On Wed, Sep 27, 2000 at 12:17:17PM -0400, Richard Guy Briggs wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > On Wed, Sep 27, 2000 at 05:52:04PM +0200, Alexander S A Kjeldaas wrote: > > > > I think there are some interesting issues to be solved when we want to > > get hardware crypto cards running under Linux. For one, we want to > > have a queue of processing requests for the device instead of having a > > synchronous interface like most crypto libraries offer. We also > > probably want to use the CPU if the queue starts to have too many > > entries, or load-balance between several cards, so we need a > > "crypto-provider" concept. Also, for programmable crypto-cards we > > might want to consider the cost of switching ciphers on the card when > > choosing which requests should be done by which cards/CPU. This will > > be interesting to look at when the first drivers emerge. > > I completely agree that it should be queue-based. SMP is the other > obvious reason for a queue. > > Alan Cox has publicly stated that he thinks this is the right way to > do things, but at the moment, asynchrony and queues for this type of > processing will be a big challenge to accomplish this in the present > Linux kernels. Could you expand on some of the issues? Are the problems related to where you are allowed to sleep in the tcp/ip stack? The part of creating the async crypto API seems doable. astor -- Alexander Kjeldaas Mail: astor@xxxxxxx finger astor@xxxxxxxxxxxxxxxxx for OpenPGP key. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
