On 10/12/23 7:34 AM, Sascha Hauer wrote: > In case you don't have encryption hardware you can create an > asynchronous encryption module using cryptd. Compile a kernel with > CONFIG_CRYPTO_USER_API_AEAD and CONFIG_CRYPTO_CRYPTD and start the > webserver with the '-c' option. /proc/crypto should then contain an > entry with: > > name : gcm(aes) > driver : cryptd(gcm_base(ctr(aes-generic),ghash-generic)) > module : kernel > priority : 150 I did a bit of prep work to ensure I had everything working for when there's time to dive into it, but starting it with -c doesn't register this entry. Turns out the bind() in there returns -1/ENOENT. For the life of me I can't figure out what I'm missing. I tried this with both arm64 and x86-64. On the latter there's some native AES that is higher priority, but I added a small hack in cryptd to ensure it's the highest one. But I don't even get that far... -- Jens Axboe
