VIA padlock performance
jahrens at centtech.com
Wed Jul 19 18:47:29 UTC 2006
There's no locking in the hardware, all the xcrypt commands are ring3
accessible. Shouldn't be an issue to use either.
> Michael Reifenberger wrote:
> > On Wed, 19 Jul 2006, Oliver Fromme wrote:
> > ...
> > > You will also need "cryptodev" in addition to "crypto".
> > > "crypto" manages only in-kernel access to the cryptographic
> > > facilities (including hardware acceleration through the
> > > padlock driver), which is used by FAST_IPSEC, for example.
> > > "cryptodev" will enable access by userland applications
> > > (e.g. scp) and libraries (OpenSSL) through /dev/crypto.
> > With OpenSSL you have two choices:
> > engine cryptodev : uses /dev/crypto
> > engine padlock : uses the xcrypt commands directly
> > engine padlock should be the fastest of course.
> Is there any kind of locking (in hardware or software)?
> I mean, what happens if both padlock(4) and OpenSSL try
> to access the ACE engine directly?
> (If the answer is "don't do that", then it's probably
> better to use cryptodev with OpenSSL, even if it's a
> little less efficient.)
> Best regards
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
> Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
> Any opinions expressed in this message may be personal to the author
> and may not necessarily reflect the opinions of secnetix in any way.
> "One of the main causes of the fall of the Roman Empire was that,
> lacking zero, they had no way to indicate successful termination
> of their C programs."
> -- Robert Firth
> freebsd-hackers at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers