Date: Sun, 20 Oct 2013 09:16:34 -0700 From: John-Mark Gurney <jmg@funkthat.com> To: Mark R V Murray <mark@grondar.org> Cc: freebsd-arch@FreeBSD.org Subject: Re: always load aesni or load it when cpu supports it Message-ID: <20131020161634.GQ56872@funkthat.com> In-Reply-To: <423D921D-6CE5-49D9-BCED-AB14EB236800@grondar.org> References: <20131020070022.GP56872@funkthat.com> <423D921D-6CE5-49D9-BCED-AB14EB236800@grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote this message on Sun, Oct 20, 2013 at 11:38 +0100:
>
> On 20 Oct 2013, at 08:00, John-Mark Gurney <jmg@funkthat.com> wrote:
>
> > Comments? Suggestions or ideas?
>
> I'd love to have this - /dev/random would be a lot more efficient.
Though we don't have a common interface for this... This was one of
the issues I raised w/ the PEFS patch that was brought up recently...
If you want to use the OpenCrypto kernel frame work, then things will
work... If you need a lower overhead interface, then you'll have to
do a lot of wrapping of the code, or copy it, which is worse...
The other question now to ask, should we make AES a first class kernel
interface and bypass the OpenCrypto framework? Or complete the work
pjd did to make the OpenCrypto framework more effecient?
It does look like we already have a good number of consumers for
crypto/rijndael: geom_bde, ipsec, random and wlan_ccmp... Which
also means that they aren't making use of AES accelerator cards...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131020161634.GQ56872>