From owner-freebsd-arch@FreeBSD.ORG Sun Oct 20 16:16:36 2013 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C5ECFB28 for ; Sun, 20 Oct 2013 16:16:36 +0000 (UTC) (envelope-from jmg@h2.funkthat.com) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A3E0320F8 for ; Sun, 20 Oct 2013 16:16:36 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id r9KGGZ3K031615 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 20 Oct 2013 09:16:35 -0700 (PDT) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id r9KGGYSU031614; Sun, 20 Oct 2013 09:16:34 -0700 (PDT) (envelope-from jmg) Date: Sun, 20 Oct 2013 09:16:34 -0700 From: John-Mark Gurney To: Mark R V Murray Subject: Re: always load aesni or load it when cpu supports it Message-ID: <20131020161634.GQ56872@funkthat.com> Mail-Followup-To: Mark R V Murray , freebsd-arch@FreeBSD.org References: <20131020070022.GP56872@funkthat.com> <423D921D-6CE5-49D9-BCED-AB14EB236800@grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <423D921D-6CE5-49D9-BCED-AB14EB236800@grondar.org> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Sun, 20 Oct 2013 09:16:36 -0700 (PDT) Cc: freebsd-arch@FreeBSD.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Oct 2013 16:16:36 -0000 Mark Murray wrote this message on Sun, Oct 20, 2013 at 11:38 +0100: > > On 20 Oct 2013, at 08:00, John-Mark Gurney wrote: > > > Comments? Suggestions or ideas? > > I'd love to have this - /dev/random would be a lot more efficient. Though we don't have a common interface for this... This was one of the issues I raised w/ the PEFS patch that was brought up recently... If you want to use the OpenCrypto kernel frame work, then things will work... If you need a lower overhead interface, then you'll have to do a lot of wrapping of the code, or copy it, which is worse... The other question now to ask, should we make AES a first class kernel interface and bypass the OpenCrypto framework? Or complete the work pjd did to make the OpenCrypto framework more effecient? It does look like we already have a good number of consumers for crypto/rijndael: geom_bde, ipsec, random and wlan_ccmp... Which also means that they aren't making use of AES accelerator cards... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."