On Tue, May 24, 2011 at 7:53 AM, Gordan Bobic <gordan@xxxxxxxxxx> wrote: > Steev Klimaszewski wrote: >> On Tue, May 24, 2011 at 5:51 AM, Gordan Bobic <gordan@xxxxxxxxxx> wrote: >>> Just looking at the specsheet of the Freescale i.MX515, and this jumped >>> out at me: >>> >>> Symmetric/Asymmetric Hashing and Random Accelerator (SAHARA) Lite is a >>> cryptographic acceleration engine security co-processor >>> >>> Implements: >>> Â Â * Block encryption algorithms (AES, DES, and 3DES) >>> Â Â * Hashing algorithms (MD5, SHA-1, SHA-224, and SHA-256) >>> Â Â * Stream cipher algorithm (ARC4) >>> Â Â * True hardware random number generator (TRNG) >>> >>> Does anybody know at what kernel version the support for this was added >>> (if it has already been added)? >> >> It won't be in mainline as far as I am aware. > > Ah, that's a shame. >From what I recall, it's more of a reference implementation, and others (with the security manual) should be able to build their own drivers for it; that said, I've unfortunately had no time for testing it, though I really would like to. Maybe once 2.6.35 is out the door :) > >>> And since I know the Genesi guys read this list, does the Kernel+OpenSSL >>> combo that comes with Efika have this enabled as standard? (I lent my >>> smartbook to somebody for a few days hence why I'm asking rather than >>> just checking - I thought I'd get a head start on trying to get this >>> working in the same way as it does on the Kirkwood (SheevaPlug). >> >> I recall Matt enabling the option, I can't recall if it's in >> 2.6.31.14.20 or not, it's definitely enabled in the >> mx51_efikamx_defconfig if you checkout the latest from gitorious. > > Have you got an URL handy for the relevant gitorius tree? Is there a > patch against a kernel more recent than 2.6.31? For the EfikaMX, at the moment, 2.6.31 is what you get; we're definitely hard at work on 2.6.35, which is what the latest BSPs have. Unfortunately running into a few issues with that kernel so at the moment, we can't release it (no, not even for beta testing, it's not even in the alpha testing stage yet :) ) >> I'm >> not sure if Ubuntu enables the OpenSSL combo or not, rebuilding the >> package isn't very hard if it isn't... > > Yeah, just means I have to figure out how .deb builds work, I've never > used it. I'm hoping it's vaguely similar to rpm. It's actually not too hard when there is a package that already exists. You'd likely want to do something along the lines of mkcd sandbox/openssl (just a little alias/script i have that makes a directory with the -p option and then cd's into it) sudo apt-get build-dep openssl apt-get source openssl (note that we aren't running this with sudo because we're planning on building it as a normal user) This will download the sources to the latest version of openssl that is available for whichever version you're on (Maverick is what it should be) It will extract them, and put them into the directory something like openssl-0.whatever Just go into that directory, and look inside the debian directory, typically you'd just want to edit the rules file to add whatever configure flag you want, depending on how they build it. You'll also want to update the changelog, either manually, or via the command "dch" (part of the devscripts package which will pull in a LOT of dependencies) Update the version number to whatever you want, and then run the command (from inside the openssl-0.blah not from the debian directory) "dpkg-buildpackage -uc -us"; if you don't plan on distributing it, you can add -b which will only build the binary package, otherwise it will re-generate the sources as well with your changes. -uc means unsigned changelog, -us means unsigned sources. Wait a bit for it to finish compiling, and then in .. you should see the new .deb files. install the one(s) you need, and you should be good to test. (this was a quick non-official tutorial, and I may have glossed over a few steps, but it should definitely get you on your way :) ) > Gordan -- Steev -- Steev Klimaszewski <steev@xxxxxxxxxxxxxx> Senior Software Engineer, Genesi USA, Inc. _______________________________________________ arm mailing list arm@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/arm
