-----BEGIN PGP SIGNED MESSAGE----- On Wed, Sep 27, 2000 at 05:52:04PM +0200, Alexander S A Kjeldaas wrote: > On Wed, Sep 27, 2000 at 01:38:31PM +0000, Marc Mutz wrote: > > Peter van Hove wrote: > > > > > <snip> > > > i was wndering if there already is support for crypto cards in the kernel and if so > > > can they be used to accelerate IPsec encryption. > > > > > > > Lee Cremeans <leec@xxxxxxxx> is working on a driver for a crypto card > > for Linux. He posted an unrelated question on lkml, but has not said > > anything more about it. If it is there, I'll try and make this work for > > the cryptoapi (kerneli patch). But so far, both frees/wan and (this is a > > guess) the nist implementation of ipsec for linux do not use the crypto > > api. The redcreek thing might be the better way for now. > > I think there are some interesting issues to be solved when we want to > get hardware crypto cards running under Linux. For one, we want to > have a queue of processing requests for the device instead of having a > synchronous interface like most crypto libraries offer. We also > probably want to use the CPU if the queue starts to have too many > entries, or load-balance between several cards, so we need a > "crypto-provider" concept. Also, for programmable crypto-cards we > might want to consider the cost of switching ciphers on the card when > choosing which requests should be done by which cards/CPU. This will > be interesting to look at when the first drivers emerge. I completely agree that it should be queue-based. SMP is the other obvious reason for a queue. Alan Cox has publicly stated that he thinks this is the right way to do things, but at the moment, asynchrony and queues for this type of processing will be a big challenge to accomplish this in the present Linux kernels. This is something that needs to get Linus' ear when planning for 2.5. > astor > > -- > Alexander Kjeldaas Mail: astor@xxxxxxx > finger astor@xxxxxxxxxxxxxxxxx for OpenPGP key. > > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ slainte mhath, RGB - -- Richard Guy Briggs -- PGP key available Auto-Free Ottawa! Canada <www.conscoop.ottawa.on.ca/rgb/> <www.flora.org/afo/> Prevent Internet Wiretapping! -- FreeS/WAN:<www.freeswan.org> Thanks for voting Green! -- <green.ca> Marillion:<www.marillion.co.uk> -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBOdIdh9+sBuIhFagtAQEmnAP/R3edd683P1+XsiHEZOMJ2kRDwDdsQE9J HvD6pD1KbdG80Lcy0vogGJezXKGJY74wd1RB5Uq0iGsBRTofOamqN1tMOpqR6FZ1 2UM1Gk6AtIr42MyGp9wnL/q0DPmMwLEv1T+Mzn/8C6Tliqx3L5Fw/uJA4g5Dm2o9 Z56K4bY+2jw= =Jfbh -----END PGP SIGNATURE----- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
