Subject: Re: Hifn crypto driver: does it work for anyone?
To: None <>
From: Jed Davis <>
List: tech-security
Date: 10/17/2005 04:07:42
Thor Lancelot Simon <> writes:

> I've been working on the Hifn crypto driver recently and have noticed
> something startling: in a kernel with pseudo-device crypto and options
> FAST_IPSEC, after the system has been running for a short while, all
> crypto requests fail.
> This causes ssh to not work (since openssl uses /dev/crypto if present)
> and it causes IPsec to not work, since encryption of every packet fails.

I also had it fail to work with FAST_IPSEC, with 2.0; software crypto
proved fast enough (on a net4801, no less), so I gave up on it for the
time being.  I haven't had any problems with sshd, however, and the
device is there:

hifn0 at pci0 dev 14 function 0: Hifn 7955, rev. 0
hifn0: 3DES/AES, 32KB dram, interrupting at irq 11

(let ((C call-with-current-continuation)) (apply (lambda (x y) (x y)) (map
((lambda (r) ((C C) (lambda (s) (r (lambda l (apply (s s) l))))))  (lambda
(f) (lambda (l) (if (null? l) C (lambda (k) (display (car l)) ((f (cdr l))
(C k)))))))    '((#\J #\d #\D #\v #\s) (#\e #\space #\a #\i #\newline)))))