Re: RFC: Crypto API User-interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 07, 2010 at 10:24:27AM -0400, Christoph Hellwig wrote:
> 
> I don't think they matter in practice.  We have less than a handfull
> of drivers for them, and with CPUs gaining proper instructions they
> are even less useful.  In addition any sane PCI card should just
> allow userspace mapping of their descriptors.

I totally agree that mainstream CPUs won't need this at all.

However we still have embedded users where the CPUs may not be
powerful enough per se or where they want to use their CPUs for
other work.

There are also cases such as the Niagra SPU which may not be
easy to manage from user-space (correct me if I'm wrong Dave).

> > Now as a side-effect if this means that we can shut the security
> > people up about adding another interface then all the better.  But
> > I will certainly not go out of the way to add more crap to the
> > kernel for that purpose.
> 
> So what is the real use case for this?  In addition to kernel bloat
> the real fear I have is that the security wankers will just configure
> the userspace crypto libraries to always use the kernel interface
> just in case, and once that happens we will have to deal with the whole
> mess.  Especially for RHEL and Fedora where the inmantes now run the
> asylum in that respect.

I will let the security people answer this :)

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux