From owner-freebsd-stable@FreeBSD.ORG Thu Jul 10 11:46:25 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E499E1065678 for ; Thu, 10 Jul 2008 11:46:25 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id B4B338FC0C for ; Thu, 10 Jul 2008 11:46:25 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.2/8.14.2) with ESMTP id m6ABkKv5087622; Thu, 10 Jul 2008 07:46:20 -0400 (EDT) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.8/8.13.3) with ESMTP id m6ABkJib035927 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 10 Jul 2008 07:46:19 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <200807101146.m6ABkJib035927@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 10 Jul 2008 07:46:18 -0400 To: Patrick =?iso-8859-1?Q?Lamaizi=E8re?= From: Mike Tancsa In-Reply-To: <20080710130904.6c06fdfb@baby-jane-lamaiziere-net.local> References: <20080606234135.46144207@baby-jane-lamaiziere-net.local> <20080622170507.5ac469d2@baby-jane-lamaiziere-net.local> <200807091931.m69JVWej032290@lava.sentex.ca> <20080710130904.6c06fdfb@baby-jane-lamaiziere-net.local> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: freebsd-stable@freebsd.org Subject: Re: AMD Geode LX crypto accelerator (glxsb) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2008 11:46:26 -0000 At 07:09 AM 7/10/2008, Patrick Lamaizi=E8re wrote: >I've found, i think. The Geode handles only AES with a 128 bits key. > >When setkey/ipsec opens a crypto session, the driver returns an error >(EINVAL) if the key length is !=3D 128. So setkey fails. > >There is no way to tell to the crypto framework that we can do only AES >with 128 bits keys. It is a problem in this case. Hi, Yes, that appears to be it! >I don't have any solution, I can just add a BUG section in the man >page for this case. Perhaps just a limitation/caveat as opposed to a=20 bug :) Thanks for porting this over! I will=20 give it a try with openvpn next. Any plans to integrate it into the tree ? ---Mike=20