On Fri, Nov 16, 2007 at 02:42:24PM +0300, Evgeniy Polyakov wrote: > > > Actually on second thought why don't we change the interface > > for ablkcipher so that we allow the IV to be returned by either > > copying it to req->info or replacing the req->info pointer? > > Better copy I think, since otherwise it has to allocate (in interrupt > context) and free iv for each packet. Even if it will be preallocated > during packet setup (in setiv() for example) it is unneded additional > overhead. I think you misunderstood me. I'm suggesting that for CBC algorithms where the final IV is simply the last block of the dst buffer, if the last block is in lowmem and contiguous, that we simply put a pointer to it in place of the original IV. There is no allocation involved. If you can't (i.e., not CBC or if the last block isn't contiguous or is highmem) then you just revert to copying. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
