/dev/crypto not being used in 12-STABLE

Xin LI delphij at gmail.com
Thu Dec 6 23:04:55 UTC 2018


On Thu, Dec 6, 2018 at 11:37 AM John Nielsen <lists at jnielsen.net> wrote:
>
> I have upgraded two physical machines from 11-STABLE to 12-STABLE recently (one is 12.0-PRERELEASE r341380 and the other is 12.0-PRERELEASE r341391). I noticed today that neither machine seems to be utilizing /dev/crypto. Typically I see at least ssh/sshd have the device open plus some programs from ports. But 'fuser' doesn't list any processes on either machine:
>
> # fuser /dev/crypto
> /dev/crypto:
>
> Both machines are running custom kernels that include "device crypto" and "device cryptodev". One of them additionally has "device aesni".
>
> Is anyone else seeing this? Any idea what would cause it?

Your average OpenSSL applications should not use /dev/crypto, if your
goal is to utilize AES-NI (which does not require /dev/crypto).  On
capable systems, AES-NI would be used automatically (and it's faster
this way).

Cheers,


More information about the freebsd-stable mailing list