a net performance win to use them either
for AES _inside the kernel_, or for the RSA-only part of userland
apache/ssh (which is more computation per context switch). If someone
knows better please correct me---I don't know this stuff well.
Anyway this is kernel-only support, or it somehow affects openssl too?
I guess I don't understand our crypto architecture that well.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)
-----END PGP SIGNATURE-----