Re: VIA ACE patch

To: Thor Lancelot Simon <tls%rek.tjls.com@localhost>
Subject: Re: VIA ACE patch
From: Daniel de Kok <danieldk%pobox.com@localhost>
Date: Sat, 13 Jan 2007 00:29:27 +0100 (CET)

On Fri, 12 Jan 2007, Thor Lancelot Simon wrote:

And that is why, as I noted yesterday, a separate opencrypto "driver"
for this functionality really doesn't seem right.  I would urge you,
again, to simply add support for these instructions to the code in
/sys/crypto and merge it with the code in /sys/opencrypto that is the
algorithm implementations used by the existing opencrypto software
backend.

It feels wrong - there is a subsystem that provides useful abstraction forcryptography, where cryptosoft is just one "provider" that can registeritself. Doesn't mixing xcrypt instructions sacrifice that abstraction?

If you do that, _everything_ in the kernel that uses crypto wins.
If you do what you did, only things that already know how to use
opencrypto (basically nothing but fast_ipsec, since there is already
a better openssl engine for these cards than cryptodev) win...

It seems better to me to adjust things like cgd to use opencrypto. Theother way around only people with PadLock CPUs will win, but machines withhifn and ubsec will still be stuck with cryptosoft.


-- Daniel

Follow-Ups:
- Re: VIA ACE patch
  - From: Thor Lancelot Simon

References:
- Re: VIA ACE patch
  - From: Daniel de Kok
- Re: VIA ACE patch
  - From: Daniel de Kok
- Re: VIA ACE patch
  - From: Thor Lancelot Simon

Prev by Date: Re: VIA ACE patch
Next by Date: Re: VIA ACE patch
Previous by Thread: Re: VIA ACE patch
Next by Thread: Re: VIA ACE patch
Indexes:

Home | Main Index | Thread Index | Old Index