Hello, ----- "Loc Ho" <lho@xxxxxxx> wrote: > I had read or glance over the patch from " > http://people.redhat.com/mitr/cryptodev-ncr/0002";. We have post a > version of the CryptoDev over a year ago. Unfortunately, we did not > got a chance to pick up again. In that process, Herbert Xu provides a > number of comments. You can search the mailing list for that. Here are > my comment based on experience with hardware crypto: Thanks for the comments. > 1. This CrytoDev (user space) interface needs to support multiple > operations at once I think this would be naturally solved by providing the async interface. > Item #2. Asnc - You can argue that you can open multiple /dev/crypto > session and submit them. But this does not work for the same session > and for HW base crypto. Having an async interface has the benefit to > the user space application developer as they can use the same async > programming interface as with other I/O operations. Right, that would make sense - but it can be added later (by providing an "async op" operation, poll() handler, and "get next result" operation). I'd like to get the existing functionality acceptable first. > Item #3. Large file support - Most hardware algorithms can't support > this as the operation cannot be continue. Not sure how to handle > this. The proposed interface does not have any inherent input/output size limits. > Item #4. Right now you are pining the entire buffer. For small buffer, > this may not make sense. We have not got a chance to see if what is > the limit for this. Good point; this kind of performance optimization can be added later as well, noted for future work. > Item #5. Herbert Xu mentioned that we should avoid having a lot of > small kmalloc when possible. Looking at the session code, which is most critical, I see a few opportunities to improve this; noted. > Item #6. You should give OpenSSL a patach and see how it works out. > Although, OpenSSL does not take advantage of batch submission. Again, > to really take advantage of the HW, you really need to support batch > operation. OpenSSL support is planned, but not ready yet. Thanks again, Mirek -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
