patch to improve AES-NI performance
Dag-Erling Smørgrav
des at des.no
Fri Aug 23 19:31:12 UTC 2013
John-Mark Gurney <jmg at funkthat.com> writes:
> Mike Tancsa <mike at sentex.net> writes:
> > John-Mark Gurney <jmg at funkthat.com> writes:
> > > My patch would only effect userland applications that use /dev/crypto...
> > For me its ssh which I think does, no ?
> It looks like it uses OpenSSL for it's crypto, not /dev/crypto...
It uses OpenSSL engines, which use /dev/crypto. This is why we had to
turn off sandbox mode - a CRIOGET ioctl fails because the sandbox code
sets RLIMIT_NOFILES to 0.
(trimming security@ from the cc: list as it's an alias for secteam@
which is not the appropriate venue for this discussion.)
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-current
mailing list